Ir ao conteúdo
  • Cadastre-se
leonardo paiz

Pc extremamente lento

Recommended Posts

Faz uma semana que não consigo usar o pc direito, ate a navegação na internet se torna quase que impossivel devido a travamentos  Já tentei quase de tudo e este é o ultimo recurso antes de formatar o pc, por favor me ajudem  :D

Devido as regras de post, não postei o log GMER por que o posto ficou muito grande.
Grato.

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.16521  BrowserJavaVersion: 10.51.2
Run by Andre at 9:05:48 on 2014-03-31
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.55.1046.18.1981.765 [GMT -3:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
AV: ESET NOD32 Antivirus 7.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: ESET NOD32 Antivirus 7.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Program Files (x86)\Sandboxie\SbieSvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
D:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Windows\system32\IProsetMonitor.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files (x86)\Baidu Security\PC App Store\4.0.6.4959\PCAppStoreSvc.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
D:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Users\Andre\AppData\Roaming\Skype\nicolaspaiz\Sv_xwreg.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\loggingserver.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\RealTimeProtector.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\taskmgr.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://br.search.yahoo.com/?type=800236&fr=spigot-yhp-ie
uDefault_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1394377420&from=tugs&uid=ST2000DM001-9YN164_S2404DCYXXXXS2404DCY
mStart Page = hxxp://www.awesomehp.com/?type=hp&ts=1394377420&from=tugs&uid=ST2000DM001-9YN164_S2404DCYXXXXS2404DCY
mSearch Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1394377420&from=tugs&uid=ST2000DM001-9YN164_S2404DCYXXXXS2404DCY&q={searchTerms}
mDefault_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1394377420&from=tugs&uid=ST2000DM001-9YN164_S2404DCYXXXXS2404DCY
mDefault_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1394377420&from=tugs&uid=ST2000DM001-9YN164_S2404DCYXXXXS2404DCY&q={searchTerms}
uURLSearchHooks: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - <orphaned>
dURLSearchHooks: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - <orphaned>
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - <orphaned>
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Auxiliar de Conexão do Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Ads Removal: {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} - C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>
uRun: [AdobeBridge] <no file>
mRun: [tuto4pc_br_45] <no file>
dRun: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
uPolicies-Explorer: NoDriveTypeAutoRun = dword:189
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:189
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
TCP: NameServer = 189.5.192.42 189.5.192.47
TCP: Interfaces\{D2C39DFA-88D5-474F-9FE9-AF5332A8A940} : DHCPNameServer = 189.5.192.42 189.5.192.47
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: livecall - <Clsid value has no data>
Handler: msnim - <Clsid value has no data>
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.0.5\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
IFEO: ActionCenterDownloader.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: CNMSE9Y.EXE - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: CNMVS9Y.EXE - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: DriverBooster.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: DriverEasy.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-mStart Page = hxxp://www.awesomehp.com/?type=hp&ts=1394377420&from=tugs&uid=ST2000DM001-9YN164_S2404DCYXXXXS2404DCY
x64-mSearch Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1394377420&from=tugs&uid=ST2000DM001-9YN164_S2404DCYXXXXS2404DCY&q={searchTerms}
x64-mDefault_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1394377420&from=tugs&uid=ST2000DM001-9YN164_S2404DCYXXXXS2404DCY
x64-mDefault_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1394377420&from=tugs&uid=ST2000DM001-9YN164_S2404DCYXXXXS2404DCY&q={searchTerms}
x64-BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>
x64-Run: [sidebar] "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
x64-Run: [egui] "D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: livecall - <Clsid value has no data>
x64-Handler: msnim - <Clsid value has no data>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-IFEO: ActionCenterDownloader.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: CNMSE9Y.EXE - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: CNMVS9Y.EXE - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: DriverBooster.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: DriverEasy.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
.
Note: multiple IFEO entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://br.search.yahoo.com/?type=198484&fr=spigot-yhp-ff
FF - prefs.js: keyword.URL - hxxp://br.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=800236&p=
FF - prefs.js: keyword.url - hxxp://br.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=198484&p=
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.0.5\npsitesafety.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\browser\plugins\np-mswmp.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\browser\plugins\NPOFF12.DLL
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\browser\plugins\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Andre\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Users\Andre\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1209149.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.notify.interval - 750000
FF - user.js: content.switch.threshold - 750000
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: extensions.funmoods.hmpg - true
FF - user.js: extensions.funmoods.hmpgUrl - hxxp://searchfunmoods.com/?f=1&a=pc0102&cd=2XzuyEtN2Y1L1Qzu0EtDyCzyzyyD0B0BtCtC0D0Czz0A0C0BtN0D0Tzu0SyByByDtN1L2XzutBtFtCyCtFzztFtDtN1L1Czu1E1RtDtCtDtBtN1L1G1B1V1N2Y1L1Qzu2SyDyByEtD0E0Fzy0FtGyDzy0AyCtGyBtC0DzztGtDtCyDyCtGtCtC0CzytAtC0E0DtB0CtAzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0ByD0DyDtByEtDtGyEtBzzyBtG0DzyyEtDtGzyzy0FtBtGyB0F0Dzy0C0C0F0EyDzy0Dzz2Q&cr=291356673&ir=
FF - user.js: extensions.funmoods.dfltSrch - true
FF - user.js: extensions.funmoods.srchPrvdr - Funmoods
FF - user.js: extensions.funmoods.dnsErr - true
FF - user.js: extensions.funmoods_i.newTab - false
FF - user.js: extensions.funmoods.newTabUrl - hxxp://searchfunmoods.com/?f=2&a=pc0102&cd=2XzuyEtN2Y1L1Qzu0EtDyCzyzyyD0B0BtCtC0D0Czz0A0C0BtN0D0Tzu0SyByByDtN1L2XzutBtFtCyCtFzztFtDtN1L1Czu1E1RtDtCtDtBtN1L1G1B1V1N2Y1L1Qzu2SyDyByEtD0E0Fzy0FtGyDzy0AyCtGyBtC0DzztGtDtCyDyCtGtCtC0CzytAtC0E0DtB0CtAzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0ByD0DyDtByEtDtGyEtBzzyBtG0DzyyEtDtGzyzy0FtBtGyB0F0Dzy0C0C0F0EyDzy0Dzz2Q&cr=291356673&ir=
FF - user.js: extensions.funmoods.tlbrSrchUrl - hxxp://searchfunmoods.com/?f=3&a=pc0102&cd=2XzuyEtN2Y1L1Qzu0EtDyCzyzyyD0B0BtCtC0D0Czz0A0C0BtN0D0Tzu0SyByByDtN1L2XzutBtFtCyCtFzztFtDtN1L1Czu1E1RtDtCtDtBtN1L1G1B1V1N2Y1L1Qzu2SyDyByEtD0E0Fzy0FtGyDzy0AyCtGyBtC0DzztGtDtCyDyCtGtCtC0CzytAtC0E0DtB0CtAzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0ByD0DyDtByEtDtGyEtBzzyBtG0DzyyEtDtGzyzy0FtBtGyB0F0Dzy0C0C0F0EyDzy0Dzz2Q&cr=291356673&ir=&q=
FF - user.js: extensions.funmoods.id - E06995BB11DC8ACB
FF - user.js: extensions.funmoods.instlDay - 16114
FF - user.js: extensions.funmoods.vrsn - 1.8.29.0
FF - user.js: extensions.funmoods.vrsni - 1.8.29.0
FF - user.js: extensions.funmoods_i.vrsnTs - 1.8.29.018:25:57
FF - user.js: extensions.funmoods.prtnrId - funmoods
FF - user.js: extensions.funmoods.prdct - funmoods
FF - user.js: extensions.funmoods.aflt - pc0102
FF - user.js: extensions.funmoods_i.smplGrp - none
FF - user.js: extensions.funmoods.tlbrId - base
FF - user.js: extensions.funmoods.instlRef - pc0102
FF - user.js: extensions.funmoods.dfltLng - 
FF - user.js: extensions.funmoods.appId - {EA28B360-05E0-4F93-8150-02891F1D8D3C}
FF - user.js: extensions.funmoods.excTlbr - false
FF - user.js: extensions.funmoods_i.hmpg - true
FF - user.js: extensions.funmoods.cr - 291356673
FF - user.js: extensions.funmoods.cd - 2XzuyEtN2Y1L1Qzu0EtDyCzyzyyD0B0BtCtC0D0Czz0A0C0BtN0D0Tzu0SyByByDtN1L2XzutBtFtCyCtFzztFtDtN1L1Czu1E1RtDtCtDtBtN1L1G1B1V1N2Y1L1Qzu2SyDyByEtD0E0Fzy0FtGyDzy0AyCtGyBtC0DzztGtDtCyDyCtGtCtC0CzytAtC0E0DtB0CtAzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0ByD0DyDtByEtDtGyEtBzzyBtG0DzyyEtDtGzyzy0FtBtGyB0F0Dzy0C0C0F0EyDzy0Dzz2Q
FF - user.js: extensions.funmoods.AL - 2
FF - user.js: extensions.irspeeddial.aflt - pc0102
FF - user.js: extensions.irspeeddial.instlRef - pc0102
FF - user.js: extensions.irspeeddial.cr - 291356673
FF - user.js: extensions.irspeeddial.cd - 2XzuyEtN2Y1L1Qzu0EtDyCzyzyyD0B0BtCtC0D0Czz0A0C0BtN0D0Tzu0SyByByDtN1L2XzutBtFtCyCtFzztFtDtN1L1Czu1E1RtDtCtDtBtN1L1G1B1V1N2Y1L1Qzu2SyDyByEtD0E0Fzy0FtGyDzy0AyCtGyBtC0DzztGtDtCyDyCtGtCtC0CzytAtC0E0DtB0CtAzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0ByD0DyDtByEtDtGyEtBzzyBtG0DzyyEtDtGzyzy0FtBtGyB0F0Dzy0C0C0F0EyDzy0Dzz2Q
.
.
.
.
.
.
.
.
.
.
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-6-18 247216]
R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\drivers\SmartDefragDriver.sys [2014-3-2 21184]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2014-2-24 49952]
R1 Bfilter;Baidu Antivirus Minifilter Driver;C:\Windows\System32\drivers\Bfilter.sys [2013-10-2 52032]
R1 Bfmon;Baidu FS Monitor Driver;C:\Windows\System32\drivers\Bfmon.sys [2013-10-2 34624]
R1 Bprotect;Baidu Protect;C:\Windows\System32\drivers\Bprotect.sys [2013-10-2 128992]
R1 BprotectEx;Baidu ProtectEx;C:\Windows\System32\drivers\BprotectEx.sys [2013-10-2 78144]
R1 eamonm;eamonm;C:\Windows\System32\drivers\eamonm.sys [2013-9-17 239320]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2012-8-2 29792]
R1 kltdi;kltdi;C:\Windows\System32\drivers\kltdi.sys [2012-6-8 54368]
R1 kneps;kneps;C:\Windows\System32\drivers\kneps.sys [2012-8-13 178448]
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7;C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2014-1-4 881440]
R2 ekrn;ESET Service;D:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2013-9-12 1337752]
R2 epfwwfpr;epfwwfpr;C:\Windows\System32\drivers\epfwwfpr.sys [2013-9-17 157432]
R2 Garmin Core Update Service;Garmin Core Update Service;C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2013-9-19 250200]
R2 IMFservice;IMF Service;C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2014-2-1 342336]
R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2012-7-27 170824]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-3-27 1593632]
R2 PCAppStoreSvc_{PCAppStore_4.0.6.4959};Baidu PC App Store Service 4.0.6.4959;C:\Program Files (x86)\Baidu Security\PC App Store\4.0.6.4959\PCAppStoreSvc.exe [2014-2-21 576032]
R2 PST Service;PST Service;C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [2013-12-6 65657]
R2 StarWindServiceAE;StarWind AE Service;D:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 upnpcontsvc;upnpcontsvc;C:\Users\Andre\AppData\Roaming\Skype\nicolaspaiz\Sv_xwreg.exe [2013-4-9 585728]
R2 vToolbarUpdater18.0.5;vToolbarUpdater18.0.5;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe [2014-3-20 1771032]
R3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K;C:\Windows\System32\drivers\e1k62x64.sys [2012-6-27 509104]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2012-6-27 56344]
R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\Windows\System32\drivers\klkbdflt.sys [2012-5-25 29280]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2012-7-25 29280]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2014-3-17 39200]
R3 SbieDrv;SbieDrv;C:\Program Files (x86)\Sandboxie\SbieDrv.sys [2011-3-24 148072]
S2 Application Updater;Application Updater; [x]
S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;D:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2012-1-5 75624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2013-11-24 2151200]
S2 PCFasterSvc_{PCFaster_3.7.0.0};Baidu PC Faster Service 3.7.0.0; [x]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-3-1 161384]
S2 srvPlgProtect;Protect your browser's extensions; [x]
S2 SrvUpdater;Software Updater; [x]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-7-5 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
S3 FsUsbExDisk;FsUsbExDisk;C:\Windows\SysWOW64\FsUsbExDisk.Sys [2013-4-6 37344]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-3-13 111616]
S3 npggsvc;nProtect GameGuard Service;C:\Windows\System32\GameMon.des -service --> C:\Windows\System32\GameMon.des -service [?]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-12-23 19456]
S3 RegFilter;RegFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys [2014-3-4 34848]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2012-12-23 29696]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-12-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-12-23 30208]
S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 UrlFilter;UrlFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys [2014-3-4 23016]
S3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-8-20 1255736]
S4 FileMonitor;FileMonitor;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2014-3-4 23048]
S4 Motorola Device Manager;Motorola Device Manager Service;C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [2013-11-15 137528]
S4 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-2-25 4915040]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1 [userChoice]
.
=============== Created Last 30 ================
.
2014-03-31 02:35:44 -------- d-----w- C:\Users\Andre\AppData\Roaming\7278
2014-03-30 23:21:31 -------- d-----w- C:\Program Files (x86)\Programas RFB
2014-03-28 22:56:17 -------- d-----w- C:\Users\Andre\AppData\Roaming\NVIDIA
2014-03-28 08:34:45 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D3B761E3-0E81-450D-8B25-11AC8BD7DAF9}\offreg.dll
2014-03-28 08:32:47 10521840 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D3B761E3-0E81-450D-8B25-11AC8BD7DAF9}\mpengine.dll
2014-03-27 03:43:35 922968 ----a-w- C:\Windows\System32\nvvsvc.exe
2014-03-27 03:43:35 6714312 ----a-w- C:\Windows\System32\nvcpl.dll
2014-03-27 03:43:35 64968 ----a-w- C:\Windows\System32\nvshext.dll
2014-03-27 03:43:35 386336 ----a-w- C:\Windows\System32\nvmctray.dll
2014-03-27 03:43:35 3649185 ----a-w- C:\Windows\System32\nvcoproc.bin
2014-03-27 03:43:35 3497816 ----a-w- C:\Windows\System32\nvsvc64.dll
2014-03-27 03:43:35 2558808 ----a-w- C:\Windows\System32\nvsvcr.dll
2014-03-23 04:04:31 -------- d-----w- C:\Windows\Migration
2014-03-22 00:31:21 -------- d--h--w- C:\Windows\msdownld.tmp
2014-03-21 00:07:57 -------- d-----w- C:\ProgramData\AVG Secure Search
2014-03-17 23:59:36 -------- d-----w- C:\Users\Andre\AppData\Local\NVIDIA Corporation
2014-03-17 23:52:08 39200 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys
2014-03-17 23:52:08 35104 ----a-w- C:\Windows\System32\nvaudcap64v.dll
2014-03-17 23:52:08 33056 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll
2014-03-16 17:35:16 1885472 ----a-w- C:\Windows\System32\nvdispco6433489.dll
2014-03-16 17:35:16 1515296 ----a-w- C:\Windows\System32\nvdispgenco6433489.dll
2014-03-14 23:13:01 -------- d-----w- C:\Users\Andre\AppData\Roaming\Any DVD Shrink
2014-03-14 23:12:58 -------- d-----w- C:\Program Files (x86)\Any DVD Shrink
2014-03-14 22:33:49 -------- d-----w- C:\Users\Andre\AppData\Roaming\DVDFab9
2014-03-14 22:33:27 -------- d-----w- C:\Program Files (x86)\DVDFab 9132
2014-03-14 21:44:13 -------- d-----w- C:\Users\Andre\AppData\Roaming\23343
2014-03-13 03:20:34 228864 ----a-w- C:\Windows\System32\wwansvc.dll
2014-03-13 03:20:33 484864 ----a-w- C:\Windows\System32\wer.dll
2014-03-13 03:20:33 381440 ----a-w- C:\Windows\SysWow64\wer.dll
2014-03-13 03:20:33 3156480 ----a-w- C:\Windows\System32\win32k.sys
2014-03-13 03:15:41 624128 ----a-w- C:\Windows\System32\qedit.dll
2014-03-13 03:15:41 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2014-03-13 03:15:41 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2014-03-13 03:15:41 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2014-03-09 15:10:34 965120 ----a-w- C:\Windows\SysWow64\ac3filter.acm
2014-03-09 15:10:34 1202688 ----a-w- C:\Windows\System32\ac3filter64.acm
2014-03-09 15:10:34 -------- d-----w- C:\Program Files (x86)\AC3Filter
2014-03-09 15:08:26 -------- d-----w- C:\Users\Andre\AppData\Local\Tuguu_SL
2014-03-09 15:04:36 -------- d-----w- C:\Users\Andre\AppData\Roaming\SupTab
2014-03-09 15:02:51 -------- d-----w- C:\Users\Andre\AppData\Local\SearchProtect
2014-03-06 13:39:36 -------- d-----w- C:\Users\Andre\AppData\Local\ESET
2014-03-06 03:17:21 -------- d-----w- C:\ProgramData\AVG SafeGuard toolbar
2014-03-06 02:17:32 -------- d-----w- C:\Users\Andre\AppData\Local\AVG Secure Search
2014-03-04 15:47:57 -------- d-----w- C:\Users\Andre\AppData\Roaming\Anthropics
2014-03-04 15:40:42 -------- d-----w- C:\Program Files (x86)\Portrait Professional 10 Trial
2014-03-04 14:52:30 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-04 14:22:42 -------- d-----w- C:\ProgramData\VSO
2014-03-04 14:21:54 -------- d-----w- C:\Program Files (x86)\Application Updater
2014-03-04 14:21:53 -------- d-----w- C:\Program Files (x86)\IObit Apps Toolbar
2014-03-02 23:01:41 21184 ----a-w- C:\Windows\System32\drivers\SmartDefragDriver.sys
.
==================== Find3M  ====================
.
2014-03-30 21:19:56 290184 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2014-03-30 21:19:56 290184 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2014-03-30 21:19:45 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2014-03-21 00:07:40 49952 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
2014-03-14 16:18:33 22 ----a-w- C:\Windows\SysWow64\sycd5.dll
2014-03-11 21:49:13 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-11 21:49:13 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-03-04 14:46:37 99384 ----a-w- C:\Users\Andre\AppData\Roaming\inst.exe
2014-03-04 14:46:37 82816 ----a-w- C:\Users\Andre\AppData\Roaming\pcouffin.sys
2014-03-01 05:17:02 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-03-01 05:16:26 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-03-01 04:52:55 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-03-01 04:51:59 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-03-01 04:33:52 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-03-01 04:33:34 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-03-01 04:32:59 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-03-01 04:23:49 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-03-01 04:11:20 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-03-01 03:54:33 5768704 ----a-w- C:\Windows\System32\jscript9.dll
2014-03-01 03:52:43 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-03-01 03:51:53 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-03-01 03:38:26 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-03-01 03:37:35 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-03-01 03:35:11 2041856 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-03-01 03:14:15 4244480 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-03-01 03:10:28 2334208 ----a-w- C:\Windows\System32\wininet.dll
2014-03-01 03:00:08 1964032 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-03-01 02:32:16 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-01-21 14:14:50 34624 ----a-w- C:\Windows\System32\drivers\Bfmon.sys
2014-01-21 14:14:40 52032 ----a-w- C:\Windows\System32\drivers\Bfilter.sys
2014-01-21 10:01:36 128992 ----a-w- C:\Windows\System32\drivers\Bprotect.sys
2014-01-15 05:15:14 167784 ----a-w- C:\ProgramData\FileSplitUpLoad.dll
2014-01-08 18:54:02 121856 ----a-w- C:\Windows\System32\IObitSmartDefragExtension.dll20140305091051.dll
2014-01-08 18:54:02 121856 ----a-w- C:\Windows\System32\IObitSmartDefragExtension.dll20140216120120.dll
2014-01-08 18:54:02 121856 ----a-w- C:\Windows\System32\IObitSmartDefragExtension.dll20140216111901.dll
2014-01-08 18:54:02 121856 ----a-w- C:\Windows\System32\IObitSmartDefragExtension.dll
2010-01-26 13:11:08 444283 ----a-w- C:\Program Files\Common Files\WinPcapNmap.exe
.
============= FINISH:  9:06:01,66 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate 
Boot Device: \Device\HarddiskVolume1
Install Date: 04/07/2012 20:47:13
System Uptime: 31/03/2014 08:50:59 (1 hours ago)
.
Motherboard: Intel Corporation |  | DH55HC
Processor: Intel® Core i5 CPU         760  @ 2.80GHz | XU1 | 2794/533mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 98 GiB total, 30,142 GiB free.
D: is FIXED (NTFS) - 1765 GiB total, 147,249 GiB free.
E: is CDROM ()
G: is FIXED (NTFS) - 1397 GiB total, 71,003 GiB free.
I: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1061: 30/03/2014 16:48:40 - Ponto de Verificação Agendado
.
==== Image File Execution Options =============
.
IFEO: ActionCenterDownloader.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: CNMSE9Y.EXE - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: CNMVS9Y.EXE - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: DriverBooster.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: DriverEasy.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: Easeware.CheckingDevice.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: Easeware.CheckScheduledScan.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: Easeware.DriverInstall.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: Easeware.PatchInstall.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: EasyWare Multi-KeyFile Generator.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: EPUPDATE.EXE - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: EREGISTR.EXE - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: E_FBCSCKL.EXE - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: E_FBCSFFL.EXE - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: E_GUPA20.EXE - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: E_GUPA30.EXE - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: E_IAMTCKL.EXE - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: E_IAMTFFL.EXE - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: E_IARNCKL.EXE - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: E_IARNFFL.EXE - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: E_IATICKL.EXE - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: E_IATIFFL.EXE - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: E_IHUTCKL.EXE - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: E_IHUTFFL.EXE - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: E_IINSFFL.EXE - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: E_IPRECKL.EXE - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: E_IPREFFL.EXE - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: E_S40RPB.EXE - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: E_S40STB.EXE - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: MakeSFX.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: Promote.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: Scheduler.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: SDInit.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: SetupHlp.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: SmartDefrag.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: TeamViewer.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: TeamViewer_Desktop.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: TeamViewer_Service.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: tv_w32.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: tv_x64.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: UnRAR.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: UpdateDB.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: ActionCenterDownloader.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: CNMSE9Y.EXE - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: CNMVS9Y.EXE - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: DriverBooster.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: DriverEasy.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: Easeware.CheckingDevice.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: Easeware.CheckScheduledScan.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: Easeware.DriverInstall.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: Easeware.PatchInstall.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: EasyWare Multi-KeyFile Generator.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: EPUPDATE.EXE - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: EREGISTR.EXE - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: E_FBCSCKL.EXE - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: E_FBCSFFL.EXE - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: E_GUPA20.EXE - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: E_GUPA30.EXE - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: E_IAMTCKL.EXE - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: E_IAMTFFL.EXE - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: E_IARNCKL.EXE - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: E_IARNFFL.EXE - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: E_IATICKL.EXE - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: E_IATIFFL.EXE - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: E_IHUTCKL.EXE - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: E_IHUTFFL.EXE - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: E_IINSFFL.EXE - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: E_IPRECKL.EXE - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: E_IPREFFL.EXE - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: E_S40RPB.EXE - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: E_S40STB.EXE - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: MakeSFX.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: Promote.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: Scheduler.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: SDInit.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: SetupHlp.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: SmartDefrag.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: TeamViewer.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: TeamViewer_Desktop.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: TeamViewer_Service.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: tv_w32.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: tv_x64.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: UnRAR.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: UpdateDB.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
.
==== Installed Programs ======================
.
Adobe Flash Player 12 ActiveX
Adobe Flash Player 12 Plugin
Adobe Reader XI - Português
Any DVD Shrink 1.3.8
µTorrent
Battlelog Web Plugins
Bonjour
Canon MP490 series MP Drivers
Desinstalar impressora EPSON T50 Series
DVDFab 9.1.3.2 (11/03/2014)
ESET NOD32 Antivirus
ESN Sonar
Funmoods
Google Chrome
Google Update Helper
Intel Processor Diagnostic Tool 64Bit
Intel® Management Engine Interface
Intel® Network Connections 17.3.63.0
IObit Uninstaller
IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País
Java 6 Update 21 (64-bit)
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Office Enterprise 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office Shared 64-bit MUI (Portuguese (Brazil)) 2007
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
Microsoft_VC80_ATL_x86_x64
Microsoft_VC80_CRT_x86_x64
Microsoft_VC80_MFC_x86_x64
Microsoft_VC80_MFCLOC_x86_x64
Microsoft_VC90_ATL_x86_x64
Microsoft_VC90_CRT_x86_x64
Microsoft_VC90_MFC_x86_x64
Microsoft_VC90_MFCLOC_x86_x64
Mozilla Firefox 28.0 (x86 pt-BR)
Mozilla Maintenance Service
MPC-HC 1.7.3 (64-bit)
MyFreeCodec
NVIDIA Driver de gráficos 335.23
NVIDIA Install Application
NVIDIA Network Service
NVIDIA Virtual Audio 1.2.20
Painel de controle da NVIDIA 335.23
Receitanet
Sandboxie 3.54 (64-bit)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Software para Impressoras EPSON
Speccy
TeamSpeak 3 Client
TeraCopy 2.3
Unity Web Player
Update for Funmoods Chat
VDownloader 3.9.1421
WhoCrashed 4.02
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Language Selector
Windows Live MIME IFilter
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
WinRAR 5.01 (64-bit)
.
==== End Of File ===========================
 

 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Poste novo log por gentileza.

Compartilhar este post


Link para o post
Compartilhar em outros sites

"log gmer nao coube"

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16521  BrowserJavaVersion: 10.51.2
Run by Andre at 21:31:38 on 2014-04-03
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.55.1046.18.1981.749 [GMT -3:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
AV: ESET NOD32 Antivirus 7.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: ESET NOD32 Antivirus 7.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Program Files (x86)\Sandboxie\SbieSvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
D:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Windows\system32\IProsetMonitor.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files (x86)\Baidu Security\PC App Store\4.0.6.4959\PCAppStoreSvc.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
D:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Users\Andre\AppData\Roaming\Skype\nicolaspaiz\Sv_xwreg.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\loggingserver.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\IObit\Advanced SystemCare 7\RealTimeProtector.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\splwow64.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://br.search.yahoo.com/?type=800236&fr=spigot-yhp-ie
uDefault_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1394377420&from=tugs&uid=ST2000DM001-9YN164_S2404DCYXXXXS2404DCY
mStart Page = hxxp://www.awesomehp.com/?type=hp&ts=1394377420&from=tugs&uid=ST2000DM001-9YN164_S2404DCYXXXXS2404DCY
mSearch Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1394377420&from=tugs&uid=ST2000DM001-9YN164_S2404DCYXXXXS2404DCY&q={searchTerms}
mDefault_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1394377420&from=tugs&uid=ST2000DM001-9YN164_S2404DCYXXXXS2404DCY
mDefault_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1394377420&from=tugs&uid=ST2000DM001-9YN164_S2404DCYXXXXS2404DCY&q={searchTerms}
uURLSearchHooks: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - <orphaned>
dURLSearchHooks: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - <orphaned>
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - <orphaned>
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Auxiliar de Conexão do Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Ads Removal: {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} - C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>
uRun: [AdobeBridge] <no file>
mRun: [tuto4pc_br_45] <no file>
dRun: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
uPolicies-Explorer: NoDriveTypeAutoRun = dword:189
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:189
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
TCP: NameServer = 189.5.192.42 189.5.192.47
TCP: Interfaces\{D2C39DFA-88D5-474F-9FE9-AF5332A8A940} : DHCPNameServer = 189.5.192.42 189.5.192.47
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: livecall - <Clsid value has no data>
Handler: msnim - <Clsid value has no data>
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.0.5\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
IFEO: ActionCenterDownloader.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: DriverBooster.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: DriverEasy.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: Easeware.CheckingDevice.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: Easeware.CheckScheduledScan.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-mStart Page = hxxp://www.awesomehp.com/?type=hp&ts=1394377420&from=tugs&uid=ST2000DM001-9YN164_S2404DCYXXXXS2404DCY
x64-mSearch Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1394377420&from=tugs&uid=ST2000DM001-9YN164_S2404DCYXXXXS2404DCY&q={searchTerms}
x64-mDefault_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1394377420&from=tugs&uid=ST2000DM001-9YN164_S2404DCYXXXXS2404DCY
x64-mDefault_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1394377420&from=tugs&uid=ST2000DM001-9YN164_S2404DCYXXXXS2404DCY&q={searchTerms}
x64-BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>
x64-Run: [sidebar] "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
x64-Run: [egui] "D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: livecall - <Clsid value has no data>
x64-Handler: msnim - <Clsid value has no data>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-IFEO: ActionCenterDownloader.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: DriverBooster.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: DriverEasy.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: Easeware.CheckingDevice.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: Easeware.CheckScheduledScan.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
.
Note: multiple IFEO entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://br.search.yahoo.com/?type=198484&fr=spigot-yhp-ff
FF - prefs.js: keyword.URL - hxxp://br.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=800236&p=
FF - prefs.js: keyword.url - hxxp://br.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=198484&p=
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.0.5\npsitesafety.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\browser\plugins\np-mswmp.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\browser\plugins\NPOFF12.DLL
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\browser\plugins\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Andre\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Users\Andre\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1209149.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.notify.interval - 750000
FF - user.js: content.switch.threshold - 750000
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: extensions.funmoods.hmpg - true
FF - user.js: extensions.funmoods.hmpgUrl - hxxp://searchfunmoods.com/?f=1&a=pc0102&cd=2XzuyEtN2Y1L1Qzu0EtDyCzyzyyD0B0BtCtC0D0Czz0A0C0BtN0D0Tzu0SyByByDtN1L2XzutBtFtCyCtFzztFtDtN1L1Czu1E1RtDtCtDtBtN1L1G1B1V1N2Y1L1Qzu2SyDyByEtD0E0Fzy0FtGyDzy0AyCtGyBtC0DzztGtDtCyDyCtGtCtC0CzytAtC0E0DtB0CtAzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0ByD0DyDtByEtDtGyEtBzzyBtG0DzyyEtDtGzyzy0FtBtGyB0F0Dzy0C0C0F0EyDzy0Dzz2Q&cr=291356673&ir=
FF - user.js: extensions.funmoods.dfltSrch - true
FF - user.js: extensions.funmoods.srchPrvdr - Funmoods
FF - user.js: extensions.funmoods.dnsErr - true
FF - user.js: extensions.funmoods_i.newTab - false
FF - user.js: extensions.funmoods.newTabUrl - hxxp://searchfunmoods.com/?f=2&a=pc0102&cd=2XzuyEtN2Y1L1Qzu0EtDyCzyzyyD0B0BtCtC0D0Czz0A0C0BtN0D0Tzu0SyByByDtN1L2XzutBtFtCyCtFzztFtDtN1L1Czu1E1RtDtCtDtBtN1L1G1B1V1N2Y1L1Qzu2SyDyByEtD0E0Fzy0FtGyDzy0AyCtGyBtC0DzztGtDtCyDyCtGtCtC0CzytAtC0E0DtB0CtAzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0ByD0DyDtByEtDtGyEtBzzyBtG0DzyyEtDtGzyzy0FtBtGyB0F0Dzy0C0C0F0EyDzy0Dzz2Q&cr=291356673&ir=
FF - user.js: extensions.funmoods.tlbrSrchUrl - hxxp://searchfunmoods.com/?f=3&a=pc0102&cd=2XzuyEtN2Y1L1Qzu0EtDyCzyzyyD0B0BtCtC0D0Czz0A0C0BtN0D0Tzu0SyByByDtN1L2XzutBtFtCyCtFzztFtDtN1L1Czu1E1RtDtCtDtBtN1L1G1B1V1N2Y1L1Qzu2SyDyByEtD0E0Fzy0FtGyDzy0AyCtGyBtC0DzztGtDtCyDyCtGtCtC0CzytAtC0E0DtB0CtAzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0ByD0DyDtByEtDtGyEtBzzyBtG0DzyyEtDtGzyzy0FtBtGyB0F0Dzy0C0C0F0EyDzy0Dzz2Q&cr=291356673&ir=&q=
FF - user.js: extensions.funmoods.id - E06995BB11DC8ACB
FF - user.js: extensions.funmoods.instlDay - 16114
FF - user.js: extensions.funmoods.vrsn - 1.8.29.0
FF - user.js: extensions.funmoods.vrsni - 1.8.29.0
FF - user.js: extensions.funmoods_i.vrsnTs - 1.8.29.018:25:57
FF - user.js: extensions.funmoods.prtnrId - funmoods
FF - user.js: extensions.funmoods.prdct - funmoods
FF - user.js: extensions.funmoods.aflt - pc0102
FF - user.js: extensions.funmoods_i.smplGrp - none
FF - user.js: extensions.funmoods.tlbrId - base
FF - user.js: extensions.funmoods.instlRef - pc0102
FF - user.js: extensions.funmoods.dfltLng -
FF - user.js: extensions.funmoods.appId - {EA28B360-05E0-4F93-8150-02891F1D8D3C}
FF - user.js: extensions.funmoods.excTlbr - false
FF - user.js: extensions.funmoods_i.hmpg - true
FF - user.js: extensions.funmoods.cr - 291356673
FF - user.js: extensions.funmoods.cd - 2XzuyEtN2Y1L1Qzu0EtDyCzyzyyD0B0BtCtC0D0Czz0A0C0BtN0D0Tzu0SyByByDtN1L2XzutBtFtCyCtFzztFtDtN1L1Czu1E1RtDtCtDtBtN1L1G1B1V1N2Y1L1Qzu2SyDyByEtD0E0Fzy0FtGyDzy0AyCtGyBtC0DzztGtDtCyDyCtGtCtC0CzytAtC0E0DtB0CtAzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0ByD0DyDtByEtDtGyEtBzzyBtG0DzyyEtDtGzyzy0FtBtGyB0F0Dzy0C0C0F0EyDzy0Dzz2Q
FF - user.js: extensions.funmoods.AL - 2
FF - user.js: extensions.irspeeddial.aflt - pc0102
FF - user.js: extensions.irspeeddial.instlRef - pc0102
FF - user.js: extensions.irspeeddial.cr - 291356673
FF - user.js: extensions.irspeeddial.cd - 2XzuyEtN2Y1L1Qzu0EtDyCzyzyyD0B0BtCtC0D0Czz0A0C0BtN0D0Tzu0SyByByDtN1L2XzutBtFtCyCtFzztFtDtN1L1Czu1E1RtDtCtDtBtN1L1G1B1V1N2Y1L1Qzu2SyDyByEtD0E0Fzy0FtGyDzy0AyCtGyBtC0DzztGtDtCyDyCtGtCtC0CzytAtC0E0DtB0CtAzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0ByD0DyDtByEtDtGyEtBzzyBtG0DzyyEtDtGzyzy0FtBtGyB0F0Dzy0C0C0F0EyDzy0Dzz2Q
.
.
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-6-18 247216]
R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\drivers\SmartDefragDriver.sys [2014-3-2 21184]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2014-2-24 49952]
R1 Bfilter;Baidu Antivirus Minifilter Driver;C:\Windows\System32\drivers\Bfilter.sys [2013-10-2 52032]
R1 Bfmon;Baidu FS Monitor Driver;C:\Windows\System32\drivers\Bfmon.sys [2013-10-2 34624]
R1 Bprotect;Baidu Protect;C:\Windows\System32\drivers\Bprotect.sys [2013-10-2 128992]
R1 BprotectEx;Baidu ProtectEx;C:\Windows\System32\drivers\BprotectEx.sys [2013-10-2 78144]
R1 eamonm;eamonm;C:\Windows\System32\drivers\eamonm.sys [2013-9-17 239320]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2012-8-2 29792]
R1 kltdi;kltdi;C:\Windows\System32\drivers\kltdi.sys [2012-6-8 54368]
R1 kneps;kneps;C:\Windows\System32\drivers\kneps.sys [2012-8-13 178448]
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7;C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2014-1-4 881440]
R2 ekrn;ESET Service;D:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2013-9-12 1337752]
R2 epfwwfpr;epfwwfpr;C:\Windows\System32\drivers\epfwwfpr.sys [2013-9-17 157432]
R2 Garmin Core Update Service;Garmin Core Update Service;C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2013-9-19 250200]
R2 IMFservice;IMF Service;C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2014-2-1 342336]
R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2012-7-27 170824]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-3-27 1593632]
R2 PCAppStoreSvc_{PCAppStore_4.0.6.4959};Baidu PC App Store Service 4.0.6.4959;C:\Program Files (x86)\Baidu Security\PC App Store\4.0.6.4959\PCAppStoreSvc.exe [2014-2-21 576032]
R2 PST Service;PST Service;C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [2013-12-6 65657]
R2 StarWindServiceAE;StarWind AE Service;D:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 upnpcontsvc;upnpcontsvc;C:\Users\Andre\AppData\Roaming\Skype\nicolaspaiz\Sv_xwreg.exe [2013-4-9 585728]
R2 vToolbarUpdater18.0.5;vToolbarUpdater18.0.5;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe [2014-3-20 1771032]
R3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K;C:\Windows\System32\drivers\e1k62x64.sys [2012-6-27 509104]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2012-6-27 56344]
R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\Windows\System32\drivers\klkbdflt.sys [2012-5-25 29280]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2012-7-25 29280]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2014-3-17 39200]
R3 RZMAELSTROMVADService;Razer Surround Audio Enhancer Service;C:\Windows\System32\drivers\RzMaelstromVAD.sys [2014-3-6 40696]
R3 SbieDrv;SbieDrv;C:\Program Files (x86)\Sandboxie\SbieDrv.sys [2011-3-24 148072]
S2 Application Updater;Application Updater; [x]
S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;D:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2012-1-5 75624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2013-11-24 2151200]
S2 PCFasterSvc_{PCFaster_3.7.0.0};Baidu PC Faster Service 3.7.0.0; [x]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-3-1 161384]
S2 srvPlgProtect;Protect your browser's extensions; [x]
S2 SrvUpdater;Software Updater; [x]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-7-5 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
S3 FsUsbExDisk;FsUsbExDisk;C:\Windows\SysWOW64\FsUsbExDisk.Sys [2013-4-6 37344]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-3-13 111616]
S3 npggsvc;nProtect GameGuard Service;C:\Windows\System32\GameMon.des -service --> C:\Windows\System32\GameMon.des -service [?]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-12-23 19456]
S3 RegFilter;RegFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys [2014-3-4 34848]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2012-12-23 29696]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-12-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-12-23 30208]
S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 UrlFilter;UrlFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys [2014-3-4 23016]
S3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-8-20 1255736]
S4 FileMonitor;FileMonitor;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2014-3-4 23048]
S4 Motorola Device Manager;Motorola Device Manager Service;C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [2013-11-15 137528]
S4 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-2-25 4915040]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1 [userChoice]
.
=============== Created Last 30 ================
.
2014-04-03 21:28:00    --------    d-----w-    C:\Users\Andre\AppData\Local\{327B6C3C-59A2-4CEA-82DB-0A1C7BF5F876}
2014-04-03 19:29:41    --------    d-----w-    C:\ProgramData\RzMaelstromVAD_1.1.52.1675
2014-04-03 19:25:39    --------    d-----w-    C:\Users\Andre\AppData\Local\Razer
2014-04-03 02:42:50    --------    d-----w-    C:\Users\Andre\AppData\Roaming\3139
2014-04-01 06:55:04    75888    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2550175B-72AE-419D-BAD9-B6D1F4FD3A98}\offreg.dll
2014-04-01 06:53:18    10521840    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2550175B-72AE-419D-BAD9-B6D1F4FD3A98}\mpengine.dll
2014-03-30 23:21:31    --------    d-----w-    C:\Program Files (x86)\Programas RFB
2014-03-28 22:56:17    --------    d-----w-    C:\Users\Andre\AppData\Roaming\NVIDIA
2014-03-27 03:43:35    922968    ----a-w-    C:\Windows\System32\nvvsvc.exe
2014-03-27 03:43:35    6714312    ----a-w-    C:\Windows\System32\nvcpl.dll
2014-03-27 03:43:35    64968    ----a-w-    C:\Windows\System32\nvshext.dll
2014-03-27 03:43:35    386336    ----a-w-    C:\Windows\System32\nvmctray.dll
2014-03-27 03:43:35    3649185    ----a-w-    C:\Windows\System32\nvcoproc.bin
2014-03-27 03:43:35    3497816    ----a-w-    C:\Windows\System32\nvsvc64.dll
2014-03-27 03:43:35    2558808    ----a-w-    C:\Windows\System32\nvsvcr.dll
2014-03-23 04:04:31    --------    d-----w-    C:\Windows\Migration
2014-03-22 00:31:21    --------    d--h--w-    C:\Windows\msdownld.tmp
2014-03-21 00:07:57    --------    d-----w-    C:\ProgramData\AVG Secure Search
2014-03-17 23:59:36    --------    d-----w-    C:\Users\Andre\AppData\Local\NVIDIA Corporation
2014-03-17 23:52:08    39200    ----a-w-    C:\Windows\System32\drivers\nvvad64v.sys
2014-03-17 23:52:08    35104    ----a-w-    C:\Windows\System32\nvaudcap64v.dll
2014-03-17 23:52:08    33056    ----a-w-    C:\Windows\SysWow64\nvaudcap32v.dll
2014-03-16 17:35:16    1885472    ----a-w-    C:\Windows\System32\nvdispco6433489.dll
2014-03-16 17:35:16    1515296    ----a-w-    C:\Windows\System32\nvdispgenco6433489.dll
2014-03-14 23:13:01    --------    d-----w-    C:\Users\Andre\AppData\Roaming\Any DVD Shrink
2014-03-14 23:12:58    --------    d-----w-    C:\Program Files (x86)\Any DVD Shrink
2014-03-14 22:33:49    --------    d-----w-    C:\Users\Andre\AppData\Roaming\DVDFab9
2014-03-14 22:33:27    --------    d-----w-    C:\Program Files (x86)\DVDFab 9132
2014-03-14 21:44:13    --------    d-----w-    C:\Users\Andre\AppData\Roaming\23343
2014-03-13 03:20:34    228864    ----a-w-    C:\Windows\System32\wwansvc.dll
2014-03-13 03:20:33    484864    ----a-w-    C:\Windows\System32\wer.dll
2014-03-13 03:20:33    381440    ----a-w-    C:\Windows\SysWow64\wer.dll
2014-03-13 03:20:33    3156480    ----a-w-    C:\Windows\System32\win32k.sys
2014-03-13 03:15:41    624128    ----a-w-    C:\Windows\System32\qedit.dll
2014-03-13 03:15:41    509440    ----a-w-    C:\Windows\SysWow64\qedit.dll
2014-03-13 03:15:41    1424384    ----a-w-    C:\Windows\System32\WindowsCodecs.dll
2014-03-13 03:15:41    1230336    ----a-w-    C:\Windows\SysWow64\WindowsCodecs.dll
2014-03-09 15:10:34    965120    ----a-w-    C:\Windows\SysWow64\ac3filter.acm
2014-03-09 15:10:34    1202688    ----a-w-    C:\Windows\System32\ac3filter64.acm
2014-03-09 15:10:34    --------    d-----w-    C:\Program Files (x86)\AC3Filter
2014-03-09 15:08:26    --------    d-----w-    C:\Users\Andre\AppData\Local\Tuguu_SL
2014-03-09 15:04:36    --------    d-----w-    C:\Users\Andre\AppData\Roaming\SupTab
2014-03-09 15:02:51    --------    d-----w-    C:\Users\Andre\AppData\Local\SearchProtect
2014-03-06 13:39:36    --------    d-----w-    C:\Users\Andre\AppData\Local\ESET
2014-03-06 10:40:30    136704    ----a-w-    C:\Windows\SysWow64\RzVAD.dll
2014-03-06 09:37:30    40696    ----a-w-    C:\Windows\System32\drivers\RzMaelstromVAD.sys
2014-03-06 09:34:08    245760    ----a-w-    C:\Windows\System32\DriverInstallCACMD.exe
2014-03-06 09:34:06    69632    ----a-w-    C:\Windows\System32\DriverInstallCA.dll
2014-03-06 03:17:21    --------    d-----w-    C:\ProgramData\AVG SafeGuard toolbar
2014-03-06 02:17:32    --------    d-----w-    C:\Users\Andre\AppData\Local\AVG Secure Search
.
==================== Find3M  ====================
.
2014-04-01 22:28:07    290184    ----a-w-    C:\Windows\SysWow64\PnkBstrB.xtr
2014-04-01 22:28:07    290184    ----a-w-    C:\Windows\SysWow64\PnkBstrB.exe
2014-04-01 22:27:36    280904    ----a-w-    C:\Windows\SysWow64\PnkBstrB.ex0
2014-03-21 00:07:40    49952    ----a-w-    C:\Windows\System32\drivers\avgtpx64.sys
2014-03-14 16:18:33    22    ----a-w-    C:\Windows\SysWow64\sycd5.dll
2014-03-11 21:49:13    71048    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-11 21:49:13    692616    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2014-03-04 14:46:37    99384    ----a-w-    C:\Users\Andre\AppData\Roaming\inst.exe
2014-03-04 14:46:37    82816    ----a-w-    C:\Users\Andre\AppData\Roaming\pcouffin.sys
2014-03-01 05:17:02    2724864    ----a-w-    C:\Windows\System32\mshtml.tlb
2014-03-01 05:16:26    4096    ----a-w-    C:\Windows\System32\ieetwcollectorres.dll
2014-03-01 04:52:55    66048    ----a-w-    C:\Windows\System32\iesetup.dll
2014-03-01 04:51:59    48640    ----a-w-    C:\Windows\System32\ieetwproxystub.dll
2014-03-01 04:33:52    139264    ----a-w-    C:\Windows\System32\ieUnatt.exe
2014-03-01 04:33:34    111616    ----a-w-    C:\Windows\System32\ieetwcollector.exe
2014-03-01 04:32:59    708608    ----a-w-    C:\Windows\System32\jscript9diag.dll
2014-03-01 04:23:49    940032    ----a-w-    C:\Windows\System32\MsSpellCheckingFacility.exe
2014-03-01 04:11:20    2724864    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2014-03-01 03:54:33    5768704    ----a-w-    C:\Windows\System32\jscript9.dll
2014-03-01 03:52:43    61952    ----a-w-    C:\Windows\SysWow64\iesetup.dll
2014-03-01 03:51:53    51200    ----a-w-    C:\Windows\SysWow64\ieetwproxystub.dll
2014-03-01 03:38:26    112128    ----a-w-    C:\Windows\SysWow64\ieUnatt.exe
2014-03-01 03:37:35    553472    ----a-w-    C:\Windows\SysWow64\jscript9diag.dll
2014-03-01 03:35:11    2041856    ----a-w-    C:\Windows\System32\inetcpl.cpl
2014-03-01 03:14:15    4244480    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2014-03-01 03:10:28    2334208    ----a-w-    C:\Windows\System32\wininet.dll
2014-03-01 03:00:08    1964032    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2014-03-01 02:32:16    1820160    ----a-w-    C:\Windows\SysWow64\wininet.dll
2014-01-21 14:14:50    34624    ----a-w-    C:\Windows\System32\drivers\Bfmon.sys
2014-01-21 14:14:40    52032    ----a-w-    C:\Windows\System32\drivers\Bfilter.sys
2014-01-21 10:01:36    128992    ----a-w-    C:\Windows\System32\drivers\Bprotect.sys
2014-01-15 05:15:14    167784    ----a-w-    C:\ProgramData\FileSplitUpLoad.dll
2014-01-14 01:53:50    88576    ----a-w-    C:\Windows\SysWow64\rzdevinfo.dll
2014-01-08 18:54:02    121856    ----a-w-    C:\Windows\System32\IObitSmartDefragExtension.dll20140305091051.dll
2014-01-08 18:54:02    121856    ----a-w-    C:\Windows\System32\IObitSmartDefragExtension.dll20140216120120.dll
2014-01-08 18:54:02    121856    ----a-w-    C:\Windows\System32\IObitSmartDefragExtension.dll20140216111901.dll
2014-01-08 18:54:02    121856    ----a-w-    C:\Windows\System32\IObitSmartDefragExtension.dll
2010-01-26 13:11:08    444283    ----a-w-    C:\Program Files\Common Files\WinPcapNmap.exe
.
============= FINISH: 21:33:15,87 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 04/07/2012 20:47:13
System Uptime: 02/04/2014 10:01:24 (35 hours ago)
.
Motherboard: Intel Corporation |  | DH55HC
Processor: Intel® Core i5 CPU         760  @ 2.80GHz | XU1 | 2794/533mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 98 GiB total, 28,208 GiB free.
D: is FIXED (NTFS) - 1765 GiB total, 166,381 GiB free.
E: is CDROM ()
G: is FIXED (NTFS) - 1397 GiB total, 70,999 GiB free.
I: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================.
RP1064: 03/04/2014 16:28:15 - Instalação de Pacote de Driver de Dispositivo: Razer Controladores de som, vídeo e jogos
.
==== Image File Execution Options =============
.
IFEO: ActionCenterDownloader.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: DriverBooster.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: DriverEasy.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: Easeware.CheckingDevice.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: Easeware.CheckScheduledScan.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: Easeware.DriverInstall.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: Easeware.PatchInstall.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: EasyWare Multi-KeyFile Generator.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: MakeSFX.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: Promote.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: Scheduler.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: SDInit.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: SetupHlp.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: SmartDefrag.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: TeamViewer.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: TeamViewer_Desktop.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: TeamViewer_Service.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: tv_w32.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: tv_x64.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: UnRAR.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: UpdateDB.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: ActionCenterDownloader.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: DriverBooster.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: DriverEasy.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: Easeware.CheckingDevice.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: Easeware.CheckScheduledScan.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: Easeware.DriverInstall.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: Easeware.PatchInstall.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: EasyWare Multi-KeyFile Generator.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: MakeSFX.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: Promote.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: Scheduler.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: SDInit.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: SetupHlp.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: SmartDefrag.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: TeamViewer.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: TeamViewer_Desktop.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: TeamViewer_Service.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: tv_w32.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: tv_x64.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: UnRAR.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: UpdateDB.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
.
==== Installed Programs ======================.
Adobe Flash Player 12 ActiveX
Adobe Flash Player 12 Plugin
Adobe Reader XI - Português
Any DVD Shrink 1.3.8
µTorrent
Battlelog Web Plugins
Bonjour
Canon MP490 series MP Drivers
Desinstalar impressora EPSON T50 Series
DVDFab 9.1.3.2 (11/03/2014)
ESET NOD32 Antivirus
ESN Sonar
Funmoods
Google Chrome
Google Update Helper
Intel Processor Diagnostic Tool 64Bit
Intel® Management Engine Interface
Intel® Network Connections 17.3.63.0
IObit Uninstaller
IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País
Java 6 Update 21 (64-bit)
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Office Enterprise 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office Shared 64-bit MUI (Portuguese (Brazil)) 2007
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
Microsoft_VC80_ATL_x86_x64
Microsoft_VC80_CRT_x86_x64
Microsoft_VC80_MFC_x86_x64
Microsoft_VC80_MFCLOC_x86_x64
Microsoft_VC90_ATL_x86_x64
Microsoft_VC90_CRT_x86_x64
Microsoft_VC90_MFC_x86_x64
Microsoft_VC90_MFCLOC_x86_x64
Mozilla Firefox 28.0 (x86 pt-BR)
Mozilla Maintenance Service
MPC-HC 1.7.3 (64-bit)
MyFreeCodec
NVIDIA Driver de gráficos 335.23
NVIDIA Install Application
NVIDIA Network Service
NVIDIA Virtual Audio 1.2.20
Painel de controle da NVIDIA 335.23
Razer Surround
Razer Synapse 2.0
Receitanet
Sandboxie 3.54 (64-bit)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Software para Impressoras EPSON
Speccy
TeamSpeak 3 Client
TeraCopy 2.3
Unity Web Player
Update for Funmoods Chat
VDownloader 3.9.1421
WhoCrashed 4.02
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Language Selector
Windows Live MIME IFilter
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
WinRAR 5.01 (64-bit).
==== End Of File ===========================

Compartilhar este post


Link para o post
Compartilhar em outros sites

Faça o download do Malwarebytes Anti-Malware:

  • Link1
  • Link alternativo
    • Clique duas vezes em mbam-setup.exe, escolha a linguagem e siga as instruções para o software ser instalado.
    • Certifique-se que esteja marcada a caixa Atualizar Malwarebytes Anti-Malware e Executar Malwarebytes Anti-Malware, e clique em concluir.
    • Se existirem atualizações, elas serão baixadas e instaladas.
    • Quando as atualizações terminarem, abrirá uma janela do programa. Marque "Verificação Rápida", e depois clique no botão Verificar.
    • O scan iniciará e poderá ser demorado. Por favor seja paciente.
    • Quando o scan estiver completo, clique em Ok, depois em Mostrar Resultados para ver o log.
    • Se algo for encontrado, certifique-se que tudo está marcado e clique em Remover.
    • Quando a desinfecção terminar, automaticamente um log surgirá aberto num documento do Bloco de Notas e pode ser questionado para reiniciar o PC. (Leia a nota)
    • O log é automaticamente guardado e pode ser consultado clicando na tab Logs do menu principal.
    • Copie e cole o conteúdo desse log na sua próxima resposta.
Nota: Em infecções mais complicadas, poderá haver a necessidade de reiniciar o PC. Caso lhe seja pedido para reiniciar, por favor, faça-o imediatamente.

Compartilhar este post


Link para o post
Compartilhar em outros sites

O log é muito grande então vou usar 2 paginas

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 10/04/2014
Scan Time: 13:17:53
Logfile: log.txt
Administrator: Yes
 
Version: 2.00.1.1004
Malware Database: v2014.04.10.05
Rootkit Database: v2014.03.27.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Andre
 
Scan Type: Hyper Scan
Result: Completed
Objects Scanned: 243929
Time Elapsed: 8 min, 46 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Disabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 39
PUP.Optional.OKitSpace.A, HKLM\SOFTWARE\CLASSES\APPID\OKitSpace.DLL, No Action By User, [6b4261c72a510c2aa691e690e31fce32], 
PUP.Funmoods, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\bbjciahceamgodcoidkjpchnokgfpphh, No Action By User, [b3fac0683348b77f8985215e976b8d73], 
PUP.Optional.FunMoods.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\cjpglkicenollcignonpgiafdgfeehoj, No Action By User, [9d1050d8bcbf5dd97009c8a2946f39c7], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\21636, No Action By User, [8b2246e2a1da49edf59e6106af538878], 
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, No Action By User, [971685a3b0cba4928b03eea86a9911ef], 
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BonanzaDealsLive.exe, No Action By User, [654883a5c4b7b581b938345e0af90000], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\Iminent, No Action By User, [7f2e67c13942b284d0ae552047bb6b95], 
PUP.Optional.OKitSpace.A, HKLM\SOFTWARE\WOW6432NODE\OKitSpace, No Action By User, [9a1364c4fb80b086e752e294f60cd32d], 
PUP.Optional.OKitSpace.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\OKitSpace.DLL, No Action By User, [f3bafb2d93e8251196a16214a959936d], 
PUP.Funmoods, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\bbjciahceamgodcoidkjpchnokgfpphh, No Action By User, [b1fc50d84a3180b6c14dc5baa55d39c7], 
PUP.Optional.FunMoods.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\cjpglkicenollcignonpgiafdgfeehoj, No Action By User, [b3fac464d9a22c0a97e22941e81bc040], 
PUP.Optional.WebCake.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\fjoijdanhaiflhibkljeklcghcmmfffh, No Action By User, [dad3e642accfbc7a7023b0d435ce2bd5], 
PUP.Optional.QuickStart.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\pelmeidfhdlhlbjimpabfcbnnojbboma, No Action By User, [8e1f9e8a314a82b42e0271f719e9639d], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLEDBROWSEREXTENSIONS\21636, No Action By User, [f3ba41e79dde3402e4af2f3844be966a], 
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, No Action By User, [3f6e9197dc9f66d0deb0bcda3cc74bb5], 
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BonanzaDealsLive.exe, No Action By User, [604d3cec7605dd5934bd6a28cf34f010], 
PUP.Optional.SoftwareUpdater.A, HKLM\SOFTWARE\WOW6432NODE\SOFTWAREUPDATER, No Action By User, [2f7ecb5d5526c670df4053390003e917], 
PUP.Optional.BundleInstaller.A, HKLM\SOFTWARE\WOW6432NODE\VITTALIA\AxtanInstaller, No Action By User, [ab02ba6ef9820f2724e8c2b043bff30d], 
PUP.Optional.PlusHD.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-1.6, No Action By User, [75383cec25564aec74c78fd8ae54e61a], 
PUP.Optional.BonanzaDeals.A, HKU\S-1-5-21-1716116176-1192210989-648303779-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BonanzaDealsLive, No Action By User, [911cd553d9a272c45a94543e768d1ee2], 
PUP.FunMoods, HKU\S-1-5-21-1716116176-1192210989-648303779-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Funmoods, No Action By User, [02abd25654278babc7cc92ea18eaff01], 
PUP.Optional.FunMoods.A, HKU\S-1-5-21-1716116176-1192210989-648303779-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\funmoodsToolbar, No Action By User, [9f0ea8809be0fc3a18680f80eb18b947], 
PUP.Optional.Iminent.A, HKU\S-1-5-21-1716116176-1192210989-648303779-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Iminent, No Action By User, [6e3f51d74833da5c443b581d5da57888], 
PUP.Optional.SaveSense.A, HKU\S-1-5-21-1716116176-1192210989-648303779-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SaveSenseLive, No Action By User, [8924ae7a95e6bb7b764544557f848c74], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1716116176-1192210989-648303779-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, No Action By User, [9617240463187fb725329f004db69b65], 
PUP.Optional.Freeven.A, HKU\S-1-5-21-1716116176-1192210989-648303779-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\free ven, No Action By User, [e7c67eaa354684b2f97aa8fd25de7e82], 
PUP.Optional.PlusHD.A, HKU\S-1-5-21-1716116176-1192210989-648303779-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-1.6, No Action By User, [2e7fe444d3a8c96d71ca6cfb62a0ab55], 
PUP.Optional.PriceGong.A, HKU\S-1-5-21-1716116176-1192210989-648303779-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\PriceGong, No Action By User, [dfcec5632f4c2a0c507a6707a85a8c74], 
PUP.Optional.Conduit.A, HKU\S-1-5-21-1716116176-1192210989-648303779-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CONDUIT\FF, No Action By User, [8f1e77b1f98261d58bbd6c2417ecb64a], 
PUP.Optional.ValueApps.A, HKU\S-1-5-21-1716116176-1192210989-648303779-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CONDUIT\ValueApps, No Action By User, [436a3cec7209a78ff903e88c956d0ff1], 
PUP.Optional.DealPly.A, HKU\S-1-5-21-1716116176-1192210989-648303779-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DEALPLY, No Action By User, [872677b18dee65d16abf4547798ab749], 
PUP.Funmoods, HKU\S-1-5-21-1716116176-1192210989-648303779-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\bbjciahceamgodcoidkjpchnokgfpphh, No Action By User, [3d70ea3ea0db3ef806077f00aa5849b7], 
PUP.Optional.FunMoods.A, HKU\S-1-5-21-1716116176-1192210989-648303779-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\cjpglkicenollcignonpgiafdgfeehoj, No Action By User, [49648d9b2556a88ef387beacaf54f808], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1716116176-1192210989-648303779-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, No Action By User, [525bf6324833d066463f0b69f50db14f], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1716116176-1192210989-648303779-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, No Action By User, [aa03c4640b702115e7db0684f70cab55], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1716116176-1192210989-648303779-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\21636, No Action By User, [c7e60721c9b293a3d3c1c5a246bcdc24], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1716116176-1192210989-648303779-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\freeven, No Action By User, [c1ec9d8b5f1c6fc7b54a4b1f12f03ac6], 
PUP.Optional.PlusHD.A, HKU\S-1-5-21-1716116176-1192210989-648303779-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\Plus HD, No Action By User, [812cdd4ba7d422145ede07603ec4f709], 
PUP.Optional.Qone8, HKU\S-1-5-21-1716116176-1192210989-648303779-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, No Action By User, [d0ddc4643f3c2a0c9af3a9edfc074ab6], 
 
Registry Values: 4
PUP.Optional.QuickStart.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|quick_start@gmail.com, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com, No Action By User, [e0cd13156c0fe94d6bc664047e848977]
PUP.Optional.SoftwareUpdater.A, HKLM\SOFTWARE\WOW6432NODE\SOFTWAREUPDATER|partner_keyword, EAZELPT, No Action By User, [2f7ecb5d5526c670df4053390003e917]
PUP.Optional.DealPly.A, HKU\S-1-5-21-1716116176-1192210989-648303779-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DEALPLY|Partner, vita, No Action By User, [872677b18dee65d16abf4547798ab749]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1716116176-1192210989-648303779-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0B1G1O1S0V1G1F, No Action By User, [aa03c4640b702115e7db0684f70cab55]
 
Registry Data: 11
PUP.Optional.Awesomehp.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe http://www.awesomehp.com/?type=sc&ts=1394377420&from=tugs&uid=ST2000DM001-9YN164_S2404DCYXXXXS2404DCY, Good: (iexplore.exe), Bad: (C:\Program Files\Internet Explorer\iexplore.exe http://www.awesomehp.com/?type=sc&ts=1394377420&from=tugs&uid=ST2000DM001-9YN164_S2404DCYXXXXS2404DCY),No Action By User,[822bf434e992d066615a080a947025db]
PUP.Optional.Awesomehp.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.awesomehp.com/?type=hp&ts=1394377420&from=tugs&uid=ST2000DM001-9YN164_S2404DCYXXXXS2404DCY, Good: (http://www.google.com), Bad: (http://www.awesomehp.com/?type=hp&ts=1394377420&from=tugs&uid=ST2000DM001-9YN164_S2404DCYXXXXS2404DCY),No Action By User,[a409bf693249a195348450c2cb397d83]
PUP.Optional.Awesomehp.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.awesomehp.com/?type=hp&ts=1394377420&from=tugs&uid=ST2000DM001-9YN164_S2404DCYXXXXS2404DCY, Good: (http://www.google.com), Bad: (http://www.awesomehp.com/?type=hp&ts=1394377420&from=tugs&uid=ST2000DM001-9YN164_S2404DCYXXXXS2404DCY),No Action By User,[e1ccb8704f2c11257c43b959c242a060]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),No Action By User,[9c111612ff7cd95d9ae10a12a85c9f61]
PUP.Optional.Awesomehp.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe http://www.awesomehp.com/?type=sc&ts=1394377420&from=tugs&uid=ST2000DM001-9YN164_S2404DCYXXXXS2404DCY, Good: (iexplore.exe), Bad: (C:\Program Files\Internet Explorer\iexplore.exe http://www.awesomehp.com/?type=sc&ts=1394377420&from=tugs&uid=ST2000DM001-9YN164_S2404DCYXXXXS2404DCY),No Action By User,[9b12a5836e0def475665819181835ea2]
PUP.Optional.Awesomehp.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://www.awesomehp.com/web/?type=ds&ts=1394377420&from=tugs&uid=ST2000DM001-9YN164_S2404DCYXXXXS2404DCY&q={searchTerms}, Good: (http://www.google.com), Bad: (http://www.awesomehp.com/web/?type=ds&ts=1394377420&from=tugs&uid=ST2000DM001-9YN164_S2404DCYXXXXS2404DCY&q={searchTerms}),No Action By User,[cde0fb2d403b0531d0ed13ff6d9757a9]
PUP.Optional.Awesomehp.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.awesomehp.com/?type=hp&ts=1394377420&from=tugs&uid=ST2000DM001-9YN164_S2404DCYXXXXS2404DCY, Good: (http://www.google.com), Bad: (http://www.awesomehp.com/?type=hp&ts=1394377420&from=tugs&uid=ST2000DM001-9YN164_S2404DCYXXXXS2404DCY),No Action By User,[96171a0edc9f93a36f4945cdd62e0cf4]
PUP.Optional.Awesomehp.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.awesomehp.com/?type=hp&ts=1394377420&from=tugs&uid=ST2000DM001-9YN164_S2404DCYXXXXS2404DCY, Good: (http://www.google.com), Bad: (http://www.awesomehp.com/?type=hp&ts=1394377420&from=tugs&uid=ST2000DM001-9YN164_S2404DCYXXXXS2404DCY),No Action By User,[05a8f1375f1cbb7baa15d53d3bc930d0]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),No Action By User,[f3baba6ea8d3c175d5a655c7897b6d93]
PUP.Optional.Awesomehp.A, HKU\S-1-5-21-1716116176-1192210989-648303779-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.awesomehp.com/?type=hp&ts=1394377420&from=tugs&uid=ST2000DM001-9YN164_S2404DCYXXXXS2404DCY, Good: (http://www.google.com), Bad: (http://www.awesomehp.com/?type=hp&ts=1394377420&from=tugs&uid=ST2000DM001-9YN164_S2404DCYXXXXS2404DCY),No Action By User,[affe4bdd0576ff373881d83a798b7e82]
 
Folders: 83
PUP.Optional.FunMoods.A, C:\Users\Andre\AppData\Roaming\Funmoods\UpdateProc, No Action By User, [eebf43e5e19a45f16adde49227db56aa], 
PUP.Optional.Spigot.A, C:\Users\Andre\AppData\Local\Slick Savings, No Action By User, [4469f3352a5195a18d0c4152bf445da3], 
PUP.Optional.MarketScore, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge, No Action By User, [d5d8022680fb5ed8e1963120cb377789], 
Adware.EoRezo, C:\Users\Andre\AppData\Local\eorezo, No Action By User, [1598fd2bf98269cdf352094de9199967], 
Adware.EoRezo, C:\Users\Andre\AppData\Local\eorezo\eorezo, No Action By User, [1598fd2bf98269cdf352094de9199967], 
Adware.EoRezo, C:\Users\Andre\AppData\Local\eorezo\eorezo\1.10, No Action By User, [1598fd2bf98269cdf352094de9199967], 
PUP.Optional.BrowserDefender.A, C:\ProgramData\BrowserDefender\2.6.1519.190, No Action By User, [595427011d5ebe78370a134559a948b8], 
PUP.Optional.BrowserDefender.A, C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}, No Action By User, [595427011d5ebe78370a134559a948b8], 
PUP.Optional.BrowserDefender.A, C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension, No Action By User, [595427011d5ebe78370a134559a948b8], 
PUP.Optional.BrowserDefender.A, C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings, No Action By User, [595427011d5ebe78370a134559a948b8], 
PUP.Optional.337Technologies.A, C:\Program Files (x86)\Common Files\337\libcef, No Action By User, [268781a71764fa3c2c7a391fc042f60a], 
PUP.Optional.337Technologies.A, C:\Program Files (x86)\Common Files\337\libcef\1.1364.1123, No Action By User, [268781a71764fa3c2c7a391fc042f60a], 
PUP.Optional.337Technologies.A, C:\Program Files (x86)\Common Files\337\libcef\1.1364.1123\locales, No Action By User, [268781a71764fa3c2c7a391fc042f60a], 
PUP.Optional.Conduit.A, C:\Users\Andre\AppData\Local\Temp\CT1750559, No Action By User, [95180820ccaffc3a8f655cfc62a0a15f], 
PUP.Optional.Conduit.A, C:\Users\Andre\AppData\Local\Temp\CT1750559\xpi, No Action By User, [95180820ccaffc3a8f655cfc62a0a15f], 
PUP.Optional.Conduit.A, C:\Users\Andre\AppData\Local\Temp\CT1750559\xpi\defaults, No Action By User, [95180820ccaffc3a8f655cfc62a0a15f], 
PUP.Optional.Conduit.A, C:\Users\Andre\AppData\Local\Temp\CT1750559\xpi\defaults\preferences, No Action By User, [95180820ccaffc3a8f655cfc62a0a15f], 
PUP.Optional.OKitSpace.A, C:\Users\Andre\AppData\Roaming\okitSpace, No Action By User, [c0ed34f44734979fc538193f936fdd23], 
PUP.Optional.OKitSpace.A, C:\Users\Andre\AppData\Roaming\okitSpace\Chrome, No Action By User, [c0ed34f44734979fc538193f936fdd23], 
PUP.Optional.OKitSpace.A, C:\Users\Andre\AppData\Roaming\okitSpace\Chrome\tempCRX, No Action By User, [c0ed34f44734979fc538193f936fdd23], 
PUP.Optional.OKitSpace.A, C:\Users\Andre\AppData\Roaming\okitSpace\Chrome\tempCRX\images, No Action By User, [c0ed34f44734979fc538193f936fdd23], 
PUP.Optional.OKitSpace.A, C:\Users\Andre\AppData\Roaming\okitSpace\Firefox, No Action By User, [c0ed34f44734979fc538193f936fdd23], 
PUP.Optional.OKitSpace.A, C:\Users\Andre\AppData\Roaming\okitSpace\Firefox\chrome, No Action By User, [c0ed34f44734979fc538193f936fdd23], 
PUP.Optional.OKitSpace.A, C:\Users\Andre\AppData\Roaming\okitSpace\Firefox\chrome\content, No Action By User, [c0ed34f44734979fc538193f936fdd23], 
PUP.Optional.OKitSpace.A, C:\Users\Andre\AppData\Roaming\okitSpace\Firefox\chrome\content\icons, No Action By User, [c0ed34f44734979fc538193f936fdd23], 
PUP.Optional.OKitSpace.A, C:\Users\Andre\AppData\Roaming\okitSpace\Firefox\chrome\skin, No Action By User, [c0ed34f44734979fc538193f936fdd23], 
PUP.Optional.OKitSpace.A, C:\Users\Andre\AppData\Roaming\okitSpace\IE, No Action By User, [c0ed34f44734979fc538193f936fdd23], 
PUP.Optional.BonanzaDeals.A, C:\ProgramData\BonanzaDealsLive, No Action By User, [703d2800d0ab61d59fd477e2a2606898], 
PUP.Optional.BonanzaDeals.A, C:\ProgramData\BonanzaDealsLive\Update, No Action By User, [703d2800d0ab61d59fd477e2a2606898], 
PUP.Optional.BonanzaDeals.A, C:\ProgramData\BonanzaDealsLive\Update\Log, No Action By User, [703d2800d0ab61d59fd477e2a2606898], 
PUP.Optional.BonanzaDeals.A, C:\Users\Andre\AppData\Local\BonanzaDealsLive, No Action By User, [0aa397918deed264beb675e4c83a17e9], 
PUP.Optional.BonanzaDeals.A, C:\Users\Andre\AppData\Local\BonanzaDealsLive\CrashReports, No Action By User, [0aa397918deed264beb675e4c83a17e9], 
PUP.Optional.BonanzaDeals.A, C:\Program Files (x86)\BonanzaDealsLive, No Action By User, [337a60c86e0de74f5c1a76e336ccb050], 
PUP.Optional.BonanzaDeals.A, C:\Program Files (x86)\BonanzaDealsLive\CrashReports, No Action By User, [337a60c86e0de74f5c1a76e336ccb050], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive, No Action By User, [44696abe413a999db73600592dd5aa56], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\CrashReports, No Action By User, [44696abe413a999db73600592dd5aa56], 
PUP.Optional.SaveSense, C:\ProgramData\SaveSenseLive, No Action By User, [d7d6a5830a7167cf717d4c0d4db52fd1], 
PUP.Optional.SaveSense, C:\ProgramData\SaveSenseLive\Update, No Action By User, [d7d6a5830a7167cf717d4c0d4db52fd1], 
PUP.Optional.SaveSense, C:\ProgramData\SaveSenseLive\Update\Log, No Action By User, [d7d6a5830a7167cf717d4c0d4db52fd1], 
PUP.Optional.SaveSense, C:\Users\Andre\AppData\Roaming\SaveSense, No Action By User, [9914998f3d3e9d99a649b2a7a65c966a], 
PUP.Optional.SaveSense, C:\Users\Andre\AppData\Roaming\SaveSense\UpdateProc, No Action By User, [9914998f3d3e9d99a649b2a7a65c966a], 
PUP.Optional.SaveSense.A, C:\Users\Andre\AppData\Local\SaveSenseLive, No Action By User, [129b71b7e09b9a9c9d563b1ef80a916f], 
PUP.Optional.SaveSense.A, C:\Users\Andre\AppData\Local\SaveSenseLive\CrashReports, No Action By User, [129b71b7e09b9a9c9d563b1ef80a916f], 
PUP.Optional.Conduit, C:\Users\Andre\AppData\Local\TBHostSupport, No Action By User, [eac383a5f18a50e665945dfc8e743ac6], 
PUP.Optional.NextLive.A, C:\Users\Andre\AppData\Roaming\newnext.me, No Action By User, [129b1810e29982b43200f2688e7408f8], 
PUP.Optional.NextLive.A, C:\Users\Andre\AppData\Roaming\newnext.me\cache, No Action By User, [129b1810e29982b43200f2688e7408f8], 
PUP.Optional.CrossRider.A, C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjmimgeipgjgdblgkjpgaknjeidbnjdb, No Action By User, [09a4f4346b10c0767c8560fc49b932ce], 
PUP.Optional.CrossRider.A, C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjmimgeipgjgdblgkjpgaknjeidbnjdb\0.1_0, No Action By User, [09a4f4346b10c0767c8560fc49b932ce], 
PUP.Optional.SavingsSlider.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\savingsslider@mybrowserbar.com, No Action By User, [98157dab5d1e33036732fb632fd32dd3], 
PUP.Optional.SavingsSlider.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\savingsslider@mybrowserbar.com\chrome, No Action By User, [98157dab5d1e33036732fb632fd32dd3], 
PUP.Optional.SavingsSlider.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\savingsslider@mybrowserbar.com\chrome\content, No Action By User, [98157dab5d1e33036732fb632fd32dd3], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\content, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\content\include, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\content\include\tools, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\content\js, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\locale, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\locale\en, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\locale\en-US, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\locale\es, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\locale\es-419, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\locale\fr, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\locale\fr-BE, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\locale\fr-CA, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\locale\fr-CH, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\locale\fr-LU, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\locale\it, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\locale\it-CH, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\locale\pl, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\locale\pt-BR, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\locale\ru, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\locale\ru-MO, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\locale\tr, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\locale\vi, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\locale\zh-CN, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\locale\zh-TW, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\weather, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\defaults, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\defaults\preferences, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\modules, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.FunMoods.A, C:\Users\Andre\AppData\Roaming\FunmoodsChat\UpdateProc, No Action By User, [723bb078374450e6879966fa27dbfd03], 
 
Files: 189
PUP.Optional.PCPerformer.A, C:\Windows\System32\roboot64.exe, No Action By User, [416cd058087374c23d02135bf30f43bd], 
PUP.Optional.Awesomehp.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\awesomehp.xml, No Action By User, [4469df4994e7999d1724dc952cd6d729], 
PUP.Optional.FunMoods.A, C:\Users\Andre\AppData\Roaming\Funmoods\UpdateProc\config.dat, No Action By User, [eebf43e5e19a45f16adde49227db56aa], 
PUP.Optional.FunMoods.A, C:\Users\Andre\AppData\Roaming\Funmoods\UpdateProc\gup_dt.dat, No Action By User, [eebf43e5e19a45f16adde49227db56aa], 
PUP.Optional.FunMoods.A, C:\Users\Andre\AppData\Roaming\Funmoods\UpdateProc\info.dat, No Action By User, [eebf43e5e19a45f16adde49227db56aa], 
PUP.Optional.FunMoods.A, C:\Users\Andre\AppData\Roaming\Funmoods\UpdateProc\STTL.DAT, No Action By User, [eebf43e5e19a45f16adde49227db56aa], 
PUP.Optional.FunMoods.A, C:\Users\Andre\AppData\Roaming\Funmoods\UpdateProc\TTL.DAT, No Action By User, [eebf43e5e19a45f16adde49227db56aa], 
Malware.Trace.E, C:\Users\Andre\AppData\Roaming\olhaissoae, No Action By User, [337ae93f3f3c7abc74f21d5962a0916f], 
PUP.Funmoods, C:\Users\Andre\AppData\Local\funmoods.crx, No Action By User, [8b226fb9e09be650ce3d136c6a98e61a], 
PUP.Optional.Spigot.A, C:\Users\Andre\AppData\Local\Slick Savings\coupons.crx, No Action By User, [4469f3352a5195a18d0c4152bf445da3], 
PUP.Optional.Freeven.A, C:\Windows\Tasks\free ven-chromeinstaller.job, No Action By User, [8a23979128530a2c571b2d78d132ad53], 
PUP.Optional.Freeven.A, C:\Windows\Tasks\free ven-codedownloader.job, No Action By User, [dfcee74197e47bbb145e594cb94ae020], 
PUP.Optional.Freeven.A, C:\Windows\Tasks\free ven-enabler.job, No Action By User, [466776b29cdf58dec3afa6ff5ea5cf31], 
PUP.Optional.Freeven.A, C:\Windows\Tasks\free ven-firefoxinstaller.job, No Action By User, [b5f810189ae1d95dfc769e07ea199f61], 
PUP.Optional.Freeven.A, C:\Windows\Tasks\free ven-updater.job, No Action By User, [4766d2567ffccc6aafc33a6b30d3b34d], 
PUP.Optional.MarketScore, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\About RelevantKnowledge.lnk, No Action By User, [d5d8022680fb5ed8e1963120cb377789], 
PUP.Optional.MarketScore, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Privacy Policy and User License Agreement.lnk, No Action By User, [d5d8022680fb5ed8e1963120cb377789], 
PUP.Optional.MarketScore, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Support.lnk, No Action By User, [d5d8022680fb5ed8e1963120cb377789], 
Adware.EoRezo, C:\Users\Andre\AppData\Local\eorezo\eorezo\1.10\eorezo.cyl, No Action By User, [1598fd2bf98269cdf352094de9199967], 
PUP.Optional.BrowserDefender.A, C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\bl, No Action By User, [595427011d5ebe78370a134559a948b8], 
PUP.Optional.BrowserDefender.A, C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.settings, No Action By User, [595427011d5ebe78370a134559a948b8], 
PUP.Optional.BrowserDefender.A, C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\dm, No Action By User, [595427011d5ebe78370a134559a948b8], 
PUP.Optional.BrowserDefender.A, C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\00, No Action By User, [595427011d5ebe78370a134559a948b8], 
PUP.Optional.BrowserDefender.A, C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\01, No Action By User, [595427011d5ebe78370a134559a948b8], 
PUP.Optional.BrowserDefender.A, C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\02, No Action By User, [595427011d5ebe78370a134559a948b8], 
PUP.Optional.BrowserDefender.A, C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\03, No Action By User, [595427011d5ebe78370a134559a948b8], 
PUP.Optional.BrowserDefender.A, C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\10, No Action By User, [595427011d5ebe78370a134559a948b8], 
PUP.Optional.BrowserDefender.A, C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\11, No Action By User, [595427011d5ebe78370a134559a948b8], 
PUP.Optional.BrowserDefender.A, C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\12, No Action By User, [595427011d5ebe78370a134559a948b8], 
PUP.Optional.BrowserDefender.A, C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\13, No Action By User, [595427011d5ebe78370a134559a948b8], 
PUP.Optional.BrowserDefender.A, C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\20, No Action By User, [595427011d5ebe78370a134559a948b8], 
PUP.Optional.BrowserDefender.A, C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\21, No Action By User, [595427011d5ebe78370a134559a948b8], 
PUP.Optional.BrowserDefender.A, C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\22, No Action By User, [595427011d5ebe78370a134559a948b8], 
PUP.Optional.BrowserDefender.A, C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\23, No Action By User, [595427011d5ebe78370a134559a948b8], 

PUP.Optional.337Technologies.A, C:\Program Files (x86)\Common Files\337\libcef\1.1364.1123\icudt.dll, No Action By User, [268781a71764fa3c2c7a391fc042f60a], 
PUP.Optional.337Technologies.A, C:\Program Files (x86)\Common Files\337\libcef\1.1364.1123\libcef.dll, No Action By User, [268781a71764fa3c2c7a391fc042f60a], 
PUP.Optional.337Technologies.A, C:\Program Files (x86)\Common Files\337\libcef\1.1364.1123\locales\en-US.pak, No Action By User, [268781a71764fa3c2c7a391fc042f60a], 
PUP.Optional.OKitSpace.A, C:\Users\Andre\AppData\Roaming\okitSpace\Chrome\OKitSpace.crx, No Action By User, [c0ed34f44734979fc538193f936fdd23], 
PUP.Optional.OKitSpace.A, C:\Users\Andre\AppData\Roaming\okitSpace\Chrome\OKitSpace.pem, No Action By User, [c0ed34f44734979fc538193f936fdd23], 
PUP.Optional.OKitSpace.A, C:\Users\Andre\AppData\Roaming\okitSpace\Chrome\tempCRX\background.js, No Action By User, [c0ed34f44734979fc538193f936fdd23], 
PUP.Optional.OKitSpace.A, C:\Users\Andre\AppData\Roaming\okitSpace\Chrome\tempCRX\manifest.json, No Action By User, [c0ed34f44734979fc538193f936fdd23], 
PUP.Optional.OKitSpace.A, C:\Users\Andre\AppData\Roaming\okitSpace\Chrome\tempCRX\images\okitspace-19x19.png, No Action By User, [c0ed34f44734979fc538193f936fdd23], 
PUP.Optional.OKitSpace.A, C:\Users\Andre\AppData\Roaming\okitSpace\Chrome\tempCRX\images\okitspace-48x48.png, No Action By User, [c0ed34f44734979fc538193f936fdd23], 
PUP.Optional.OKitSpace.A, C:\Users\Andre\AppData\Roaming\okitSpace\Firefox\chrome.manifest, No Action By User, [c0ed34f44734979fc538193f936fdd23], 
PUP.Optional.OKitSpace.A, C:\Users\Andre\AppData\Roaming\okitSpace\Firefox\install.rdf, No Action By User, [c0ed34f44734979fc538193f936fdd23], 
PUP.Optional.OKitSpace.A, C:\Users\Andre\AppData\Roaming\okitSpace\Firefox\chrome\content\background.html, No Action By User, [c0ed34f44734979fc538193f936fdd23], 
PUP.Optional.OKitSpace.A, C:\Users\Andre\AppData\Roaming\okitSpace\Firefox\chrome\content\content.xul, No Action By User, [c0ed34f44734979fc538193f936fdd23], 
PUP.Optional.OKitSpace.A, C:\Users\Andre\AppData\Roaming\okitSpace\Firefox\chrome\content\main.js, No Action By User, [c0ed34f44734979fc538193f936fdd23], 
PUP.Optional.OKitSpace.A, C:\Users\Andre\AppData\Roaming\okitSpace\Firefox\chrome\content\icons\okitspace-19x19.png, No Action By User, [c0ed34f44734979fc538193f936fdd23], 
PUP.Optional.OKitSpace.A, C:\Users\Andre\AppData\Roaming\okitSpace\Firefox\chrome\content\icons\okitspace-48x48.png, No Action By User, [c0ed34f44734979fc538193f936fdd23], 
PUP.Optional.OKitSpace.A, C:\Users\Andre\AppData\Roaming\okitSpace\Firefox\chrome\skin\overlay.css, No Action By User, [c0ed34f44734979fc538193f936fdd23], 
PUP.Optional.OKitSpace.A, C:\Users\Andre\AppData\Roaming\okitSpace\IE\config, No Action By User, [c0ed34f44734979fc538193f936fdd23], 
PUP.Optional.BonanzaDeals.A, C:\ProgramData\BonanzaDealsLive\Update\Log\BonanzaDealsLive.log, No Action By User, [703d2800d0ab61d59fd477e2a2606898], 
PUP.Optional.SaveSense, C:\ProgramData\SaveSenseLive\Update\Log\SaveSenseLive.log, No Action By User, [d7d6a5830a7167cf717d4c0d4db52fd1], 
PUP.Optional.SaveSense, C:\Users\Andre\AppData\Roaming\SaveSense\UpdateProc\config.dat, No Action By User, [9914998f3d3e9d99a649b2a7a65c966a], 
PUP.Optional.SaveSense, C:\Users\Andre\AppData\Roaming\SaveSense\UpdateProc\info.dat, No Action By User, [9914998f3d3e9d99a649b2a7a65c966a], 
PUP.Optional.SaveSense, C:\Users\Andre\AppData\Roaming\SaveSense\UpdateProc\STTL.DAT, No Action By User, [9914998f3d3e9d99a649b2a7a65c966a], 
PUP.Optional.SaveSense, C:\Users\Andre\AppData\Roaming\SaveSense\UpdateProc\TTL.DAT, No Action By User, [9914998f3d3e9d99a649b2a7a65c966a], 
PUP.Optional.NextLive.A, C:\Users\Andre\AppData\Roaming\newnext.me\nengine.cookie, No Action By User, [129b1810e29982b43200f2688e7408f8], 
PUP.Optional.NextLive.A, C:\Users\Andre\AppData\Roaming\newnext.me\cache\spark.bin, No Action By User, [129b1810e29982b43200f2688e7408f8], 
PUP.Optional.CrossRider.A, C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjmimgeipgjgdblgkjpgaknjeidbnjdb\0.1_0\background.js, No Action By User, [09a4f4346b10c0767c8560fc49b932ce], 
PUP.Optional.CrossRider.A, C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjmimgeipgjgdblgkjpgaknjeidbnjdb\0.1_0\bookmarklet.js, No Action By User, [09a4f4346b10c0767c8560fc49b932ce], 
PUP.Optional.CrossRider.A, C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjmimgeipgjgdblgkjpgaknjeidbnjdb\0.1_0\icon-128.png, No Action By User, [09a4f4346b10c0767c8560fc49b932ce], 
PUP.Optional.CrossRider.A, C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjmimgeipgjgdblgkjpgaknjeidbnjdb\0.1_0\icon-16.png, No Action By User, [09a4f4346b10c0767c8560fc49b932ce], 
PUP.Optional.CrossRider.A, C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjmimgeipgjgdblgkjpgaknjeidbnjdb\0.1_0\icon-48.png, No Action By User, [09a4f4346b10c0767c8560fc49b932ce], 
PUP.Optional.CrossRider.A, C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjmimgeipgjgdblgkjpgaknjeidbnjdb\0.1_0\manifest.json, No Action By User, [09a4f4346b10c0767c8560fc49b932ce], 
PUP.Optional.SavingsSlider.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\savingsslider@mybrowserbar.com\chrome.manifest, No Action By User, [98157dab5d1e33036732fb632fd32dd3], 
PUP.Optional.SavingsSlider.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\savingsslider@mybrowserbar.com\icon.png, No Action By User, [98157dab5d1e33036732fb632fd32dd3], 
PUP.Optional.SavingsSlider.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\savingsslider@mybrowserbar.com\install.rdf, No Action By User, [98157dab5d1e33036732fb632fd32dd3], 
PUP.Optional.SavingsSlider.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\savingsslider@mybrowserbar.com\chrome\content\config.json, No Action By User, [98157dab5d1e33036732fb632fd32dd3], 
PUP.Optional.SavingsSlider.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\savingsslider@mybrowserbar.com\chrome\content\main.js, No Action By User, [98157dab5d1e33036732fb632fd32dd3], 
PUP.Optional.SavingsSlider.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\savingsslider@mybrowserbar.com\chrome\content\savingsslider.js, No Action By User, [98157dab5d1e33036732fb632fd32dd3], 
PUP.Optional.SavingsSlider.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\savingsslider@mybrowserbar.com\chrome\content\savingsslider.xul, No Action By User, [98157dab5d1e33036732fb632fd32dd3], 
PUP.Optional.SavingsSlider.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\savingsslider@mybrowserbar.com\chrome\content\spigot.js, No Action By User, [98157dab5d1e33036732fb632fd32dd3], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome.manifest, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\install.rdf, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\content\index.html, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\content\quick_start.js, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\content\quick_start.xul, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\content\include\speed_dial.js, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\content\include\tools\about_blank_hook.js, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\content\include\tools\misc.js, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\content\include\tools\popup_image_helper.js, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\content\include\tools\urlrequestor.js, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\content\js\common.js, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\content\js\ga.js, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\content\js\jquery.autocomplete.js, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\content\js\js.js, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\content\js\library.js, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\content\js\xagainit.js, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\locale\en\locale.properties, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\locale\en-US\locale.properties, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\locale\es\locale.properties, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\locale\es-419\locale.properties, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\locale\fr\locale.properties, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\locale\fr-BE\locale.properties, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\locale\fr-CA\locale.properties, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\locale\fr-CH\locale.properties, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\locale\fr-LU\locale.properties, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\locale\it\locale.properties, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\locale\it-CH\locale.properties, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\locale\pl\locale.properties, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\locale\pt-BR\locale.properties, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\locale\ru\locale.properties, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\locale\ru-MO\locale.properties, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\locale\tr\locale.properties, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\locale\vi\locale.properties, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\locale\zh-CN\locale.properties, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\locale\zh-TW\locale.properties, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\default_add_logo.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\default_add_logo_hover.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\default_logo.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\google_trends.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\icon.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\icon128.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\icon16.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\icon48.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\iconsmall.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\loading.gif, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\logo.ico, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\logo.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\logo32.ico, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\search.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\style.css, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\weather\33.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\weather\0.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\weather\1.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\weather\10.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\weather\11.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\weather\12.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\weather\13.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\weather\14.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\weather\15.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\weather\16.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\weather\17.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\weather\18.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\weather\19.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\weather\2.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\weather\20.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\weather\21.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\weather\22.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\weather\23.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\weather\24.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\weather\25.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\weather\26.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\weather\27.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\weather\28.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\weather\29.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\weather\3.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\weather\30.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\weather\31.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\weather\32.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\weather\34.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\weather\35.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\weather\36.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\weather\37.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\weather\38.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\weather\39.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\weather\4.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\weather\40.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\weather\41.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\weather\42.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\weather\43.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\weather\44.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\weather\45.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\weather\46.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\weather\47.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\weather\5.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\weather\6.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\weather\7.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\weather\8.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\chrome\skin\weather\9.png, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\defaults\preferences\fvd.js, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\modules\addonmanager.js, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\modules\aes.js, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\modules\config.js, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\modules\dialogs.js, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\modules\last_tab.js, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\modules\misc.js, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\modules\properties.js, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\modules\remoterequest.js, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\modules\restoreprefs.js, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.QuickStart.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\extensions\quick_start@gmail.com\modules\settings.js, No Action By User, [c0edd3550477c76f0a17a6b938caac54], 
PUP.Optional.FunMoods.A, C:\Users\Andre\AppData\Roaming\FunmoodsChat\UpdateProc\config.dat, No Action By User, [723bb078374450e6879966fa27dbfd03], 
PUP.Optional.FunMoods.A, C:\Users\Andre\AppData\Roaming\FunmoodsChat\UpdateProc\info.dat, No Action By User, [723bb078374450e6879966fa27dbfd03], 
PUP.Optional.FunMoods.A, C:\Users\Andre\AppData\Roaming\FunmoodsChat\UpdateProc\src.dat, No Action By User, [723bb078374450e6879966fa27dbfd03], 
PUP.Optional.FunMoods.A, C:\Users\Andre\AppData\Roaming\FunmoodsChat\UpdateProc\STTL.DAT, No Action By User, [723bb078374450e6879966fa27dbfd03], 
PUP.Optional.FunMoods.A, C:\Users\Andre\AppData\Roaming\FunmoodsChat\UpdateProc\TTL.DAT, No Action By User, [723bb078374450e6879966fa27dbfd03], 
PUP.Optional.CrossRider.A, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\nnwmlmkc.default-1390070991598\prefs.js, Good: (), Bad: (user_pref("extensions.crossrider.bic", "144a75ff862788c9339a53ea304fba19");), No Action By User,[e3ca1e0a95e6e650051987c0c341ce32]
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)

Compartilhar este post


Link para o post
Compartilhar em outros sites

Se algo for encontrado, certifique-se que tudo está marcado e clique em Remover.

Segundo o log, você selecionou: No Action By User

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olha não sei o que aconteceu, mais eu coloquei pra excluir tudo na primera vez.
Fiz o scan novamente agora e não foi encontrado nada, segue o log:

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 11/04/2014
Scan Time: 14:21:09
Logfile: log2.txt
Administrator: Yes
 
Version: 2.00.1.1004
Malware Database: v2014.04.11.10
Rootkit Database: v2014.03.27.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Andre
 
Scan Type: Hyper Scan
Result: Completed
Objects Scanned: 245285
Time Elapsed: 1 min, 34 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Disabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)

Compartilhar este post


Link para o post
Compartilhar em outros sites

Como tem estado o computador?

Compartilhar este post


Link para o post
Compartilhar em outros sites





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×