start
CloseProcesses:
SearchScopes: HKU\S-1-5-21-254876875-3501504866-2801950793-1001 -> BrowserMngrDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-254876875-3501504866-2801950793-1001 -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL =
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
FF SelectedSearchEngine: Conduit Search
FF Plugin HKU\S-1-5-21-254876875-3501504866-2801950793-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\BUCHA\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CustomCLSID: HKU\S-1-5-21-254876875-3501504866-2801950793-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\BUCHA\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-254876875-3501504866-2801950793-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\BUCHA\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-254876875-3501504866-2801950793-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\BUCHA\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-254876875-3501504866-2801950793-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\BUCHA\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
Task: {D72E0337-43D7-4EC0-ADB4-80201258D3D6} - System32\Tasks\BackgroundContainer Startup Task => Rundll32.exe "C:\Users\BUCHA\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
AlternateDataStreams: C:\Users\Todos os Usuários\TEMP:D1B5B4F1
EmptyTemp:
Hosts:
End