Notebook está lento

Oi! Pessoal

A minha irmã resolveu dar um notebook da Itautec antigo que ela pouco usava porque ela tem um mais moderno para minha mãe ficar conversando com suas amigas só que ele está muito lento, eu passei o malwarebytes e mostrou varias coisas, a minha irmã deletou tudo que tinha como pastas, trabalhos e ainda continua lento, vou colocar o log do malwarebytes.

Malwarebytes Anti-Malware 1.75.0.1300
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Versão da Base de Dados:  v2013.11.30.09

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Carmem Martins :: CARMEMMARTINS [administrador]

01/12/2013 00:16:47
MBAM-log-2013-12-01 (10-08-05).txt

Tipo de Verificação:  Verificação Completa  (C:\|)
Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos  | Heurística/Extra | Heurística/Shuriken | PUP | PUM
Opções de verificação desativadas: P2P
Objetos escaneados:  297369
Tempo decorrido: 1 hora(s), 16 minuto(s), 27 segundo(s)

Processos de Memória Detectados: 1
C:\Program Files\MyScrapNook_12\bar\1.bin\12brmon.exe (PUP.Optional.MindSpark) -> 1216 -> Nenhuma ação foi feita.

Módulos de Memória Detectados: 2
C:\Program Files\MyScrapNook_12\bar\1.bin\12SrcAs.dll (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\1.bin\12brstub.dll (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.

Chaves de Registro Detectadas: 97
HKCR\CLSID\{0a4d512d-697e-4ad5-872d-5a9941af6ebb} (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKCR\CLSID\{0214754e-4e7d-4589-829d-e2523e6a3085} (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0214754E-4E7D-4589-829D-E2523E6A3085} (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{0214754E-4E7D-4589-829D-E2523E6A3085} (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0214754E-4E7D-4589-829D-E2523E6A3085} (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyScrapNook_12bar Uninstall (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKCR\TypeLib\{c260adf2-154f-4227-9c73-651e25f22cbb} (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKCR\Interface\{049BCB76-CEF4-43C9-9F4D-4539C7DE9742} (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKCR\MyScrapNook_12.SettingsPlugin.1 (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKCR\MyScrapNook_12.SettingsPlugin (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0A4D512D-697E-4AD5-872D-5A9941AF6EBB} (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKCR\CLSID\{33119133-0854-469d-807A-171568457991} (PUP.Optional.FunWebProducts.A) -> Nenhuma ação foi feita.
HKCR\CLSID\{13119113-0854-469d-807A-171568457991} (PUP.Optional.FunWebProducts.A) -> Nenhuma ação foi feita.
HKCR\MyScrapNook_12.SkinLauncher.1 (PUP.Optional.FunWebProducts.A) -> Nenhuma ação foi feita.
HKCR\MyScrapNook_12.SkinLauncher (PUP.Optional.FunWebProducts.A) -> Nenhuma ação foi feita.
HKCR\TypeLib\{03119103-0854-469d-807A-171568457991} (PUP.Optional.FunWebProducts.A) -> Nenhuma ação foi feita.
HKCR\Interface\{23119123-0854-469D-807A-171568457991} (PUP.Optional.FunWebProducts.A) -> Nenhuma ação foi feita.
HKCR\MyScrapNook_12.SkinLauncherSettings.1 (PUP.Optional.FunWebProducts.A) -> Nenhuma ação foi feita.
HKCR\MyScrapNook_12.SkinLauncherSettings (PUP.Optional.FunWebProducts.A) -> Nenhuma ação foi feita.
HKCR\CLSID\{508c38b8-e848-49eb-9f84-ab81ddad2b58} (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKCR\CLSID\{34afd9f3-f1b2-4e3d-9836-04c592956564} (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKCR\TypeLib\{0fa48495-56eb-4eba-be5f-183846983a48} (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKCR\Interface\{098E4E5F-7877-4EBE-9A51-49CDEFBED242} (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKCR\MyScrapNook_12.PseudoTransparentPlugin.1 (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKCR\MyScrapNook_12.PseudoTransparentPlugin (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{508C38B8-E848-49EB-9F84-AB81DDAD2B58} (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKCR\CLSID\{b3b5c47e-61f7-4d81-af06-461fc86686ce} (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKCR\CLSID\{65f159fb-5f5e-46f4-b45d-ccfa236d2073} (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{65F159FB-5F5E-46F4-B45D-CCFA236D2073} (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{65F159FB-5F5E-46F4-B45D-CCFA236D2073} (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{65F159FB-5F5E-46F4-B45D-CCFA236D2073} (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKCR\CLSID\{ba339ddb-918b-42f5-b582-88ab854c42ac} (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKCR\CLSID\{8a3b777d-5f5b-448d-b3cd-fdf00932306d} (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKCR\TypeLib\{2addcc11-40ad-4244-afc6-90feeb3bb2e9} (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKCR\Interface\{943D23D4-4C0C-4668-AE21-3483CCA4DCEF} (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKCR\MyScrapNook_12.RadioSettings.1 (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKCR\MyScrapNook_12.RadioSettings (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKCR\MyScrapNook_12.Radio.1 (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKCR\MyScrapNook_12.Radio (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKCR\CLSID\{bb2e53cf-c096-40b0-a485-03134f164470} (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BB2E53CF-C096-40B0-A485-03134F164470} (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKCR\CLSID\{fe6f06fb-0fc0-4499-828f-ee48088f504f} (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{FE6F06FB-0FC0-4499-828F-EE48088F504F} (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE6F06FB-0FC0-4499-828F-EE48088F504F} (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKCR\Typelib\{FAE20193-DC28-4E42-8D12-DB0C2C898B11} (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKCR\Interface\{4C0961A5-3F88-4055-A100-106AFEC2CF9E} (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKCR\MyScrapNook_12.DynamicBarButton (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKCR\MyScrapNook_12.DynamicBarButton.1 (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKCR\MyScrapNook_12.FeedManager (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKCR\MyScrapNook_12.FeedManager.1 (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKCR\MyScrapNook_12.HTMLMenu (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKCR\MyScrapNook_12.HTMLMenu.1 (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKCR\MyScrapNook_12.HTMLPanel (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKCR\MyScrapNook_12.HTMLPanel.1 (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKCR\MyScrapNook_12.MultipleButton (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKCR\MyScrapNook_12.MultipleButton.1 (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKCR\MyScrapNook_12.ScriptButton (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKCR\MyScrapNook_12.ScriptButton.1 (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKCR\MyScrapNook_12.ThirdPartyInstaller (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKCR\MyScrapNook_12.ThirdPartyInstaller.1 (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKCR\MyScrapNook_12.UrlAlertButton (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKCR\MyScrapNook_12.UrlAlertButton.1 (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKCR\MyScrapNook_12.XMLSessionPlugin (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKCR\MyScrapNook_12.XMLSessionPlugin.1 (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKLM\SOFTWARE\MyScrapNook_12 (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKLM\SOFTWARE\MozillaPlugins\@MyScrapNook_12.com/Plugin (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
HKCR\CLSID\{ee718602-1282-4d49-ac4e-afab43840b99} (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
HKCR\TypeLib\{a7d84ee2-a611-4726-b353-3732a55c734c} (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
HKCR\Interface\{3EA07715-76B5-4572-85D4-592263F48907} (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EE718602-1282-4D49-AC4E-AFAB43840B99} (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
HKLM\SYSTEM\CurrentControlSet\Services\MyScrapNook_12Service (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
HKCR\CLSID\{122e5f70-9c86-4e54-ac4c-d85d003b9935} (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
HKCR\TypeLib\{dd51b24f-4ad0-43e2-83bb-ed9af4475a0d} (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
HKCR\Interface\{0CEC5206-43FA-4BC8-91A7-DC5B121F7960} (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
HKCR\CLSID\{9d691733-7ee6-48e6-adae-2be39b132bd1} (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
HKCR\TypeLib\{9664e31f-b2bc-4de2-87c7-43694e33ecc4} (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
HKCR\Interface\{661A3047-196C-40BE-B957-98532655A787} (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
HKCR\CLSID\{4aee45aa-b3b1-4eff-ba81-3e3afa0fbfb9} (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
HKCR\CLSID\{c80ddfba-1646-4b6d-845f-85288c7b8201} (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
HKCR\TypeLib\{c43dde8b-9428-4c43-9a64-fc66912fe6a4} (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
HKCR\Interface\{DFF78A48-9941-4ABF-8E21-E1D66F6AF4B1} (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
HKCR\CLSID\{5DB6F0A5-C6E8-41C6-B88A-94551911A53F} (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5DB6F0A5-C6E8-41C6-B88A-94551911A53F} (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
HKCR\CLSID\{c401ebc5-c988-48d7-a721-42c59fb48d0d} (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
HKCR\TypeLib\{e9934f5d-7a0f-4240-a709-11c91854ce21} (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
HKCR\Interface\{4EECBA27-86E3-49FF-9084-986F22CFDE7B} (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
HKCR\CLSID\{0f2a56e1-2b3f-4a50-9f44-946532ab3279} (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
HKCR\CLSID\{69b8636b-4a89-4e55-bcf3-a45464ad2171} (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
HKCR\CLSID\{ccea288e-f1bf-4044-b3e9-e41b1656084c} (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
HKCR\TypeLib\{a12635f7-09ea-479c-8fa0-65c98b053c3a} (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
HKCR\Interface\{0C40607D-5922-4D40-9AAF-8AF96DF5C704} (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCEA288E-F1BF-4044-B3E9-E41B1656084C} (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
HKCR\CLSID\{ffbe11e1-494b-4396-895e-9776dc069ab7} (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
HKCR\CLSID\{25d62e1a-bd8b-4e6e-b7cc-1e0ee04a4622} (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
HKCR\TypeLib\{4a9994e4-a107-4c07-abe2-832242bf8486} (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
HKCR\Interface\{962DE9EA-6508-4D38-B5A1-EA8E431CF0A0} (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25D62E1A-BD8B-4E6E-B7CC-1E0EE04A4622} (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.

Valores de Registro Detectadas: 7
HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks|{B3B5C47E-61F7-4D81-AF06-461FC86686CE} (PUP.Optional.MyScrapNook.A) -> Data:  -> Nenhuma ação foi feita.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{FE6F06FB-0FC0-4499-828F-EE48088F504F} (PUP.Optional.MyScrapNook.A) -> Data:  -> Nenhuma ação foi feita.
HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{b3b5c47e-61f7-4d81-af06-461fc86686ce} (PUP.Optional.MyScrapNook.A) -> Data:  -> Nenhuma ação foi feita.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{fe6f06fb-0fc0-4499-828f-ee48088f504f} (PUP.Optional.MyScrapNook.A) -> Data:  -> Nenhuma ação foi feita.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|My Scrap Nook Search Scope Monitor (PUP.Optional.MindSpark) -> Data: "C:\PROGRA~1\MYSCRA~2\bar\1.bin\12srchmn.exe" /m=2 /w /h -> Nenhuma ação foi feita.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MyScrapNook_12 Browser Plugin Loader (PUP.Optional.MindSpark) -> Data: C:\PROGRA~1\MYSCRA~2\bar\1.bin\12brmon.exe -> Nenhuma ação foi feita.
HKLM\SOFTWARE\Mozilla\Firefox\Extensions|12ffxtbr@MyScrapNook_12.com (PUP.Optional.MyScrapNook.A) -> Data: C:\Program Files\MyScrapNook_12\bar\1.bin -> Nenhuma ação foi feita.

Itens de Dados no Registro Detectadas: 0
(Não foram detectados ítens maliciosos)

Pastas Detectadas: 9
C:\Program Files\MyScrapNook_12 (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\1.bin (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\1.bin\chrome (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\1.bin\ThirdPartyInstallers (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\gen1 (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\IE9Mesg (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\Message (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\Settings (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.

Arquivos Detectados: 53
C:\Program Files\MyScrapNook_12\bar\1.bin\12bar.dll (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\1.bin\12sknlcr.dll (PUP.Optional.FunWebProducts.A) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\1.bin\12skin.dll (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\1.bin\12SrcAs.dll (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\1.bin\12radio.dll (PUP.Optional.MyScrapNook.A) -> Nenhuma ação foi feita.
C:\Users\Carmem Martins\AppData\Local\Temp\ICReinstall_malwarebytes-anti-malware-17501300-gerenciador-32-bits.exe (PUP.Optional.InstallCore.A) -> Nenhuma ação foi feita.
C:\Users\Carmem Martins\Downloads\malwarebytes-anti-malware-17501300-gerenciador-32-bits.exe (PUP.Optional.InstallCore.A) -> Nenhuma ação foi feita.
C:\Users\Carmem Martins\Downloads\SoftonicDownloader_para_revo-uninstaller.exe (PUP.Optional.Softonic.A) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\1.bin\12SrchMn.exe (PUP.Optional.MindSpark) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\1.bin\12brmon.exe (PUP.Optional.MindSpark) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\1.bin\12msg.dll (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\1.bin\12auxstb.dll (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\1.bin\12barsvc.exe (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\1.bin\12brstub.dll (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\1.bin\12datact.dll (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\1.bin\12dlghk.dll (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\1.bin\12dyn.dll (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\1.bin\12feedmg.dll (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\1.bin\12highin.exe (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\1.bin\12hkstub.dll (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\1.bin\12htmlmu.dll (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\1.bin\12httpct.dll (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\1.bin\12idle.dll (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\1.bin\12ieovr.dll (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\1.bin\12impipe.exe (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\1.bin\12medint.exe (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\1.bin\12mlbtn.dll (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\1.bin\12Plugin.dll (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\1.bin\12regfft.dll (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\1.bin\12reghk.dll (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\1.bin\12regiet.dll (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\1.bin\12script.dll (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\1.bin\12skplay.exe (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\1.bin\12tpinst.dll (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\1.bin\12uabtn.dll (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\1.bin\BOOTSTRAP.JS (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\1.bin\CHROME.MANIFEST (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\1.bin\CREXT.DLL (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\1.bin\CrExtP12.exe (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\1.bin\INSTALL.RDF (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\1.bin\installKeys.js (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\1.bin\LOGO.BMP (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\1.bin\NP12Stub.dll (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\1.bin\T8EXTEX.DLL (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\1.bin\T8EXTPEX.DLL (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\1.bin\T8HTML.DLL (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\1.bin\T8RES.DLL (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\1.bin\T8TICKER.DLL (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\1.bin\chrome\12ffxtbr.jar (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\gen1\COMMON.T8S (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\IE9Mesg\COMMON.T8S (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\Message\COMMON.T8S (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.
C:\Program Files\MyScrapNook_12\bar\Settings\s_pid.dat (PUP.Optional.Mindspark) -> Nenhuma ação foi feita.

(fim)
abraços
krica

Olá krica

Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (...de Xplode) e salve-o no Desktop (Área de Trabalho)

*Salve qualquer trabalho aberto e feche o seu navegador

*Execute-o, clique [Examinar] e aguarde o término

*Clique [Limpar] e aguarde o término

*Caso seja solicitada a reinicialização do PC, clique [OK] para reiniciar.

*Anexe o relatório C:\AdwCleaner\AdwCleaner[S0].txt


Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (...de Thisisu) e salve-o no Desktop (Área de Trabalho)

*Feche o seu navegador (Firefox, IE, Google Chrome)

*Clique com o botão direito do mouse no JRT e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Tecle [ENTER]

*Durante o scan os ícones do Desktop desaparecerão temporariamente

*Ao surgir a mensagem The scan completed succesfully, feche a janela e anexe o relatório JRT.txt localizado no Desktop

wings, já fiz o 1º procedimento vou colocar o log.

# AdwCleaner v3.013 - Relatório criado 01/12/2013 às 12:44:32
# Atualizado 24/11/2013 por Xplode
# Sistema Operacional : Windows 7 Home Premium Service Pack 1 (32 bits)
# Usuário : Carmem Martins - CARMEMMARTINS
# Executando de : C:\Users\Carmem Martins\Desktop\AdwCleaner.exe
# Opção : Limpar

***** [ Serviços ] *****


***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\Ask
Pasta Deletada : C:\Program Files\MyScrapNook_12
Pasta Deletada : C:\Users\Carmem Martins\AppData\Local\MyScrapNook_12
Pasta Deletada : C:\Users\Carmem Martins\AppData\LocalLow\MyScrapNook_12
Arquivo Deletada : C:\Users\CARMEM~1\AppData\Local\Temp\Uninstall.exe
Arquivo Deletada : C:\Users\Carmem Martins\AppData\Roaming\Mozilla\Firefox\Profiles\z031bvbg.default\searchplugins\Askcom.xml

***** [ Atalhos ] *****


***** [ Registro ] *****

Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_revo-uninstaller_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_revo-uninstaller_RASMANCS
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [My Scrap Nook Search Scope Monitor]
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [MyScrapNook_12 Browser Plugin Loader]
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{0214754E-4E7D-4589-829D-E2523E6A3085}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{13119113-0854-469D-807A-171568457991}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{33119133-0854-469D-807A-171568457991}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{65F159FB-5F5E-46F4-B45D-CCFA236D2073}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{FE6F06FB-0FC0-4499-828F-EE48088F504F}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0214754E-4E7D-4589-829D-E2523E6A3085}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{65F159FB-5F5E-46F4-B45D-CCFA236D2073}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0214754E-4E7D-4589-829D-E2523E6A3085}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{65F159FB-5F5E-46F4-B45D-CCFA236D2073}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE6F06FB-0FC0-4499-828F-EE48088F504F}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0214754E-4E7D-4589-829D-E2523E6A3085}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{65F159FB-5F5E-46F4-B45D-CCFA236D2073}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FE6F06FB-0FC0-4499-828F-EE48088F504F}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{FE6F06FB-0FC0-4499-828F-EE48088F504F}]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{B3B5C47E-61F7-4D81-AF06-461FC86686CE}]
Chave Deletedo : HKCU\Software\IGearSettings
Chave Deletedo : HKCU\Software\Softonic
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536

***** [ Navegadores ] *****

-\\ Internet Explorer v9.0.8112.16470


-\\ Mozilla Firefox v18.0.1 (pt-BR)

[ Arquivo : C:\Users\Carmem Martins\AppData\Roaming\Mozilla\Firefox\Profiles\z031bvbg.default\prefs.js ]

Linha deletada : user_pref("extensions.toolbar.mindspark._12Members_.homepage", "hxxp://home.mywebsearch.com/index.jhtml?ptb=4CF4E551-078F-4E02-9615-52B8A41B6375&n=77ee19f8&ptnrS=9Nxdm006YYbr&si=CKid2tGH27ICFQTznAoddX[...]
Linha deletada : user_pref("extensions.toolbar.mindspark._12Members_.initialized", true);
Linha deletada : user_pref("extensions.toolbar.mindspark._12Members_.installation.contextKey", "");
Linha deletada : user_pref("extensions.toolbar.mindspark._12Members_.installation.installDate", "2012092920");
Linha deletada : user_pref("extensions.toolbar.mindspark._12Members_.installation.partnerId", "9Nxdm006YYbr");
Linha deletada : user_pref("extensions.toolbar.mindspark._12Members_.installation.partnerSubId", "CKid2tGH27ICFQTznAoddXEAcA");
Linha deletada : user_pref("extensions.toolbar.mindspark._12Members_.installation.success", true);
Linha deletada : user_pref("extensions.toolbar.mindspark._12Members_.installation.toolbarId", "4CF4E551-078F-4E02-9615-52B8A41B6375");
Linha deletada : user_pref("extensions.toolbar.mindspark._12Members_.lastActivePing", "1385844510574");
Linha deletada : user_pref("extensions.toolbar.mindspark._12Members_.options.defaultSearch", false);
Linha deletada : user_pref("extensions.toolbar.mindspark._12Members_.options.homePageEnabled", false);
Linha deletada : user_pref("extensions.toolbar.mindspark._12Members_.options.keywordEnabled", false);
Linha deletada : user_pref("extensions.toolbar.mindspark._12Members_.options.tabEnabled", false);
Linha deletada : user_pref("extensions.toolbar.mindspark._12Members_.weather.location", "10001");
Linha deletada : user_pref("extensions.toolbar.mindspark.lastInstalled", "myscrapnook@mindspark.com");

-\\ Google Chrome v31.0.1650.57

[ Arquivo : C:\Users\Carmem Martins\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [7219 octets] - [01/12/2013 12:36:32]
AdwCleaner[S0].txt - [7023 octets] - [01/12/2013 12:44:32]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7083 octets] ##########

abraços

krica

Wings, fui fazer o 2º procedimento JRT apareceu aquela janela pequena preta(Scan) ficou um tempão e logo abaixo tinha uma pergunta se eu queria dar boot y/n não sei se fiz certo coloquei y(yes) e reiniciou o notebook só que não emitiu nenhum relatório, já tinha desativado o Avira porque ele estava bloqueando, não sumiu no momento do scan os icones do desktop. Posso tentar de novo.

abraços

krica

Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (...de Smeenk)

*Extraia o Z_Analyze.exe para o Desktop

*Feche o seu navegador

*Clique com o botão direito do mouse no Z-Analyse e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Uma janela será aberta. Aguarde o término e ela será fechada automaticamente.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

*Um relatório será apresentado

*Anexe o relatório C:\zoek-results.txt

Wings, fiz esse procedimento e quando abriu aquela janela o avira mostrou o seguinte aviso Adware/installcore.GEN7 foi encontrado no arquivo, toda vez que passo um desses programas aparece o avira

o log



Z-Analyse V1.0.0.1 Updated 30-November-2013
Tool run by Carmem Martins on 01/12/2013 at 15:52:41,43.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Carmem Martins\Desktop\Z-Analyse.exe [Deep Scan]

==== System Restore Info ======================

01/12/2013 15:53:42 Zoek.exe System Restore Point Created Succesfully.

==== Running Processes ======================

C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Users\Carmem Martins\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Carmem Martins\Desktop\Z-Analyse.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\conhost.exe
C:\Users\CARMEM~1\AppData\Local\Temp\NirCmd.exe
C:\Windows\system32\vssvc.exe
C:\Windows\system32\msiexec.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k swprv

==== System Specs ======================

Windows: Windows 7 Home Premium Edition Service Pack 1 (Build 7601)
Memory (RAM): 895 MB
CPU Info: Genuine Intel(R) CPU T2060 @ 1.60GHz
CPU Speed: 1595,0 MHz
Sound Card: Alto-falantes (Conexant High De |
Display Adapters: Standard VGA Graphics Adapter | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Monitor Genérico não PnP |
Screen Resolution: 1280 X 800 - 32 bit
Network: Network Present
Network Adapters: Atheros AR5005G Wireless Network Adapter | VIA Rhine II Fast Ethernet Adapter
CD / DVD Drives: 1x (D: | ) D: HL-DT-STDVDRAM GSA-T20N
Ports: COM3 LPT Port NOT Present.
Mouse: 2 Button Mouse Present
Hard Disks: C: 74,4GB
Hard Disks - Free: C: 46,3GB
Manufacturer *: Itautec,Infoway Note W7630
BIOS Info: AT/AT COMPATIBLE | 06/05/07 | LENOVO - 6040000
Time Zone: Hora oficial do Brasil
Motherboard *: FIC W7635
Country: Brasil
Language: PTB

==== System Specs (Software) ======================

Anti-Virus: Avira Desktop On-access scanning disabled (Outdated)
Anti-Spyware: Avira Desktop disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Default Browser: Firefox 18.0.1
Internet Explorer Version: 9.0.8112.16421
Mozilla Firefox version: 18.0.1 (x86 pt-BR)
Google Chrome version: 31.0.1650.57
Adobe Reader version: 10.1.8.24
Sun Java version: 1.7.0_45 (32-bit)
Flash Player version: 11.9.900.117
Shockwave Player version: 11.6.4r634

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\CARMEM~1\AppData\Local\Temp ====
2013-12-01 15:00:37 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\Carmem Martins\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
2013-12-01 02:06:10 0FB6D382FA5FBF72D05FC2A4503B7DF2 10156344 ----a-w- C:\Users\Carmem Martins\AppData\Local\Temp\is1504352489\21577892_stp.EXE
2013-11-30 19:58:22 984CC93BB0EF86A0B4825269D8379D81 774424 ----a-w- C:\Users\Carmem Martins\AppData\Local\Temp\CRX_DF399A9B283A\GoogleUpdateSetup.exe
2013-11-30 19:58:22 4C8C0B0340C6234649C7F91FB5E89A54 571272 ----a-w- C:\Users\Carmem Martins\AppData\Local\Temp\CRX_DF399A9B283A\ChromeRecovery.exe
====== Java Cache =====
====== C:\Windows\system32 =====
2013-11-30 20:45:56 9223A2810B73069F4A03A636052EF14A 264616 ----a-w- C:\Windows\System32\javaws.exe
2013-11-30 20:45:20 DC1342498BEE7EF1646E9D63138B69CC 175016 ----a-w- C:\Windows\System32\javaw.exe
2013-11-30 20:45:20 9BF46C7F21E75FA0BB03AA93368CC66C 94632 ----a-w- C:\Windows\System32\WindowsAccessBridge.dll
2013-11-30 20:45:20 658633D255FEF154EA1CB8705B4468C5 174504 ----a-w- C:\Windows\System32\java.exe
====== C:\Windows\system32\drivers =====
2013-12-01 12:34:50 A36EE93698802CD899F98BFD553D8185 28520 ----a-w- C:\Windows\System32\drivers\ssmdrv.sys
2013-12-01 12:34:49 7713E4EB0276702FAA08E52A6E23F2A6 74640 ----a-w- C:\Windows\System32\drivers\avgntflt.sys
2013-12-01 12:34:49 271CFD1A989209B1964E24D969552BF7 36000 ----a-w- C:\Windows\System32\drivers\avkmgr.sys
2013-12-01 12:34:49 13B02B9B969DDE270CD7C351203DAD3C 137416 ----a-w- C:\Windows\System32\drivers\avipbb.sys
2013-12-01 02:12:46 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\Windows\System32\drivers\mbam.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2013-12-01 12:34:43 -------- d-----w- C:\Program Files\Avira
2013-12-01 01:43:25 -------- d-----w- C:\Program Files\TeamViewer
2013-12-01 01:33:05 -------- d-----w- C:\Program Files\VS Revo Group
2013-11-30 20:46:41 -------- d-----w- C:\Program Files\Common Files\Java
======= C: =====
====== C:\Users\Carmem Martins\AppData\Roaming ======
2013-12-01 13:40:59 -------- d-----w- C:\Users\Carmem Martins\AppData\Roaming\Avira
2013-12-01 02:10:32 -------- d-----w- C:\Users\Carmem Martins\AppData\Local\Programs
2013-12-01 01:33:05 -------- d-----w- C:\Users\Carmem Martins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
====== C:\Users\Carmem Martins ======
2013-12-01 17:50:50 0C193D1C97B22A401634CF35F1647F4B 1271808 ----a-w- C:\Users\Carmem Martins\Desktop\Z-Analyse.exe
2013-12-01 14:59:14 86FB5E8D5D1E3E405C46CCBF991E6FD4 1034531 ----a-w- C:\Users\Carmem Martins\Desktop\JRT.exe
2013-12-01 14:34:26 AFAFA655CC59872129A32CDE4F60F2DE 1091882 ----a-w- C:\Users\Carmem Martins\Desktop\AdwCleaner.exe
2013-12-01 12:35:11 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2013-12-01 12:34:43 -------- d-----w- C:\Users\TODOSO~1\Avira
2013-12-01 12:34:43 -------- d-----w- C:\ProgramData\Avira
2013-12-01 02:09:02 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\Carmem Martins\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-01 01:32:10 979E536F75C1512CA0A13E07835A40FD 2617648 ----a-w- C:\Users\Carmem Martins\Desktop\revosetup.exe
2013-12-01 00:26:48 BF6FA07A3C76BB0723A7761C570515B2 5832760 ----a-w- C:\Users\Carmem Martins\Downloads\TeamViewer_Setup_pt.exe
2013-12-01 00:24:46 698E2EE1385FEA562020C144CD830AD9 401752 ----a-w- C:\Users\Carmem Martins\Downloads\SoftonicDownloader_para_revo-uninstaller.exe
2013-11-30 20:46:58 -------- d-----w- C:\Users\TODOSO~1\Oracle
2013-11-30 20:46:58 -------- d-----w- C:\ProgramData\Oracle
2013-11-30 20:45:21 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

====== C: exe-files ==
2013-12-01 17:50:50 0C193D1C97B22A401634CF35F1647F4B 1271808 ----a-w- C:\Users\Carmem Martins\Desktop\Z-Analyse.exe
2013-12-01 15:00:37 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\Carmem Martins\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
2013-12-01 14:59:26 ECF21A34F55EB4A56418540C4AB6B70D 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1363791893-764767159-519000805-1000\$ILQOFX0.exe
2013-12-01 14:59:14 86FB5E8D5D1E3E405C46CCBF991E6FD4 1034531 ----a-w- C:\Users\Carmem Martins\Desktop\JRT.exe
2013-12-01 14:57:20 86FB5E8D5D1E3E405C46CCBF991E6FD4 1034531 ----a-w- C:\$Recycle.Bin\S-1-5-21-1363791893-764767159-519000805-1000\$RLQOFX0.exe
2013-12-01 14:34:40 B07E18911D8EB4D7CE87299DAEAA8679 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1363791893-764767159-519000805-1000\$IO65KG3.exe
2013-12-01 14:34:26 AFAFA655CC59872129A32CDE4F60F2DE 1091882 ----a-w- C:\Users\Carmem Martins\Desktop\AdwCleaner.exe
2013-12-01 14:31:41 AFAFA655CC59872129A32CDE4F60F2DE 1091882 ----a-w- C:\$Recycle.Bin\S-1-5-21-1363791893-764767159-519000805-1000\$RO65KG3.exe
2013-12-01 13:42:31 044DB72F2F3776DD5B6159507FB28BAA 645688 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\wsctool.exe
2013-12-01 13:42:25 CEDE02D7AF62449A2C38C49ABECC0CD3 4995416 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\vcredist_x86.exe
2013-12-01 13:42:01 00E42B35E55E0B08A267D692A4DCC31A 396344 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\toastNotifier.exe
2013-12-01 13:41:39 188C694BF218A9950360E961DECF8A61 422456 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\setuppending.exe
2013-12-01 13:41:37 913984F33298A7C71A85B5DBEDECAB39 1304632 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\setup.exe
2013-12-01 13:41:29 0D1E15010057B8426583A99CB179A6C4 440376 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\sched.exe
2013-12-01 13:41:22 74F936A2BA2C03A1AB8CF4A08CD919E9 3091512 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\presetup.exe
2013-12-01 13:41:09 5548A0787578FFB1B6A765965CB1312B 455736 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\licmgr.exe
2013-12-01 13:40:53 2ADD478C9E01FFDB719E88E90E1263AE 467000 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\ipmgui.exe
2013-12-01 13:40:52 DE13249FB9E0633A9B61CF52F9AD6A54 411704 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\insthlp.exe
2013-12-01 13:40:52 A617D7C5CCB4992FD278FED9AD2C7A3B 499256 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\inssda64.exe
2013-12-01 13:40:50 FDAB1AD6578C8B61CE44D39E6E3D31FE 403512 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\imp64b.exe
2013-12-01 13:40:49 3FBDA839B870919F0B3A6B501ABA84EA 466488 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\guardgui.exe
2013-12-01 13:40:38 0FF120D23F78DA53E80A237B94EA4324 796216 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\fact.exe
2013-12-01 13:40:34 84C7B040DB439769A3105830DBDD3262 401976 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\checkt.exe
2013-12-01 13:40:25 448953D2B416818B9EFE1FDE2CB2AC86 474680 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\ccuac.exe
2013-12-01 13:39:51 7DF6D90EAE0B87E91B6C59FC6593FF89 854088 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\avwsc.exe
2013-12-01 13:39:43 1528F5A62C59D1ECD2B5DE54089E2B01 564792 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\avwebloader.exe
2013-12-01 13:39:41 48543D304F54C8997462208555662BA4 1164360 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\avwebgrd.exe
2013-12-01 13:39:39 8397F57D246078C72365A7BE76B2195B 1164360 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\avwebg7.exe
2013-12-01 13:39:36 B1625BA4BB3667C3219F2E2EB34AE0E7 411704 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\avupgsvc.exe
2013-12-01 13:39:35 58B9270EE2037E1E30BD81CB0F54D9A3 600632 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\vista64\avshadow.exe
2013-12-01 13:39:33 B5E9C8D95A92AD17800362FE4639764D 431672 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\xp\avshadow.exe
2013-12-01 13:39:29 F85B0F1772E51D5B0A403BA82733AB28 1030712 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\avscan.exe
2013-12-01 13:39:24 8C7222C7282E8FECB518C794B9CD6411 754744 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\avnotify.exe
2013-12-01 13:39:04 FDE9C7030FB1E9E2715E113EE6A10F90 440376 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\avguard.exe
2013-12-01 13:38:59 B412B75E55FEA30E780185B002D3AE14 683576 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\avgnt.exe
2013-12-01 13:38:54 AD11F02AAD92FE3455FC1DB2477E190B 768056 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\avconfig.exe
2013-12-01 13:38:50 2161A0E61BFC2F1E5A62AC2447BA2FD8 661048 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\avcenter.exe
2013-12-01 13:38:44 B509D3DD7EE450A1B6905774C46ACA16 441400 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\avadmin.exe
2013-12-01 13:38:34 AE88282D08916C00A324F6A269924EA9 1291696 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\Offercast_AVIRAV7_.exe
2013-12-01 13:38:19 DB1774FBEB8E3E2DCD75486B6407D4D9 379200 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\AppRemover_CLI.exe
2013-12-01 13:37:52 C1696473F7BDDCD72DC49AF7E30D6307 126272 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\AppRemover_64.exe
2013-12-01 13:37:51 B321B1B8BF16F6B3341121D477EFA02A 321856 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\64bitProxy.exe
2013-12-01 13:36:39 C861CF947A3E58160F957DD310AEBC11 399416 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\updrgui.exe
2013-12-01 13:36:35 2EB844A357CD9079F7C57220FDE69335 933944 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\update.exe
2013-12-01 13:36:15 BA0283FD24DAA9AF4FC30A376A81B78F 511544 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\avrestart.exe
2013-12-01 12:44:22 664DB720EFDA3CB5F153A512ACFD50DA 2099656 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avira_free_antivirus.exe
2013-12-01 12:44:22 2E6D880787DE291A41E696A8D09A3BE1 2040240 ----a-w- C:\Program Files\Avira\AntiVir Desktop\migrationAssistant.exe
2013-12-01 12:34:57 428B5EDBC6731660BAD4C63ECFC0AE86 79824 ----a-w- C:\Program Files\Avira\AntiVir Desktop\wsctool.exe
2013-12-01 12:34:51 E299EB1B69DF5C127AE2ABAFE852A73D 47824 ----a-w- C:\Program Files\Avira\AntiVir Desktop\updrgui.exe
2013-12-01 12:34:50 62CAE06A994247C540F20D7F0FDFDAE1 577488 ----a-w- C:\Program Files\Avira\AntiVir Desktop\update.exe
2013-12-01 12:34:50 16A531B2017F7762B9F1291CE26166A7 749008 ----a-w- C:\Program Files\Avira\AntiVir Desktop\setup.exe
2013-12-01 12:34:50 11D5D076748CC25EAD09C647EE48CA6F 86224 ----a-w- C:\Program Files\Avira\AntiVir Desktop\sched.exe
2013-12-01 12:34:49 FB9B3678EF8E07933F970AFFEDFBB066 59088 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avupgsvc.exe
2013-12-01 12:34:49 F243437A6DC95C6E632A907FF1825342 447440 ----a-w- C:\Program Files\Avira\AntiVir Desktop\fact.exe
2013-12-01 12:34:49 E3CECAB15F4F154B0E02BC556EF6BF3E 209360 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avnotify.exe
2013-12-01 12:34:49 C36923084822C017F69396418A999D39 143240 ----a-w- C:\Program Files\Avira\AntiVir Desktop\apnstub.exe
2013-12-01 12:34:49 B23D89615EC0D2022179E533A06C7D1A 84432 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avadmin.exe
2013-12-01 12:34:49 A18CA5FC006DF2DB25736A586CAF686A 258512 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
2013-12-01 12:34:49 95BBE32D30FC704A0C55C527C7446503 492496 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avscan.exe
2013-12-01 12:34:49 94A606564690190628FA5904B79A336F 117152 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avwsc.exe
2013-12-01 12:34:49 7C748B5302D0BAD8E3FBAF77AE6AFA87 81872 ----a-w- C:\Program Files\Avira\AntiVir Desktop\ipmgui.exe
2013-12-01 12:34:49 73C94B00FAE8987D446E0A3A4D21D3A8 182224 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avrestart.exe
2013-12-01 12:34:49 68FD648C7EE3AC4307574332482E8E64 3514024 ----a-w- C:\Program Files\Avira\AntiVir Desktop\apntoolbarinstaller.exe
2013-12-01 12:34:49 6439A46E332B9B79D88F7FC3DF1CE295 110032 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
2013-12-01 12:34:49 550C7B2ED43A0681B8BE35D38D20A4CC 463824 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
2013-12-01 12:34:49 4340B34EEF6BA6106C30A65917F4D77A 234448 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avwebloader.exe
2013-12-01 12:34:49 413EAE45C6C4DAE5F4E5D4C56A7A45EE 80336 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
2013-12-01 12:34:49 3FEA34F4C6B7AC062A495FEA036AE892 318416 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avconfig.exe
2013-12-01 12:34:49 3AC152F76E69A4F1BBCCE93C722BD5C0 106344 ----a-w- C:\Program Files\Avira\AntiVir Desktop\licmgr.exe
2013-12-01 12:34:49 30319193F47EC7C12EC3646C08B22B50 132048 ----a-w- C:\Program Files\Avira\AntiVir Desktop\guardgui.exe
2013-12-01 12:34:49 2F3A249569E575CA859DC7A04959E3F7 66512 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avhlp.exe
2013-12-01 12:34:49 299932D164E7905A9EA5C0FCB634FFB9 306128 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
2013-12-01 02:09:02 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\Carmem Martins\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-01 02:06:10 0FB6D382FA5FBF72D05FC2A4503B7DF2 10156344 ----a-w- C:\Users\Carmem Martins\AppData\Local\Temp\is1504352489\21577892_stp.EXE
2013-12-01 01:43:26 F67C21CC4195F6AFC447418FE163E156 5087584 ----a-w- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
2013-12-01 01:43:26 E623B98CC2F6275C027CCBDF13749A77 195936 ----a-w- C:\Program Files\TeamViewer\Version8\tv_w32.exe
2013-12-01 01:43:26 B8D268722323EEB402F016070794F418 506528 ----a-w- C:\Program Files\TeamViewer\Version8\uninstall.exe
2013-12-01 01:43:26 A09E329D8351719A5B17080304DF3C6D 4536672 ----a-w- C:\Program Files\TeamViewer\Version8\TeamViewer_Desktop.exe
2013-12-01 01:43:26 0396FE5D35238C7424B3F913FD6832BF 232800 ----a-w- C:\Program Files\TeamViewer\Version8\tv_x64.exe
2013-12-01 01:43:25 AB055E4E8A49E06469B137C93C8E11C6 12631904 ----a-w- C:\Program Files\TeamViewer\Version8\TeamViewer.exe
2013-12-01 01:40:53 4FCE6F673B15E0BEF843A34573590F72 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1363791893-764767159-519000805-1000\$IG05I1M.exe
2013-12-01 01:40:52 E795C4C5F411511923416A96B920BDEE 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1363791893-764767159-519000805-1000\$IFUL8Z8.exe
2013-12-01 01:33:07 C91D2962373AE6B473C61C1F4B3596BD 87544 ----a-w- C:\Program Files\VS Revo Group\Revo Uninstaller\uninst.exe
2013-12-01 01:32:10 979E536F75C1512CA0A13E07835A40FD 2617648 ----a-w- C:\Users\Carmem Martins\Desktop\revosetup.exe
2013-12-01 00:26:48 BF6FA07A3C76BB0723A7761C570515B2 5832760 ----a-w- C:\Users\Carmem Martins\Downloads\TeamViewer_Setup_pt.exe
2013-12-01 00:24:46 698E2EE1385FEA562020C144CD830AD9 401752 ----a-w- C:\Users\Carmem Martins\Downloads\SoftonicDownloader_para_revo-uninstaller.exe
2013-11-30 20:59:08 3BBA7B0A075F388B486E5AC6F3DFDC46 17952608 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\31.0.1650.57\31.0.1650.57_29.0.1547.76_chrome_updater.exe
2013-11-30 20:53:31 EB8EEB98D01B5D31898D8E53C3789832 59784 ----atw- C:\Program Files\Google\Update\1.3.21.165\GoogleUpdateBroker.exe
2013-11-30 20:53:31 CEFEBDB9E274BD90C12D131ED25CC819 59784 ----atw- C:\Program Files\Google\Update\1.3.21.165\GoogleUpdateOnDemand.exe
2013-11-30 20:53:30 4AFFF5FE4E69C8E7C5F1E4F3511301CF 818968 ----a-w- C:\Program Files\Google\Update\1.3.21.165\GoogleUpdateSetup.exe
2013-11-30 20:52:10 0DC0DE2966A6DBA4CFBF6639DF44F5BA 319880 ----atw- C:\Program Files\Google\Update\1.3.21.165\GoogleCrashHandler64.exe
2013-11-30 20:52:09 EB8EEB98D01B5D31898D8E53C3789832 59784 ----atw- C:\Users\Carmem Martins\AppData\Local\Google\Update\1.3.21.165\GoogleUpdateBroker.exe
2013-11-30 20:52:09 CF7B0E597C1F34E528285495721DEEE9 237960 ----atw- C:\Program Files\Google\Update\1.3.21.165\GoogleCrashHandler.exe
2013-11-30 20:52:09 CEFEBDB9E274BD90C12D131ED25CC819 59784 ----atw- C:\Users\Carmem Martins\AppData\Local\Google\Update\1.3.21.165\GoogleUpdateOnDemand.exe
2013-11-30 20:52:04 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files\Google\Update\1.3.21.165\GoogleUpdate.exe
2013-11-30 20:52:03 4AFFF5FE4E69C8E7C5F1E4F3511301CF 818968 ----a-w- C:\Users\Carmem Martins\AppData\Local\Google\Update\1.3.21.165\GoogleUpdateSetup.exe
2013-11-30 20:45:56 9223A2810B73069F4A03A636052EF14A 264616 ----a-w- C:\Windows\System32\javaws.exe
2013-11-30 20:45:20 DC1342498BEE7EF1646E9D63138B69CC 175016 ----a-w- C:\Windows\System32\javaw.exe
2013-11-30 20:45:20 658633D255FEF154EA1CB8705B4468C5 174504 ----a-w- C:\Windows\System32\java.exe
2013-11-30 20:44:52 555651269833A415E1F9E594E8DD829F 146344 ----a-w- C:\Program Files\Java\jre7\bin\unpack200.exe
2013-11-30 20:44:52 54A30377949D4984EE72C5510C58B83D 16296 ----a-w- C:\Program Files\Java\jre7\bin\tnameserv.exe
2013-11-30 20:44:51 CE10E75E10EB6952A7D813FA587EC632 15784 ----a-w- C:\Program Files\Java\jre7\bin\ktab.exe
2013-11-30 20:44:51 CC27986F45EF9FD700BC347355B002B3 15784 ----a-w- C:\Program Files\Java\jre7\bin\rmid.exe
2013-11-30 20:44:51 CBFE91C51D4FA69FE9D140ABEB7E51DC 15784 ----a-w- C:\Program Files\Java\jre7\bin\kinit.exe
2013-11-30 20:44:51 80A79264302910C7C24BA7E44267EFEF 182696 ----a-w- C:\Program Files\Java\jre7\bin\jqs.exe
2013-11-30 20:44:51 7F55715977ECF32633857F16980F008E 52648 ----a-w- C:\Program Files\Java\jre7\bin\jp2launcher.exe
2013-11-30 20:44:51 7814B0A3E6FE8FFF31B7108D16FC4591 15784 ----a-w- C:\Program Files\Java\jre7\bin\keytool.exe
2013-11-30 20:44:51 738AF811C60870FB218D47C628D350AA 15784 ----a-w- C:\Program Files\Java\jre7\bin\rmiregistry.exe
2013-11-30 20:44:51 707BFE32E04720B9D50562669A30F86C 49064 ----a-w- C:\Program Files\Java\jre7\bin\ssvagent.exe
2013-11-30 20:44:51 5FA3FFE74E893E8A9443C2CF3DFA7A64 15784 ----a-w- C:\Program Files\Java\jre7\bin\pack200.exe
2013-11-30 20:44:51 5721DA732075E01569A287767CBCFA5A 15784 ----a-w- C:\Program Files\Java\jre7\bin\klist.exe
2013-11-30 20:44:51 464358DE0429ABB319DFE3F5E5C85F77 15784 ----a-w- C:\Program Files\Java\jre7\bin\orbd.exe
2013-11-30 20:44:51 3FB1EAAB3CD35126D1F3B9A0A5B7B2DC 15784 ----a-w- C:\Program Files\Java\jre7\bin\policytool.exe
2013-11-30 20:44:51 15EBB4D4B54FCE42D8CB116145BB7EBA 15784 ----a-w- C:\Program Files\Java\jre7\bin\servertool.exe
2013-11-30 20:44:50 DC1342498BEE7EF1646E9D63138B69CC 175016 ----a-w- C:\Program Files\Java\jre7\bin\javaw.exe
2013-11-30 20:44:50 9223A2810B73069F4A03A636052EF14A 264616 ----a-w- C:\Program Files\Java\jre7\bin\javaws.exe
2013-11-30 20:44:50 83D790AA563347A026771D50E3D07A9B 66984 ----a-w- C:\Program Files\Java\jre7\bin\javacpl.exe
2013-11-30 20:44:49 A9743D2D69B80800FEA5F24E7C4B02B3 48040 ----a-w- C:\Program Files\Java\jre7\bin\jabswitch.exe
2013-11-30 20:44:49 658633D255FEF154EA1CB8705B4468C5 174504 ----a-w- C:\Program Files\Java\jre7\bin\java.exe
2013-11-30 20:44:49 2F7EBCD8FB6557997F0583508FFFE6B1 15784 ----a-w- C:\Program Files\Java\jre7\bin\java-rmi.exe
2013-11-30 20:26:51 4AFFF5FE4E69C8E7C5F1E4F3511301CF 818968 ----a-w- C:\Program Files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.165\GoogleUpdateSetup.exe
2013-11-30 20:24:16 0DC0DE2966A6DBA4CFBF6639DF44F5BA 319880 ----atw- C:\Users\Carmem Martins\AppData\Local\Google\Update\1.3.21.165\GoogleCrashHandler64.exe
2013-11-30 20:24:08 CF7B0E597C1F34E528285495721DEEE9 237960 ----atw- C:\Users\Carmem Martins\AppData\Local\Google\Update\1.3.21.165\GoogleCrashHandler.exe
2013-11-30 20:23:59 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Users\Carmem Martins\AppData\Local\Google\Update\1.3.21.165\GoogleUpdate.exe
2013-11-30 20:14:37 4AFFF5FE4E69C8E7C5F1E4F3511301CF 818968 ----a-w- C:\Users\Carmem Martins\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.165\GoogleUpdateSetup.exe
2013-11-30 19:58:22 984CC93BB0EF86A0B4825269D8379D81 774424 ----a-w- C:\Users\Carmem Martins\AppData\Local\Temp\CRX_DF399A9B283A\GoogleUpdateSetup.exe
2013-11-30 19:58:22 4C8C0B0340C6234649C7F91FB5E89A54 571272 ----a-w- C:\Users\Carmem Martins\AppData\Local\Temp\CRX_DF399A9B283A\ChromeRecovery.exe
=== C: other files ==
2013-12-01 17:48:19 7C48747731C50F55A718AA4D3B9B3E86 2527378 ----a-w- C:\Users\Carmem Martins\Desktop\Z-Analyse.zip
2013-12-01 15:00:36 CC6C23C02BE66014AD87F2678BBB3A1D 8117 ----a-w- C:\Users\Carmem Martins\AppData\Local\Temp\jrt\modules.bat
2013-12-01 15:00:36 C4A5476A9D54B400F1623A2EE7DDA5C5 13955 ----a-w- C:\Users\Carmem Martins\AppData\Local\Temp\jrt\chrome.bat
2013-12-01 15:00:36 BAD6C67C870CC81C48DBA53089929884 153331 ----a-w- C:\Users\Carmem Martins\AppData\Local\Temp\jrt\firefox.bat
2013-12-01 15:00:36 B964B792D3692699CD7D4FDB63EE470E 1239 ----a-w- C:\Users\Carmem Martins\AppData\Local\Temp\jrt\FWPolicy.bat
2013-12-01 15:00:36 B8AF52799C6359D40228B006C1432C57 16063 ----a-w- C:\Users\Carmem Martins\AppData\Local\Temp\jrt\get.bat
2013-12-01 15:00:36 B45931E5313CB14CAA0F2BC3DA30E6FC 29648 ----a-w- C:\Users\Carmem Martins\AppData\Local\Temp\jrt\ask.bat
2013-12-01 15:00:36 87458834C37183459AA6F19EF5E06533 9099 ----a-w- C:\Users\Carmem Martins\AppData\Local\Temp\jrt\runvalues.bat
2013-12-01 15:00:36 80D02380F1AC33E459324B088392A1EC 732 ----a-w- C:\Users\Carmem Martins\AppData\Local\Temp\jrt\ev_clear.bat
2013-12-01 15:00:36 75C9C20DD9839BF287B43B0E179822DC 31414 ----a-w- C:\Users\Carmem Martins\AppData\Local\Temp\jrt\iexplore.bat
2013-12-01 15:00:36 654E9FE74B930A454EE5BDE165794B65 85 ----a-w- C:\Users\Carmem Martins\AppData\Local\Temp\jrt\delorphans.bat
2013-12-01 15:00:36 58605DA3492FB918D3D40B1FB88046AE 39471 ----a-w- C:\Users\Carmem Martins\AppData\Local\Temp\jrt\prelim.bat
2013-12-01 15:00:36 504CA0FC8BE3A47ECE89CEC2E5B21E67 10261 ----a-w- C:\Users\Carmem Martins\AppData\Local\Temp\jrt\JRT.bat
2013-12-01 15:00:36 372EA6F783198102CF5779072EE78C79 24751 ----a-w- C:\Users\Carmem Martins\AppData\Local\Temp\jrt\searchlnk.bat
2013-12-01 15:00:36 1FBF882AA934A741530741FC134872A3 1243 ----a-w- C:\Users\Carmem Martins\AppData\Local\Temp\jrt\TDL4.bat
2013-12-01 15:00:36 14D6EE8B672684E2232FB430D8C4A928 18668 ----a-w- C:\Users\Carmem Martins\AppData\Local\Temp\jrt\medfos.bat
2013-12-01 15:00:36 0768E560CCD86C18F35FAD29DCEA7B80 1820 ----a-w- C:\Users\Carmem Martins\AppData\Local\Temp\jrt\delfolders.bat
2013-12-01 15:00:36 006F09DF7EB9E9E61935F16AF2B6DC71 150291 ----a-w- C:\Users\Carmem Martins\AppData\Local\Temp\jrt\misc.bat
2013-12-01 13:42:45 A36EE93698802CD899F98BFD553D8185 28520 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\ssmdrv.sys
2013-12-01 13:41:53 28895EDF46C7EC9E799C55F54BDE1085 43224 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\pt-br\sweb.zip
2013-12-01 13:39:22 E2B4FC3BDEEA485A9C33750E12B31BF3 67680 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\win8\avnetflt.sys
2013-12-01 13:39:22 09E9CA6E7C6BD01D6AE7BECDEC224D06 83160 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\win764\avnetflt.sys
2013-12-01 13:39:20 429DE01B925CA7CFFF791211ACF3CA25 67680 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\win7\avnetflt.sys
2013-12-01 13:39:18 D1D40E04F258917863F8F6AE3D49DC33 83160 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\win864\avnetflt.sys
2013-12-01 13:39:14 390184FAD8FCC1B6DA25AEBAE928C3B6 28600 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\win864\avkmgr.sys
2013-12-01 13:39:13 D8C712305F73CD34D1B344810E522728 37352 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\xp\avkmgr.sys
2013-12-01 13:39:13 390184FAD8FCC1B6DA25AEBAE928C3B6 28600 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\xp64\avkmgr.sys
2013-12-01 13:39:13 390184FAD8FCC1B6DA25AEBAE928C3B6 28600 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\vista64\avkmgr.sys
2013-12-01 13:39:10 DBAB18B20FDA2542EEF8C588D878B7B5 132600 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\win864\avipbb.sys
2013-12-01 13:39:09 DBAB18B20FDA2542EEF8C588D878B7B5 132600 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\vista64\avipbb.sys
2013-12-01 13:39:08 DBAB18B20FDA2542EEF8C588D878B7B5 132600 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\xp64\avipbb.sys
2013-12-01 13:39:07 C0F13672DEA7BDB40A89414AB0411705 137208 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\xp\avipbb.sys
2013-12-01 13:39:03 0909E9AD4019AFF25C58E0DFFDCD744E 106904 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\win864\avgntflt.sys
2013-12-01 13:39:03 0909E9AD4019AFF25C58E0DFFDCD744E 106904 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\vista64\avgntflt.sys
2013-12-01 13:39:02 0909E9AD4019AFF25C58E0DFFDCD744E 106904 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\xp64\avgntflt.sys
2013-12-01 13:39:01 FE5C0B6E90EA6E0ECA1259571A13239F 90400 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\xp\avgntflt.sys
2013-12-01 13:38:35 516B8C03BBBDACF1E655303219E84E69 11371 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\QATestedProducts.zip
2013-12-01 13:38:34 E274C96E2175C7DF97DCB255E406A900 1478 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\ProductReleaseNotes.zip
2013-12-01 13:38:31 7B9BBBDBCBBF2B3F347037DE5538367B 2453117 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\ManualUninstallConfig.zip
2013-12-01 13:37:51 2BFC29F303019878349248A2FB75FC2E 27044 ----a-w- C:\Windows\Temp\avnwldrtemp\setup\AVSDKList.zip
2013-12-01 12:34:50 A36EE93698802CD899F98BFD553D8185 28520 ----a-w- C:\Windows\System32\drivers\ssmdrv.sys
2013-12-01 12:34:50 221B0318EC9E46931CF33BAAC744D9C4 98712 ----a-w- C:\Program Files\Avira\AntiVir Desktop\sweb.zip
2013-12-01 12:34:49 7713E4EB0276702FAA08E52A6E23F2A6 74640 ----a-w- C:\Windows\System32\drivers\avgntflt.sys
2013-12-01 12:34:49 271CFD1A989209B1964E24D969552BF7 36000 ----a-w- C:\Windows\System32\drivers\avkmgr.sys
2013-12-01 12:34:49 13B02B9B969DDE270CD7C351203DAD3C 137416 ----a-w- C:\Windows\System32\drivers\avipbb.sys
2013-12-01 02:12:46 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-11-30 20:44:52 0A35B7026416325DE4A3EEC131F6EE2C 18636 ----a-w- C:\Program Files\Java\jre7\lib\deploy\ffjcext.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-1363791893-764767159-519000805-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Octoshape Streaming Services"="C:\Users\Carmem Martins\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe -inv:bootrun"
"Google Update"="C:\Users\Carmem Martins\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"hpqSRMon"="C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe"
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
"LWS"="C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide"
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"avgnt"="C:\Program Files\Avira\AntiVir Desktop\avgnt.exe /min"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Octoshape Streaming Services"="C:\Users\Carmem Martins\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe -inv:bootrun"
"Google Update"="C:\Users\Carmem Martins\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"

==== Startup Folders ======================

2012-04-26 16:23:29 2069 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [30/11/2013 22:16]
C:\Windows\tasks\DriverEasy Scheduled Scan.job --a------ [Undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [28/04/2012 14:45]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:D0C:\ProgramC:Files\Google\Update\GoogleUpdate.exe []
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1363791893-764767159-519000805-1000Core.job --a------ C:\Users\Carmem Martins\AppData\Local\Google\Update\GoogleUpdate.exe [15/09/2012 00:10]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1363791893-764767159-519000805-1000UA.job --a------ C:\Users\Carmem Martins\AppData\Local\Google\Update\GoogleUpdate.exe [15/09/2012 00:10]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\DriverEasy Scheduled Scan" [C:\Program Files\Easeware\DriverEasy\DriverEasy.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-1363791893-764767159-519000805-1000Core" [C:\Users\Carmem Martins\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-1363791893-764767159-519000805-1000UA" [C:\Users\Carmem Martins\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\MotoHelper Initial Update" ["C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe"]
"C:\Windows\system32\tasks\MotoHelper MUM" ["C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe"]
"C:\Windows\system32\tasks\MotoHelper Routing" ["C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe"]
"C:\Windows\system32\tasks\MotoHelper Update" ["C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe"]
"C:\Windows\system32\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\system32\tasks\User_Feed_Synchronization-{8F346463-4842-448B-9040-0AB3395CA4EA}" [C:\Windows\system32\msfeedssync.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"12ffxtbr@MyScrapNook_12.com"="C:\Program Files\MyScrapNook_12\bar\1.bin" []
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [26/04/2012 14:26]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Carmem Martins\AppData\Roaming\Mozilla\Firefox\Profiles\z031bvbg.default
- My Scrap Nook - %ProfilePath%\extensions\12ffxtbr@MyScrapNook_12.com
- Guardiao Itau 30 horas - %ProfilePath%\extensions\{87F8774F-B485-47E2-A755-A40A8A5E8873}

AppDir: C:\Program Files\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

==== Firefox Plugins ======================

Profilepath: C:\Users\Carmem Martins\AppData\Roaming\Mozilla\Firefox\Profiles\z031bvbg.default
4BF70B35B943BD73BD6E13EB7C1BA4B3 - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll - Shockwave Flash
6768C724599214E4F9ADD9F8FF5097EB - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U45
F1CD6E22E5AE5CEEB7712E546A5FC853 - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.450.18
CFAF7B67C78D09D79688AEDCA3D090E2 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll - Google Update
CFAF7B67C78D09D79688AEDCA3D090E2 - C:\Users\Carmem Martins\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll - Google Update
68BCBB241EF254BC5100D9E6C06ECC71 - C:\Users\Carmem Martins\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll - Google Talk Plugin Video Accelerator
99FE6AFE80EB7FE3EEB75DC504A326A3 - C:\Users\Carmem Martins\AppData\Roaming\Mozilla\plugins\npo1d.dll - Google Talk Plugin Video Renderer
AF42019A3B0EDBFA6878F75B9377A792 - C:\Users\Carmem Martins\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll - Google Talk Plugin
7550FC1ADE982582D5920BEA6430E3D4 - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin
77B09C2C6F407531447DA75E3ACD1C5B - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat
04ACC61B47857E779CD92D1D88770BF1 - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
EC401349BFA64BD6232C746046AEC0B5 - C:\Users\Carmem Martins\AppData\Roaming\Mozilla\plugins\npoctoshape.dll - Octoshape Streaming Services
4676A8E1EE37E71486717ECD1E61C17B - C:\Windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[02/10/2012 12:14]

YouTube - Carmem Martins - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Carmem Martins - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - Carmem Martins - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Carmem Martins - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== IE Start and Search Settings ======================

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.oglobo.com.br/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{8BD9B136-8037-42F3-A91F-36E641177141} Ask Search Url="http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=F34F4BD4-9730-4E07-A867-400B6FA33FFD&apn_sauid=F44D2B49-F61B-494D-840A-7798D58AEC3A"

==== HijackThis Entries ======================

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Users\Carmem Martins\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Carmem Martins\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avira Programador (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: MotoHelper Service (MotoHelper) - Unknown owner - C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: My Scrap NookService (MyScrapNook_12Service) - Unknown owner - C:\PROGRA~1\MYSCRA~2\bar\1.bin\12barsvc.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

==== EOF on 01/12/2013 at 16:01:33,80 ======================

abraços
krica

Baixe o arquivo zoekscript.txt e salve-o no Desktop

*Feche o seu navegador

*Clique com o botão direito do mouse no Z-Analyse e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Clique [Sim]

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

*Uma janela será aberta. Aguarde o término e ela será fechada automaticamente.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

*Um relatório será apresentado, cole-o na sua próxima resposta.

Wings, fiz os procedimentos sendo que quando apareceu a 2ª janela ficou horas sem acontecer nada ela não fechou automaticamente eu dei ok e apareceu a janela dizendo a reboot is needed to complete zoek.exe tasks. quando reiniciou na hora de voltar iniciando o windows ficou a tela preta e só a seta branca depois voltou ao normal e apareceu o relatorio que é esse:


Z-Analyse V1.0.0.1 Updated 30-November-2013
Tool run by Carmem Martins on 01/12/2013 at 16:43:11,73.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Carmem Martins\Desktop\Z-Analyse.exe
Script used: C:\Users\Carmem Martins\Desktop\zoekscript.txt

==== Older Logs ======================

C:\zoek-results2013-12-01-180133.log 44040 bytes

==== Deleting Services ======================


==== FireFox Fix ======================

ProfilePath: C:\Users\Carmem Martins\AppData\Roaming\Mozilla\Firefox\Profiles\z031bvbg.default

user.js not found
---- Lines [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"smartwebprinting@hp.com\":{\"descriptor\":\"C:\\\\Program Files\\
---- FireFox user.js and prefs.js backups ----

prefs_122013_1644_.backup

==== Deleting Files \ Folders ======================

C:\Users\Carmem Martins\AppData\Roaming\Mozilla\Firefox\Profiles\z031bvbg.default\extensions\12ffxtbr@MyScrapNook_12.com deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"12ffxtbr@MyScrapNook_12.com"="C:\Program Files\MyScrapNook_12\bar\1.bin" []
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [26/04/2012 14:26]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Carmem Martins\AppData\Roaming\Mozilla\Firefox\Profiles\z031bvbg.default
- Guardiao Itau 30 horas - %ProfilePath%\extensions\{87F8774F-B485-47E2-A755-A40A8A5E8873}

AppDir: C:\Program Files\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

==== Firefox Plugins ======================

Profilepath: C:\Users\Carmem Martins\AppData\Roaming\Mozilla\Firefox\Profiles\z031bvbg.default
4BF70B35B943BD73BD6E13EB7C1BA4B3 - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll - Shockwave Flash
6768C724599214E4F9ADD9F8FF5097EB - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U45
F1CD6E22E5AE5CEEB7712E546A5FC853 - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.450.18
CFAF7B67C78D09D79688AEDCA3D090E2 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll - Google Update
CFAF7B67C78D09D79688AEDCA3D090E2 - C:\Users\Carmem Martins\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll - Google Update
68BCBB241EF254BC5100D9E6C06ECC71 - C:\Users\Carmem Martins\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll - Google Talk Plugin Video Accelerator
99FE6AFE80EB7FE3EEB75DC504A326A3 - C:\Users\Carmem Martins\AppData\Roaming\Mozilla\plugins\npo1d.dll - Google Talk Plugin Video Renderer
AF42019A3B0EDBFA6878F75B9377A792 - C:\Users\Carmem Martins\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll - Google Talk Plugin
7550FC1ADE982582D5920BEA6430E3D4 - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin
77B09C2C6F407531447DA75E3ACD1C5B - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat
04ACC61B47857E779CD92D1D88770BF1 - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
EC401349BFA64BD6232C746046AEC0B5 - C:\Users\Carmem Martins\AppData\Roaming\Mozilla\plugins\npoctoshape.dll - Octoshape Streaming Services
4676A8E1EE37E71486717ECD1E61C17B - C:\Windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director


==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\12ffxtbr@MyScrapNook_12.com deleted successfully

==== Empty IE Cache ======================

C:\Users\Carmem Martins\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Carmem Martins\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Carmem Martins\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Carmem Martins\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Carmem Martins\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Carmem Martins\AppData\Local\Mozilla\Firefox\Profiles\z031bvbg.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Carmem Martins\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\CARMEM~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Carmem Martins\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

==== EOF on 01/12/2013 at 18:20:31,93 ======================


abraços

krica

OK...o PC está limpo.


Execute o AdwCleaner, clique [Desinstalar] > [Sim]


Delete o Z-Analyse, a pasta C:\zoek_backup e os relatórios C:\zoek-results


Delete o JRT e a pasta C:\JRT


Um abraço...

Wings posso deletar tudo que está na quarentena do malwarebytes. Mais uma vez obrigadooooo!!!

abraços e um otimo domingo

krica

krica escreveu:Wings posso deletar tudo que está na quarentena do malwarebytes.

Pode...................

CASO RESOLVIDO

Caso o(a) autor(a) do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.