Não consigo remover o ads by View-Password do meu notebook

É oi, eu nunca publiquei aqui acabei de descobrir esse forum sou leiga em questão de computadores e tals e não sei como essa coisa veio para aqui kkk mas fica aparecendo anuncios desse viewpassword em quase todo site, ja usei um programa de remoção de malware e não resolveu.

Olá!

Aguarde o auxílio dos analistas. Enquanto isso, vai lendo a cartilha de segurança exposta na assinatura. Quem sabe assim você não fica mais com essas propagandas chatas em seus navegadores.

  Oi Debora. Seja bem vinda ao Fórum PC Brasil.
_______________________________________________________

ja usei um programa de remoção de malware não resolveu

 Qual foi este programa que você usou?
__________________________________________________________

 Siga, por gentileza, as dicas do tutorial abaixo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste, por gentileza, o log do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt

Ficamos na espera.

# AdwCleaner v3.020 - Relatório criado 02/03/2014 às 22:52:14
# Atualizado 27/02/2014 por Xplode
# Sistema Operacional : Windows 8 Single Language (64 bits)
# Usuário : Débora - DÉBORAPC
# Executando de : C:\Users\Débora\Downloads\AdwCleaner.exe
# Opção : Limpar

***** [ Serviços ] *****


***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\baidu
Pasta Deletada : C:\ProgramData\WPM
Pasta Deletada : C:\Program Files (x86)\Bench
Pasta Deletada : C:\Program Files (x86)\Mobogenie
Pasta Deletada : C:\Program Files (x86)\predm
Pasta Deletada : C:\Program Files (x86)\SupTab
Pasta Deletada : C:\Users\Débora\AppData\Local\lollipop
Pasta Deletada : C:\Users\Débora\AppData\Local\Mobogenie
Pasta Deletada : C:\Users\Débora\AppData\Local\SaveSense
Pasta Deletada : C:\Users\Débora\AppData\LocalLow\Mysearchdial
Pasta Deletada : C:\Users\Débora\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
Pasta Deletada : C:\Users\Débora\AppData\Roaming\awesomehp
Pasta Deletada : C:\Users\Débora\AppData\Roaming\baidu
Pasta Deletada : C:\Users\Débora\AppData\Roaming\DigitalSites
Pasta Deletada : C:\Users\Débora\AppData\Roaming\SupTab
Pasta Deletada : C:\Users\Débora\Documents\Mobogenie
Arquivo Deletada : C:\WINDOWS\Tasks\MySearchDial.job
Arquivo Deletada : C:\WINDOWS\System32\Tasks\MySearchDial
Arquivo Deletada : C:\WINDOWS\Tasks\SaveSense.job
Arquivo Deletada : C:\WINDOWS\System32\Tasks\SaveSense

***** [ Atalhos ] *****


***** [ Registro ] *****

Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{71E129FF-6C2A-4984-818C-7E2C998B8D99}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{71E129FF-6C2A-4984-818C-7E2C998B8D99}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{71E129FF-6C2A-4984-818C-7E2C998B8D99}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{71E129FF-6C2A-4984-818C-7E2C998B8D99}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EA34C851-D481-49F5-A356-3A8B0A8F3B7E}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Chave Deletedo : HKCU\Software\dsiteproducts
Chave Deletedo : HKCU\Software\lollipop
Chave Deletedo : HKCU\Software\Softonic
Chave Deletedo : HKCU\Software\TutoTag
Chave Deletedo : HKLM\Software\Bench
Chave Deletedo : HKLM\Software\InstallCore
Chave Deletedo : HKLM\Software\mysearchdial
Chave Deletedo : HKLM\Software\supTab
Chave Deletedo : HKLM\Software\supWPM
Chave Deletedo : HKLM\Software\Tutorials
Chave Deletedo : HKLM\Software\Wpm
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Digital Sites
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Zip Opener Packages

***** [ Navegadores ] *****

-\\ Internet Explorer v10.0.9200.16453

Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Google Chrome v33.0.1750.117

[ Arquivo : C:\Users\Débora\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [5312 octets] - [02/03/2014 22:20:05]
AdwCleaner[R1].txt - [5372 octets] - [02/03/2014 22:32:45]
AdwCleaner[S0].txt - [4155 octets] - [02/03/2014 22:52:14]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4215 octets] ##########

Ainda não sumiu :/

   Vários problemas foram removidos pelo AdwCleaner.
_____________________________________________

ja usei um programa de remoção de malware não resolveu

Qual programa você tinha usado?

O Malwarebytes

deboramarcili escreveu:O Malwarebytes

 Você fez uma verificação completa com ele e removeu todos os problemas que ele encontrou? Caso não tenha feito desta forma, faça por gentileza.
________________________________________________________________

   Desative temporariamente seu antivírus para evitar conflitos.

Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.

Zoek.exe v5.0.0.0 Updated 02-March-2014
Tool run by D‚bora on 02/03/2014 at 23:08:16,15.
Microsoft Windows 8 Single Language 6.2.9200 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\DBORA~1\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

02/03/2014 23:10:45 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1826517430-165495940-1635513106-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9B58858C-729C-4E43-A760-45A787FDA9FB} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util melondrea deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Util melondrea deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update melondrea deleted successfully

==== Deleting Files \ Folders ======================

C:\Users\DBORA~1\daemonprocess.txt deleted
C:\Users\DBORA~1\.android deleted
C:\Users\DBORA~1\AppData\Local\cache deleted
C:\windows\SysNative\tasks\Digital Sites deleted
C:\WINDOWS\tasks\Digital Sites.job deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [01/03/2014 14:38]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{b8a7bc9b-a420-49ce-95a3-9ef54b2e84e3}"="C:\Program Files (x86)\View-Password-soft\155.xpi" [01/03/2014 19:54]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[14/08/2013 15:24]
iokmdlapebooifaijckgcmncjdpojmjl - C:\Program Files\Lenovo Fingerprint Reader\x86\tschrome.crx[02/08/2012 23:35]
mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\Exts\Chrome.crx[30/01/2014 14:24]

Google Docs - DBORA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - DBORA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - DBORA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - DBORA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
AdBlock - DBORA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
RealDownloader - DBORA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji
Norton Identity Protection - DBORA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Google Wallet - DBORA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - DBORA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\Users\DBORA~1\AppData\Local\Google\Chrome\User Data\Default\Preferences will be reset at reboot
C:\Users\DBORA~1\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== shortcuts on Users Desktops ======================

C:\Users\Default\Desktop\Microsoft Excel Starter 2010.lnk - C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE "Microsoft Excel Starter 2010 9014006604160000"
C:\Users\Default\Desktop\Microsoft Word Starter 2010.lnk - C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE "Microsoft Word Starter 2010 9014006604160000"
C:\Users\Default\Desktop\OpenOffice Base.lnk - C:\Program Files (x86)\OpenOffice 4\program\sbase.exe
C:\Users\Default\Desktop\OpenOffice Calc.lnk - C:\Program Files (x86)\OpenOffice 4\program\scalc.exe
C:\Users\Default\Desktop\OpenOffice Draw.lnk - C:\Program Files (x86)\OpenOffice 4\program\sdraw.exe
C:\Users\Default\Desktop\OpenOffice Impress.lnk - C:\Program Files (x86)\OpenOffice 4\program\simpress.exe
C:\Users\Default\Desktop\OpenOffice Math.lnk - C:\Program Files (x86)\OpenOffice 4\program\smath.exe
C:\Users\Default\Desktop\OpenOffice Writer.lnk - C:\Program Files (x86)\OpenOffice 4\program\swriter.exe
C:\Users\Default\Desktop\Ferramentas do Microsoft Office 2010\Centro de Carregamento do Microsoft Office 2010.lnk - C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE "Centro de Carregamento do Microsoft Office 2010 9014006604160000"
C:\Users\Default\Desktop\Ferramentas do Microsoft Office 2010\Microsoft Media Gallery.lnk - C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE "Microsoft Media Gallery 9014006604160000"
C:\Users\Default\Desktop\Ferramentas do Microsoft Office 2010\Microsoft Office Picture Manager.lnk - C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE "Microsoft Office Picture Manager 9014006604160000"
C:\Users\Default\Desktop\Ferramentas do Microsoft Office 2010\Microsoft Office Starter To-Go Device Manager 2010.lnk - C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE "Microsoft Office Starter To-Go Device Manager 2010 9014006604160000"
C:\Users\Default User\Desktop\Microsoft Excel Starter 2010.lnk - C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE "Microsoft Excel Starter 2010 9014006604160000"
C:\Users\Default User\Desktop\Microsoft Word Starter 2010.lnk - C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE "Microsoft Word Starter 2010 9014006604160000"
C:\Users\Default User\Desktop\OpenOffice Base.lnk - C:\Program Files (x86)\OpenOffice 4\program\sbase.exe
C:\Users\Default User\Desktop\OpenOffice Calc.lnk - C:\Program Files (x86)\OpenOffice 4\program\scalc.exe
C:\Users\Default User\Desktop\OpenOffice Draw.lnk - C:\Program Files (x86)\OpenOffice 4\program\sdraw.exe
C:\Users\Default User\Desktop\OpenOffice Impress.lnk - C:\Program Files (x86)\OpenOffice 4\program\simpress.exe
C:\Users\Default User\Desktop\OpenOffice Math.lnk - C:\Program Files (x86)\OpenOffice 4\program\smath.exe
C:\Users\Default User\Desktop\OpenOffice Writer.lnk - C:\Program Files (x86)\OpenOffice 4\program\swriter.exe
C:\Users\Default User\Desktop\Ferramentas do Microsoft Office 2010\Centro de Carregamento do Microsoft Office 2010.lnk - C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE "Centro de Carregamento do Microsoft Office 2010 9014006604160000"
C:\Users\Default User\Desktop\Ferramentas do Microsoft Office 2010\Microsoft Media Gallery.lnk - C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE "Microsoft Media Gallery 9014006604160000"
C:\Users\Default User\Desktop\Ferramentas do Microsoft Office 2010\Microsoft Office Picture Manager.lnk - C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE "Microsoft Office Picture Manager 9014006604160000"
C:\Users\Default User\Desktop\Ferramentas do Microsoft Office 2010\Microsoft Office Starter To-Go Device Manager 2010.lnk - C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE "Microsoft Office Starter To-Go Device Manager 2010 9014006604160000"
C:\Users\DBORA~1\Desktop\Microsoft Excel Starter 2010.lnk - C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE "Microsoft Excel Starter 2010 9014006604160000"
C:\Users\DBORA~1\Desktop\Microsoft Word Starter 2010.lnk - C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE "Microsoft Word Starter 2010 9014006604160000"
C:\Users\DBORA~1\Desktop\OpenOffice Base.lnk - C:\Program Files (x86)\OpenOffice 4\program\sbase.exe
C:\Users\DBORA~1\Desktop\OpenOffice Calc.lnk - C:\Program Files (x86)\OpenOffice 4\program\scalc.exe
C:\Users\DBORA~1\Desktop\OpenOffice Draw.lnk - C:\Program Files (x86)\OpenOffice 4\program\sdraw.exe
C:\Users\DBORA~1\Desktop\OpenOffice Impress.lnk - C:\Program Files (x86)\OpenOffice 4\program\simpress.exe
C:\Users\DBORA~1\Desktop\OpenOffice Math.lnk - C:\Program Files (x86)\OpenOffice 4\program\smath.exe
C:\Users\DBORA~1\Desktop\OpenOffice Writer.lnk - C:\Program Files (x86)\OpenOffice 4\program\swriter.exe
C:\Users\DBORA~1\Desktop\PhotoshopPortable - Atalho.lnk - C:\Users\DBORA~1\Desktop\PhotoshopPortable\PhotoshopPortable.exe
C:\Users\DBORA~1\Desktop\Ferramentas do Microsoft Office 2010\Centro de Carregamento do Microsoft Office 2010.lnk - C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE "Centro de Carregamento do Microsoft Office 2010 9014006604160000"
C:\Users\DBORA~1\Desktop\Ferramentas do Microsoft Office 2010\Microsoft Media Gallery.lnk - C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE "Microsoft Media Gallery 9014006604160000"
C:\Users\DBORA~1\Desktop\Ferramentas do Microsoft Office 2010\Microsoft Office Picture Manager.lnk - C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE "Microsoft Office Picture Manager 9014006604160000"
C:\Users\DBORA~1\Desktop\Ferramentas do Microsoft Office 2010\Microsoft Office Starter To-Go Device Manager 2010.lnk - C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE "Microsoft Office Starter To-Go Device Manager 2010 9014006604160000"
C:\Users\USURIO~1\Desktop\Microsoft Excel Starter 2010.lnk - C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE "Microsoft Excel Starter 2010 9014006604160000"
C:\Users\USURIO~1\Desktop\Microsoft Word Starter 2010.lnk - C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE "Microsoft Word Starter 2010 9014006604160000"
C:\Users\USURIO~1\Desktop\OpenOffice Base.lnk - C:\Program Files (x86)\OpenOffice 4\program\sbase.exe
C:\Users\USURIO~1\Desktop\OpenOffice Calc.lnk - C:\Program Files (x86)\OpenOffice 4\program\scalc.exe
C:\Users\USURIO~1\Desktop\OpenOffice Draw.lnk - C:\Program Files (x86)\OpenOffice 4\program\sdraw.exe
C:\Users\USURIO~1\Desktop\OpenOffice Impress.lnk - C:\Program Files (x86)\OpenOffice 4\program\simpress.exe
C:\Users\USURIO~1\Desktop\OpenOffice Math.lnk - C:\Program Files (x86)\OpenOffice 4\program\smath.exe
C:\Users\USURIO~1\Desktop\OpenOffice Writer.lnk - C:\Program Files (x86)\OpenOffice 4\program\swriter.exe
C:\Users\USURIO~1\Desktop\Ferramentas do Microsoft Office 2010\Centro de Carregamento do Microsoft Office 2010.lnk - C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE "Centro de Carregamento do Microsoft Office 2010 9014006604160000"
C:\Users\USURIO~1\Desktop\Ferramentas do Microsoft Office 2010\Microsoft Media Gallery.lnk - C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE "Microsoft Media Gallery 9014006604160000"
C:\Users\USURIO~1\Desktop\Ferramentas do Microsoft Office 2010\Microsoft Office Picture Manager.lnk - C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE "Microsoft Office Picture Manager 9014006604160000"
C:\Users\USURIO~1\Desktop\Ferramentas do Microsoft Office 2010\Microsoft Office Starter To-Go Device Manager 2010.lnk - C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE "Microsoft Office Starter To-Go Device Manager 2010 9014006604160000"

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Freemake Video Converter.lnk - C:\Program Files (x86)\Freemake\Freemake Video Converter\FreemakeVideoConverter.exe
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\Lenovo QuickLaunch.lnk - C:\Program Files (x86)\Lenovo\LenovoQuickLaunch\LenovoQuickLaunch.exe /pin:warn /hide:no
C:\Users\Public\Desktop\Lenovo Solution Center.lnk - C:\Program Files (x86)\Lenovo\Lenovo Solution Center\LSC.exe
C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk - C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
C:\Users\Public\Desktop\RealPlayer.lnk - C:\Program Files (x86)\Real\RealPlayer\realplay.exe /launch:desktop

==== shortcuts in Users Start Menu ======================

C:\Users\Débora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -
C:\Users\Débora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake\Uninstall\Uninstall Freemake Video Converter.lnk -
C:\Users\Débora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -
C:\Users\Débora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake\Uninstall\Uninstall Freemake Video Converter.lnk -
C:\Users\Débora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -
C:\Users\Débora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake\Uninstall\Uninstall Freemake Video Converter.lnk -
C:\Users\Débora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -
C:\Users\Débora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake\Uninstall\Uninstall Freemake Video Converter.lnk -
C:\Users\Débora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -
C:\Users\Débora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake\Uninstall\Uninstall Freemake Video Converter.lnk -
C:\Users\Débora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -
C:\Users\Débora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake\Uninstall\Uninstall Freemake Video Converter.lnk -
C:\Users\Débora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -
C:\Users\Débora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake\Uninstall\Uninstall Freemake Video Converter.lnk -
C:\Users\Débora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -
C:\Users\Débora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake\Uninstall\Uninstall Freemake Video Converter.lnk -
C:\Users\Débora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -
C:\Users\Débora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake\Uninstall\Uninstall Freemake Video Converter.lnk -

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip File Manager.lnk - C:\Program Files (x86)\7-Zip\7zFM.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip Help.lnk - C:\Program Files (x86)\7-Zip\7-zip.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fingerprint Reader\Fingerprint Reader.lnk - C:\Program Files (x86)\Lenovo Fingerprint Reader\Splash.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake\Freemake Video Converter.lnk - C:\Program Files (x86)\Freemake\Freemake Video Converter\FreemakeVideoConverter.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security\Norton Internet Security.lnk - C:\Program Files (x86)\Norton Internet Security\Engine64\20.4.0.40\uistub.exe /win8
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oasis Games Limited\Uninstall.lnk - C:\Program Files (x86)\Oasis Games Limited\Legend online\uninstaller.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\Montador do RealPlayer.lnk - C:\Program Files (x86)\Real\RealPlayer\realtrimmer.exe /launch:start_menu
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealDownloader.lnk - C:\WINDOWS\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer Converter.lnk - C:\Program Files (x86)\Real\RealPlayer\realconverter.exe /launch:start_menu
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer.lnk - C:\Program Files (x86)\Real\RealPlayer\realplay.exe /launch:start_menu

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyServer"="http=127.0.0.1:13828"
"ProxyEnable"=dword:00000001

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\DBORA~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\DBORA~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\DBORA~1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=160 folders=20 2776354 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\DBORA~1\AppData\Local\Temp will be emptied at reboot
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\DBORA~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 02/03/2014 at 23:20:25,60 ======================

 Siga, por gentileza, as dicas do tutorial abaixo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste, por gentileza, o log do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 8 Single Language x64
Ran by D‚bora on 02/03/2014 at 23:29:16,51
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{C1424421-D274-491E-9D47-11C8D8CB5F9A}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{C1424421-D274-491E-9D47-11C8D8CB5F9A}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\baidu
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{C1424421-D274-491E-9D47-11C8D8CB5F9A}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{C1424421-D274-491E-9D47-11C8D8CB5F9A}



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02/03/2014 at 23:35:28,38
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Você clicou com o botão direito do mouse sobre o ícone do Junkware Removal Tool e escolheu a opção de Executar como administrador? Se não tiver feito desta forma, faça por gentileza.

Se você já fez assim, nos diga.

Sim, mesmo que no tutorial dizia pra fazer isso quem tinha windows 7 e o meu é 8

 Faça o download do < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >  < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )

|- Desabilite temporariamente seu antivírus para evitar conflitos e execute "ZHPDiag2.exe", para instalar a ferramenta.
 
|- Execute o ícone do pergaminho. ( ZHPDiag )

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
 
|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
 
|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

~ Relatório do ZHPDiag v2014.3.2.2 - Nicolas Coolman (02/03/2014)
~ Iniciado por Débora (02/03/2014 23:51:43)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user


---\\ Navegadores Internet
MSIE: Internet Explorer v10.0.9200.16466
GCIE: Google Chrome v33.0.1750.117 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 8 Single Language, 64-bit (Build 9200)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
Norton Internet Security v20.4.0.40
Windows Defender W8

---\\ Softwares d'optimização do sistema

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3934 MB (55% free)
System Restore: Activé (Enable)
System drive C: has 426 GB (93%) free of 455 GB

---\\ Modo de conexão ao sistema
~ Computer Name: DÉBORAPC
~ User Name: Débora
~ All Users Names: Débora, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Débora\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Débora\AppData\Roaming\
~ %Desktop% : C:\Users\Débora\Desktop\
~ %Favorites% : C:\Users\Débora\Favorites\
~ %LocalAppData% : C:\Users\Débora\AppData\Local\
~ %StartMenu% : C:\Users\Débora\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 426 Go of 455 Go)
D: Floppy drive, Flash card reader, USB Key (Free 1 Go of 2 Go)
E: CD-ROM drive (Not Inserted)
Q: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.E13A31D5254C25406A7946BDD9B06364] - (.Microsoft Corporation - Windows Explorer.) (.11/10/2012 - 04:35:16.) -- C:\Windows\Explorer.exe [2380944]
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.26/07/2012 - 00:08:50.) -- C:\Windows\System32\Wininit.exe [132608]
[MD5.AAEF73606F58ADE710208F4B1B988FBF] - (.Microsoft Corporation - Internet Extensions para Win32.) (.08/11/2012 - 01:22:19.) -- C:\Windows\System32\wininet.dll [2246656]
[MD5.BCF2036A0DD579E47C008C133550283E] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.11/10/2012 - 02:46:58.) -- C:\Windows\System32\Winlogon.exe [517120]
[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.26/07/2012 - 00:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408]
[MD5.36D6A3201721558A8AFBCC09C2DA4C2C] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.06/11/2012 - 00:53:44.) -- C:\Windows\system32\Drivers\AFD.sys [560640]
[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 02:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840]
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.25/07/2012 - 23:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544]
[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.25/07/2012 - 23:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080]
[MD5.09D9EB9E7898F8E6561473A20CC808B9] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.25/07/2012 - 23:26:53.) -- C:\Windows\system32\Drivers\DfsC.sys [118784]
[MD5.7D87B5B6C7188D553E11B59DC7F0B111] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/09/2012 - 03:08:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168]
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Driver de porta i8042.) (.25/07/2012 - 23:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640]
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.25/07/2012 - 23:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920]
[MD5.877D60D6E4156EC4A2E0B6871D41BED9] - (.Microsoft Corporation - Minirdr SMB do Windows NT.) (.06/11/2012 - 00:52:49.) -- C:\Windows\system32\Drivers\MRxSmb.sys [366080]
[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.25/07/2012 - 23:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776]
[MD5.4A7EEA9C4AD5CBFDA3C0E5B821C99CAD] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.26/07/2012 - 02:26:46.) -- C:\Windows\system32\Drivers\ntfs.sys [1934064]
[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Driver de porta paralela.) (.25/07/2012 - 23:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984]
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.25/07/2012 - 23:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.25/07/2012 - 23:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712]
[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 02:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248]
[MD5.2FB3CDFD5EAF4CD9D4AFAF96877D13AE] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.26/07/2012 - 01:57:09.) -- C:\Windows\system32\Drivers\volsnap.sys [332016]
~ Generic Processes: Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/104
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/28
~ Mes Documents (My Documents) : 1/2
~ Mon Bureau (My Desktop) : 1/6018
~ Menu demarrer (Programs) : 1/48
~ Hidden Files: Scanned in 00mn 00s



---\\ Processos lançados
[MD5.BF720139C54BAFC54152783231C77ACD] - (...) -- C:\Program Files (x86)\View-Password-soft\ViewPassword_wd.exe [93184] [PID.3760] =>PUP.ViewPassword
[MD5.995E42865C9800C913D78AE161EFC716] - (.Lenovo - Mobile Hotspot Client Application.) -- C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [937976] [PID.5096]
[MD5.EE6BB6A87296DA1D0E3B6181CDB4C2FF] - (.Lenovo Corporation - Lenovo® AVFramework Native 32-Bit Server.) -- C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe [593408] [PID.5112]
[MD5.E6FC28A12F0BB32FECAE09293EF74019] - (.Lenovo - RapidBoot HDD Accelerator Console.) -- C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe [741680] [PID.4308]
[MD5.F6158734F1E24C6C510155CF0D363911] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [295512] [PID.5252]
[MD5.4945093A93034C5078610677F723C09E] - (.No owner - IEWebSiteLogon.) -- C:\Program Files\Lenovo Fingerprint Reader\x86\IEWebSiteLogon.exe [4622184] [PID.2064]
[MD5.1660C5986C679A7E523ED034CCFB6FE3] - (.No owner - Location Task Manager LPD Access Agent.) -- C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe [14328] [PID.8748]
[MD5.1BF9D6476061B31CD7FC2BF848529A56] - (.Symantec Corporation - Symantec Service Framework.) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [144368] [PID.1604]
[MD5.6E6656C6618C4B0B000267D9AF9EF743] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [859464] [PID.696]
[MD5.AA99191C9F113D44E4E50587C195F6ED] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8349184] [PID.29256]
~ Processes Running: Scanned in 00mn 00s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Débora\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
~ Google Browser: 18 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:13828 =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: OpenOffice 4.0.1.lnk . (.Apache Software Foundation - OpenOffice 4.0.1.) -- C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
O4 - GS\Program [Public]: Desktop.lnk - Chave orfã
O4 - GS\QuickLaunch [Débora]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Débora]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Débora]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [Débora]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Débora]: PhotoshopPortable - Atalho.lnk . (.PortableApps.com - Photoshop (PortableApps.com Launcher).) -- C:\Users\Débora\Desktop\PhotoshopPortable\PhotoshopPortable.exe
O4 - GS\Program [Débora]: DesktopToastsForCriticalUpdates.lnk . (.Microsoft - DesktopToastsForCriticalUpdates.) -- C:\Program Files (x86)\Lenovo\System Update\DesktopToastsForCriticalUpdates.exe
O4 - GS\Program [Débora]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [Débora]: OpenOffice Base.lnk . (.Apache Software Foundation - OpenOffice Base.) -- C:\Program Files (x86)\OpenOffice 4\program\sbase.exe
O4 - GS\Desktop [Débora]: OpenOffice Calc.lnk . (.Apache Software Foundation - OpenOffice Calc.) -- C:\Program Files (x86)\OpenOffice 4\program\scalc.exe
O4 - GS\Desktop [Débora]: OpenOffice Draw.lnk . (.Apache Software Foundation - OpenOffice Draw.) -- C:\Program Files (x86)\OpenOffice 4\program\sdraw.exe
O4 - GS\Desktop [Débora]: OpenOffice Impress.lnk . (.Apache Software Foundation - OpenOffice Impress.) -- C:\Program Files (x86)\OpenOffice 4\program\simpress.exe
O4 - GS\Desktop [Débora]: OpenOffice Math.lnk . (.Apache Software Foundation - OpenOffice Math.) -- C:\Program Files (x86)\OpenOffice 4\program\smath.exe
O4 - GS\Desktop [Débora]: OpenOffice Writer.lnk . (.Apache Software Foundation - OpenOffice Writer.) -- C:\Program Files (x86)\OpenOffice 4\program\swriter.exe
O4 - GS\Desktop [Débora]: PhotoshopPortable - Atalho.lnk . (.PortableApps.com - Photoshop (PortableApps.com Launcher).) -- C:\Users\Débora\Desktop\PhotoshopPortable\PhotoshopPortable.exe
~ Global Startup: 48 Legitimates Filtered in 00mn 01s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - GS\Startup [Public]: Bluetooth.lnk . (...) -- C:\Program Files (x86)\Lenovo\Bluetooth Software\BTTray.exe (.not file.)
O4 - HKLM\..\Run: [AmIcoSinglun64] . (.Alcor Micro Corp. - Single LUN Icon Utility for VID 058F PID 63.) -- C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
O4 - HKLM\..\Run: [LenovoOptMouseUpdate] . (.Lenovo Group Limited - External Application Support for Optical Mo.) -- C:\Program Files\Lenovo\HOTKEY\extapsup.exe
O4 - HKLM\..\Run: [LnvMobHotspotClient] . (.Lenovo - Mobile Hotspot Client Application.) -- C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe
O4 - HKLM\..\Run: [LENOVO.TPKNRRES] . (.Lenovo Corporation - Lenovo® AVFramework Native 32-Bit Server.) -- C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\Débora\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKLM\..\Wow6432Node\Run: [Fastboot] . (.Lenovo - RapidBoot HDD Accelerator Console.) -- C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe
O4 - HKLM\..\Wow6432Node\Run: [Intel AppUp(R) center] . (.Intel Corporation - Intel Services Manager.) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
O4 - HKLM\..\Wow6432Node\Run: [PWMTRV] rundll32 C:\Program Files (x86)\ThinkPad\UTILIT~1\PWMTR64V.dll (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe =>.RealNetworks, Inc
O4 - HKLM\..\Wow6432Node\Run: [fst_br_78] Chave orfã
O4 - HKUS\S-1-5-21-1826517430-165495940-1635513106-1001\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\Débora\AppData\Local\Facebook\Update\FacebookUpdate.exe
~ Application: Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{367A4B01-1690-4B27-B9B5-2E6E07091704}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{367A4B01-1690-4B27-B9B5-2E6E07091704}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Location Task Manager (LocationTaskManager) . (.No owner - Location Task Manager.) - C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
O23 - Service: View Password (ViewPassword) . (...) - C:\Program Files (x86)\View-Password-soft\ViewPassword155.exe =>PUP.ViewPassword
~ Services: 24 Legitimates Filtered in 00mn 04s



---\\ Tarefas planificadas automaticamente (039)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\View Password Update.job [428] =>PUP.ViewPassword
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\View Password_wd.job [432] =>PUP.ViewPassword
[MD5.12528A6FC4453B67D2E4E97B14AA7991] [APT] [View Password Update] (...) -- C:\Program Files (x86)\View-Password-soft\View-.exe [248320] =>PUP.ViewPassword
[MD5.BF720139C54BAFC54152783231C77ACD] [APT] [View Password_wd] (...) -- C:\Program Files (x86)\View-Password-soft\ViewPassword_wd.exe [93184] =>PUP.ViewPassword
~ Scheduled Task: 25 Legitimates Filtered in 00mn 03s



---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (Bfilter) . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - C:\WINDOWS\system32\drivers\Bfilter.sys =>Adware.BDSearch
O41 - Driver: (Bfmon) . (.Baidu, Inc. - Baidu FS Monitor Driver.) - C:\WINDOWS\system32\drivers\Bfmon.sys =>Adware.BDSearch
O41 - Driver: (Bprotect) . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) - C:\WINDOWS\system32\drivers\Bprotect.sys =>Adware.BDSearch
~ Drivers: 42 Legitimates Filtered in 00mn 00s



---\\ Software instalados (042)
O42 - Logiciel: On Screen Display - (...) [HKLM][64Bits] -- OnScreenDisplay
~ Logic: 31 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Baidu Security] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\Baidu Security] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\Baidu_Drp_pos] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\baidu] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\free_soft_to_day] =>Adware.FreeSoftToday
~ Key Software: 206 Legitimates Filtered in 00mn 00s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 02/03/2014 - 11:53:24 - [0] ----D C:\Program Files (x86)\Baidu Security =>Adware.BDSearch
O43 - CFD: 01/03/2014 - 21:14:21 - [0] ----D C:\Program Files (x86)\Oasis Games Limited
O43 - CFD: 01/03/2014 - 19:54:21 - [1,121] ----D C:\Program Files (x86)\View-Password-soft =>PUP.ViewPassword
O43 - CFD: 01/03/2014 - 19:08:04 - [0,001] ----D C:\ProgramData\Baidu Security =>Adware.BDSearch
O43 - CFD: 15/05/2013 - 20:02:12 - [0,149] ----D C:\ProgramData\NoiseSuppressionTips
O43 - CFD: 01/03/2014 - 19:08:23 - [2,821] ----D C:\Users\Débora\AppData\Roaming\Baidu Security =>Adware.BDSearch
~ Program Folder: 123 Legitimates Filtered in 00mn 08s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.EECB9B7A53C5B1DAFA5B82FADDF1629C] - 01/03/2014 - 19:48:27 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [154794]
O44 - LFC:[MD5.EECE1C83900D340BF62C21FCC7B4DB20] - 01/03/2014 - 19:48:27 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [763260]
O44 - LFC:[MD5.69A4BD7C1D89319AC50321C668A7AB0A] - 01/03/2014 - 21:18:35 ---A- . (...) -- C:\Windows\A8E60DA622AF8424.log [48]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 02/03/2014 - 12:21:39 ---A- . (...) -- C:\autoexec.bat [0]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 02/03/2014 - 23:07:56 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.BFB60006131EA0CA7B231E7A6A2CCC29] - 02/03/2014 - 23:18:15 ---A- . (...) -- C:\files.txt [78]
O44 - LFC:[MD5.A2A166A1A228EC1CD21DE3DCC3C8EBFF] - 02/03/2014 - 23:20:25 ---A- . (...) -- C:\zoek-results.log [21922]
O44 - LFC:[MD5.A361259B641549560E7EF05314207060] - 21/02/2014 - 15:54:18 ---A- . (...) -- C:\Windows\DtcInstall.log [3843]
O44 - LFC:[MD5.37F5CDA64FC515B3072531C1187EDCCA] - 26/02/2014 - 12:10:13 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys [52032] =>Adware.BDSearch
O44 - LFC:[MD5.DFC1681F6645CB2AEA83897588F05362] - 26/02/2014 - 12:10:15 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys [34624] =>Adware.BDSearch
O44 - LFC:[MD5.F4C1984178175ACE4A75BE23059C3E0A] - 26/02/2014 - 12:10:17 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys [128992] =>Adware.BDSearch
~ Files: 24 Legitimates Filtered in 00mn 02s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 17 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:[MD5.37F5CDA64FC515B3072531C1187EDCCA] - 21/01/2014 - 11:14:40 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys [52032] =>Adware.BDSearch
O58 - SDL:[MD5.DFC1681F6645CB2AEA83897588F05362] - 21/01/2014 - 11:14:50 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys [34624] =>Adware.BDSearch
O58 - SDL:[MD5.F4C1984178175ACE4A75BE23059C3E0A] - 21/01/2014 - 07:01:36 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys [128992] =>Adware.BDSearch
O58 - SDL:[MD5.609C2E3170CA7DC9CD1547CA0BE0FA28] - 09/11/2012 - 16:14:44 ---A- . (.Windows (R) Win 7 DDK provider - WINNT/2K/XP/2003 Driver.) -- C:\Windows\System32\Drivers\Fastboot.sys [63792]
O58 - SDL:[MD5.4E85355B94CFCB67C135F6521A4895A7] - 26/07/2012 - 02:00:55 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [30960]
~ Drivers: 17 Legitimates Filtered in 00mn 03s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.8DDB84FB5FD7958654F23ECE6EA14D0F] [SPRF][15/01/2014] (.Baidu, Inc. - Baidu Antivirus FileSplitUpLoad Library.) -- C:\ProgramData\FileSplitUpLoad.dll [167784] =>Adware.BDSearch
[MD5.6CDA2E255FE3BDF21985C97177A427BA] [SPRF][24/02/2014] (.No owner - Computrace(R) LoJack for Laptops(R) Installer.) -- C:\Users\Débora\AppData\Roaming\LoJackSetup.exe [76976]
~ Files: 3 Legitimates Filtered in 00mn 00s



---\\ Listagem dos códigos dos software (PUC) (090)
O90 - PUC: "607ECAC1947DAC44BBEFFA0649D6B181" . (.Fingerprint Reader.) -- C:\Program Files\Lenovo Fingerprint Reader\Fingerprint Reader.exe
O90 - PUC: "6789F87B3EC7FC940888005A3CE32455" . (..) -- C:\WINDOWS\Installer\{B78F9876-7CE3-49CF-8088-00A5C33E4255}\ARPPRODUCTICON.exe
O90 - PUC: "A7FF4F04412B35449B3780B090EC0D91" . (.Absolute Reminder.) -- C:\WINDOWS\Installer\{40F4FF7A-B214-4453-B973-080B09CED019}\_6FEFF9B68218417F98F549.exe
~ Update Products: 31 Legitimates Filtered in 00mn 00s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 04/07/2013 565760 | (AVControlCenter) . (.Lenovo Corporation.) - C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
SS - | Demand 25/01/2014 279000 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Auto 21/02/2014 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 21/02/2014 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 13/02/2013 820184 | (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
SS - | Disabled 24/06/2013 110072 | (LENOVO.MICMUTE) . (.Lenovo Group Limited.) - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
SS - | Demand 25/09/2013 1674720 | (LSCWinService) . (...) - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
SS - | Demand 17/09/2013 22888 | (SUService) . (...) - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
SS - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation

SR - | Auto 23/04/2013 2228440 | (BcmBtRSupport) . (.Broadcom Corporation..) - C:\Windows\System32\BtwRSupportService.exe
SR - | Auto 28/05/2013 958680 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
SR - | Auto 09/11/2012 139568 | (FastbootService) . (.Lenovo.) - C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
SR - | Auto 31/08/2012 2139496 | (FPLService) . (.AuthenTec, Inc.) - C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe
SR - | Auto 25/02/2014 108032 | (Freemake Improver) . (.Freemake.) - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
SR - | Auto 07/11/2013 66856 | (IBMPMSVC) . (.Lenovo..) - C:\Windows\System32\ibmpmsvc.exe
SR - | Auto 13/02/2013 731648 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 12/03/2013 131544 | (Intel(R) ME Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
SR - | Auto 12/03/2013 169432 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 14/12/2012 235488 | (Lenovo QuickSnip Service) . (.LENOVO INCORPORATED..) - C:\Program Files\lenovo\QuickSnipService\QuickSnipService.exe
SR - | Auto 17/07/2013 2044408 | (Lenovo Settings Service) . (.Lenovo Group Limited.) - C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
SR - | Auto 14/12/2012 576992 | (Lenovo System Agent Service) . (.LENOVO INCORPORATED..) - C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe
SR - | Auto 04/07/2013 504320 | (LENOVO.CAMMUTE) . (.Lenovo Corporation.) - C:\Program Files\Lenovo\Communications Utility\CamMute.exe
SR - | Auto 04/07/2013 504320 | (LENOVO.TPKNRSVC) . (.Lenovo Group Limited.) - C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
SR - | Auto 04/07/2013 687104 | (LENOVO.TVTVCAM) . (.Lenovo Corporation.) - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
SR - | Auto 10/08/2012 136288 | (Lenovo.VIRTSCRLSVC) . (.Lenovo Group Limited.) - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
SR - | Auto 12/03/2013 366552 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 25/06/2013 468984 | (LnvHotSpotSvc) . (.Lenovo.) - C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe
SR - | Auto 21/06/2013 465912 | (LocationTaskManager) . (...) - C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
SR - | Auto 21/05/2013 144368 | (NIS) . (.Symantec Corporation.) - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
SR - | Demand 01/08/2013 1668904 | (Power Manager DBC Service) . (.Lenovo.) - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
SR - | Auto 14/08/2013 39056 | (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
SR - | Auto 20/06/2013 125432 | (TPHKLOAD) . (.Lenovo Group Limited.) - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
SR - | Demand 16/07/2012 401256 | (TrueService) . (.AuthenTec, Inc..) - C:\Program Files\Common Files\AuthenTec\TrueService.exe
SR - | Auto 01/03/2014 192512 | (ViewPassword) . (...) - C:\Program Files (x86)\View-Password-soft\ViewPassword155.exe =>PUP.ViewPassword
SR - | Demand 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 20/09/2012 29696 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Services: Scanned in 00mn 04s



---\\ Scâner Aditional (088)
Database Version : 13031 - (02/03/2014)
Clés trouvées (Keys found) : 3
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 4
Fichiers trouvés (Files found) : 10

[HKLM\SYSTEM\CurrentControlSet\Services\ViewPassword] =>PUP.ViewPassword^
[HKLM\Software\Classes\CLSID\{C98EE38D-21E4-4A50-907D-2B56FEC7013E}] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus] =>Adware.BDSearch
C:\Program Files (x86)\Baidu Security =>Adware.BDSearch^
C:\Program Files (x86)\View-Password-soft =>PUP.ViewPassword^
C:\ProgramData\Baidu Security =>Adware.BDSearch^
C:\Users\Débora\AppData\Roaming\Baidu Security =>Adware.BDSearch^
C:\Program Files (x86)\View-Password-soft\ViewPassword_wd.exe =>PUP.ViewPassword^
C:\Windows\Tasks\View Password Update.job =>PUP.ViewPassword^
C:\Windows\Tasks\View Password_wd.job =>PUP.ViewPassword^
C:\Program Files (x86)\View-Password-soft\View-.exe =>PUP.ViewPassword^
[HKCU\Software\Baidu Security] =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\Baidu Security] =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\Baidu_Drp_pos] =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\baidu] =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\free_soft_to_day] =>Adware.FreeSoftToday^
C:\ProgramData\FileSplitUpLoad.dll =>Adware.BDSearch^
~ Additionnel Scan: 168703 Items scanned in 00mn 12s



---\\ Sumário das deteções encontradas na sua estação
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.ViewPassword
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Hijacker.Proxy
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.BDSearch
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.FreeSoftToday
~ MSI: 4 link(s) detected in 00mn 12s



~ 829 Legitimates filtered by white list
End of the scan (436 lines in 00mn 50s)(0)
[MD5.2A3FB4C98F139038E23330D2439DB8A4] - (.Facebook Inc. - Facebook Installer.) -- C:\Users\Débora\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096] [PID.0]
~ Processes Running: Scanned in 00mn 13s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Débora\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
~ Google Browser: 35 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:13828 =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: OpenOffice 4.0.1.lnk . (.Apache Software Foundation - OpenOffice 4.0.1.) -- C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
O4 - GS\Program [Public]: Desktop.lnk - Chave orfã
O4 - GS\QuickLaunch [Débora]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Débora]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Débora]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [Débora]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Débora]: PhotoshopPortable - Atalho.lnk . (.PortableApps.com - Photoshop (PortableApps.com Launcher).) -- C:\Users\Débora\Desktop\PhotoshopPortable\PhotoshopPortable.exe
O4 - GS\Program [Débora]: DesktopToastsForCriticalUpdates.lnk . (.Microsoft - DesktopToastsForCriticalUpdates.) -- C:\Program Files (x86)\Lenovo\System Update\DesktopToastsForCriticalUpdates.exe
O4 - GS\Program [Débora]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [Débora]: OpenOffice Base.lnk . (.Apache Software Foundation - OpenOffice Base.) -- C:\Program Files (x86)\OpenOffice 4\program\sbase.exe
O4 - GS\Desktop [Débora]: OpenOffice Calc.lnk . (.Apache Software Foundation - OpenOffice Calc.) -- C:\Program Files (x86)\OpenOffice 4\program\scalc.exe
O4 - GS\Desktop [Débora]: OpenOffice Draw.lnk . (.Apache Software Foundation - OpenOffice Draw.) -- C:\Program Files (x86)\OpenOffice 4\program\sdraw.exe
O4 - GS\Desktop [Débora]: OpenOffice Impress.lnk . (.Apache Software Foundation - OpenOffice Impress.) -- C:\Program Files (x86)\OpenOffice 4\program\simpress.exe
O4 - GS\Desktop [Débora]: OpenOffice Math.lnk . (.Apache Software Foundation - OpenOffice Math.) -- C:\Program Files (x86)\OpenOffice 4\program\smath.exe
O4 - GS\Desktop [Débora]: OpenOffice Writer.lnk . (.Apache Software Foundation - OpenOffice Writer.) -- C:\Program Files (x86)\OpenOffice 4\program\swriter.exe
O4 - GS\Desktop [Débora]: PhotoshopPortable - Atalho.lnk . (.PortableApps.com - Photoshop (PortableApps.com Launcher).) -- C:\Users\Débora\Desktop\PhotoshopPortable\PhotoshopPortable.exe
~ Global Startup: 48 Legitimates Filtered in 00mn 00s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - GS\Startup [Public]: Bluetooth.lnk . (...) -- C:\Program Files (x86)\Lenovo\Bluetooth Software\BTTray.exe (.not file.)
O4 - HKLM\..\Run: [AmIcoSinglun64] . (.Alcor Micro Corp. - Single LUN Icon Utility for VID 058F PID 63.) -- C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
O4 - HKLM\..\Run: [LenovoOptMouseUpdate] . (.Lenovo Group Limited - External Application Support for Optical Mo.) -- C:\Program Files\Lenovo\HOTKEY\extapsup.exe
O4 - HKLM\..\Run: [LnvMobHotspotClient] . (.Lenovo - Mobile Hotspot Client Application.) -- C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe
O4 - HKLM\..\Run: [LENOVO.TPKNRRES] . (.Lenovo Corporation - Lenovo® AVFramework Native 32-Bit Server.) -- C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\Débora\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKLM\..\Wow6432Node\Run: [Fastboot] . (.Lenovo - RapidBoot HDD Accelerator Console.) -- C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe
O4 - HKLM\..\Wow6432Node\Run: [Intel AppUp(R) center] . (.Intel Corporation - Intel Services Manager.) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
O4 - HKLM\..\Wow6432Node\Run: [PWMTRV] rundll32 C:\Program Files (x86)\ThinkPad\UTILIT~1\PWMTR64V.dll (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe =>.RealNetworks, Inc
O4 - HKLM\..\Wow6432Node\Run: [fst_br_78] Chave orfã
O4 - HKUS\S-1-5-21-1826517430-165495940-1635513106-1001\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\Débora\AppData\Local\Facebook\Update\FacebookUpdate.exe
~ Application: Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{367A4B01-1690-4B27-B9B5-2E6E07091704}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{367A4B01-1690-4B27-B9B5-2E6E07091704}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Location Task Manager (LocationTaskManager) . (.No owner - Location Task Manager.) - C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
O23 - Service: View Password (ViewPassword) . (...) - C:\Program Files (x86)\View-Password-soft\ViewPassword155.exe =>PUP.ViewPassword
~ Services: 24 Legitimates Filtered in 00mn 03s



---\\ Tarefas planificadas automaticamente (039)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\View Password Update.job [428] =>PUP.ViewPassword
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\View Password_wd.job [432] =>PUP.ViewPassword
[MD5.12528A6FC4453B67D2E4E97B14AA7991] [APT] [View Password Update] (...) -- C:\Program Files (x86)\View-Password-soft\View-.exe [248320] =>PUP.ViewPassword
[MD5.BF720139C54BAFC54152783231C77ACD] [APT] [View Password_wd] (...) -- C:\Program Files (x86)\View-Password-soft\ViewPassword_wd.exe [93184] =>PUP.ViewPassword
~ Scheduled Task: 50 Legitimates Filtered in 00mn 01s



---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (Bfilter) . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - C:\WINDOWS\system32\drivers\Bfilter.sys =>Adware.BDSearch
O41 - Driver: (Bfmon) . (.Baidu, Inc. - Baidu FS Monitor Driver.) - C:\WINDOWS\system32\drivers\Bfmon.sys =>Adware.BDSearch
O41 - Driver: (Bprotect) . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) - C:\WINDOWS\system32\drivers\Bprotect.sys =>Adware.BDSearch
~ Drivers: 42 Legitimates Filtered in 00mn 00s



---\\ Software instalados (042)
O42 - Logiciel: On Screen Display - (...) [HKLM][64Bits] -- OnScreenDisplay
~ Logic: 31 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Baidu Security] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\Baidu Security] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\Baidu_Drp_pos] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\baidu] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\free_soft_to_day] =>Adware.FreeSoftToday
~ Key Software: 206 Legitimates Filtered in 00mn 00s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 02/03/2014 - 11:53:24 - [0] ----D C:\Program Files (x86)\Baidu Security =>Adware.BDSearch
O43 - CFD: 01/03/2014 - 21:14:21 - [0] ----D C:\Program Files (x86)\Oasis Games Limited
O43 - CFD: 01/03/2014 - 19:54:21 - [1,121] ----D C:\Program Files (x86)\View-Password-soft =>PUP.ViewPassword
O43 - CFD: 01/03/2014 - 19:08:04 - [0,001] ----D C:\ProgramData\Baidu Security =>Adware.BDSearch
O43 - CFD: 15/05/2013 - 20:02:12 - [0,149] ----D C:\ProgramData\NoiseSuppressionTips
O43 - CFD: 01/03/2014 - 19:08:23 - [2,821] ----D C:\Users\Débora\AppData\Roaming\Baidu Security =>Adware.BDSearch
~ Program Folder: 123 Legitimates Filtered in 00mn 00s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.EECB9B7A53C5B1DAFA5B82FADDF1629C] - 01/03/2014 - 19:48:27 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [154794]
O44 - LFC:[MD5.EECE1C83900D340BF62C21FCC7B4DB20] - 01/03/2014 - 19:48:27 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [763260]
O44 - LFC:[MD5.69A4BD7C1D89319AC50321C668A7AB0A] - 01/03/2014 - 21:18:35 ---A- . (...) -- C:\Windows\A8E60DA622AF8424.log [48]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 02/03/2014 - 12:21:39 ---A- . (...) -- C:\autoexec.bat [0]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 02/03/2014 - 23:07:56 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.BFB60006131EA0CA7B231E7A6A2CCC29] - 02/03/2014 - 23:18:15 ---A- . (...) -- C:\files.txt [78]
O44 - LFC:[MD5.A2A166A1A228EC1CD21DE3DCC3C8EBFF] - 02/03/2014 - 23:20:25 ---A- . (...) -- C:\zoek-results.log [21922]
O44 - LFC:[MD5.A361259B641549560E7EF05314207060] - 21/02/2014 - 15:54:18 ---A- . (...) -- C:\Windows\DtcInstall.log [3843]
O44 - LFC:[MD5.37F5CDA64FC515B3072531C1187EDCCA] - 26/02/2014 - 12:10:13 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys [52032] =>Adware.BDSearch
O44 - LFC:[MD5.DFC1681F6645CB2AEA83897588F05362] - 26/02/2014 - 12:10:15 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys [34624] =>Adware.BDSearch
O44 - LFC:[MD5.F4C1984178175ACE4A75BE23059C3E0A] - 26/02/2014 - 12:10:17 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys [128992] =>Adware.BDSearch
~ Files: 24 Legitimates Filtered in 00mn 01s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 17 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 6 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:[MD5.37F5CDA64FC515B3072531C1187EDCCA] - 21/01/2014 - 11:14:40 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys [52032] =>Adware.BDSearch
O58 - SDL:[MD5.DFC1681F6645CB2AEA83897588F05362] - 21/01/2014 - 11:14:50 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys [34624] =>Adware.BDSearch
O58 - SDL:[MD5.F4C1984178175ACE4A75BE23059C3E0A] - 21/01/2014 - 07:01:36 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys [128992] =>Adware.BDSearch
O58 - SDL:[MD5.609C2E3170CA7DC9CD1547CA0BE0FA28] - 09/11/2012 - 16:14:44 ---A- . (.Windows (R) Win 7 DDK provider - WINNT/2K/XP/2003 Driver.) -- C:\Windows\System32\Drivers\Fastboot.sys [63792]
O58 - SDL:[MD5.4E85355B94CFCB67C135F6521A4895A7] - 26/07/2012 - 02:00:55 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [30960]
~ Drivers: 17 Legitimates Filtered in 00mn 00s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.8DDB84FB5FD7958654F23ECE6EA14D0F] [SPRF][15/01/2014] (.Baidu, Inc. - Baidu Antivirus FileSplitUpLoad Library.) -- C:\ProgramData\FileSplitUpLoad.dll [167784] =>Adware.BDSearch
[MD5.6CDA2E255FE3BDF21985C97177A427BA] [SPRF][24/02/2014] (.No owner - Computrace(R) LoJack for Laptops(R) Installer.) -- C:\Users\Débora\AppData\Roaming\LoJackSetup.exe [76976]
~ Files: 3 Legitimates Filtered in 00mn 00s



---\\ Listagem dos códigos dos software (PUC) (090)
O90 - PUC: "607ECAC1947DAC44BBEFFA0649D6B181" . (.Fingerprint Reader.) -- C:\Program Files\Lenovo Fingerprint Reader\Fingerprint Reader.exe
O90 - PUC: "6789F87B3EC7FC940888005A3CE32455" . (..) -- C:\WINDOWS\Installer\{B78F9876-7CE3-49CF-8088-00A5C33E4255}\ARPPRODUCTICON.exe
O90 - PUC: "A7FF4F04412B35449B3780B090EC0D91" . (.Absolute Reminder.) -- C:\WINDOWS\Installer\{40F4FF7A-B214-4453-B973-080B09CED019}\_6FEFF9B68218417F98F549.exe
~ Update Products: 31 Legitimates Filtered in 00mn 00s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 04/07/2013 565760 | (AVControlCenter) . (.Lenovo Corporation.) - C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
SS - | Demand 25/01/2014 279000 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Auto 21/02/2014 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 21/02/2014 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 13/02/2013 820184 | (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
SS - | Disabled 24/06/2013 110072 | (LENOVO.MICMUTE) . (.Lenovo Group Limited.) - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
SS - | Demand 25/09/2013 1674720 | (LSCWinService) . (...) - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
SS - | Demand 17/09/2013 22888 | (SUService) . (...) - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
SS - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation

SR - | Auto 23/04/2013 2228440 | (BcmBtRSupport) . (.Broadcom Corporation..) - C:\Windows\System32\BtwRSupportService.exe
SR - | Auto 28/05/2013 958680 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
SR - | Auto 09/11/2012 139568 | (FastbootService) . (.Lenovo.) - C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
SR - | Auto 31/08/2012 2139496 | (FPLService) . (.AuthenTec, Inc.) - C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe
SR - | Auto 25/02/2014 108032 | (Freemake Improver) . (.Freemake.) - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
SR - | Auto 07/11/2013 66856 | (IBMPMSVC) . (.Lenovo..) - C:\Windows\System32\ibmpmsvc.exe
SR - | Auto 13/02/2013 731648 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 12/03/2013 131544 | (Intel(R) ME Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
SR - | Auto 12/03/2013 169432 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 14/12/2012 235488 | (Lenovo QuickSnip Service) . (.LENOVO INCORPORATED..) - C:\Program Files\lenovo\QuickSnipService\QuickSnipService.exe
SR - | Auto 17/07/2013 2044408 | (Lenovo Settings Service) . (.Lenovo Group Limited.) - C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
SR - | Auto 14/12/2012 576992 | (Lenovo System Agent Service) . (.LENOVO INCORPORATED..) - C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe
SR - | Auto 04/07/2013 504320 | (LENOVO.CAMMUTE) . (.Lenovo Corporation.) - C:\Program Files\Lenovo\Communications Utility\CamMute.exe
SR - | Auto 04/07/2013 504320 | (LENOVO.TPKNRSVC) . (.Lenovo Group Limited.) - C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
SR - | Auto 04/07/2013 687104 | (LENOVO.TVTVCAM) . (.Lenovo Corporation.) - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
SR - | Auto 10/08/2012 136288 | (Lenovo.VIRTSCRLSVC) . (.Lenovo Group Limited.) - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
SR - | Auto 12/03/2013 366552 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 25/06/2013 468984 | (LnvHotSpotSvc) . (.Lenovo.) - C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe
SR - | Auto 21/06/2013 465912 | (LocationTaskManager) . (...) - C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
SR - | Auto 21/05/2013 144368 | (NIS) . (.Symantec Corporation.) - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
SR - | Demand 01/08/2013 1668904 | (Power Manager DBC Service) . (.Lenovo.) - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
SR - | Auto 14/08/2013 39056 | (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
SR - | Auto 20/06/2013 125432 | (TPHKLOAD) . (.Lenovo Group Limited.) - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
SR - | Demand 16/07/2012 401256 | (TrueService) . (.AuthenTec, Inc..) - C:\Program Files\Common Files\AuthenTec\TrueService.exe
SR - | Auto 01/03/2014 192512 | (ViewPassword) . (...) - C:\Program Files (x86)\View-Password-soft\ViewPassword155.exe =>PUP.ViewPassword
SR - | Demand 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 20/09/2012 29696 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Services: Scanned in 00mn 01s



---\\ Scâner Aditional (088)
Database Version : 13031 - (02/03/2014)
Clés trouvées (Keys found) : 3
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 4
Fichiers trouvés (Files found) : 10

[HKLM\SYSTEM\CurrentControlSet\Services\ViewPassword] =>PUP.ViewPassword^
[HKLM\Software\Classes\CLSID\{C98EE38D-21E4-4A50-907D-2B56FEC7013E}] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus] =>Adware.BDSearch
C:\Program Files (x86)\Baidu Security =>Adware.BDSearch^
C:\Program Files (x86)\View-Password-soft =>PUP.ViewPassword^
C:\ProgramData\Baidu Security =>Adware.BDSearch^
C:\Users\Débora\AppData\Roaming\Baidu Security =>Adware.BDSearch^
C:\Program Files (x86)\View-Password-soft\ViewPassword_wd.exe =>PUP.ViewPassword^
C:\Windows\Tasks\View Password Update.job =>PUP.ViewPassword^
C:\Windows\Tasks\View Password_wd.job =>PUP.ViewPassword^
C:\Program Files (x86)\View-Password-soft\View-.exe =>PUP.ViewPassword^
[HKCU\Software\Baidu Security] =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\Baidu Security] =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\Baidu_Drp_pos] =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\baidu] =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\free_soft_to_day] =>Adware.FreeSoftToday^
C:\ProgramData\FileSplitUpLoad.dll =>Adware.BDSearch^
~ Additionnel Scan: 168708 Items scanned in 00mn 13s



---\\ Sumário das deteções encontradas na sua estação
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.ViewPassword
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Hijacker.Proxy
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.BDSearch
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.FreeSoftToday
~ MSI: 4 link(s) detected in 00mn 13s



~ 862 Legitimates filtered by white list
End of the scan (753 lines in 01mn 24s)(0)

estou analisando o seu relatório e daqui há pouco te passo o procedimento de remoção dos problemas.

Ok estou no aguardo

 Copie todo o texto destacado em vermelho que te passei (começando em script zhpfix e indo até SysRestore)
_____________________________________________________________________________________________________________

 Vá no menu: Iniciar > Todos os programas > ZHP > Abra o Zhpfix > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta.

Rapport de ZHPFix 2014.2.16.5 par Nicolas Coolman, Update du 16/02/2014
Fichier d'export Registre :
Run by Débora at 03/03/2014 00:18:33
High Elevated Privileges : OK
Windows 8 Home Premium Edition, 64-bit (Build 9200)

Reciclagem vazia (00mn 01s)
Reparação de atalhos do navegador

========== Processo memória ==========
ELIMINÉ: Memory Process: C:\Program Files (x86)\View-Password-soft\ViewPassword_wd.exe

========== Modulos memória ==========
ELIMINÉ: Memory Module: C:\ProgramData\FileSplitUpLoad.dll

========== Chaves do Registo ==========
ELIMINÉ: Service: ViewPassword
ELIMINÉ Driver Key: Bfilter
ELIMINÉ Driver Key: Bfmon
ELIMINÉ Driver Key: Bprotect
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ: HKLM\Software\Wow6432Node\Baidu Security
ELIMINÉ: HKLM\Software\Wow6432Node\Baidu_Drp_pos
ELIMINÉ: HKLM\Software\Wow6432Node\baidu
ELIMINÉ: HKLM\Software\Wow6432Node\free_soft_to_day
ELIMINÉ:* HKLM\Software\Classes\CLSID\{C98EE38D-21E4-4A50-907D-2B56FEC7013E}
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus

========== Valores do Registo ==========
ELIMINÉ RunValue: SynTPEnh
ELIMINÉ RunValue: PWMTRV
ELIMINÉ RunValue: fst_br_78
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINÉ:* c:\program files (x86)\view-password-soft\viewpassword_wd.exe
ELIMINÉ: c:\programdata\microsoft\windows\start menu\programs\startup\bluetooth.lnk
ELIMINA REINICIAR: c:\program files (x86)\view-password-soft\viewpassword155.exe
ELIMINÉ: c:\windows\tasks\view password update.job
ELIMINÉ: c:\windows\tasks\view password_wd.job
ELIMINA REINICIAR: c:\windows\system32\drivers\bfilter.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bfmon.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bprotect.sys
ELIMINÉ Temporários windows (0) (0 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Tarefa planificada ==========
ELIMINÉ: View Password Update
ELIMINÉ: View Password Update
ELIMINÉ: View Password_wd
ELIMINÉ: View Password_wd

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
1 : Processo memória
1 : Modulos memória
11 : Chaves do Registo
9 : Valores do Registo
1 : Pastas
10 : Ficheiros
4 : Tarefa planificada
1 : Restauração Sistema


End of clean in 00mn 09s

========== Caminho do ficheiro do relatório ==========
C:\Users\Débora\AppData\Roaming\ZHP\ZHPFix[R1].txt - 03/03/2014 00:18:35 [2664]

CARA FUNCINOOOOU OBRIGADAAAAAAAAAAAAAAAA

  Fico feliz que o problema tenha sido resolvido.

 Só para finalizar siga estes tutoriais abaixo, por gentileza:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
_______________________________________________________________________________________________________________________

 Para remover os programas usados na limpeza deste PC e criar um novo ponto de restauração seguro e sem problemas, utilize o DelFix seguindo as dicas [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].
_______________________________________________________________________________________________________________________

  Foi um prazer ajudar. Conte sempre conosco!

obrigada messssssssmo deu trabalho mas sumiu haha, eu vou fazer esses procedimentos agora! obrigada messssmo! sucesso ai pro trabalho de vcs no site!

Mais uma coisa qual anti-virus mais recomendado? veio instalado no meu note o norton

 Sugiro um ótimo antivirus gratuito para você, como o Avira Free Antivirus.

Para instalar, configurar e usar corretamente o Avira é só seguir as dicas destes tutoriais:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Mais uma vez muito obrigada!