Como desinfectar este computador?

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:25:46, on 27/03/2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.16518)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Users\LuizFrancisco\AppData\Local\FilesFrog Update Checker\update_checker.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\klwtblfs.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\LuizFrancisco\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
O4 - Global Startup: AutorunsDisabled
O8 - Extra context menu item: &Enviar para o OneNote - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O8 - Extra context menu item: Adicionar ao Antibanner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ie_banner_deny.htm
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O9 - Extra button: Teclado Virtual - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Verificação de URLs - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: www14.bancobrasil.com.br
O15 - Trusted Zone: www2.bancobrasil.com.br
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\SupTab\SearchProtect32.dll
O20 - Winlogon Notify:  GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Serviço do Kaspersky Anti-Virus (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IePlugin Service (IePluginService) - Cherished Technololgy LIMITED - C:\ProgramData\IePluginService\PluginService.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Wpm Service (Wpm) - Cherished Technololgy LIMITED - C:\ProgramData\WPM\wprotectmanager.exe

--
End of file - 12421 bytes

Olá Luis.

Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt

Ficamos na espera.

# AdwCleaner v3.022 - Relatório criado 27/03/2014 às 14:47:30
# Atualizado 13/03/2014 por Xplode
# Sistema Operacional : Windows 8.1 Pro (64 bits)
# Usuário : LuizFrancisco - LUIZ
# Executando de : C:\Users\LuizFrancisco\Desktop\AdwCleaner.exe
# Opção : Limpar

***** [ Serviços ] *****

[#] Serviço Deletada : IePluginService
Serviço Deletada : Wpm

***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\boost_interprocess
Pasta Deletada : C:\ProgramData\IePluginService
Pasta Deletada : C:\ProgramData\WPM
Pasta Deletada : C:\Program Files (x86)\SupTab
Pasta Deletada : C:\Users\LuizFrancisco\AppData\Local\FilesFrog Update Checker
Pasta Deletada : C:\Users\LuizFrancisco\AppData\Roaming\SupTab
Pasta Deletada : C:\Users\LuizFrancisco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
Arquivo Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk

***** [ Atalhos ] *****


***** [ Registro ] *****

Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Dados Restaurada : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Chave Deletedo : HKCU\Software\Myfree Codec
Chave Deletedo : HKCU\Software\Somoto
Chave Deletedo : HKLM\Software\Myfree Codec
Chave Deletedo : HKLM\Software\qone8Software
Chave Deletedo : HKLM\Software\supTab
Chave Deletedo : HKLM\Software\supWPM
Chave Deletedo : HKLM\Software\Wpm
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wpm

***** [ Navegadores ] *****

-\\ Internet Explorer v11.0.9600.16518

Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]

-\\ Mozilla Firefox v27.0.1 (pt-BR)

[ Arquivo : C:\Users\LuizFrancisco\AppData\Roaming\Mozilla\Firefox\Profiles\8hg25j29.default\prefs.js ]


-\\ Google Chrome v33.0.1750.154

[ Arquivo : C:\Users\LuizFrancisco\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [3764 octets] - [27/03/2014 14:47:22]
AdwCleaner[S0].txt - [2711 octets] - [27/03/2014 14:47:30]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2771 octets] ##########

 Faça o download do Malwarebytes em um destes links abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para instalá-lo e executá-lo corretamente siga, por gentileza, as dicas desta postagem:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Na sua próxima resposta poste este log (relatório) do Malwarebytes.

Ficamos no aguardo.

Malwarebytes Anti-Malware
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Data de Verificação: 27/03/2014
Hora da Verificação: 17:15:52
Logfile: Log Malware.txt
Administrador: Sim

Versão: 2.00.0.1000
Malware Database: v2014.03.27.06
Rootkit Database: v2014.03.25.01
Licença: Grátis
Proteção de Malware: Desabilitado
Proteção de Site Malicioso: Desabilitado
Chameleon: Desabilitado

OS: Windows 8.1
CPU: x64
Sistema de Arquivo: NTFS
Usuário: LuizFrancisco

Tipo da Verificação: Verificar Ameaça
Resultado: Completado
Arquivos Verificados: 258159
Tempo Decorrido: 10 min, 9 seg

Memória: Enabled
Inicialização: Enabled
Filesystem: Enabled
Arquivos: Enabled
Rootkits: Desabilitado
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processos: 0
(No malicious items detected)

Módulos: 0
(No malicious items detected)

Chaves de Registro: 0
(No malicious items detected)

Valores de Registro: 0
(No malicious items detected)

Dados do Registro: 1
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[d9697692f78464d22c8b29dfb74dad53]

Pastas: 0
(No malicious items detected)

Arquivos: 11
PUP.Optional.Somoto, C:\$RECYCLE.BIN\S-1-5-21-4212457124-3600783597-4156722339-1001\$RLA1DNQ.exe, , [0939df29245777bf5d991119c53f926e],
Hacktool.ChewWGA, C:\$RECYCLE.BIN\S-1-5-21-4212457124-3600783597-4156722339-1001\$R5B0H3V\chave ativação windows 7.rar, , [2e140602f78451e57ca6d56d60a057a9],
PUP.Optional.SkyTech.A, C:\Users\LuizFrancisco\AppData\Local\Temp\smt_qone8.exe, , [241e53b572090b2bbbc9a7a6c140817f],
PUP.Optional.Somoto, C:\Users\LuizFrancisco\AppData\Local\Temp\UpdateCheckerSetup.exe, , [75cd36d29eddcc6afdf0de48cd33926e],
PUP.Optional.SkyTech.A, C:\Users\LuizFrancisco\AppData\Local\Temp\fullpackage_temp1395938329\alilog.dll, , [72d0a167d8a371c5a36fdc56946c6997],
PUP.Optional.SkyTech.A, C:\Users\LuizFrancisco\AppData\Local\Temp\fullpackage_temp1395938329\package1.zip, , [2b1723e55427290d100283af08f87f81],
PUP.Optional.SupTab.A, C:\Users\LuizFrancisco\AppData\Local\Temp\fullpackage_temp1395938329\tmp\SupTab.exe, , [54eed434aecd92a4193136ff2cd41fe1],
PUP.Optional.WpManager, C:\Users\LuizFrancisco\AppData\Local\Temp\fullpackage_temp1395938329\tmp\wpm.exe, , [281a26e2aecd90a6e4f0bc9ba55c30d0],
Trojan.FakeAV, C:\Users\LuizFrancisco\AppData\Local\Temp\is-R4ICA.tmp\ToolbarAcceptRate.exe, , [350d6d9b3942ba7c20aff402d82bee12],
PUP.Optional.Midia, C:\Users\LuizFrancisco\Downloads\Baixar filme tubarao dualaudio.exe, , [f44ec444cbb040f623bfd679b15030d0],
PUP.Riskware.Patcher, C:\Users\LuizFrancisco\Downloads\emerson1.therebels.patch.rar, , [53efe5234f2cea4c94d65ba8758c38c8],

Physical Sectors: 0
(No malicious items detected)


(end)

No relatório não está constando que os problemas foram removidos. Você removeu eles?

Não apenas fiz a varrdura e postei o relatorio para me dizer se devo remover tudo ou não.

Pode remover e deixe eles na quarentena. Daqui há umas duas semanas você os exclui se não fizerem falta.

Feito.

 Desative temporariamente seu antivírus para evitar conflitos.

Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek:

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.

Vai anexo e quando concluirmos alimpeza me mande como arumar o firefox.

 Siga, por gentileza, as dicas do tutorial abaixo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste, por gentileza, o log do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 8.1 Pro x64
Ran by LuizFrancisco on 28/03/2014 at 6:55:18,79
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\LuizFrancisco\AppData\Roaming\mozilla\firefox\profiles\8hg25j29.default\minidumps [8 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28/03/2014 at 7:01:30,20
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 Faça o download do < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >  < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )

|- Desabilite temporariamente seu antivírus para evitar conflitos e execute "ZHPDiag2.exe", para instalar a ferramenta.
 
|- Execute o ícone do pergaminho. ( ZHPDiag )

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
 
|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
 
|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

~ Relatório do ZHPDiag v2014.3.28.34 - Nicolas Coolman (28/03/2014)
~ Iniciado por LuizFrancisco (28/03/2014 12:09:59)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user


---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.16521
MFIE: Mozilla Firefox 27.0.1 (Defaut)
GCIE: Google Chrome v33.0.1750.154
OPIE: Opera vStable 20.0.1387.82

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 8.1 Pro, 64-bit (Build 9600)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
Kaspersky Internet Security v14.0.0.4651
Malwarebytes Anti-Malware versão 2.00.0.1000
Windows Defender W8

---\\ Softwares d'optimização do sistema
CCleaner v4.11 =>.Piriform Ltd

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 12 Plugin
Adobe Reader XI
Java 7 Update 45

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 12224 MB (84% free)
System Restore: Activé (Enable)
System drive C: has 611 GB (65%) free of 931 GB

---\\ Modo de conexão ao sistema
~ Computer Name: LUIZ
~ User Name: LuizFrancisco
~ All Users Names: LuizFrancisco, HomeGroupUser$, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\LuizFrancisco\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\LuizFrancisco\AppData\Roaming\
~ %Desktop% : C:\Users\LuizFrancisco\Desktop\
~ %Favorites% : C:\Users\LuizFrancisco\Favorites\
~ %LocalAppData% : C:\Users\LuizFrancisco\AppData\Local\
~ %StartMenu% : C:\Users\LuizFrancisco\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 611 Go of 931 Go)
D: Hard drive, Flash drive, Thumb drive (Free 1181 Go of 1863 Go)
E: CD-ROM drive (Not Inserted)
F: CD-ROM drive (Not Inserted)
H: Floppy drive, Flash card reader, USB Key (Not Inserted)
I: Floppy drive, Flash card reader, USB Key (Not Inserted)
J: CD-ROM drive (Not Inserted)
K: Floppy drive, Flash card reader, USB Key (Not Inserted)
L: Floppy drive, Flash card reader, USB Key (Not Inserted)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 44 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.63DC38C3E4564B2405D562855643ABA2] - (.Microsoft Corporation - Windows Explorer.) (.22/10/2013 - 04:55:27.) -- C:\Windows\Explorer.exe [2328872]
[MD5.48CFA7BE561A7BE144C29BB912055016] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.22/08/2013 - 06:58:29.) -- C:\Windows\System32\Wininit.exe [144384]
[MD5.DF79CE9B950C62677D232154E93A81C7] - (.Microsoft Corporation - Internet Extensions para Win32.) (.01/03/2014 - 00:10:28.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.7C94FDA3809015B8F2208D2E1C221F17] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.22/08/2013 - 06:55:08.) -- C:\Windows\System32\Winlogon.exe [564736]
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.21/12/2013 - 05:54:07.) -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.239268BAB58EAE9A3FF4E08334C00451] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.22/08/2013 - 10:25:35.) -- C:\Windows\system32\Drivers\AFD.sys [567296]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22/08/2013 - 09:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22/08/2013 - 08:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22/08/2013 - 05:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352]
[MD5.5DB26D7E0216D0BF364A81D3829AD7B9] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.22/08/2013 - 08:38:00.) -- C:\Windows\system32\Drivers\DfsC.sys [134656]
[MD5.03909BDBFF0DCACCABF2B2D4ADEE44DC] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.22/08/2013 - 08:38:38.) -- C:\Windows\system32\Drivers\HDAudBus.sys [78336]
[MD5.84CFC5EFA97D0C965EDE1D56F116A541] - (.Microsoft Corporation - Driver de porta i8042.) (.22/08/2013 - 08:39:15.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520]
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) (.27/11/2013 - 09:02:29.) -- C:\Windows\system32\Drivers\IpNat.sys [142848]
[MD5.79B6F3DF7CDFD12159871FF71464F0CE] - (.Microsoft Corporation - Minirdr SMB do Windows NT.) (.23/11/2013 - 04:08:19.) -- C:\Windows\system32\Drivers\MRxSmb.sys [403456]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.22/08/2013 - 08:37:02.) -- C:\Windows\system32\Drivers\netBT.sys [282624]
[MD5.4412D565C0278C401575E11072C7DCE3] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.22/08/2013 - 10:25:41.) -- C:\Windows\system32\Drivers\ntfs.sys [2011488]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Driver de porta paralela.) (.22/08/2013 - 08:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22/08/2013 - 08:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecionador do Dispositivo RDP da Microsoft.) (.22/08/2013 - 19:59:44.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.22/08/2013 - 10:25:35.) -- C:\Windows\system32\Drivers\tdx.sys [107520]
[MD5.C85C075DE5B6D0FE116043054DE8EE02] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.31/01/2014 - 13:15:23.) -- C:\Windows\system32\Drivers\volsnap.sys [311640]
~ Generic Processes: Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 3/759
~ Mes musiques (My Musics) : 7/5166
~ Mes Videos (My Videos) : 2/344
~ Mes Favoris (My Favorites) : 1/4
~ Mes Documents (My Documents) : 1/1101
~ Mon Bureau (My Desktop) : 3/586
~ Menu demarrer (Programs) : 1/40
~ Hidden Files: Scanned in 00mn 07s



---\\ Processos lançados
[MD5.B96D82EA7BC9A842028559968E9570D4] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe [1004864] [PID.36216]
[MD5.05C5CBE5C0C26EFF48AF60639F30F4F5] - (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712] [PID.36704]
[MD5.1E7FF436A5395FE57AB5FC662FC3767F] - (.NVIDIA Corporation - NVIDIA NvTmru Application.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384] [PID.37348]
[MD5.D9184C5FF3FD526761D518A95ABA74A3] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [275568] [PID.13384]
[MD5.FF409C974A9AD58B82374DEEF6B44CBB] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [18544] [PID.9800]
[MD5.4C820B50704EB1B259E63672EC55B122] - (.Kaspersky Lab ZAO - WebToolBar component.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\klwtblfs.exe [138944] [PID.11096]
[MD5.780CBE4DEFA3E842BE4B99D35C3CC4B8] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8177664] [PID.4404]
~ Processes Running: Scanned in 00mn 00s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\LuizFrancisco\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [dchlnpcodkpfdpacogkljefecpegganj] Conselheiro de URLs da Kaspersky v.14.0.0.4651 (Désactivé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pjldcfjmnllhmgjclecdnfampinooman] Anti-Banner v.14.0.0.4651 (Désactivé)

---\\ Pasta de extensão do Google Chrome

~ Google Lines Browser: 18 Legitimates Filtered in 00mn 00s



---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
M2 - MFEP: prefs.js [LuizFrancisco - 8hg25j29.default\ascsurfingprotection@iobit.com] [] Advanced SystemCare Surfing Protection v1.0 (..)
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/bb] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\LuizFrancisco\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll
P2 - FPN: [HKCU] [vitzo.com/VDownloader] - (.Vitzo Limited - Detects and downloads video content on a web page.) -- C:\Program Files\VDownloader\Addons\npVDownloader.dll
~ Firefox Browser: 13 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 0



---\\ Browser Helper Objects do navegador (02)
O2 - BHO: G-Buster Browser Defense [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540000} . (.Banco do Brasil - Gbieh Module.) -- C:\Program Files (x86)\GbPlugin\gbieh.dll
~ BHO: 15 Legitimates Filtered in 00mn 00s



---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: 3D Vision Photo Viewer.lnk . (.NVIDIA Corporation - NVIDIA 3D Vision Photo Viewer.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe
O4 - GS\Desktop [Public]: aTube Catcher.lnk . (.DsNET - aTube Catcher to download and convert video.) -- C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
O4 - GS\Desktop [Public]: Central de Soluções HP.lnk . (.Hewlett-Packard Company - hpqdirec.exe.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\Hpqdirec.exe
O4 - GS\Desktop [Public]: DriverEasy.lnk . (.Easeware - DriverEasy.) -- C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
O4 - GS\Desktop [Public]: IObit Uninstaller.lnk . (.IObit - Uninstall Programs.) -- C:\Program Files (x86)\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe
O4 - GS\Desktop [Public]: Kaspersky Internet Security.lnk . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
O4 - GS\Desktop [Public]: ManageMyMobile.lnk . (.IObit - ManageMyMobile Beta.) -- C:\Program Files (x86)\IObit\ManageMyMobile\ManageMyMobile.exe
O4 - GS\Desktop [Public]: Megacubo.lnk . (.www.megacubo.net - No Comment.) -- C:\Program Files (x86)\Megacubo\megacubo.exe
O4 - GS\Desktop [Public]: MiniTool Partition Wizard Home Edition.lnk . (.MiniTool Solution Ltd. - MiniTool Partition Wizard.) -- C:\Program Files (x86)\MiniTool Partition Wizard Home Edition 5.2\PartitionWizard.exe
O4 - GS\Desktop [Public]: Mp3tag.lnk . (.Florian Heidenreich - Mp3tag - the universal Tag editor.) -- C:\Program Files (x86)\Mp3tag\Mp3tag.exe
O4 - GS\Desktop [Public]: Recibo Grátis.lnk . (...) -- C:\Recibo\Recibo.exe
O4 - GS\Desktop [Public]: SlimDrivers.lnk . (...) -- C:\Windows\Installer\{A5457401-D56A-43F2-9524-78E54A7FC07A}\Icon.exe
O4 - GS\Desktop [Public]: Video Search.lnk . (.DsNET - aTube Catcher to download and convert video.) -- C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
O4 - GS\Program [Public]: Desktop.lnk - Chave orfã
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: Opera.lnk . (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\launcher.exe
O4 - GS\Program [Public]: Registro OCR I.R.I.S..lnk . (.I.R.I.S. Image Recognition Integarted Syste - Registration Wizard.) -- C:\Program Files (x86)\HP\Digital Imaging\DocProc\regipe.exe
O4 - GS\QuickLaunch [LuizFrancisco]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [LuizFrancisco]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [LuizFrancisco]: Megacubo.lnk . (.www.megacubo.net - No Comment.) -- C:\Program Files (x86)\Megacubo\megacubo.exe
O4 - GS\QuickLaunch [LuizFrancisco]: PhotoScape.lnk . (...) -- C:\Program Files (x86)\PhotoScape\PhotoScape.exe
O4 - GS\QuickLaunch [LuizFrancisco]: VDownloader.lnk . (.Vitzo - VDownloader.) -- C:\Program Files\VDownloader\VDownloader.exe
O4 - GS\QuickLaunch [LuizFrancisco]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\LuizFrancisco\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\TaskBar [LuizFrancisco]: Facebook Messenger.lnk . (.Facebook - Facebook Messenger.) -- C:\Users\LuizFrancisco\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
O4 - GS\TaskBar [LuizFrancisco]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [LuizFrancisco]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [LuizFrancisco]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\TaskBar [LuizFrancisco]: Opera.lnk . (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\launcher.exe
O4 - GS\TaskBar [LuizFrancisco]: Word 2013.lnk . (...) -- C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\wordicon.exe
O4 - GS\Program [LuizFrancisco]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Program [LuizFrancisco]: Kaspersky Internet Security.lnk . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
O4 - GS\Desktop [LuizFrancisco]: Dic Michaelis - UOL.LNK . (...) -- C:\Dic\WDIC\WDIC.exe
O4 - GS\Desktop [LuizFrancisco]: DVD Shrink 3.2.lnk . (.DVD Shrink - DVD Shrink 3.2.) -- C:\Program Files (x86)\DVD Shrink\DVD Shrink 3.2.exe
O4 - GS\Desktop [LuizFrancisco]: My Lockbox.lnk . (...) -- C:\Program Files (x86)\My Lockbox\mylbx.exe (.not file.)
O4 - GS\Desktop [LuizFrancisco]: PhotoScape.lnk . (...) -- C:\Program Files (x86)\PhotoScape\PhotoScape.exe
O4 - GS\Desktop [LuizFrancisco]: Safe Money.lnk . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
O4 - GS\Desktop [LuizFrancisco]: UnderCoverXP.lnk . (.Wicked & Wild Inc. - What Covers Do Ya Wanna Print Today?.) -- C:\Program Files (x86)\UnderCoverXP\UnderCoverXP.exe
O4 - GS\Desktop [LuizFrancisco]: UnlockRoot Pro.lnk . (...) -- C:\Program Files (x86)\Unlockroot Pro\unlockrootpro.exe
O4 - GS\Desktop [LuizFrancisco]: WinAVI Video Converter.lnk . (.ZJMedia Digital Technology Ltd. - WinAVI Video Converter.) -- C:\Program Files (x86)\Video Converter\WinAVI.exe
O4 - GS\Desktop [LuizFrancisco]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\LuizFrancisco\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 95 Legitimates Filtered in 00mn 01s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [Nvtmru] . (.NVIDIA Corporation - NVIDIA NvTmru Application.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
O4 - HKLM\..\Run: [ShadowPlay] . (.NVIDIA Corporation - NVIDIA Capture Server Proxy.) -- C:\Windows\system32\nvspcap64.dll
O4 - HKLM\..\Run: [NvBackend] . (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
O4 - HKCU\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
O4 - HKUS\S-1-5-21-4212457124-3600783597-4156722339-1001\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
~ Application: Scanned in 00mn 00s



---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: Teclado Virtual [64Bits] - {0C4CC089-D306-440D-9772-464E226F6539} . (...) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kbrd.ico
O9 - Extra button: &Enviar para o OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files (x86)\MICROS~1\Office15\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Clique para Telefonar do Lync [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Microsoft Lync.) -- C:\Program Files\Microsoft Office\Office15\lync.exe
O9 - Extra button: &Anotações Vinculadas do OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files (x86)\MICROS~1\Office15\ONBTTN~1.dll =>.Microsoft Corporation
O9 - Extra button: Skype Click to Call [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico
O9 - Extra button: Verificação de URLs [64Bits] - {CCF151D8-D089-449F-A5A4-D9909053F20F} . (...) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\logo.ico
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bancobrasil.com.br
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bb.com.br
~ IE Zone Confiance: Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{08B5096F-6509-471D-8036-B0CCA3E3DAA9}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{08B5096F-6509-471D-8036-B0CCA3E3DAA9}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: text/xml [64Bits] - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - C:\Program Files (x86)\SupTab\SearchProtect64.dll (.not file.) =>PUP.SupTab
~ AppInit DLL: Scanned in 00mn 00s



---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files (x86)\GbPlugin\GbpSv.exe
~ Services: 18 Legitimates Filtered in 00mn 03s



---\\ Tarefas planificadas automaticamente (039)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\ASC7_SkipUac_LuizFrancisco.job [268]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\DriverEasy Scheduled Scan.job [432]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Uninstaller_SkipUac_Administrator.job [304]
[MD5.00000000000000000000000000000000] [APT] [{AFE7C3C7-167F-4D47-965B-BE7F9275173A}] (...) -- C:\Users\LuizFrancisco\Desktop\avenger.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{B82F2155-358C-457C-A2C7-FE535D427818}] (...) -- C:\Users\LuizFrancisco\Desktop\avenger.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{B8C447CC-49EA-4235-8932-A6486FA4D1AB}] (...) -- C:\Users\LuizFrancisco\Desktop\skymonk23787212.exe (.not file.) [0]
~ Scheduled Task: 24 Legitimates Filtered in 00mn 03s



---\\ Software instalados (042)
O42 - Logiciel: Dic Michaelis - UOL - (...) [HKLM][64Bits] -- WDIC
O42 - Logiciel: GBBD Banco do Brasil - (...) [HKCU][64Bits] -- {36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1
O42 - Logiciel: My Lockbox 3.0.4 - (...) [HKLM][64Bits] -- My Lockbox_is1
O42 - Logiciel: Recibo Grátis versão 1.3 - (.P5 Sistemas.) [HKLM][64Bits] -- {B231FA7F-4CB5-4C83-87DD-8C4D670CCF2C}_is1
~ Logic: 9 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\AUTORUN]
[HKCU\Software\Amigo Mouse]
[HKCU\Software\Baidu Security] =>Adware.BDSearch
[HKCU\Software\GbAs]
[HKCU\Software\superdownloads.com.br]
[HKLM\Software\Wow6432Node\AutoHelpDesk]
~ Key Software: 357 Legitimates Filtered in 00mn 00s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 16/11/2013 - 15:10:43 - [0] ----D C:\Program Files (x86)\Baidu Security =>Adware.BDSearch
O43 - CFD: 29/01/2014 - 23:58:52 - [0] ----D C:\Program Files (x86)\Cursos RFB
O43 - CFD: 15/12/2013 - 16:24:15 - [688,823] ----D C:\Program Files (x86)\Nordic Games
O43 - CFD: 16/11/2013 - 15:29:40 - [0,002] ----D C:\ProgramData\Baidu Security =>Adware.BDSearch
O43 - CFD: 27/03/2014 - 20:58:30 - [0] ----D C:\ProgramData\ProductData
O43 - CFD: 16/11/2013 - 15:29:47 - [2,773] ----D C:\Users\LuizFrancisco\AppData\Roaming\Baidu Security =>Adware.BDSearch
O43 - CFD: 27/03/2014 - 14:23:11 - [0] ----D C:\Users\LuizFrancisco\AppData\Roaming\qone8 =>Hijacker.Qone8
O43 - CFD: 22/10/2013 - 18:45:27 - [0] ----D C:\Users\LuizFrancisco\AppData\Local\PackageStaging
O43 - CFD: 29/01/2014 - 21:03:53 - [0] ----D C:\Users\LuizFrancisco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cursos RFB
O43 - CFD: 22/10/2013 - 21:49:01 - [0] ----D C:\Users\LuizFrancisco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dic Michaelis - UOL
O43 - CFD: 22/10/2013 - 21:35:23 - [0,004] ----D C:\Users\LuizFrancisco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My Lockbox
~ Program Folder: 210 Legitimates Filtered in 00mn 20s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.5D90F0DA3CF3DFBC761F1616914ADA72] - 20/03/2014 - 16:27:22 ---A- . (...) -- C:\PureRa.txt [26218]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 21/03/2014 - 06:49:25 ---A- . (...) -- C:\asc_rdflag [0]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 27/03/2014 - 20:39:46 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.C10E0EF4886D5D706772C033F2B7C3F8] - 27/03/2014 - 20:41:13 ---A- . (...) -- C:\zoek-results.log [20143]
O44 - LFC:[MD5.C4EAE3A4291BE97D4DCA6BC23735D601] - 27/03/2014 - 20:55:32 ---A- . (...) -- C:\Windows\DPINST.LOG [472296]
O44 - LFC:[MD5.CADC4D574F8044B7C093EE71504747F7] - 28/03/2014 - 11:56:38 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [158296]
O44 - LFC:[MD5.99B688F6BEB53238335D76B4CE9CE681] - 28/03/2014 - 11:56:38 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [774702]
O44 - LFC:[MD5.2131557CC6DE816137DB27F5CB78EB9F] - 28/03/2014 - 11:57:42 ---A- . (...) -- C:\Windows\win.ini [228]
~ Files: 48 Legitimates Filtered in 00mn 03s



---\\ Negação do serviço (Local Security Authority) (048)
~ LSA: 3 Legitimates Filtered in 00mn 00s



---\\ Pesquisa de infeções nos drivers (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"VIDC.X264"="x264vfw64.dll" . (.x264vfw project - x264vfw - H.264/MPEG-4 AVC codec.) -- C:\Windows\System32\x264vfw64.dll
~ TDSD: 12 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 19 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:[MD5.C1ABB0F7E3BEA48A0417BDF6FF14AB21] - 12/08/2013 - 20:25:46 ---A- . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\Drivers\bcmfn2.sys [17624]
O58 - SDL:[MD5.27069CFFF29B7F04F4B1BB10154BE52B] - 25/09/2012 - 04:52:04 ---A- . (.Windows (R) Win 7 DDK provider - IEEE-1284.4-1999 Driver.) -- C:\Windows\System32\Drivers\Dot4.sys [151968]
O58 - SDL:[MD5.0BD906A79F9CE3013F7D9D0AC45F9F9D] - 25/09/2012 - 04:52:04 ---A- . (.Windows (R) Win 7 DDK provider - IEEE-1284.4 Print Class Driver.) -- C:\Windows\System32\Drivers\Dot4Prt.sys [27040]
O58 - SDL:[MD5.73BDD44A6088916964945886F9025409] - 23/01/2014 - 00:21:06 ---A- . (.DEVGURU Co., LTD.([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys [108800]
O58 - SDL:[MD5.5252D7BC56E5E0ED715AEA8FE173A455] - 23/01/2014 - 00:21:06 ---A- . (.DEVGURU Co., LTD.([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - SAMSUNG Android Modem Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudmdm.sys [206080]
O58 - SDL:[MD5.58C89A89D4AF0288DCF432EC0B358438] - 20/09/2012 - 01:35:36 ---A- . (.DEVGURU Co., LTD.([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - SAMSUNG USB Mobile Logging Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudserd.sys [203104]
O58 - SDL:[MD5.366DEA74BBA65B362BCCFC6FC2ADFD8B] - 22/08/2013 - 09:43:32 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [31072]
O58 - SDL:[MD5.9CFEFD62D86DABFAC12D1C5ED72BA6A4] - 23/11/2013 - 15:05:28 ---A- . (...) -- C:\Windows\System32\Drivers\SWDUMon.sys [16152]
O58 - SDL:[MD5.41AD0FCF47275A9BC70FA1B56BFD3E23] - 16/08/2010 - 15:31:18 ----- . (...) -- C:\Windows\System32\pwdrvio.sys [19936]
O58 - SDL:[MD5.19CF17076F2524AF6746B528584AA3C9] - 16/08/2010 - 15:31:16 ----- . (...) -- C:\Windows\System32\pwdspio.sys [13280]
O58 - SDL:[MD5.589312A3B46721C5A751E4D5222A89BE] - 09/11/2013 - 14:04:51 ---A- . (...) -- C:\Windows\SysWOW64\drivers\byocr.sys [61440]
O58 - SDL:[MD5.589312A3B46721C5A751E4D5222A89BE] - 09/11/2013 - 14:44:46 ---A- . (...) -- C:\Windows\SysWOW64\drivers\erphhhdl.sys [61440]
O58 - SDL:[MD5.B7CC2AF3D5604EFDC5F82AF7A5B21FB1] - 28/03/2014 - 06:43:48 ---A- . (.GbPlugin NDIS Device Driver - GbPlugin NDIS Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpndisrd.sys [31088]
O58 - SDL:[MD5.589312A3B46721C5A751E4D5222A89BE] - 23/01/2014 - 19:35:15 ---A- . (...) -- C:\Windows\SysWOW64\drivers\irhc.sys [61440]
O58 - SDL:[MD5.589312A3B46721C5A751E4D5222A89BE] - 23/01/2014 - 19:30:59 ---A- . (...) -- C:\Windows\SysWOW64\drivers\nrqx.sys [61440]
O58 - SDL:[MD5.589312A3B46721C5A751E4D5222A89BE] - 23/01/2014 - 19:21:53 ---A- . (...) -- C:\Windows\SysWOW64\drivers\qbjwq.sys [61440]
O58 - SDL:[MD5.589312A3B46721C5A751E4D5222A89BE] - 09/11/2013 - 14:09:33 ---A- . (...) -- C:\Windows\SysWOW64\drivers\tdictxot.sys [61440]
O58 - SDL:[MD5.589312A3B46721C5A751E4D5222A89BE] - 09/11/2013 - 14:47:17 ---A- . (...) -- C:\Windows\SysWOW64\drivers\weafaxlq.sys [61440]
~ Drivers: 19 Legitimates Filtered in 00mn 05s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\Launcher.exe
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.9BD22B88F5B2877AC093D88AD67B53B6] [SPRF][16/11/2013] (...) -- C:\ProgramData\1384625569.bdinstall.bin [1660270]
[MD5.E27B1850EAEF0A43AC20CE2D5B3BA32F] [SPRF][30/11/2013] (...) -- C:\ProgramData\1385841983.bdinstall.bin [246229]
[MD5.54B781FE565E23DC1ABF88D3A45339A3] [SPRF][23/01/2014] (...) -- C:\ProgramData\ntuser.dat [262144]
[MD5.16E53BFC96CE14021C0E07EB1C198478] [SPRF][28/11/2013] (...) -- C:\Users\LuizFrancisco\AppData\Roaming\inst.exe [99384]
[MD5.ED9998BCBEF932E8966B5364425B4F6B] [SPRF][26/11/2013] (...) -- C:\Users\LuizFrancisco\AppData\Roaming\unins000.dat [32584]
[MD5.DF06DC5837316EA78746E3F790A950ED] [SPRF][27/03/2014] (...) -- C:\Users\LuizFrancisco\Desktop\AdwCleaner.exe [1950720]
[MD5.D9DE89F0FAF18019BC9595F0F47BCA61] [SPRF][05/11/2013] (.Atribune.org - ATF Cleaner.exe.) -- C:\Users\LuizFrancisco\Desktop\ATF-Cleaner.exe [50688]
[MD5.430E952779CB0819388EC4CC533BF10D] [SPRF][30/01/2002] (...) -- C:\Users\LuizFrancisco\Desktop\Impress.exe [1644544]
[MD5.64BAEC464B396B66A353D8FC2F42A4E3] [SPRF][31/07/2011] (.RaProducts.org - System Purification Tool.) -- C:\Users\LuizFrancisco\Desktop\PureRa.exe [76565]
[MD5.25D2086A4791F13EDD75BA872D630A37] [SPRF][05/12/2013] (...) -- C:\Users\LuizFrancisco\Desktop\ReportMaker.exe [5071019]
[MD5.DCF741DF9F654F5A2C1BEC789F53AEB3] [SPRF][08/03/2014] (...) -- C:\Users\LuizFrancisco\Desktop\zoek.com [1414742]
~ Files: 16 Legitimates Filtered in 00mn 02s



---\\ Pesquisa dos pacotes WindowsInstaller (WIS) (O93) (NTFS)
[MD5.532333A8078EB2D51D7C2CDDD262C930] [WIS][22/10/2013] (.SlimWare Utilities, Inc. - Looks for updates for your computer's software and drivers.) -- C:\Windows\Installer\37676d.msi [29691904]
[MD5.C133F19570415BEC44B8403A15BD4E9A] [WIS][29/04/2011] (.Builds the Destinations MSI - Builds the Destinations MSI.) -- C:\Windows\Installer\4c5090.msi [523776]
~ WIS: 122 Legitimates Filtered in 00mn 06s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 12/03/2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 25/11/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 25/11/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 11/05/2013 822232 | (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
SS - | Auto 03/12/2013 2151200 | (LiveUpdateSvc) . (.IObit.) - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
SS - | Demand 14/02/2014 118896 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 22/08/2013 37768 | C:\Windows\System32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SS - | Auto 22/08/2013 37768 | C:\Windows\System32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Disabled 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SS - | Auto 22/08/2013 37768 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SR - | Auto 21/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 14/01/2014 881952 | (AdvancedSystemCareService7) . (.IObit.) - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
SR - | Auto 14/10/2013 214512 | (AVP) . (.Kaspersky Lab ZAO.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
SR - | Auto 08/10/2013 452136 | (GbpSv) . (.GAS Tecnologia.) - C:\Program Files (x86)\GbPlugin\GbpSv.exe
SR - | Demand 22/08/2013 37768 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 22/08/2013 37768 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 11/05/2013 733696 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 08/08/2013 169432 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 08/08/2013 390616 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 18/07/2013 762192 | (NAUpdate) . (.Nero AG.) - C:\Program Files (x86)\Nero\Update\NASvc.exe
SR - | Auto 09/12/2013 1494304 | (NvNetworkService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
SR - | Auto 09/12/2013 15129376 | (NvStreamSvc) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
SR - | Auto 08/02/2014 923936 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 30/11/2010 336824 | (PSI_SVC_2_x64) . (.arvato digital services llc.) - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
SR - | Auto 02/10/2012 3064000 | (Skype C2C Service) . (.Skype Technologies S.A..) - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
SR - | Auto 08/02/2014 411936 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SR - | Auto 17/02/2014 4915040 | (TeamViewer9) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
SR - | Demand 10/07/1658 0 | (WdNisSvc) . (...) - C:\Program Files (x86)\Windows Defender\NisSrv.exe
SR - | Demand 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe

~ Services: Scanned in 00mn 08s



---\\ Scâner Aditional (088)
Database Version : 13031 - (28/03/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 4
Fichiers trouvés (Files found) : 1

C:\Program Files (x86)\Baidu Security =>Adware.BDSearch^
C:\ProgramData\Baidu Security =>Adware.BDSearch^
C:\Users\LuizFrancisco\AppData\Roaming\Baidu Security =>Adware.BDSearch^
C:\Users\LuizFrancisco\AppData\Roaming\qone8 =>Hijacker.Qone8^
[HKCU\Software\Baidu Security] =>Adware.BDSearch^
~ Additionnel Scan: 316374 Items scanned in 00mn 12s



---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.SupTab
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.BDSearch
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Hijacker.Qone8
~ MSI: 3 link(s) detected in 00mn 00s



~ 1186 Legitimates filtered by white list
End of the scan (502 lines in 01mn 20s)(0)

 Acesse o site [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] e envie estes arquivos abaixo para serem analisados (um de cada vez)

C:\Recibo\Recibo.exe
C:\Program Files (x86)\Unlockroot Pro\unlockrootpro.exe
C:\Windows\System32\x264vfw64.dll
C:\Windows\System32\Drivers\bcmfn2.sys
C:\Windows\SysWOW64\drivers\byocr.sys
C:\Windows\SysWOW64\drivers\erphhhdl.sys
C:\Windows\SysWOW64\drivers\irhc.sys
C:\Windows\SysWOW64\drivers\nrqx.sys
C:\Windows\SysWOW64\drivers\qbjwq.sys
C:\Windows\SysWOW64\drivers\tdictxot.sys
C:\Windows\SysWOW64\drivers\weafaxlq.sys

Em sua próxima resposta poste os links das análises dos arquivos acima juntamente com o log do ZHPFix pedido abaixo.
_______________________________________________________________________________________________

 Selecione e copie todo o texto destacado em vermelho que te passei (começando em script zhpfix e indo até emptyclsid)
_____________________________________________________________________________________________________________

 Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta juntamente com os links das análises dos arquivos no site Virus Total.

Bem na analise do virus total não consegui encontrar dois arquivos para serem analisados:
C:\Windows\System32\x264vfw64.dll
C:\Windows\System32\Drivers\bcmfn2.sys

segue resultados:


[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Quanto aos links do Virus Total, estes abaixo estão todos repetidos, veja:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Então quer dizer que alguns arquivos ficaram sem ser analisados.

certo vou refazer o procedimento.

Bem agora que refiz de uma forma para não ter erro vai os resultados, como na vez anterior uns arquivos não foram encontrados para analisar.


[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
C:\Windows\System32\x264vfw64.dll
C:\Windows\System32\Drivers\bcmfn2.sys
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

 sugiro que desinstale este programa Unlockroot Pro. Veja que na análise do Virus Total dois bons antivirus (Comodo e Eset Nod32) classificam o executável dele como perigoso.

Já quanto aos outros arquivos analisados pode ser um falso-positivo (um engano por parte dos antivirus que os identificaram como perigosos) visto que só alguns poucos antivirus pouco conhecidos os identificaram.

Depois disto nos diga como está o PC.

Remoção feita, como faço para o firefox voltar ao normal e que tanta coisa ruim tinha nesse PC e de onde elas vieram?

como faço para o firefox voltar ao normal?

Qual problema está ocorrendo no Firefox? Dependendo da situação a melhor solução é desinstalar o Firefox e depois baixá-lo no site oficial dele e reinstalá-lo.
_____________________________________________________________

e que tanta coisa ruim tinha nesse PC e de onde elas vieram?

Os sites mais famosos de download estão inserindo adwares nos instaladores deles. Então sempre que for fazer um download escolha a opção de baixar sem o instalador deles. E mesmo assim é preciso ter cuidado para não ver se não há no próprio instalador dos programas alguma caixinha que oferece a instalação de toolbar ou outros adwares, aí é só desmarcar.

No firefox quando se coloca para abrir uma nova aba ele abre uma pagina do google e não em branco como deveria.

Abra o Firefox e na barra de endereços digite about:config e tecle Enter.

Poderá aparecer uma mensagem dizendo "This might void your warranty!"
Clique em I'll be careful, I promise!, para continuar para a página about:config

Tecle browser.newtab.url na caixa de pesquisa.

Dê um duplo clique em browser.newtab.url e troque a URL para about:newtab

Click OK e feche o about:config tab

Depois nos diga se resolveu.