Problemas com adwares no PC

Olá, estou com o mesmo problema, já instalei o programa recomendado e segui as instruções, abaixo esta o log:
OBS: devo fazer o próximo passo ou já esta tudo limpo?
Desde já agradeço pela ajuda e atenção!   

# AdwCleaner v3.212 - Relatório criado 12/06/2014 às 02:44:00
# Atualizado 05/06/2014 por Xplode
# Sistema Operacional : Windows 8.1 Pro  (64 bits)
# Usuário : CRISTIANOM - SHADOWUSER
# Executando de : C:\Users\CRISTIANOM\Downloads\AdwCleaner.exe
# Opção : Limpar

***** [ Serviços ] *****

Serviço Deletada : IePluginServices

***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\IePluginServices
Pasta Deletada : C:\ProgramData\Trymedia
Pasta Deletada : C:\ProgramData\WindowsProtectManger
Pasta Deletada : C:\ProgramData\FIendiBEsstDeal
Pasta Deletada : C:\ProgramData\Seaarch-NeewTab
Pasta Deletada : C:\ProgramData\SSaveNeWaAppz
Pasta Deletada : C:\ProgramData\websave
Pasta Deletada : C:\ProgramData\YoutubeAdblocker
Pasta Deletada : C:\Program Files (x86)\GetPrivate
Pasta Deletada : C:\Program Files (x86)\globalUpdate
Pasta Deletada : C:\Program Files (x86)\SupTab
Pasta Deletada : C:\Program Files (x86)\FIendiBEsstDeal
Pasta Deletada : C:\Program Files (x86)\Seaarch-NeewTab
Pasta Deletada : C:\Users\Administrador\AppData\Local\torch
Pasta Deletada : C:\Users\Convidado\AppData\Local\torch
Pasta Deletada : C:\Users\CRISTIANOM\AppData\Local\globalUpdate
Pasta Deletada : C:\Users\CRISTIANOM\AppData\Local\torch
Pasta Deletada : C:\Users\CRISTIANOM\AppData\Roaming\GetPrivate
Pasta Deletada : C:\Users\CRISTIANOM\AppData\Roaming\SupTab
Pasta Deletada : C:\Users\HomeGroupUser$\AppData\Local\torch
Pasta Deletada : C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccclddgecgkogpgnkfochempffdmbcdg
Pasta Deletada : C:\Users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccclddgecgkogpgnkfochempffdmbcdg
Pasta Deletada : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccclddgecgkogpgnkfochempffdmbcdg
Pasta Deletada : C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\dobnfmbogkjjgnbdagikllmmgcoooida
Pasta Deletada : C:\Users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\dobnfmbogkjjgnbdagikllmmgcoooida
Pasta Deletada : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\dobnfmbogkjjgnbdagikllmmgcoooida
Pasta Deletada : C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffkdaodohjfliidmgfefpoehlfljhjgn
Pasta Deletada : C:\Users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffkdaodohjfliidmgfefpoehlfljhjgn
Pasta Deletada : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffkdaodohjfliidmgfefpoehlfljhjgn
Arquivo Deletada : C:\END
Arquivo Deletada : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\webssearches.xml
Arquivo Deletada : C:\WINDOWS\System32\Tasks\GPUpdate

***** [ Atalhos ] *****


***** [ Registro ] *****

Valor Deletedo : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [quick_start@gmail.com]
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayer_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayer_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS
Chave Deletedo : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\S-46480778
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Chave Deletedo : HKCU\Software\AppDataLow\Software\blockAndSurf
Chave Deletedo : HKCU\Software\AppDataLow\Software\Crossrider
Chave Deletedo : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Chave Deletedo : HKLM\Software\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Chave Deletedo : HKLM\Software\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Chave Deletedo : HKLM\Software\Conduit
Chave Deletedo : HKLM\Software\SupDp
Chave Deletedo : HKLM\Software\SupTab
Chave Deletedo : HKLM\Software\webssearchesSoftware
Chave Deletedo : HKLM\Software\Wpm
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IM
Dados Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SupTab\SEARCH~1.DLL
Dados Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SupTab\SEARCH~2.DLL

***** [ Navegadores ] *****

-\\ Internet Explorer v11.0.9600.17126

Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Google Chrome v

*************************

AdwCleaner[R0].txt - [7651 octets] - [12/06/2014 02:41:21]
AdwCleaner[S0].txt - [7097 octets] - [12/06/2014 02:44:00]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7157 octets] ##########

   Olá Cristiano.

Desative temporariamente seu antivírus para evitar conflitos.

* Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executá-lo corretamente siga as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Assim que ele concluir a limpeza dos problemas acesse o log (relatório) do Zoek que estará em C:\zoek-results.txt e copie todo seu conteúdo e poste em sua próxima resposta.

Olá, obrigado pelo apoio, segue o log do Zoek:
  

Zoek.exe v5.0.0.0 Updated 02-June-2014
Tool run by CRISTIANOM on 12/06/2014 at 13:34:55,20.
Microsoft Windows 8.1 Pro 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\CRISTIANOM\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

12/06/2014 13:40:00 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Users\CRISTIANOM\AppData\LocalLow\{058EAACD-3E15-8893-39B5-843AE9EFC2AE} deleted
C:\Users\CRISTIANOM\AppData\LocalLow\{3839B901-CC5D-8A23-367E-1DA7AE53D66D} deleted
C:\Users\CRISTIANOM\AppData\LocalLow\{64C82EBD-ADF7-3456-1ACE-B80C3ECF3966} deleted
C:\Users\CRISTIANOM\AppData\LocalLow\{D2FB414E-5B64-471F-1DDA-5C8496063FC6} deleted
C:\Users\CRISTIANOM\AppData\LocalLow\{D3FD2430-A0B3-6077-5737-519A4422F1F3} deleted
C:\Users\CRISTIANOM\AppData\Local\Packages\windows_ie_ac_001\AC\{058EAACD-3E15-8893-39B5-843AE9EFC2AE} deleted
C:\Users\CRISTIANOM\AppData\Local\Packages\windows_ie_ac_001\AC\{3839B901-CC5D-8A23-367E-1DA7AE53D66D} deleted
C:\Users\CRISTIANOM\AppData\Local\Packages\windows_ie_ac_001\AC\{64C82EBD-ADF7-3456-1ACE-B80C3ECF3966} deleted
C:\Users\CRISTIANOM\AppData\Local\Packages\windows_ie_ac_001\AC\{D2FB414E-5B64-471F-1DDA-5C8496063FC6} deleted
C:\Users\CRISTIANOM\AppData\Local\Packages\windows_ie_ac_001\AC\{D3FD2430-A0B3-6077-5737-519A4422F1F3} deleted
C:\PROGRA~3\5d5b61c661e5af2d deleted
C:\PROGRA~3\SohopDrop deleted
C:\PROGRA~2\SohopDrop deleted
C:\PROGRA~3\InstallMate deleted
C:\PROGRA~3\Package Cache deleted

==== Chrome Look ======================

YoutubeAdblocker - Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ccclddgecgkogpgnkfochempffdmbcdg
weebsave - Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dobnfmbogkjjgnbdagikllmmgcoooida
Seaarch-NeewTab - Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ffkdaodohjfliidmgfefpoehlfljhjgn
Cut and Paste - Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbammbheopgpmaagmckhpjbfgdfkpadb
Cut and Paste - Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbammbheopgpmaagmckhpjbfgdfkpadb
YoutubeAdblocker - Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ccclddgecgkogpgnkfochempffdmbcdg
weebsave - Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dobnfmbogkjjgnbdagikllmmgcoooida
Seaarch-NeewTab - Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffkdaodohjfliidmgfefpoehlfljhjgn
Cut and Paste - Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbammbheopgpmaagmckhpjbfgdfkpadb
YoutubeAdblocker - Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ccclddgecgkogpgnkfochempffdmbcdg
weebsave - Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dobnfmbogkjjgnbdagikllmmgcoooida
Seaarch-NeewTab - Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ffkdaodohjfliidmgfefpoehlfljhjgn
Cut and Paste - Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbammbheopgpmaagmckhpjbfgdfkpadb
Cut and Paste - Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbammbheopgpmaagmckhpjbfgdfkpadb
YoutubeAdblocker - Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ccclddgecgkogpgnkfochempffdmbcdg
weebsave - Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dobnfmbogkjjgnbdagikllmmgcoooida
Seaarch-NeewTab - Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffkdaodohjfliidmgfefpoehlfljhjgn
Cut and Paste - Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbammbheopgpmaagmckhpjbfgdfkpadb
YoutubeAdblocker - CRISTIANOM\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ccclddgecgkogpgnkfochempffdmbcdg
weebsave - CRISTIANOM\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dobnfmbogkjjgnbdagikllmmgcoooida
Seaarch-NeewTab - CRISTIANOM\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ffkdaodohjfliidmgfefpoehlfljhjgn
Cut and Paste - CRISTIANOM\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbammbheopgpmaagmckhpjbfgdfkpadb
YoutubeAdblocker - CRISTIANOM\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ccclddgecgkogpgnkfochempffdmbcdg
weebsave - CRISTIANOM\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dobnfmbogkjjgnbdagikllmmgcoooida
Seaarch-NeewTab - CRISTIANOM\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffkdaodohjfliidmgfefpoehlfljhjgn
Cut and Paste - CRISTIANOM\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbammbheopgpmaagmckhpjbfgdfkpadb
YoutubeAdblocker - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ccclddgecgkogpgnkfochempffdmbcdg
weebsave - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dobnfmbogkjjgnbdagikllmmgcoooida
Seaarch-NeewTab - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ffkdaodohjfliidmgfefpoehlfljhjgn
Cut and Paste - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbammbheopgpmaagmckhpjbfgdfkpadb
Cut and Paste - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbammbheopgpmaagmckhpjbfgdfkpadb
YoutubeAdblocker - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ccclddgecgkogpgnkfochempffdmbcdg
weebsave - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dobnfmbogkjjgnbdagikllmmgcoooida
Seaarch-NeewTab - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffkdaodohjfliidmgfefpoehlfljhjgn
Cut and Paste - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbammbheopgpmaagmckhpjbfgdfkpadb

==== Chrome Fix ======================

C:\Users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ccclddgecgkogpgnkfochempffdmbcdg deleted successfully
C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccclddgecgkogpgnkfochempffdmbcdg deleted successfully
C:\Users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ccclddgecgkogpgnkfochempffdmbcdg deleted successfully
C:\Users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ccclddgecgkogpgnkfochempffdmbcdg deleted successfully
C:\Users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccclddgecgkogpgnkfochempffdmbcdg deleted successfully
C:\Users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ccclddgecgkogpgnkfochempffdmbcdg deleted successfully
C:\Users\CRISTIANOM\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ccclddgecgkogpgnkfochempffdmbcdg deleted successfully
C:\Users\CRISTIANOM\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ccclddgecgkogpgnkfochempffdmbcdg deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ccclddgecgkogpgnkfochempffdmbcdg deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccclddgecgkogpgnkfochempffdmbcdg deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ccclddgecgkogpgnkfochempffdmbcdg deleted successfully
C:\Users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dobnfmbogkjjgnbdagikllmmgcoooida deleted successfully
C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\dobnfmbogkjjgnbdagikllmmgcoooida deleted successfully
C:\Users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dobnfmbogkjjgnbdagikllmmgcoooida deleted successfully
C:\Users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dobnfmbogkjjgnbdagikllmmgcoooida deleted successfully
C:\Users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\dobnfmbogkjjgnbdagikllmmgcoooida deleted successfully
C:\Users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dobnfmbogkjjgnbdagikllmmgcoooida deleted successfully
C:\Users\CRISTIANOM\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dobnfmbogkjjgnbdagikllmmgcoooida deleted successfully
C:\Users\CRISTIANOM\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dobnfmbogkjjgnbdagikllmmgcoooida deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dobnfmbogkjjgnbdagikllmmgcoooida deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\dobnfmbogkjjgnbdagikllmmgcoooida deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dobnfmbogkjjgnbdagikllmmgcoooida deleted successfully
C:\Users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ffkdaodohjfliidmgfefpoehlfljhjgn deleted successfully
C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffkdaodohjfliidmgfefpoehlfljhjgn deleted successfully
C:\Users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffkdaodohjfliidmgfefpoehlfljhjgn deleted successfully
C:\Users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ffkdaodohjfliidmgfefpoehlfljhjgn deleted successfully
C:\Users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffkdaodohjfliidmgfefpoehlfljhjgn deleted successfully
C:\Users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffkdaodohjfliidmgfefpoehlfljhjgn deleted successfully
C:\Users\CRISTIANOM\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ffkdaodohjfliidmgfefpoehlfljhjgn deleted successfully
C:\Users\CRISTIANOM\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffkdaodohjfliidmgfefpoehlfljhjgn deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ffkdaodohjfliidmgfefpoehlfljhjgn deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffkdaodohjfliidmgfefpoehlfljhjgn deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffkdaodohjfliidmgfefpoehlfljhjgn deleted successfully
C:\Users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbammbheopgpmaagmckhpjbfgdfkpadb deleted successfully
C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbammbheopgpmaagmckhpjbfgdfkpadb deleted successfully
C:\Users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbammbheopgpmaagmckhpjbfgdfkpadb deleted successfully
C:\Users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbammbheopgpmaagmckhpjbfgdfkpadb deleted successfully
C:\Users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbammbheopgpmaagmckhpjbfgdfkpadb deleted successfully
C:\Users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbammbheopgpmaagmckhpjbfgdfkpadb deleted successfully
C:\Users\CRISTIANOM\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbammbheopgpmaagmckhpjbfgdfkpadb deleted successfully
C:\Users\CRISTIANOM\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbammbheopgpmaagmckhpjbfgdfkpadb deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbammbheopgpmaagmckhpjbfgdfkpadb deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbammbheopgpmaagmckhpjbfgdfkpadb deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbammbheopgpmaagmckhpjbfgdfkpadb deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

Nothing found to reset

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\aTube Catcher.lnk - C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\Users\Public\Desktop\Batman Arkham Origins.lnk - C:\Program Files (x86)\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
C:\Users\Public\Desktop\BlackShot Garena Plus Launch.lnk - C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe -toggleplugin 32773
C:\Users\Public\Desktop\BlackShot Launcher.lnk - C:\Program Files (x86)\Garena Plus\Apps\BlackShot\BlackShot\launcher.exe
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files (x86)\CCleaner\CCleaner64.exe
C:\Users\Public\Desktop\DAEMON Tools Ultra.lnk - C:\Program Files (x86)\DAEMON Tools Ultra\DTLauncher.exe
C:\Users\Public\Desktop\Garena Plus.lnk - C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe
C:\Users\Public\Desktop\LG Control Center.lnk - C:\Program Files (x86)\LG Software\LG Control Center\LG Control Center.exe
C:\Users\Public\Desktop\LG Easy Starter.lnk - C:\Windows\Installer\{9FE8EFD1-F283-4400-914B-9EE29828E355}\LG_Easy_Starter.ex_D282152A87564C34899E81B5235E5234.exe
C:\Users\Public\Desktop\P-Patchs HQ 2.0.lnk - C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2011\P-Patchs HQ 2.0\P-Patchs HQ 2.0.exe
C:\Users\Public\Desktop\Receitanet 1.04 .lnk - C:\Program Files (x86)\Programas RFB\Receitanet\Windows\Receitanet.exe
C:\Users\Public\Desktop\TriDef 3D.lnk - C:\Program Files (x86)\TriDef 3D\TriDef\TriDefMediaPlayer\TriDefMediaPlayer.exe "C:\Program Files (x86)\TriDef 3D\Apps\TriDef3D.TriDefApp"
C:\Users\Public\Desktop\Yabazam 3D Movies.lnk - C:\Program Files (x86)\TriDef 3D\InstallManager\TriDefLauncherNA.exe -shellexecute "http://www.ddd.com/content/lge-nb"

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk - C:\WINDOWS\Installer\{AC76BA86-7AD7-1046-7B44-AA1000000001}\SC_Reader.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Batman Arkham Origins.lnk - C:\Program Files (x86)\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced RAR Repair\ARAR.lnk - C:\Program Files (x86)\ARAR\ARAR.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced RAR Repair\Help.lnk - C:\Program Files (x86)\ARAR\ARAR.hlp
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced RAR Repair\Uninstall ARAR.lnk - C:\Program Files (x86)\ARAR\UNWISE.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files (x86)\CCleaner\CCleaner64.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\Uninstall CCleaner.lnk - C:\Program Files (x86)\CCleaner\uninst.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elcomsoft Password Recovery\Advanced Archive Password Recovery.lnk - C:\Program Files (x86)\Elcomsoft Password Recovery\Advanced Archive Password Recovery\ARCHPR.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elcomsoft Password Recovery\Documentation\Advanced Archive Password Recovery Help.lnk - C:\Program Files (x86)\Elcomsoft Password Recovery\Advanced Archive Password Recovery\ARCHPR.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elcomsoft Password Recovery\Documentation\License Agreement.lnk - C:\Program Files (x86)\Elcomsoft Password Recovery\License.rtf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elcomsoft Password Recovery\Uninstall\Advanced Archive Password Recovery.lnk - C:\Windows\System32\msiexec.exe /i {01011662-76A8-41E8-B1A8-4F8821570AC5}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KONAMI\Pro Evolution Soccer 2011\Desinstalar P-Patchs HQ 2.0.lnk - C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2011\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KONAMI\Pro Evolution Soccer 2011\P-Patchs HQ 2.0.lnk - C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2011\P-Patchs HQ 2.0\P-Patchs HQ 2.0.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace\Games for Windows Marketplace.lnk - C:\Program Files (x86)\Microsoft Games for Windows - LIVE\Client\GFWLive.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64\Changelog.lnk - C:\Program Files\MPC-HC\Changelog.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64\Desinstalar MPC-HC.lnk - C:\Program Files\MPC-HC\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64\MPC-HC x64.lnk - C:\Program Files\MPC-HC\mpc-hc64.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\79670090-9436-457a-bf93-6cb9ee63a878 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\debbc5db-2ae1-424f-b447-d12f50fa498f deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\CRISTIANOM\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\CRISTIANOM\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

No Chrome Cache found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=237 folders=112 20560038 bytes)

==== Empty Temp Folders ======================

C:\Users\CRISTIANOM\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\CRISTI~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 12/06/2014 at 14:01:57,39 ======================

Baixe o programa Junkware Removal Tool no link abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executar corretamente o programa acima é só seguir as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.

Segue log do Junkware:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 Pro x64
Ran by CRISTIANOM on 12/06/2014 at 15:19:04,30
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 12/06/2014 at 15:26:53,43
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Faça o download do < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )

Obs: Ao acessar o link acima clique no botão Télécharger referente ao ZHPDiag para baixá-lo, tal como mostra a imagem abaixo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.

Seg4e 36g d6 ZHPdiag:
  

~ Relatório do ZHPDiag v2014.6.12.90 - Nicolas Coolman (12/06/2014)
~ Iniciado por CRISTIANOM (13/06/2014 00:57:19)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão : Versão atualizada.
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user


---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17126 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 8.1 Pro, 64-bit (Build 9600)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
Windows Defender W8 (Activate)

---\\ Softwares d'optimização do sistema
CCleaner v4.13

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 12 Plugin
Adobe Reader X
Java 7 Update 51
Java 7 Update 55

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4043 MB (71% free)
System Restore: Activé (Enable)
System drive C: has 57 GB (24%) free of 233 GB

---\\ Modo de conexão ao sistema
~ Computer Name: SHADOWUSER
~ User Name: CRISTIANOM
~ All Users Names: CRISTIANOM, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\CRISTIANOM\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\CRISTIANOM\AppData\Roaming\
~ %Desktop% : C:\Users\CRISTIANOM\Desktop\
~ %Favorites% : C:\Users\CRISTIANOM\Favorites\
~ %LocalAppData% : C:\Users\CRISTIANOM\AppData\Local\
~ %StartMenu% : C:\Users\CRISTIANOM\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 57 Go of 233 Go)
D: CD-ROM drive (Not Inserted)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 44 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.81394C91B7B5A7C799E249AE82491F13] - (.Microsoft Corporation - Windows Explorer.) (.04/03/2014 - 09:25:49.) -- C:\Windows\Explorer.exe [2373784]
[MD5.48CFA7BE561A7BE144C29BB912055016] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.22/08/2013 - 06:58:29.) -- C:\Windows\System32\Wininit.exe [144384]
[MD5.40BFD9D6EC8E174145F012246CA73CCD] - (.Microsoft Corporation - Internet Extensions para Win32.) (.30/05/2014 - 04:56:56.) -- C:\Windows\System32\wininet.dll [2266112]
[MD5.306EB21E5B480AE9065EA55AC8C35936] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.22/02/2014 - 06:45:48.) -- C:\Windows\System32\Winlogon.exe [562176]
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.21/12/2013 - 05:54:07.) -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.7C7BE474915166B61B84C025F1F10157] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.02/04/2014 - 23:23:11.) -- C:\Windows\system32\Drivers\AFD.sys [563200]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22/08/2013 - 09:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22/08/2013 - 08:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22/08/2013 - 05:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352]
[MD5.A03F362C5557E238CBFA914689C77248] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.06/03/2014 - 06:22:50.) -- C:\Windows\system32\Drivers\DfsC.sys [134144]
[MD5.498288DD5CA42C2D36D125893E968C53] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.18/03/2014 - 05:19:14.) -- C:\Windows\system32\Drivers\HDAudBus.sys [77312]
[MD5.84CFC5EFA97D0C965EDE1D56F116A541] - (.Microsoft Corporation - Driver de porta i8042.) (.22/08/2013 - 08:39:15.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520]
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) (.27/11/2013 - 09:02:29.) -- C:\Windows\system32\Drivers\IpNat.sys [142848]
[MD5.0696F66E4D423793951A60562F794D14] - (.Microsoft Corporation - Minirdr SMB do Windows NT.) (.02/04/2014 - 23:23:05.) -- C:\Windows\system32\Drivers\MRxSmb.sys [402432]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.22/08/2013 - 08:37:02.) -- C:\Windows\system32\Drivers\netBT.sys [282624]
[MD5.1C80517BE6836A812F6A9B99B8321351] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.20/03/2014 - 00:41:24.) -- C:\Windows\system32\Drivers\ntfs.sys [2013016]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Driver de porta paralela.) (.22/08/2013 - 08:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22/08/2013 - 08:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecionador do Dispositivo RDP da Microsoft.) (.14/11/2013 - 04:15:59.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.22/08/2013 - 10:25:35.) -- C:\Windows\system32\Drivers\tdx.sys [107520]
[MD5.4BB9BC49DEE1A319EC58274A7BBED663] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.06/03/2014 - 09:42:44.) -- C:\Windows\system32\Drivers\volsnap.sys [310616]
~ Generic Processes: Scanned in 00mn 01s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 2/301
~ Mes musiques (My Musics) : 88/338
~ Mes Videos (My Videos) : 1/4
~ Mes Favoris (My Favorites) : 1/5
~ Mes Documents (My Documents) : 4/273
~ Mon Bureau (My Desktop) : 1/110
~ Menu demarrer (Programs) : 1/33
~ Hidden Files: Scanned in 00mn 02s



---\\ Processos lançados
[MD5.AF7D020692E8E63051CAEE1BB84740C2] - (.IVT Corporation - Bluetooth Application.) -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [322744] [PID.2244]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336] [PID.5520]
[MD5.52A15203DD8B6EB9F6C7D675D6D773A5] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8067072] [PID.3336]
~ Processes Running: Scanned in 00mn 00s



---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
~ IE Browser: 16 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 19



---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: Yabazam 3D Movies.lnk . (.DDD Group Plc. - TriDef Launcher NA.) -- C:\Program Files (x86)\TriDef 3D\InstallManager\TriDefLauncherNA.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O4 - GS\QuickLaunch [CRISTIANOM]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\CRISTIANOM\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\Desktop [CRISTIANOM]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\CRISTIANOM\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 3 Legitimates Filtered in 00mn 02s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [PowerManager] . (.LG Electronics - PowerManager.) -- C:\Program Files\LG Software\LG Power Manager\PowerManager.exe
O4 - HKLM\..\Run: [BTMTrayAgent] . (.Motorola Solutions, Inc. - Bluetooth Shell Extension.) -- C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll
O4 - HKLM\..\Run: [IntelPROSet] . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Framework.) -- C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O4 - HKCU\..\Run: [GarenaPlus] . (.No owner - Garena Plus.) -- C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe
O4 - HKCU\..\Run: [DAEMON Tools Ultra Agent] . (.Disc Soft Ltd - DAEMON Tools Ultra Agent.) -- C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files (x86)\CCleaner\CCleaner64.exe =>.Piriform Ltd
O4 - HKLM\..\Wow6432Node\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [HotkeyManager] . (.LG Electronics Inc. - HotkeyManager.) -- C:\Program Files (x86)\LG Software\LG OSD\HotkeyManager.exe
O4 - HKLM\..\Wow6432Node\Run: [BtTray] . (.IVT Corporation - Bluetooth Application.) -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [amd_dc_opt] . (.AMD - AMD Dual-Core Optimizer.) -- C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKUS\S-1-5-21-3816403609-2671640283-3619375572-1001\..\Run: [GarenaPlus] . (.No owner - Garena Plus.) -- C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe
O4 - HKUS\S-1-5-21-3816403609-2671640283-3619375572-1001\..\Run: [DAEMON Tools Ultra Agent] . (.Disc Soft Ltd - DAEMON Tools Ultra Agent.) -- C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe
O4 - HKUS\S-1-5-21-3816403609-2671640283-3619375572-1001\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files (x86)\CCleaner\CCleaner64.exe =>.Piriform Ltd
~ Application: Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{3323C9A7-2ECC-43CC-B2A4-D02798DFFC66}: DhcpNameServer = 10.10.10.1 10.10.10.2
O17 - HKLM\System\CCS\Services\Tcpip\..\{70FB7BAC-FEA9-490C-994A-9CE638498217}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{3323C9A7-2ECC-43CC-B2A4-D02798DFFC66}: DhcpDomain = emlink.com.br
O17 - HKLM\System\CS1\Services\Tcpip\..\{3323C9A7-2ECC-43CC-B2A4-D02798DFFC66}: DhcpNameServer = 10.10.10.1 10.10.10.2
O17 - HKLM\System\CS1\Services\Tcpip\..\{70FB7BAC-FEA9-490C-994A-9CE638498217}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{3323C9A7-2ECC-43CC-B2A4-D02798DFFC66}: DhcpDomain = emlink.com.br
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.10.10.1 10.10.10.2
~ Domain: Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Tarefas planificadas automaticamente (039)
[MD5.00000000000000000000000000000000] [APT] [GPUpdateCheck] (...) -- C:\Program Files (x86)\GetPrivate\gpup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{A14CDDB5-D2D0-41E8-80D1-0AE845B939A7}] (...) -- G:\Jogos\Transformes The Game\Transformers\Transformers.The.Game\SetupReg.exe (.not file.) [0]
~ Scheduled Task: 3 Legitimates Filtered in 00mn 09s



---\\ Software instalados (042)
O42 - Logiciel: Cross Fire AL - (.Z8Games.com.) [HKLM][64Bits] -- Cross Fire AL_is1
O42 - Logiciel: IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva - (.Receita Federal do Brasil.) [HKLM][64Bits] -- IRPF2014
O42 - Logiciel: P-Patchs HQ 2.0 Versão 1.0 - (.Pes-Patchs Pc.) [HKLM][64Bits] -- P-Patchs HQ 2.0 ID_mp1
O42 - Logiciel: Receitanet - (.Serpro - Serviço Federal de Processamento de Dados.) [HKLM][64Bits] -- ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5
~ Logic: 28 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\ARAR]
[HKCU\Software\PCDataApp]
[HKLM\Software\Wow6432Node\PCDataApp]
[HKLM\Software\Wow6432Node\SmartUpdater]
[HKLM\Software\Wow6432Node\TimeGate Studios]
~ Key Software: 207 Legitimates Filtered in 00mn 01s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 28/05/2014 - 02:27:58 - [] ----D C:\Program Files (x86)\ARAR
O43 - CFD: 13/03/2014 - 11:50:07 - [] ----D C:\Program Files (x86)\Programas RFB
O43 - CFD: 18/05/2014 - 03:23:10 - [] ----D C:\Users\CRISTIANOM\AppData\Roaming\wi_upd
O43 - CFD: 05/05/2014 - 13:58:56 - [] ----D C:\Users\CRISTIANOM\AppData\Roaming\xim
O43 - CFD: 26/05/2014 - 01:09:20 - [] ----D C:\Users\CRISTIANOM\AppData\Local\com
O43 - CFD: 09/05/2014 - 22:18:42 - [] ----D C:\Users\CRISTIANOM\AppData\Local\Disc_Soft_Ltd
O43 - CFD: 13/03/2014 - 11:48:48 - [] ----D C:\Users\CRISTIANOM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014
~ Program Folder: 151 Legitimates Filtered in 00mn 01s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 12/06/2014 - 13:34:36 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.65D0652252804FB578F766883AF6131B] - 12/06/2014 - 14:01:57 ---A- . (...) -- C:\zoek-results.log [22240]
O44 - LFC:[MD5.B2E3A11200B685489CC78903DA74BD05] - 12/06/2014 - 21:01:53 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [158494]
O44 - LFC:[MD5.9944C44C3BBDC0262C33A02A9BA2F280] - 12/06/2014 - 21:01:53 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [774900]
~ Files: 53 Legitimates Filtered in 00mn 09s



---\\ Chave do registo Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{b5665f34-d70e-11e3-be95-5cc9d3ffc938}\AutoRun\command. (...) -- E:\setup.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 19 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:16/07/2012 - 23:39:22 ---A- . (.Windows (R) Win 7 DDK provider - Intel Centrino Wireless Bluetooth + High Speed Virtual Adapt.) -- C:\Windows\System32\Drivers\AmpPal.sys [162344]
O58 - SDL:12/08/2013 - 20:25:46 ---A- . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\Drivers\bcmfn2.sys [17624]
O58 - SDL:10/07/2008 - 18:20:40 ---A- . (.CSR, plc - A/V Bluetooth Device.) -- C:\Windows\System32\Drivers\bthav.sys [40448]
O58 - SDL:22/08/2013 - 09:43:32 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [31072]
~ Drivers: 49 Legitimates Filtered in 00mn 07s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.BC849BA56CE71049C5B7234346F94CC0] [SPRF][09/04/2012] (...) -- C:\Users\CRISTIANOM\Desktop\AMCAP.exe [49152]
[MD5.AF3BD1607B9439998093432BAF5FC4AA] [SPRF][27/03/2008] (...) -- C:\Users\CRISTIANOM\Desktop\Kanes Wrath Trainer.exe [1259008]
[MD5.352E8561E633B17ED22012366721FFDC] [SPRF][12/06/2014] (...) -- C:\Users\CRISTIANOM\Desktop\zoek.exe [1285120]
~ Files: 5 Legitimates Filtered in 00mn 00s



---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "TCP Query User{10AF9509-28F5-45FF-8403-32DEAFE6AA51}C:\users\cristianom\appdata\roaming\utorrent\utorrent.exe" | In - Private - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\users\cristianom\appdata\roaming\utorrent\utorrent.exe =>P2P.BitTorrent
O87 - FAEL: "UDP Query User{908219D5-D898-4086-B10C-C51ECF5D683B}C:\users\cristianom\appdata\roaming\utorrent\utorrent.exe" | In - Private - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\users\cristianom\appdata\roaming\utorrent\utorrent.exe =>P2P.BitTorrent
~ Firewall: 2 Legitimates Filtered in 00mn 02s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASAPI32 =>Adware.NewPlayer
HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASMANCS =>Adware.NewPlayer
~ BTK: 30 Legitimates Filtered in 00mn 00s



---\\ Search CLSID Registry Key (O101)
[HKCR\CLSID\{A9E0DBD3-1BA1-CD8B-5D25-757C9E4762AD}] (YoutubeAdblocker) =>PUP.Multiplug
~ BCK: 6031 Legitimates Filtered in 00mn 14s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 29/01/2014 279000 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Demand 28/04/2014 813328 | (Disc Soft Bus Service) . (.Disc Soft Ltd.) - C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe
SS - | Demand 18/07/2012 272176 | (MyWiFiDHCPDNS) . (...) - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
SS - | Demand 10/07/1658 0 | (npggsvc) . (.INCA Internet Co., Ltd..) - C:\WINDOWS\system32\GameMon.des
SS - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SS - | Demand 22/08/2013 37768 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 18/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 16/07/2012 731688 | (AMPPALR3) . (.Intel Corporation.) - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
SR - | Auto 11/01/2012 1191120 | (BlueSoleilCS) . (.IVT Corporation.) - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
SR - | Auto 08/08/2012 1091520 | (Bluetooth Device Monitor) . (.Motorola Solutions, Inc..) - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
SR - | Auto 08/08/2012 1112000 | (Bluetooth OBEX Service) . (.Motorola Solutions, Inc..) - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
SR - | Demand 11/01/2012 143936 | (BsHelpCS) . (.IVT Corporation.) - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
SR - | Auto 02/05/2012 135952 | (BTHSSecurityMgr) . (.Intel(R) Corporation.) - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
SR - | Auto 18/07/2012 627504 | (EvtEng) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
SR - | Auto 13/07/2012 2451456 | (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
SR - | Auto 18/07/2012 149296 | (RegSrvc) . (.Intel(R) Corporation.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
SR - | Demand 10/07/1658 0 | (WdNisSvc) . (...) - C:\Program Files (x86)\Windows Defender\NisSrv.exe
SR - | Auto 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 18/07/2012 2699568 | (ZeroConfigService) . (.Intel Corporation.) - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
~ Services: Scanned in 00mn 17s



---\\ Scâner Aditional (088)
Database Version : 13026 - (12/06/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 1

[HKCR\CLSID\{A9E0DBD3-1BA1-CD8B-5D25-757C9E4762AD}] (YoutubeAdblocker) =>PUP.Multiplug^
~ Additionnel Scan: 273117 Items scanned in 00mn 49s



---\\ Informações complémentaires do módulos
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Internet Explorer, Proxy Management (R5)
~ AMI: 1 Legitimates Filtered in 00mn 00s



---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Multiplug
~ MSI: 1 link(s) detected in 00mn 00s



~ 609 Legitimates filtered by white list
End of the scan (380 lines in 02mn 12s)(0)

 Há programas desnecessários iniciando junto com o Windows, o que torna o seu PC mais lento. Para corrigir isto, siga as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

De preferência deixe apenas os programas de segurança (anti-vírus/anti-spywares/firewall) iniciarem junto com o Windows.

Use também o programa Ccleaner, indicado neste tutorial acima, para fazer uma limpeza e otimização do PC.
_________________________________________________________________________________________

 Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

 Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta.

Ola!
Segue log do ZHPFix:

Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre :
Run by CRISTIANOM at 13/06/2014 15:10:43
High Elevated Privileges : OK
Windows 8 Business Edition, 64-bit Service Pack 1 (9600)

Reciclagem vazia (00mn 03s)
Reparação de atalhos do navegador

========== Chaves do Registo ==========
ELIMINÉ: HKCU\Software\PCDataApp
ELIMINÉ: HKLM\Software\Wow6432Node\PCDataApp
ELIMINÉ:* HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASAPI32
ELIMINÉ:* HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASMANCS
ELIMINÉ:* HKCR\CLSID\{A9E0DBD3-1BA1-CD8B-5D25-757C9E4762AD}

========== Valores do Registo ==========
ELIMINÉ RunValue: SynTPEnh
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINÉ Temporários windows (0) (0 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Tarefa planificada ==========
ELIMINÉ: GPUpdateCheck

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
5 : Chaves do Registo
7 : Valores do Registo
1 : Pastas
2 : Ficheiros
1 : Tarefa planificada
1 : Restauração Sistema


End of clean in 00mn 53s

========== Caminho do ficheiro do relatório ==========
C:\Users\CRISTIANOM\AppData\Roaming\ZHP\ZHPFix[R1].txt - 13/06/2014 15:10:46 [1494]

Abra novamente o ( ZHPDiag )

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Segue log do ZHPDiag:

~ Relatório do ZHPDiag v2014.6.12.90 - Nicolas Coolman (12/06/2014)
~ Iniciado por CRISTIANOM (14/06/2014 00:39:32)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão : Versão atualizada.
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by program


---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17126 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 8.1 Pro, 64-bit (Build 9600)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
Windows Defender W8 (Activate)

---\\ Softwares d'optimização do sistema
CCleaner v4.13

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 12 Plugin
Adobe Reader X
Java 7 Update 51
Java 7 Update 55

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4043 MB (73% free)
System Restore: Activé (Enable)
System drive C: has 42 GB (17%) free of 233 GB

---\\ Modo de conexão ao sistema
~ Computer Name: SHADOWUSER
~ User Name: CRISTIANOM
~ All Users Names: CRISTIANOM, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\CRISTIANOM\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\CRISTIANOM\AppData\Roaming\
~ %Desktop% : C:\Users\CRISTIANOM\Desktop\
~ %Favorites% : C:\Users\CRISTIANOM\Favorites\
~ %LocalAppData% : C:\Users\CRISTIANOM\AppData\Local\
~ %StartMenu% : C:\Users\CRISTIANOM\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 42 Go of 233 Go)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 44 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.81394C91B7B5A7C799E249AE82491F13] - (.Microsoft Corporation - Windows Explorer.) (.04/03/2014 - 09:25:49.) -- C:\Windows\Explorer.exe [2373784]
[MD5.48CFA7BE561A7BE144C29BB912055016] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.22/08/2013 - 06:58:29.) -- C:\Windows\System32\Wininit.exe [144384]
[MD5.40BFD9D6EC8E174145F012246CA73CCD] - (.Microsoft Corporation - Internet Extensions para Win32.) (.30/05/2014 - 04:56:56.) -- C:\Windows\System32\wininet.dll [2266112]
[MD5.306EB21E5B480AE9065EA55AC8C35936] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.22/02/2014 - 06:45:48.) -- C:\Windows\System32\Winlogon.exe [562176]
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.21/12/2013 - 05:54:07.) -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.7C7BE474915166B61B84C025F1F10157] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.02/04/2014 - 23:23:11.) -- C:\Windows\system32\Drivers\AFD.sys [563200]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22/08/2013 - 09:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22/08/2013 - 08:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22/08/2013 - 05:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352]
[MD5.A03F362C5557E238CBFA914689C77248] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.06/03/2014 - 06:22:50.) -- C:\Windows\system32\Drivers\DfsC.sys [134144]
[MD5.498288DD5CA42C2D36D125893E968C53] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.18/03/2014 - 05:19:14.) -- C:\Windows\system32\Drivers\HDAudBus.sys [77312]
[MD5.84CFC5EFA97D0C965EDE1D56F116A541] - (.Microsoft Corporation - Driver de porta i8042.) (.22/08/2013 - 08:39:15.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520]
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) (.27/11/2013 - 09:02:29.) -- C:\Windows\system32\Drivers\IpNat.sys [142848]
[MD5.0696F66E4D423793951A60562F794D14] - (.Microsoft Corporation - Minirdr SMB do Windows NT.) (.02/04/2014 - 23:23:05.) -- C:\Windows\system32\Drivers\MRxSmb.sys [402432]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.22/08/2013 - 08:37:02.) -- C:\Windows\system32\Drivers\netBT.sys [282624]
[MD5.1C80517BE6836A812F6A9B99B8321351] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.20/03/2014 - 00:41:24.) -- C:\Windows\system32\Drivers\ntfs.sys [2013016]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Driver de porta paralela.) (.22/08/2013 - 08:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22/08/2013 - 08:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecionador do Dispositivo RDP da Microsoft.) (.14/11/2013 - 04:15:59.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.22/08/2013 - 10:25:35.) -- C:\Windows\system32\Drivers\tdx.sys [107520]
[MD5.4BB9BC49DEE1A319EC58274A7BBED663] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.06/03/2014 - 09:42:44.) -- C:\Windows\system32\Drivers\volsnap.sys [310616]
~ Generic Processes: Scanned in 00mn 01s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 2/301
~ Mes musiques (My Musics) : 88/338
~ Mes Videos (My Videos) : 1/4
~ Mes Favoris (My Favorites) : 1/5
~ Mes Documents (My Documents) : 4/273
~ Mon Bureau (My Desktop) : 1/111
~ Menu demarrer (Programs) : 1/33
~ Hidden Files: Scanned in 00mn 05s



---\\ Processos lançados
[MD5.AF7D020692E8E63051CAEE1BB84740C2] - (.IVT Corporation - Bluetooth Application.) -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [322744] [PID.24888]
[MD5.52A15203DD8B6EB9F6C7D675D6D773A5] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8067072] [PID.13048]
~ Processes Running: Scanned in 00mn 00s



---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
~ IE Browser: 16 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 19



---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: Yabazam 3D Movies.lnk . (.DDD Group Plc. - TriDef Launcher NA.) -- C:\Program Files (x86)\TriDef 3D\InstallManager\TriDefLauncherNA.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O4 - GS\QuickLaunch [CRISTIANOM]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\CRISTIANOM\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\Desktop [CRISTIANOM]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\CRISTIANOM\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 3 Legitimates Filtered in 00mn 35s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [PowerManager] . (.LG Electronics - PowerManager.) -- C:\Program Files\LG Software\LG Power Manager\PowerManager.exe
O4 - HKLM\..\Run: [BTMTrayAgent] . (.Motorola Solutions, Inc. - Bluetooth Shell Extension.) -- C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll
O4 - HKLM\..\Run: [IntelPROSet] . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Framework.) -- C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O4 - HKCU\..\Run: [GarenaPlus] . (.No owner - Garena Plus.) -- C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe
O4 - HKCU\..\Run: [DAEMON Tools Ultra Agent] . (.Disc Soft Ltd - DAEMON Tools Ultra Agent.) -- C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files (x86)\CCleaner\CCleaner64.exe =>.Piriform Ltd
O4 - HKLM\..\Wow6432Node\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [HotkeyManager] . (.LG Electronics Inc. - HotkeyManager.) -- C:\Program Files (x86)\LG Software\LG OSD\HotkeyManager.exe
O4 - HKLM\..\Wow6432Node\Run: [BtTray] . (.IVT Corporation - Bluetooth Application.) -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [amd_dc_opt] . (.AMD - AMD Dual-Core Optimizer.) -- C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKUS\S-1-5-21-3816403609-2671640283-3619375572-1001\..\Run: [GarenaPlus] . (.No owner - Garena Plus.) -- C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe
O4 - HKUS\S-1-5-21-3816403609-2671640283-3619375572-1001\..\Run: [DAEMON Tools Ultra Agent] . (.Disc Soft Ltd - DAEMON Tools Ultra Agent.) -- C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe
O4 - HKUS\S-1-5-21-3816403609-2671640283-3619375572-1001\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files (x86)\CCleaner\CCleaner64.exe =>.Piriform Ltd
~ Application: Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{3323C9A7-2ECC-43CC-B2A4-D02798DFFC66}: DhcpNameServer = 10.10.10.1 10.10.10.2
O17 - HKLM\System\CCS\Services\Tcpip\..\{70FB7BAC-FEA9-490C-994A-9CE638498217}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{3323C9A7-2ECC-43CC-B2A4-D02798DFFC66}: DhcpDomain = emlink.com.br
O17 - HKLM\System\CS1\Services\Tcpip\..\{3323C9A7-2ECC-43CC-B2A4-D02798DFFC66}: DhcpNameServer = 10.10.10.1 10.10.10.2
O17 - HKLM\System\CS1\Services\Tcpip\..\{70FB7BAC-FEA9-490C-994A-9CE638498217}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{3323C9A7-2ECC-43CC-B2A4-D02798DFFC66}: DhcpDomain = emlink.com.br
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.10.10.1 10.10.10.2
~ Domain: Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Software instalados (042)
O42 - Logiciel: Cross Fire AL - (.Z8Games.com.) [HKLM][64Bits] -- Cross Fire AL_is1
O42 - Logiciel: IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva - (.Receita Federal do Brasil.) [HKLM][64Bits] -- IRPF2014
O42 - Logiciel: P-Patchs HQ 2.0 Versão 1.0 - (.Pes-Patchs™ Pc.) [HKLM][64Bits] -- P-Patchs HQ 2.0 ID_mp1
O42 - Logiciel: Receitanet - (.Serpro - Serviço Federal de Processamento de Dados.) [HKLM][64Bits] -- ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5
~ Logic: 28 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\ARAR]
[HKLM\Software\Wow6432Node\SmartUpdater]
[HKLM\Software\Wow6432Node\TimeGate Studios]
~ Key Software: 205 Legitimates Filtered in 00mn 01s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 28/05/2014 - 02:27:58 - [] ----D C:\Program Files (x86)\ARAR
O43 - CFD: 13/03/2014 - 11:50:07 - [] ----D C:\Program Files (x86)\Programas RFB
O43 - CFD: 18/05/2014 - 03:23:10 - [] ----D C:\Users\CRISTIANOM\AppData\Roaming\wi_upd
O43 - CFD: 05/05/2014 - 13:58:56 - [] ----D C:\Users\CRISTIANOM\AppData\Roaming\xim
O43 - CFD: 26/05/2014 - 01:09:20 - [] ----D C:\Users\CRISTIANOM\AppData\Local\com
O43 - CFD: 09/05/2014 - 22:18:42 - [] ----D C:\Users\CRISTIANOM\AppData\Local\Disc_Soft_Ltd
O43 - CFD: 13/03/2014 - 11:48:48 - [] ----D C:\Users\CRISTIANOM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014
~ Program Folder: 151 Legitimates Filtered in 00mn 01s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 12/06/2014 - 13:34:36 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.65D0652252804FB578F766883AF6131B] - 12/06/2014 - 14:01:57 ---A- . (...) -- C:\zoek-results.log [22240]
O44 - LFC:[MD5.B2E3A11200B685489CC78903DA74BD05] - 12/06/2014 - 21:01:53 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [158494]
O44 - LFC:[MD5.9944C44C3BBDC0262C33A02A9BA2F280] - 12/06/2014 - 21:01:53 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [774900]
~ Files: 54 Legitimates Filtered in 00mn 27s



---\\ Chave do registo Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{b5665f34-d70e-11e3-be95-5cc9d3ffc938}\AutoRun\command. (...) -- E:\setup.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 19 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:16/07/2012 - 23:39:22 ---A- . (.Windows (R) Win 7 DDK provider - Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapt.) -- C:\Windows\System32\Drivers\AmpPal.sys [162344]
O58 - SDL:12/08/2013 - 20:25:46 ---A- . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\Drivers\bcmfn2.sys [17624]
O58 - SDL:10/07/2008 - 18:20:40 ---A- . (.CSR, plc - A/V Bluetooth Device.) -- C:\Windows\System32\Drivers\bthav.sys [40448]
O58 - SDL:22/08/2013 - 09:43:32 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [31072]
~ Drivers: 49 Legitimates Filtered in 00mn 08s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.BC849BA56CE71049C5B7234346F94CC0] [SPRF][09/04/2012] (...) -- C:\Users\CRISTIANOM\Desktop\AMCAP.exe [49152]
[MD5.AF3BD1607B9439998093432BAF5FC4AA] [SPRF][27/03/2008] (...) -- C:\Users\CRISTIANOM\Desktop\Kanes Wrath Trainer.exe [1259008]
[MD5.352E8561E633B17ED22012366721FFDC] [SPRF][12/06/2014] (...) -- C:\Users\CRISTIANOM\Desktop\zoek.exe [1285120]
~ Files: 5 Legitimates Filtered in 00mn 00s



---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "TCP Query User{10AF9509-28F5-45FF-8403-32DEAFE6AA51}C:\users\cristianom\appdata\roaming\utorrent\utorrent.exe" | In - Private - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\users\cristianom\appdata\roaming\utorrent\utorrent.exe =>P2P.BitTorrent
O87 - FAEL: "UDP Query User{908219D5-D898-4086-B10C-C51ECF5D683B}C:\users\cristianom\appdata\roaming\utorrent\utorrent.exe" | In - Private - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\users\cristianom\appdata\roaming\utorrent\utorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{DCEC5AC3-46C3-42CC-96BD-99EE117705E2}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\CRISTIANOM\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{C646176A-C79A-4FA5-A596-71FC03D06D34}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\CRISTIANOM\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Firewall: 4 Legitimates Filtered in 00mn 02s



---\\ Listagem dos dados da chave NameSpace (MNS) (O92)
O92 - MNS: - {1CF1260C-4DD0-4ebb-811F-33C572699FDE}
O92 - MNS: - {374DE290-123F-4565-9164-39C4925E467B}
O92 - MNS: - {3ADD1653-EB32-4cb0-BBD7-DFA0ABB5ACCA}
O92 - MNS: - {A0953C92-50DC-43bf-BE83-3742FED03C9C}
O92 - MNS: - {A8CDFF1C-4878-43be-B5FD-F8091C1C60D0}
O92 - MNS: - {B4BFCC3A-DB2C-424C-B029-7FE99A87C641}
~ MNS: 6 Legitimates Filtered in 00mn 00s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 29/01/2014 279000 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Demand 28/04/2014 813328 | (Disc Soft Bus Service) . (.Disc Soft Ltd.) - C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe
SS - | Demand 18/07/2012 272176 | (MyWiFiDHCPDNS) . (...) - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
SS - | Demand 10/07/1658 0 | (npggsvc) . (.INCA Internet Co., Ltd..) - C:\WINDOWS\system32\GameMon.des
SS - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SS - | Demand 22/08/2013 37768 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 18/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 16/07/2012 731688 | (AMPPALR3) . (.Intel Corporation.) - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
SR - | Auto 11/01/2012 1191120 | (BlueSoleilCS) . (.IVT Corporation.) - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
SR - | Auto 08/08/2012 1091520 | (Bluetooth Device Monitor) . (.Motorola Solutions, Inc..) - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
SR - | Auto 08/08/2012 1112000 | (Bluetooth OBEX Service) . (.Motorola Solutions, Inc..) - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
SR - | Demand 11/01/2012 143936 | (BsHelpCS) . (.IVT Corporation.) - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
SR - | Auto 02/05/2012 135952 | (BTHSSecurityMgr) . (.Intel(R) Corporation.) - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
SR - | Auto 18/07/2012 627504 | (EvtEng) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
SR - | Auto 13/07/2012 2451456 | (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
SR - | Auto 18/07/2012 149296 | (RegSrvc) . (.Intel(R) Corporation.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
SR - | Demand 10/07/1658 0 | (WdNisSvc) . (...) - C:\Program Files (x86)\Windows Defender\NisSrv.exe
SR - | Auto 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 18/07/2012 2699568 | (ZeroConfigService) . (.Intel® Corporation.) - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
~ Services: Scanned in 00mn 20s



---\\ Scâner Aditional (088)
Database Version : 13026 - (12/06/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0

~ Additionnel Scan: 272657 Items scanned in 00mn 58s



---\\ Informações complémentaires do módulos
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Internet Explorer, Proxy Management (R5)
~ AMI: 1 Legitimates Filtered in 00mn 00s



---\\ Sumário das deteções encontradas na sua estação
~ MSI: 0 link(s) detected in 00mn 00s



~ 608 Legitimates filtered by white list
End of the scan (366 lines in 03mn 31s)(0)

Como está o PC depois destes procedimentos?

  parou de travar mais, ficou mais rápido para abrir arquivos, e o internet explorer não abre mais naquela pagina inicial chata, será que posso instalar o chrome e o mozila novamente?

Fico feliz que o problema tenha sido resolvido.

Só para finalizar siga estes tutoriais abaixo, por gentileza:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
_______________________________________________________________________________________________________________________

Para remover os programas usados na limpeza deste PC e criar um novo ponto de restauração seguro e sem problemas, utilize o DelFix seguindo as dicas [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].
_______________________________________________________________________________________________________________________

Foi um prazer ajudar. Conte sempre conosco!

 Eu agradeço, você me ajudou muito  !

Com relação aos programas eu preciso apagar mesmo do pc? ou posso deixa-los arquivados para uma posterior utilização?
O pc da minha namorada esta com o mesmo problema, posso seguir o mesmo processo do meu ou faço por aqui com você assim como fiz como o meu?

Com relação aos programas eu preciso apagar mesmo do pc? ou posso deixa-los arquivados para uma posterior utilização?

é importante desinstalá-los, porque eles não tem como atualizar e depois de um tempo eles ficariam totalmente defasados. Se um dia for preciso usar de novo é só baixar novamente.
___________________________________________________________________

O pc da minha namorada esta com o mesmo problema, posso seguir o mesmo processo do meu ou faço por aqui com você assim como fiz como o meu?

Cada caso é um caso, é importante criar um novo tópico para tratarmos da desinfecção do PC de sua namorada separadamente.

CASO RESOLVIDO

Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.