(RESOLVIDO) Ajuda para eliminar o Awesomehp

Você copiou o log que está em C:\zoek-results.txt ?

Zoek.exe v5.0.0.0 Updated 07-February-2014
Tool run by Andr‚ on 08/02/2014 at 15:33:31,26.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\ANDR~1\Downloads\zoek.exe    [Scan all users] [Script inserted]

==== System Restore Info ======================

08/02/2014 15:35:26 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2896955948-1038809944-383079529-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\savesenselive deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\savesenselive deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\savesenselivem deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\savesenselivem deleted successfully

agora está certo. Só que está incompleto o log, parece que a limpeza do Zoek ainda não terminou ou então você não copiou o log inteiro.

quantas horas demora pra terminar ? aqui parou em 15:43H

Ele costuma ser rápido, normalmente é em torno de meia hora. Só que ele às vezes trava, aí é só reiniciar o PC e tentar novamente que costuma dar certo da segunda vez.

Para não travar é só ir dando uma acompanhada no relatório que ele mostra na tela dele, quando fica vários minutos sem mudar nada e sem a luz do processador do computador indicar atividade, é porque travou.

oek.exe v5.0.0.0 Updated 07-February-2014
Tool run by Andr‚ on 08/02/2014 at 18:24:06,63.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\ANDR~1\Downloads\zoek(2).exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-02-08-174357.log 1113 bytes
C:\zoek-results2014-02-08-200442.log 1534 bytes

==== System Restore Info ======================

08/02/2014 18:25:19 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================


==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

Como faço depois de reiniciar meu pc para executar o zoek?

cliquei em run scripit
começou a rodar e logo parou de novo

Firefox Fix 18:33:37,24
não passa daqui

As palavras em vermelho tenho que coloca-las de novo na parte branca?

Zoek.exe v5.0.0.0 Updated 07-February-2014
Tool run by Andr‚ on 08/02/2014 at 19:02:20,37.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\ANDR~1\Downloads\zoek(2).exe [Scan all users]   [Quick Scan] [Auto Clean]

==== Older Logs ======================

C:\zoek-results2014-02-08-174357.log 1113 bytes
C:\zoek-results2014-02-08-200442.log 1534 bytes
C:\zoek-results2014-02-08-203337.log 787 bytes

==== Empty Folders Check ======================

C:\PROGRA~2\ArcSoft deleted successfully
C:\PROGRA~2\dumps deleted successfully
C:\PROGRA~2\Hoplon deleted successfully
C:\PROGRA~2\Level Up Games deleted successfully
C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully
C:\Program Files\office.tmp deleted successfully
C:\ProgramData\Oracle deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-2896955948-1038809944-383079529-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{98889811-442D-49DD-99D7-DC866BE87DBC} deleted successfully
HKEY_USERS\S-1-5-21-2896955948-1038809944-383079529-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{2EECD738-5844-4A99-B4B6-146BF802613B} deleted successfully
HKEY_USERS\S-1-5-21-2896955948-1038809944-383079529-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{EF7BD87A-8024-11E2-F316-F3E56188709B} deleted successfully
HKEY_USERS\S-1-5-21-2896955948-1038809944-383079529-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} deleted successfully
HKEY_USERS\S-1-5-21-2896955948-1038809944-383079529-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{71e129ff-6c2a-4984-818c-7e2c998b8d99} deleted successfully

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

"C:\Windows\Installer\175cc25.msi" not found
C:\PROGRA~2\Mario Forever deleted
C:\PROGRA~2\RightSurf deleted
C:\PROGRA~2\SaveSenseLive deleted
C:\found.000 deleted
C:\found.001 deleted
C:\ProgramData\FileSplitUpLoad.dll deleted
C:\ProgramData\Baidu deleted
C:\ProgramData\SaveSenseLive deleted
C:\ProgramData\SoftWarehouse deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mario Forever deleted
C:\Users\ANDR~1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaveSense deleted
C:\Users\ANDR~1\Downloads\DownloadManagerSetup(1).exe deleted
C:\Users\ANDR~1\Downloads\DownloadManagerSetup.exe deleted
C:\Users\ANDR~1\Downloads\SoftonicDownloader_for_fergo-screenshot.exe deleted
C:\windows\SysNative\tasks\SaveSense deleted
C:\Windows\tasks\SaveSense.job deleted
C:\windows\SysNative\tasks\Baidu Antivirus Update deleted
C:\windows\SysNative\tasks\Baidu PC Faster Update deleted
C:\windows\SysNative\tasks\Digital Sites deleted
C:\Windows\tasks\Digital Sites.job deleted
C:\Windows\Syswow64\InstallUtil.InstallLog deleted
C:\Windows\Syswow64\FAPA0E5.tmp deleted
C:\Windows\Syswow64\FAPA29C.tmp deleted
C:\Windows\Syswow64\FAPD17B.tmp deleted
C:\Windows\Syswow64\sho199E.tmp deleted
C:\Windows\Syswow64\sho3F9C.tmp deleted
C:\Windows\Syswow64\sho40F7.tmp deleted
C:\Windows\Syswow64\shoCBDA.tmp deleted
C:\Windows\Syswow64\shoE475.tmp deleted
C:\Windows\SysWow64\AI_RecycleBin deleted
C:\Windows\SysWow64\searchplugins deleted
C:\Windows\SysWow64\Extensions deleted
C:\Users\ANDR~1\Desktop\FREE Games.url deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\ANDR~1\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2014-02-08 16:10:08 4C182BDB0E01582B29E2A38ABD6ACE44 29 ----a-w- C:\Windows\SysWOW64\config.ini
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
====== C:\Windows\Sysnative\drivers =====
2014-02-08 16:51:03 90FC18CBEFCD54BE4288541558E5187E 83264 ----a-w- C:\Windows\Sysnative\drivers\BprotectEx.sys
2014-02-08 16:10:30 F4C1984178175ACE4A75BE23059C3E0A 128992 ----a-w- C:\Windows\Sysnative\drivers\Bprotect.sys
2014-02-08 16:10:30 DFC1681F6645CB2AEA83897588F05362 34624 ----a-w- C:\Windows\Sysnative\drivers\Bfmon.sys
2014-02-08 16:10:30 37F5CDA64FC515B3072531C1187EDCCA 52032 ----a-w- C:\Windows\Sysnative\drivers\Bfilter.sys
2014-01-22 11:26:47 6E42F2E5B5BDE3FE4066C9B2D6091E17 23624 ----a-w- C:\Windows\Sysnative\drivers\efimon.sys
2014-01-22 11:20:37 CF54BC5630C200393369DDD1A5B63261 71360 ----a-r- C:\Windows\Sysnative\drivers\360AvFlt.sys
2014-01-15 14:49:44 FFA06EF43987ED0DD42AD59B260C0C78 7808 ----a-w- C:\Windows\Sysnative\drivers\usbd.sys
2014-01-15 14:49:44 DD253AFC3BC6CBA412342DE60C3647F3 30720 ----a-w- C:\Windows\Sysnative\drivers\usbuhci.sys
2014-01-15 14:49:44 DCA68B0943D6FA415F0C56C92158A83A 99840 ----a-w- C:\Windows\Sysnative\drivers\usbccgp.sys
2014-01-15 14:49:44 8D1196CFBB223621F2C67D45710F25BA 343040 ----a-w- C:\Windows\Sysnative\drivers\usbhub.sys
2014-01-15 14:49:44 765A92D428A8DB88B960DA5A8D6089DC 25600 ----a-w- C:\Windows\Sysnative\drivers\usbohci.sys
2014-01-15 14:49:44 18A85013A3E0F7E1755365D287443965 53248 ----a-w- C:\Windows\Sysnative\drivers\usbehci.sys
2014-01-15 14:49:44 12FEB33791920678F8433701C822BCFD 325120 ----a-w- C:\Windows\Sysnative\drivers\usbport.sys
2014-01-15 14:48:54 3555BA97171CD153118F73FDCCC8BFDE 376768 ----a-w- C:\Windows\Sysnative\drivers\netio.sys
====== C:\Windows\Tasks ======
2014-02-08 00:56:29 7AF83EC3E658ABDE4CA4D2FBFFE68194 3152 ----a-w- C:\Windows\Sysnative\Tasks\{CA54E1B1-D3A6-4CF5-B508-D0097737EA3B}
2014-02-02 17:17:20 6D16E065E375D9A6D68D85965D8F5564 3338 ----a-w- C:\Windows\Sysnative\Tasks\SpyHunter4Startup
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-02-02 01:43:22 -------- d-----w- C:\Program Files\Enigma Software Group
2014-01-22 11:09:31 -------- d-----w- C:\Program Files\PDFCreator
======= C:\PROGRA~2 =====
2014-02-08 16:50:17 -------- d-----w- C:\PROGRA~2\Tweaks
2014-02-08 16:09:25 -------- d-----w- C:\PROGRA~2\MiPony
2014-02-05 21:44:00 -------- d-----w- C:\PROGRA~2\ZHPDiag
2014-02-03 21:30:13 -------- d-----w- C:\PROGRA~2\COMMON~1\Overwolf
2014-02-02 17:17:18 -------- d-----w- C:\PROGRA~2\Enigma Software Group
2014-01-22 11:09:33 -------- d-----w- C:\PROGRA~2\GPLGS
2014-01-22 10:56:50 -------- d-----w- C:\PROGRA~2\Free PDF to Word Doc Converter
======= C: =====
2014-02-02 01:43:41 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat
====== C:\Users\ANDR~1\AppData ======
2014-02-08 16:56:28 -------- d-----w- C:\Users\André\AppData\Roaming\Mipony
2014-02-08 16:50:48 -------- d-----w- C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster
2014-02-08 16:50:20 -------- d-----w- C:\Users\André\AppData\Roaming\1H1Q
2014-02-08 16:09:37 -------- d-----w- C:\Users\André\AppData\Roaming\SaveSense
2014-02-08 16:09:37 -------- d-----w- C:\Users\André\AppData\Local\SaveSenseLive
2014-02-08 16:09:26 -------- d-----w- C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MiPony
2014-02-08 16:09:26 -------- d-----w- C:\Users\André\AppData\Local\SaveSense
2014-02-05 21:44:00 -------- d-----w- C:\Users\André\AppData\Roaming\ZHP
2014-02-02 17:17:18 -------- d-----w- C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2014-01-25 12:31:48 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\PSafe
2014-01-25 12:23:14 -------- d-----w- C:\Users\André\AppData\Locallow\360WD
2014-01-24 14:12:14 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Locallow\360WD
2014-01-23 14:41:59 -------- d-----w- C:\Users\André\AppData\Roaming\PSafe
2014-01-22 11:26:46 -------- d-----w- C:\Users\André\AppData\Local\PSafe
2014-01-22 11:10:07 E8219D4C93F6C55C6B10FE6BFE997C6C 5 ----a-w- C:\Users\André\AppData\Roaming\WBPU-TTL.DAT
2014-01-22 11:09:34 -------- d-----w- C:\Users\André\AppData\Roaming\DigitalSites
2014-01-15 21:39:11 -------- d-----w- C:\Users\André\AppData\Roaming\rmi
2014-01-15 08:41:48 9497DFF59539A53C30A6393A00EB868E 119088 ----a-w- C:\Users\André\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-15 08:40:00 D2F6097F4E1AAF7B670E9A6F712E9C59 1858624 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat
====== C:\Users\ANDR~1 ======
2014-02-08 16:50:50 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster
2014-02-08 16:50:19 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Magic
2014-02-08 16:10:01 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus
2014-02-08 16:09:26 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiPony
2014-02-05 21:44:01 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-01-22 11:20:27 -------- d-----r- C:\Windows\sysWoW64\config\systemprofile\Desktop
2014-01-22 11:10:10 -------- d-----w- C:\ProgramData\PSafe
2014-01-22 11:09:35 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Creator
2014-01-22 10:56:50 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free PDF to Word Doc Converter

====== C: exe-files ==
2014-02-08 16:09:26 A52203C4AF80D98800611271F7ACA786 56332 ----a-w- C:\Program Files (x86)\MiPony\uninst.exe
2014-02-07 21:30:47 F0A4A0BD0CEC00823B31A1C2C7F3815B 569856 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\OpenVR\bin\vrcmd.exe
2014-02-07 21:30:47 D5E86CD24F6E7255BA120E6B1FCA26F8 721408 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\OpenVR\bin\vrcmd_x64.exe
2014-02-07 21:30:47 5CD08AC841E8A3AC73AC7BB35CBF0CB3 598528 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\OpenVR\bin\vrserver.exe
2014-02-07 18:53:14 2904BDE55BBE2CE52B55EE957228DBFA 88768 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
2014-02-07 18:53:07 448AD94671BFDF1E3BFF27566BB22768 79360 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\shadercompile.exe
2014-02-07 18:53:00 DD05AAECAC4AD5CDE2BF820C71DA85E7 133120 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\splitskybox.exe
2014-02-07 18:52:56 98EF96E3129CBA1CF51B5FAC0F4E4D6D 144896 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\hammer.exe
2014-02-07 18:52:55 CC825D4C74006300C3D7253891440890 197120 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\glview.exe
2014-02-07 18:52:48 A8F3E4B4BD3F6F9BC540D4F3AE570702 178176 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\captioncompiler.exe
2014-02-07 18:49:55 FA41D15061F7E769DD0A1D33BF122303 1912832 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\studiomdl.exe
2014-02-07 18:49:55 DE1765E52242AD017359A1F38BAC3B35 1453056 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\vbsp.exe
2014-02-07 18:49:55 6EB8B3EF5F3543FC80C1BD4D3A93488D 301056 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\motionmapper.exe
2014-02-07 18:49:55 6701CAD42388641C3CB9015A26AE8021 460800 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\hlmv.exe
2014-02-07 18:49:55 66AF094EC756E18A0DDB72BAEC940FC1 700928 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\mksheet.exe
2014-02-07 18:49:55 54217524E0802ECDC67D10D62FCD20D9 2737664 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\qc_eyes.exe
2014-02-07 18:49:55 4231272C8A0A58E090A4938FAF586C8C 683008 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\normal2ssbump.exe
2014-02-07 18:49:55 13278934AD8F942BD11DC997967A2DC2 630272 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\pfm2tgas.exe
2014-02-07 18:49:54 E3397D585AC3219856223C60780D256D 564224 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\dmxconvert.exe
2014-02-07 18:49:54 DDE61E3EFAA04AC9054905A2B00C50B7 3236352 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\elementviewer.exe
2014-02-07 18:49:54 CF39255CCC18E76BBEEDFC63ACFE5148 424960 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\bspzip.exe
2014-02-07 18:49:54 9A1F47C2FEFA4785F04DF1E6F0E6F512 1696768 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\dmxedit.exe
2014-02-07 18:49:54 8E0B9DE0EEE86576453DAE0B1E301EF8 698880 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\height2ssbump.exe
2014-02-07 18:49:54 8D16B7FD74EB7748EF65C07AE8441487 687104 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\height2normal.exe
2014-02-07 18:49:54 4DB24ECC754202A67D3C15B6368D50E2 1670144 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\hlfaceposer.exe
2014-02-06 02:25:04 5FFDA96330357A914A69D79BE1988A38 571816 ----a-w- C:\Program Files (x86)\Common Files\Steam\SteamServiceTmp.exe
2014-02-05 21:10:13 D9D0D3C95A6985BF2F0D33218DEE8806 188928 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\vtex.exe
2014-02-05 19:59:15 D11456752B635143D72294B517BBAB62 288680 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
2014-02-05 19:59:15 9EF58C3442D8D4A3C4FE743F96B845B2 3209216 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\studiomdl.exe
2014-02-05 19:59:15 8F5B13AD3B80B28448F40D2BBFF1F69C 2745856 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\hlmv.exe
2014-02-05 19:59:15 2D38491A9BD219E6EA236FA77969E3A3 799744 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\dmxconvert.exe
2014-02-04 20:16:22 BA7524A2D91F895CE7502C78B6A4CBAF 732888 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\32.0.1700.107\32.0.1700.107_32.0.1700.102_chrome_updater.exe
=== C: other files ==
2014-02-08 20:56:15 10EAD99AD1AD816C7AD2F7EE9C47601A 2479 ----a-w- C:\Users\André\AppData\Local\Purplizer\certificates\x509\tls_peers\local-bay-people.directory.live.com
2014-02-08 20:56:14 10EAD99AD1AD816C7AD2F7EE9C47601A 2479 ----a-w- C:\Users\André\AppData\Local\Purplizer\certificates\x509\tls_peers\omega.contacts.msn.com
2014-02-08 20:56:07 B46F540165CAE0C420DED82B16EBCEA7 1885 ----a-w- C:\Users\André\AppData\Local\Purplizer\certificates\x509\tls_peers\chat.facebook.com
2014-02-08 17:00:16 DFB8D08F2FD68D58239045B366D68CE2 10261 ----a-w- C:\Users\André\AppData\Local\Temp\jrt\JRT.bat
2014-02-08 17:00:16 CC6C23C02BE66014AD87F2678BBB3A1D 8117 ----a-w- C:\Users\André\AppData\Local\Temp\jrt\modules.bat
2014-02-08 17:00:16 C4A5476A9D54B400F1623A2EE7DDA5C5 13955 ----a-w- C:\Users\André\AppData\Local\Temp\jrt\chrome.bat
2014-02-08 17:00:16 B964B792D3692699CD7D4FDB63EE470E 1239 ----a-w- C:\Users\André\AppData\Local\Temp\jrt\FWPolicy.bat
2014-02-08 17:00:16 B45931E5313CB14CAA0F2BC3DA30E6FC 29648 ----a-w- C:\Users\André\AppData\Local\Temp\jrt\ask.bat
2014-02-08 17:00:16 AE697BC275F5B52FB9E1164F14FB18F8 151936 ----a-w- C:\Users\André\AppData\Local\Temp\jrt\firefox.bat
2014-02-08 17:00:16 868D0E22DC055BA214D7EC71600F2CFA 16063 ----a-w- C:\Users\André\AppData\Local\Temp\jrt\get.bat
2014-02-08 17:00:16 80D02380F1AC33E459324B088392A1EC 732 ----a-w- C:\Users\André\AppData\Local\Temp\jrt\ev_clear.bat
2014-02-08 17:00:16 75C9C20DD9839BF287B43B0E179822DC 31414 ----a-w- C:\Users\André\AppData\Local\Temp\jrt\iexplore.bat
2014-02-08 17:00:16 7178963AEE641F3E47E1CE22416F8A3A 9295 ----a-w- C:\Users\André\AppData\Local\Temp\jrt\runvalues.bat
2014-02-08 17:00:16 654E9FE74B930A454EE5BDE165794B65 85 ----a-w- C:\Users\André\AppData\Local\Temp\jrt\delorphans.bat
2014-02-08 17:00:16 58605DA3492FB918D3D40B1FB88046AE 39471 ----a-w- C:\Users\André\AppData\Local\Temp\jrt\prelim.bat
2014-02-08 17:00:16 372EA6F783198102CF5779072EE78C79 24751 ----a-w- C:\Users\André\AppData\Local\Temp\jrt\searchlnk.bat
2014-02-08 17:00:16 1FBF882AA934A741530741FC134872A3 1243 ----a-w- C:\Users\André\AppData\Local\Temp\jrt\TDL4.bat
2014-02-08 17:00:16 14D6EE8B672684E2232FB430D8C4A928 18668 ----a-w- C:\Users\André\AppData\Local\Temp\jrt\medfos.bat
2014-02-08 17:00:16 0768E560CCD86C18F35FAD29DCEA7B80 1820 ----a-w- C:\Users\André\AppData\Local\Temp\jrt\delfolders.bat
2014-02-08 16:51:03 90FC18CBEFCD54BE4288541558E5187E 83264 ----a-w- C:\Windows\System32\drivers\BprotectEx.sys
2014-02-08 16:10:30 F4C1984178175ACE4A75BE23059C3E0A 128992 ----a-w- C:\Windows\System32\drivers\Bprotect.sys
2014-02-08 16:10:30 DFC1681F6645CB2AEA83897588F05362 34624 ----a-w- C:\Windows\System32\drivers\Bfmon.sys
2014-02-08 16:10:30 37F5CDA64FC515B3072531C1187EDCCA 52032 ----a-w- C:\Windows\System32\drivers\Bfilter.sys
2014-02-08 16:09:26 A0B782B0227A865E6CC68574539A84B0 4173 ----a-w- C:\Users\André\AppData\Local\SaveSense\SaveSense.xpi
2014-02-08 16:09:26 7A233FA18FB670B8685271FF01339271 47453 ----a-w- C:\Users\André\AppData\Local\SaveSense\SaveSense.crx
2014-02-07 18:49:55 EBE52760680FBBA183A3E06392188F97 7392448 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\itemtest.com
2014-02-07 16:47:30 9D68A041CE834BD4E0FF32CEF0006A98 9074 ----a-w- C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x2qbhatz.default-1391303851727\extensions\{b9a19c25-a741-47e5-91a2-0b62bef307ff}.xpi
2014-02-02 01:43:41 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat
2014-02-02 01:17:37 BF24E070808CCC552251D1F0B54D1267 50916 ----a-w- C:\Users\André\Desktop\Dados anteriores do Firefox\vsa7c182.default\Extensions\addon@defaulttab.com.xpi
2014-02-02 01:17:37 685638B16B271C87A8B98F180AD70DCE 2830117 ----a-w- C:\Users\André\Desktop\Dados anteriores do Firefox\vsa7c182.default\Extensions\nasanightlaunch@example.com.xpi

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-2896955948-1038809944-383079529-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"EADM"="C:\Program Files (x86)\Origin\Origin.exe -AutoStart"
"Overwolf"="C:\Program Files (x86)\Overwolf\Overwolf.exe -silent"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"Steam"="C:\Program Files (x86)\Steam\steam.exe -silent"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"="c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe"
"Easybits Recovery"="C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe"
"PDF Complete"="C:\Program Files (x86)\PDF Complete\pdfsty.exe"
"avgnt"="C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe /min"
"Razer Synapse"="C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"Magic Desktop for HP notification"="C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe"
"LogMeIn Hamachi Ui"="C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start"
"Baidu Antivirus"="C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavTray.exe -auto"
"Baidu PC Faster 4.0.0.0"="C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFaster.exe -auto -start"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EADM"="C:\Program Files (x86)\Origin\Origin.exe -AutoStart"
"Overwolf"="C:\Program Files (x86)\Overwolf\Overwolf.exe -silent"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"Steam"="C:\Program Files (x86)\Steam\steam.exe -silent"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe"
"BeatsOSDApp"="C:\Program Files\IDT\WDM\beats64.exe"
"SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [04/02/2014 23:33]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [04/09/2013 18:54]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [Undetermined Task]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\RMCreator" [C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe]
"C:\Windows\SysNative\tasks\SpyHunter4Startup" ["C:\Program Files (x86)\Enigma Software Group\SpyHunter\Spyhunter4.exe"]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{69426617-B854-45AB-8310-432A2C58360E}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Total Care Tune-Up" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPTuneUp.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- TrueSuite Website Logon - %AppDir%\extensions\websitelogon@truesuite.com
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
jpgfhihjicjofdejkbjgnjlaglaciobe - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx[03/06/2011 09:55]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\94E9CB85768235142AF3D6263A755299 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\46d34146-4fed-4c29-84b9-ed2d02c08b57 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\cdbecbd0-2e2a-4ce3-ba77-0b88586a4864 deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\André\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=166 folders=43 33459595 bytes)

==== Empty Temp Folders ======================

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\ANDR~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 08/02/2014 at 19:23:58,08 ======================

  Agora ele foi até o final e vários problemas foram removidos.
____________________________________________________________

Siga, por gentileza, as dicas deste tutorial para fazer uma limpeza de seu PC com o Malwarebytes:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Na sua próxima resposta poste este log do Malwarebytes e nos diga como está o seu PC após este procedimento.

Ficamos no aguardo.

Abro o google crome e aparece o awesome hp

Siga as dicas que te passei para executar o Malwarebytes e poste o log dele para podermos analisar, por gentileza.

Sim to passando o malwerebytes aqui no pc.
Desde já muito obrigado pela paciência e a perda de tempo da sua tarde de sábado, um abraço.

Malwarebytes Anti-Malware 1.75.0.1300
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Versão da Base de Dados:  v2014.02.08.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
André :: ANDRÉ-HP [administrador]

08/02/2014 19:50:38
mbam-log-2014-02-08 (19-50-38).txt

Tipo de Verificação:  Verificação Completa  (C:\|D:\|E:\|F:\|Q:\|)
Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos  | Heurística/Extra | Heurística/Shuriken | PUP | PUM
Opções de verificação desativadas: P2P
Objetos escaneados:  616897
Tempo decorrido: 1 hora(s), 30 minuto(s), 18 segundo(s)

Processos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)

Módulos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)

Chaves de Registro Detectadas: 55
HKCR\AppID\{A2D3FB7A-6873-45E8-AF96-57092D721828} (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\CLSID\{A2D3FB7A-6873-45E8-AF96-57092D721828} (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.OnDemandCOMClassSvc.1.0 (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.OnDemandCOMClassSvc (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8} (PUP.Optional.MySearchDial.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} (PUP.Optional.BrowseFox.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B} (PUP.Optional.MySearchDial.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0} (PUP.Optional.MySearchDial.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\Typelib\{FBC322D5-407E-4854-8C0B-555B951FD8E3} (PUP.Optional.MySearchDial.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671} (PUP.Optional.MySearchDial.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A} (PUP.Optional.DefaultTab.A) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A} (PUP.Optional.DefaultTab.A) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2D33ED6-EBBD-467C-BF6F-F175D9B51363} (PUP.Optional.DefaultTab.A) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BAD84EE2-624D-4e7c-A8BB-41EFD720FD77} (PUP.Optional.DefaultTab.A) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SAVESENSELIVE.EXE (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Digital Sites (PUP.Optional.Updater) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLive.OneClickCtrl.9 (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLive.OneClickProcessLauncherMachine (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLive.OneClickProcessLauncherMachine.1.0 (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLive.Update3WebControl.3 (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.CoCreateAsync (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.CoCreateAsync.1.0 (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.CoreClass (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.CoreClass.1 (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.CoreMachineClass (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.CoreMachineClass.1 (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.CredentialDialogMachine (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.CredentialDialogMachine.1.0 (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.OnDemandCOMClassMachine (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.OnDemandCOMClassMachine.1.0 (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback.1.0 (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.ProcessLauncher (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.ProcessLauncher.1.0 (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.Update3COMClassService (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.Update3COMClassService.1.0 (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.Update3WebMachine (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.Update3WebMachine.1.0 (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.Update3WebMachineFallback (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.Update3WebMachineFallback.1.0 (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.Update3WebSvc (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\SaveSenseLiveUpdate.Update3WebSvc.1.0 (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCR\AppID\SaveSenseLive.exe (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCU\full (Trojan.Banker) -> Enviado para a Quarentena e deletado com sucesso.
HKCU\SOFTWARE\SaveSense (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCU\SOFTWARE\SaveSenseLive (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCU\Software\RightSurf (PUP.Optional.RightSurf.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCU\Software\InstallCore\1I1T1Q1S (PUP.Optional.InstallCore.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\SOFTWARE\SaveSenseLive (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\SOFTWARE\MozillaPlugins\@tools.updaterss.com/SaveSenseLive Update;version=3 (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\SOFTWARE\MozillaPlugins\@tools.updaterss.com/SaveSenseLive Update;version=9 (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\Software\awesomehpSoftware (PUP.Optional.Awesomehp.A) -> Enviado para a Quarentena e deletado com sucesso.
HKLM\Software\RightSurf (PUP.Optional.RightSurf.A) -> Enviado para a Quarentena e deletado com sucesso.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SaveSense (PUP.Optional.SaveSense) -> Enviado para a Quarentena e deletado com sucesso.

Valores de Registro Detectadas: 1
HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Data: zr1O1I1S2WtM0U0EtR0A1Q2Y2X -> Enviado para a Quarentena e deletado com sucesso.

Itens de Dados no Registro Detectadas: 0
(Não foram detectados ítens maliciosos)

Pastas Detectadas: 5
C:\Users\André\AppData\Roaming\DigitalSites\UpdateProc (PUP.Optional.Updater) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\André\AppData\Roaming\SaveSense (PUP.Optional.SaveSense) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\André\AppData\Roaming\SaveSense\UpdateProc (PUP.Optional.SaveSense) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\André\AppData\Local\SaveSenseLive (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\André\AppData\Local\SaveSenseLive\CrashReports (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.

Arquivos Detectados: 41
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialApp.dll.vir (PUP.Optional.MySearchDial.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialEng.dll.vir (PUP.Optional.MySearchDial.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialsrv.exe.vir (PUP.Optional.MySearchDial.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll.vir (PUP.Optional.MySearchDial.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.21.0\bh\mysearchdial.dll.vir (PUP.Optional.MySearchDial.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Sbllock\SkinH_EL.dll (Trojan.Dropped.PKD) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\André\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QDI4U2N1\Setup[1].exe (PUP.Optional.RightSurf.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\André\AppData\Roaming\ZHP\Quarantine\File Scout.DIR\filescout.exe (PUP.Optional.FileScout.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\André\Downloads\Assistir emily e alexander – dublado – ver anime online.exe (PUP.Optional.Pcmega) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\André\Downloads\CD - Mc Danilo Boladão - Retorno de Jedai.exe (PUP.Optional.4Shared) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\André\Downloads\CodecPerformerSetup.exe (Adware.InstallBrain) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\André\Downloads\hamachi-2.2.0.100 (1).exe (PUP.Optional.OpenCandy) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\André\Downloads\hamachi-2.2.0.100.exe (PUP.Optional.OpenCandy) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\André\Downloads\PhotoScape_V3.6.3.exe (PUP.Optional.OpenCandy) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\André\Downloads\Setup(1).exe (PUP.Optional.BundleInstaller.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\zoek_backup\C_Users_ANDR~1_Downloads_DownloadManagerSetup(1).exe.vir (PUP.Optional.JumpyApps) -> Enviado para a Quarentena e deletado com sucesso.
C:\zoek_backup\C_Users_ANDR~1_Downloads_DownloadManagerSetup.exe.vir (PUP.Optional.JumpyApps) -> Enviado para a Quarentena e deletado com sucesso.
C:\zoek_backup\C_Users_ANDR~1_Downloads_SoftonicDownloader_for_fergo-screenshot.exe.vir (PUP.Optional.Softonic) -> Enviado para a Quarentena e deletado com sucesso.
C:\zoek_backup\C_PROGRA~2_RightSurf\RightSurf.FirstRun.exe (PUP.Optional.Sambreel.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\zoek_backup\C_PROGRA~2_RightSurf\RightSurfBHO.dll (PUP.Optional.RightSurf.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\zoek_backup\C_PROGRA~2_RightSurf\updateRightSurf.exe (PUP.Optional.RightSurf.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\zoek_backup\C_PROGRA~2_RightSurf\bin\utilRightSurf.exe (PUP.Optional.RightSurf.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\zoek_backup\C_PROGRA~2_SaveSenseLive\Update\SaveSenseLive.exe (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\zoek_backup\C_PROGRA~2_SaveSenseLive\Update\1.3.23.0\goopdate.dll (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\zoek_backup\C_PROGRA~2_SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\zoek_backup\C_PROGRA~2_SaveSenseLive\Update\1.3.23.0\psmachine.dll (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\zoek_backup\C_PROGRA~2_SaveSenseLive\Update\1.3.23.0\psuser.dll (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\zoek_backup\C_PROGRA~2_SaveSenseLive\Update\1.3.23.0\SaveSenseLive.exe (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\zoek_backup\C_PROGRA~2_SaveSenseLive\Update\1.3.23.0\SaveSenseLiveBroker.exe (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\zoek_backup\C_PROGRA~2_SaveSenseLive\Update\1.3.23.0\SaveSenseLiveHandler.exe (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\zoek_backup\C_PROGRA~2_SaveSenseLive\Update\1.3.23.0\SaveSenseLiveOnDemand.exe (PUP.Optional.SaveSense.A) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\André\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe (PUP.Optional.Updater) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\André\AppData\Roaming\DigitalSites\UpdateProc\config.dat (PUP.Optional.Updater) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\André\AppData\Roaming\DigitalSites\UpdateProc\info.dat (PUP.Optional.Updater) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\André\AppData\Roaming\DigitalSites\UpdateProc\prod.dat (PUP.Optional.Updater) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\André\AppData\Roaming\DigitalSites\UpdateProc\STTL.DAT (PUP.Optional.Updater) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\André\AppData\Roaming\DigitalSites\UpdateProc\TTL.DAT (PUP.Optional.Updater) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\André\AppData\Roaming\SaveSense\UpdateProc\config.dat (PUP.Optional.SaveSense) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\André\AppData\Roaming\SaveSense\UpdateProc\STTL.DAT (PUP.Optional.SaveSense) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\André\AppData\Roaming\SaveSense\UpdateProc\TTL.DAT (PUP.Optional.SaveSense) -> Enviado para a Quarentena e deletado com sucesso.
C:\Users\André\AppData\Roaming\SaveSense\UpdateProc\UpdateTask.exe (PUP.Optional.SaveSense) -> Enviado para a Quarentena e deletado com sucesso.

(fim)

  Vários outros problemas foram removidos.

Como está o PC depois disto?

o google chrome abre como awesomehp
não funcionou para o google crome

Vá no menu: Iniciar > Todos os programas > ZHP > Abra o ZHPDiag

|- Clique "PESQUISAR" e aguarde a conclusão!

Poste o relatório que ele gerar em sua próxima resposta.

~ Relatório do ZHPDiag v2014.2.6.4 - Nicolas Coolman  (06/02/2014)
~ Iniciado por André (08/02/2014 21:45:24)
~ Endereço do Website :  http://nicolascoolman.webs.com
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~  Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by user


---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.16476
MFIE: Mozilla Firefox 27.0 (Defaut)
GCIE: Google Chrome v32.0.1700.107

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows Vista (TM) Ultimate, 64-bit Service Pack 1 (Build 6000)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK

---\\ Softwares de proteçao do sistema
Avira Free Antivirus v14.0.2.286
Malwarebytes Anti-Malware versão 1.75.0.1300

---\\ Softwares d'optimização do sistema
CCleaner v3.23 =>Piriform Ltd

---\\ Softwares de partilha do PeerToPeer (P2P)
Pando Media Booster v2.6.0.7

---\\ Monitoramento dos softwares
Adobe Flash Player 12 Plugin
Java 7 Update 45

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4000 MB (50% free)
System Restore: Activé (Enable)
System drive C: has 713 GB (77%) free of 917 GB

---\\ Modo de conexão ao sistema
~ Computer Name: ANDRÉ-HP
~ User Name: André
~ All Users Names: HomeGroupUser$, Convidado, André, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\André\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\André\AppData\Roaming\
~ %Desktop% : C:\Users\André\Desktop\
~ %Favorites% : C:\Users\André\Favorites\
~ %LocalAppData% : C:\Users\André\AppData\Local\
~ %StartMenu% : C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 713 Go of 917 Go)
D: Hard drive, Flash drive, Thumb drive (Free 2 Go of 14 Go)
E: CD-ROM drive (Not Inserted)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)
Q: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 49 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.12/04/2012 - 02:23:02.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.9B6678DB9C6A232C5A84D2FDFFF8B0E1] - (.Microsoft Corporation - Internet Extensions para Win32.) (.26/11/2013 - 04:07:57.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.21/11/2010 - 00:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.21/11/2010 - 00:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.27/09/2013 - 22:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.12/04/2012 - 02:24:56.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 00:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.12/04/2013 - 11:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 00:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.DF8126BD41180351A093A3AD2FC8903B] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.12/04/2012 - 02:21:22.) -- C:\Windows\system32\Drivers\volsnap.sys [296320]
~ Generic Processes:  Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 2/254
~ Mes musiques (My Musics) : 1/21
~ Mes Videos (My Videos) : 1/174
~ Mes Favoris (My Favorites) : 1/9
~ Mes Documents (My Documents) : 1/12065
~ Mon Bureau (My Desktop) : 1/920
~ Menu demarrer (Programs) : 1/54
~ Hidden Files:  Scanned in 00mn 10s



---\\ Processos lançados
[MD5.455E1076802F2BE732AC2C066359A9F6] - (.HP - TouchControl.) -- C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe   [653128] [PID.1908]
[MD5.4FAEE05B33E3F48B93860D12FC7F56A8] - (.Enigma Software Group USA, LLC. - SpyHunter4 application.) -- C:\Program Files (x86)\Enigma Software Group\SpyHunter\Spyhunter4.exe   [3021720] [PID.1200]  =>Crapware.SpyHunter
[MD5.488EEBAF1862551C7C9CF127A5AAB2A9] - (.HP - BioMonitor.) -- C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe   [142664] [PID.1700]
[MD5.554A50B5310E702029D3A675459108FF] - (.Hewlett-Packard - hpsysdrv.) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe   [62768] [PID.3824]
[MD5.CD46A430C171AC07C1434A788AB5993D] - (.Overwolf LTD - Overwolf.) -- C:\Program Files (x86)\Overwolf\Overwolf.exe   [37632] [PID.3892]
[MD5.DD24014C9B892A19E1B5E684AD6B2EAF] - (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe   [1815976] [PID.3908]
[MD5.5516C26A6AF8EB4E2CAB48EC98A74398] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe   [54576] [PID.3956]
[MD5.DD231039B13EC2ABDE315D76E658EF0E] - (.Avira Operations GmbH & Co. KG - Antivirus System Tray Tool (Desktop).) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe   [684600] [PID.3992]
[MD5.5913D12D86D43FD4D3C1A67A8E081770] - (.Razer Inc. - Razer Synapse.) -- C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe   [442712] [PID.4008]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe   [254336] [PID.4080]
[MD5.BDEFC081D02C162DCB90738BE432D66B] - (.Easybits - Software update notification.) -- C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe   [1258504] [PID.3520]
[MD5.02B7AE9FBEFCF00E0DCB3390EB9EB6B5] - (.Baidu, Inc. - Baidu Antivirus Tray Application.) -- C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavTray.exe   [1177960] [PID.2040]  =>Adware.BDSearch
[MD5.301B95F8BD50A1C581CCBF786717E98A] - (.Baidu Inc. - PC Faster Tray.) -- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PcfTray.exe   [1300672] [PID.4752]  =>Adware.BDSearch
[MD5.A303B11143983D28B83007D818F4BB11] - (.Overwolf LTD - Overwolf.) -- C:\Program Files (x86)\Overwolf\Purplizer\Purplizer.exe   [180992] [PID.6580]
[MD5.E287233EF87AA90FC9D4DD31575DF3DF] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe   [275568] [PID.3096]
[MD5.7DCE7A74764EB7C67D21A32BC579453D] - (.Oracle Corporation - Java(TM) Update Checker.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe   [507264] [PID.1600]
[MD5.4BDF29F145793074F9E370EFD10D54F4] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe   [18544] [PID.7056]
[MD5.00FCB1A620DAE030FBF2FD39C2F334CB] - (.Adobe Systems, Inc. - Adobe Flash Player 12.0 r0.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe   [1863048] [PID.3976]
[MD5.47D7F5E049E3FAA24176FB92859C552B] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe   [8333824] [PID.4244]
[MD5.71CDC1D7F58D5EC49EBC2E2332AD3FAE] - (.HP - HP Service.) -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe   [264008] [PID.840]
[MD5.82699E5EDE403F59FC4384D39EB77B52] - (.Enigma Software Group USA, LLC. - Service scanner interface.) -- C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4Service.exe   [327064] [PID.0]  =>Crapware.SpyHunter
[MD5.FE79366FECD444A16CCA9979134DBEA8] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe   [440376] [PID.1684]
[MD5.FDE9C7030FB1E9E2715E113EE6A10F90] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe   [440376] [PID.1436]
[MD5.87D1AA69D3AA08EF4FEC0BFDF1352451] - (.Baidu, Inc. - Baidu Antivirus Service.) -- C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BAVSvc.exe   [1923376] [PID.1964]  =>Adware.BDSearch
[MD5.F46F889DBBDC9F00DD1C04B475FE5BFD] - (.Baidu, Inc. - Baidu Antivirus Hips Service.) -- C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BHipsSvc.exe   [459416] [PID.2132]  =>Adware.BDSearch
[MD5.CA793DCC1D5F619021EF1D37CC7A831E] - (.EasyBits Software AS - Shared EasyBits services for Windows.) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe   [514232] [PID.2196]
[MD5.BCC4A8B2E2E902F52E7F2E7D8E125765] - (.Hewlett-Packard Company - HP Quick Synchronization Service.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe   [94264] [PID.2532]
[MD5.6C85719A21B3F62C2C76280F4BD36C7B] - (.Intel Corporation - Intel  IPT Host Interface Service.) -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe   [212944] [PID.2588]
[MD5.B88353EFE93AC3C6518415621FD8EBCB] - (.Baidu Inc. - Baidu PC Faster Service.) -- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFasterSvc.exe   [679920] [PID.2696]  =>Adware.BDSearch
[MD5.075CDE4F95ED6119B4BA9162876801F8] - (.PDF Complete Inc - Dispatcher.) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe   [1128952] [PID.2928]
[MD5.3A2E85F7D90D15460C337CE80C2E3B29] - (...) -- C:\Windows\SysWOW64\PnkBstrA.exe   [76888] [PID.3000]
[MD5.39B1D0A636A400304565D4521FAD6D77] - (.Microsoft Corporation - Microsoft Application Virtualization Virtua.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe   [207528] [PID.3184]
[MD5.77C5A741A7452812F278EF2C18478862] - (.Microsoft Corporation - Microsoft Application Virtualization Client.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe   [523944] [PID.4548]
[MD5.FD557A50A65E44041CD2FCEF4BEB04DB] - (.Microsoft Corporation - Microsoft Office Client Virtualization Serv.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.exe   [822504] [PID.5060]
[MD5.D75C4B4A8FE6D7FD74A7EECDBAEC729F] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe   [326168] [PID.5684]
[MD5.758C2CE427C343F780A205E28555C98D] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe   [2656280] [PID.5808]
~ Processes Running:  Scanned in 00mn 00s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\André\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
~ Google Browser: 15 Legitimates Filtered in 00mn 01s



---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
M2 - MFEP: prefs.js [André - x2qbhatz.default-1391303851727\{2d7886a0-85bb-4bf2-b684-ba92b4b21d23}] [] SaveSense v3.0 (..) =>PUP.SaveSense
~ Firefox Browser: 6 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: Baidu Antivirus.lnk . (.Baidu, Inc. - Bav.)  -- C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Bav.exe =>Adware.BDSearch
O4 - GS\Program [Public]: HP Beats Audio.lnk . (.IDT, Inc. - IDT PC Audio.)  -- C:\Windows\System32\idtcpl64.cpl
O4 - GS\QuickLaunch [André]: Conquest Online.lnk . (.TQ Digital Entertainment - No Comment.)  -- C:\Program Files (x86)\GlobalGames\Conquest Online\play.exe
O4 - GS\QuickLaunch [André]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [André]: MiPony.lnk . (.www.mipony.net - Mipony.)  -- C:\Program Files (x86)\MiPony\MiPony.exe
O4 - GS\QuickLaunch [André]: PhotoScape.lnk . (...)  -- C:\Program Files (x86)\PhotoScape\PhotoScape.exe
O4 - GS\TaskBar [André]: aTube Catcher.lnk . (.DsNET - aTube Catcher to download and convert video.)  -- C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
O4 - GS\TaskBar [André]: Battlefield 3.lnk . (.EA Digital Illusions CE AB - Battlefield 3™.)  -- C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
O4 - GS\TaskBar [André]: Conquest Online.lnk . (.TQ Digital Entertainment - No Comment.)  -- C:\Program Files (x86)\GlobalGames\Conquest Online\play.exe
O4 - GS\TaskBar [André]: CrossFire AL.lnk . (.G4box Inc. - crossfirePT_launcher.)  -- C:\Program Files (x86)\Z8Games\CrossFire AL\cfPT_launcher.exe
O4 - GS\TaskBar [André]: CrossFire.lnk . (.G4box Inc. - crossfirePT_launcher.)  -- C:\Program Files (x86)\Z8Games\CrossFire\CF_G4box.exe
O4 - GS\TaskBar [André]: hpDST.lnk . (.Hewlett-Packard Company - Setup Manager.)  -- C:\Program Files (x86)\Hewlett-Packard\Setup Manager\hpDST.exe
O4 - GS\TaskBar [André]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [André]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.)  -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\TaskBar [André]: Overwolf.lnk . (.Overwolf LTD - Overwolf.)  -- C:\Program Files (x86)\Overwolf\Overwolf.exe
O4 - GS\TaskBar [André]: Sbllock.lnk . (...)  -- C:\Sbllock\sbllock.exe
O4 - GS\TaskBar [André]: TeamSpeak 3 Client.lnk . (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.)  -- C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
O4 - GS\Program [André]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [André]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [André]: Baidu PC Faster.lnk . (.Baidu Inc. - PC Faster.)  -- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFaster.exe =>Adware.BDSearch
O4 - GS\Desktop [André]: Free PDF to Word Doc Converter.lnk . (...)  -- C:\Program Files (x86)\Free PDF to Word Doc Converter\pdf2word.exe
O4 - GS\Desktop [André]: SpyHunter.lnk . (.Enigma Software Group USA, LLC. - SpyHunter4 application.)  -- C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter4.exe =>Crapware.SpyHunter
~ Global Startup: 74 Legitimates Filtered in 00mn 01s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [BeatsOSDApp] . (.Hewlett-Packard - HP Beats.) -- C:\Program Files\IDT\WDM\beats64.exe
O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray64.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [hpsysdrv] . (.Hewlett-Packard - hpsysdrv.) -- c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe  =>.Hewlett-Packard Co
O4 - HKCU\..\Run: [EADM] . (.Electronic Arts - Origin.) -- C:\Program Files (x86)\Origin\Origin.exe
O4 - HKCU\..\Run: [Overwolf] . (.Overwolf LTD - Overwolf.) -- C:\Program Files (x86)\Overwolf\Overwolf.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe  =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\steam.exe
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe  =>.Hewlett-Packard Co
O4 - HKLM\..\Wow6432Node\Run: [Easybits Recovery] . (.EasyBits Software AS - No Comment.) -- C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe  =>.EasyBits Software AS
O4 - HKLM\..\Wow6432Node\Run: [PDF Complete] . (.PDF Complete Inc - Sentry for PDF.) -- C:\Program Files (x86)\PDF Complete\pdfsty.exe  =>.PDF Complete Inc
O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Antivirus System Tray Tool (Desktop).) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Wow6432Node\Run: [Razer Synapse] . (.Razer Inc. - Razer Synapse.) -- C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe  =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [Magic Desktop for HP notification] . (.Easybits - Software update notification.) -- C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe
O4 - HKLM\..\Wow6432Node\Run: [LogMeIn Hamachi Ui] . (.LogMeIn Inc. - Hamachi Client Application.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
O4 - HKLM\..\Wow6432Node\Run: [Baidu Antivirus] . (.Baidu, Inc. - Baidu Antivirus Tray Application.) -- C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavTray.exe =>Adware.BDSearch
O4 - HKLM\..\Wow6432Node\Run: [Baidu PC Faster 4.0.0.0] . (.Baidu Inc. - PC Faster.) -- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFaster.exe =>Adware.BDSearch
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2896955948-1038809944-383079529-1000\..\Run: [EADM] . (.Electronic Arts - Origin.) -- C:\Program Files (x86)\Origin\Origin.exe
O4 - HKUS\S-1-5-21-2896955948-1038809944-383079529-1000\..\Run: [Overwolf] . (.Overwolf LTD - Overwolf.) -- C:\Program Files (x86)\Overwolf\Overwolf.exe
O4 - HKUS\S-1-5-21-2896955948-1038809944-383079529-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe  =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-2896955948-1038809944-383079529-1000\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\steam.exe
~ Application:  Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{E733B276-8AE3-49B1-B339-20F46B76EF63}: DhcpNameServer = 189.4.128.61 189.4.128.66
O17 - HKLM\System\CS1\Services\Tcpip\..\{E733B276-8AE3-49B1-B339-20F46B76EF63}: DhcpNameServer = 189.4.128.61 189.4.128.66
O17 - HKLM\System\CS2\Services\Tcpip\..\{E733B276-8AE3-49B1-B339-20F46B76EF63}: DhcpNameServer = 189.4.128.61 189.4.128.66
~ Domain:  Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807553E5-5146-11D5-A672-00B0D022E945} . (...) --
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon:  Scanned in 00mn 00s



---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Baidu Antivirus Service (BAVSvc) . (.Baidu, Inc. - Baidu Antivirus Service.) - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BAVSvc.exe =>Adware.BDSearch
O23 - Service: Baidu Hips Service (BHipsSvc) . (.Baidu, Inc. - Baidu Antivirus Hips Service.) - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BHipsSvc.exe =>Adware.BDSearch
O23 - Service: Baidu PC Faster Service 4.0.0.0 (PCFasterSvc_{PCFaster_4.0.0.0}) . (.Baidu Inc. - Baidu PC Faster Service.) - C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFasterSvc.exe =>Adware.BDSearch
O23 - Service: Intel(R) Management and Security Application User Notificat (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
~ Services: 22 Legitimates Filtered in 00mn 17s



---\\ Tarefas planificadas automaticamente (039)
[MD5.FE1D9A95168499203C96D9F3DD27DD82] [APT] [Baidu PC Faster Update] (.Baidu Inc..) -- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\Updater.exe   [1084912]  =>Adware.BDSearch
~ Scheduled Task: 17 Legitimates Filtered in 00mn 05s



---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver:  (Bfilter) . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - C:\Windows\system32\drivers\Bfilter.sys =>Adware.BDSearch
O41 - Driver:  (Bfmon) . (.Baidu, Inc. - Baidu FS Monitor Driver.) - C:\Windows\system32\drivers\Bfmon.sys =>Adware.BDSearch
O41 - Driver:  (Bprotect) . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) - C:\Windows\system32\drivers\Bprotect.sys =>Adware.BDSearch
O41 - Driver:  (BprotectEx) . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - C:\Windows\system32\drivers\BprotectEx.sys =>Adware.BDSearch
~ Drivers: 78 Legitimates Filtered in 00mn 00s



---\\ Software instalados (042)
O42 - Logiciel: Baidu PC Faster - (.Baidu, Inc..) [HKLM][64Bits] -- Baidu PC Faster 4.0.0.0 =>Adware.BDSearch
O42 - Logiciel: Conquest Online - (.TQ Digital Entertainment Inc..) [HKLM][64Bits] -- {D349FFAA-4DBC-4979-AFA0-A52D318625E1}_is1
O42 - Logiciel: Cross Fire AL - (.Z8Games.com.) [HKLM][64Bits] -- Cross Fire AL_is1
O42 - Logiciel: Cross Fire En - (.Z8Games.com.) [HKLM][64Bits] -- Cross Fire_is1
O42 - Logiciel: Gerenciador de Downloads - (.Level Up! Gerenciador.) [HKCU][64Bits] -- 0dd67a782103f089
O42 - Logiciel: IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva  - (.Receita Federal do Brasil.) [HKLM][64Bits] -- IRPF2013
O42 - Logiciel: Image Resizer Packages - (...) [HKCU][64Bits] -- Image Resizer Packages
O42 - Logiciel: Receitanet - (.Serpro - Serviço Federal de Processamento de Dados.) [HKLM][64Bits] -- ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5
O42 - Logiciel: RightSurf - (.RightSurf.) [HKLM][64Bits] -- RightSurf =>PUP.RightSurf
O42 - Logiciel: Sbllock versão 2.6 - (.Sbllock Ltda..) [HKLM][64Bits] -- {C9745C5D-6644-47ED-B2A7-2B6A4CE61F2B}_is1
O42 - Logiciel: Sbllock versão 3.0.1 - (.Sbllock Ltda.) [HKLM][64Bits] -- {353A706F-84B3-4313-8E96-BB34D5FD168E}_is1
O42 - Logiciel: Word 2007 Redaction Tool - (.Word 2007 Redaction Tool.) [HKCU][64Bits] -- B80ECE8D351855AA48FD8BF21C22305514544F10
O42 - Logiciel: ZONEPLAY versão 1.0 - (.ZONEPLAY BY ADEBLAND.) [HKLM][64Bits] -- {6935E91D-254E-411E-8477-37812E0A98E1}_is1
O42 - Logiciel: Zone4 Brasil - (...) [HKCU][64Bits] -- Zone4 Brasil
~ Logic: 35 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Baidu Security] =>Adware.BDSearch
[HKCU\Software\CleanDoD]
[HKCU\Software\Jasiel]
[HKCU\Software\ONGAME]
[HKCU\Software\Pando Networks]
[HKCU\Software\SERPRO]
[HKCU\Software\Tqdigital]
[HKCU\Software\UpdaterEX] =>PUP.Dealply
[HKCU\Software\Ztorm]
[HKLM\Software\Wow6432Node\Baidu Security] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\Baidu_Drp_pos] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Pando Networks]
[HKLM\Software\Wow6432Node\Tqdigital]
[HKLM\Software\Wow6432Node\baidu] =>Adware.BDSearch
~ Key Software: 369 Legitimates Filtered in 00mn 00s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 08/02/2014 - 14:50:18 - [368,324] ----D C:\Program Files (x86)\Baidu Security =>Adware.BDSearch
O43 - CFD: 17/03/2013 - 03:56:56 - [0,029] ----D C:\Program Files (x86)\Conquer Br - Slz 2013
O43 - CFD: 12/03/2013 - 21:05:06 - [7,145] ----D C:\Program Files (x86)\Conquerglobal
O43 - CFD: 31/05/2013 - 21:03:04 - [-2038,488] ----D C:\Program Files (x86)\GlobalGames
O43 - CFD: 28/10/2012 - 13:29:58 - [0] ----D C:\Program Files (x86)\NetDragon
O43 - CFD: 20/12/2013 - 23:24:32 - [-1887,007] ----D C:\Program Files (x86)\ONGAME
O43 - CFD: 16/05/2013 - 20:10:05 - [7,182] ----D C:\Program Files (x86)\Pando Networks
O43 - CFD: 24/04/2013 - 14:04:08 - [8,843] ----D C:\Program Files (x86)\Programas RFB
O43 - CFD: 21/09/2013 - 21:31:34 - [1769,009] ----D C:\Program Files (x86)\ZONEPLAY
O43 - CFD: 08/02/2014 - 19:23:53 - [0,001] ----D C:\ProgramData\Baidu =>Adware.BDSearch
O43 - CFD: 08/02/2014 - 14:50:54 - [52,338] ----D C:\ProgramData\Baidu Security =>Adware.BDSearch
O43 - CFD: 27/10/2012 - 22:04:44 - [0] ----D C:\ProgramData\levelup downloader
O43 - CFD: 12/04/2012 - 03:35:51 - [44,625] ----D C:\ProgramData\{95164853-C885-4648-BEAA-E04328156EF0}
O43 - CFD: 08/02/2014 - 14:50:20 - [0] ----D C:\Users\André\AppData\Roaming\1H1Q
O43 - CFD: 08/02/2014 - 14:51:12 - [0,035] ----D C:\Users\André\AppData\Roaming\Baidu Security =>Adware.BDSearch
O43 - CFD: 15/01/2014 - 19:39:38 - [5,605] ----D C:\Users\André\AppData\Roaming\rmi
O43 - CFD: 27/10/2012 - 22:04:44 - [0,002] ----D C:\Users\André\AppData\Local\Level Up!
O43 - CFD: 08/02/2014 - 14:09:26 - [1,280] ----D C:\Users\André\AppData\Local\SaveSense =>PUP.SaveSense
O43 - CFD: 08/02/2014 - 14:50:50 - [0,004] ----D C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster =>Adware.BDSearch
O43 - CFD: 01/06/2013 - 10:14:36 - [0] ----D C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Level Up! Gerenciador
O43 - CFD: 22/10/2012 - 20:17:56 - [0,003] ----D C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nuuvem
O43 - CFD: 24/04/2013 - 14:03:07 - [0,004] ----D C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2013
O43 - CFD: 02/02/2014 - 15:17:18 - [0,003] ----D C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter =>Crapware.SpyHunter
O43 - CFD: 21/12/2013 - 11:46:44 - [0,003] ----D C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zone4 Brasil
~ Program Folder: 238 Legitimates Filtered in 02mn 01s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 01/02/2014 - 22:43:41 ---A- . (...) -- C:\autoexec.bat   [0]
O44 - LFC:[MD5.A802F1D69EA9F5589F004FECA2A7AD17] - 03/02/2014 - 12:52:55 ----- . (...) -- C:\spyhunter.log   [68677]  =>Crapware.SpyHunter
O44 - LFC:[MD5.393721D487AB840361096323B8A87D9A] - 03/02/2014 - 14:54:17 ---A- . (...) -- C:\sh4_service.log   [2693071]
O44 - LFC:[MD5.37F5CDA64FC515B3072531C1187EDCCA] - 08/02/2014 - 13:10:30 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys   [52032]  =>Adware.BDSearch
O44 - LFC:[MD5.F4C1984178175ACE4A75BE23059C3E0A] - 08/02/2014 - 13:10:30 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys   [128992]  =>Adware.BDSearch
O44 - LFC:[MD5.DFC1681F6645CB2AEA83897588F05362] - 08/02/2014 - 13:10:30 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys   [34624]  =>Adware.BDSearch
O44 - LFC:[MD5.90FC18CBEFCD54BE4288541558E5187E] - 08/02/2014 - 13:51:03 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\BprotectEx.sys   [83264]  =>Adware.BDSearch
O44 - LFC:[MD5.282FB288DB151D056184BE3524C57239] - 08/02/2014 - 14:43:57 ---A- . (...) -- C:\zoek-results2014-02-08-174357.log   [1113]
O44 - LFC:[MD5.AFB6E01C3275A95CD157A46F8DD4EB75] - 08/02/2014 - 17:04:42 ---A- . (...) -- C:\zoek-results2014-02-08-200442.log   [1534]
O44 - LFC:[MD5.B5BC684A6B2B078F966196AA3C9770AB] - 08/02/2014 - 17:33:37 ---A- . (...) -- C:\zoek-results2014-02-08-203337.log   [787]
O44 - LFC:[MD5.02940D6C7722E91342A32CFF5C60F4E4] - 08/02/2014 - 18:01:47 ---A- . (...) -- C:\Windows\zoek-delete.exe   [24064]
O44 - LFC:[MD5.E5320797F93354D8BCDCA8C291415AF1] - 08/02/2014 - 18:23:58 ---A- . (...) -- C:\zoek-results.log   [27612]
~ Files: 18 Legitimates Filtered in 00mn 33s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 21 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:[MD5.CF54BC5630C200393369DDD1A5B63261] - 18/01/2014 - 23:59:20 R--A- . (.360.cn - 360杀毒 文件监控驱动.) -- C:\Windows\System32\Drivers\360AvFlt.sys   [71360]
O58 - SDL:[MD5.F338F29E06D24AC1C162131C1C908FB5] - 23/11/2012 - 13:46:30 R--A- . (.360.cn - 360HipsOEM.) -- C:\Windows\System32\Drivers\360FltOEM.sys   [288688]
O58 - SDL:[MD5.37F5CDA64FC515B3072531C1187EDCCA] - 21/01/2014 - 11:14:40 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys   [52032]  =>Adware.BDSearch
O58 - SDL:[MD5.DFC1681F6645CB2AEA83897588F05362] - 21/01/2014 - 11:14:50 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys   [34624]  =>Adware.BDSearch
O58 - SDL:[MD5.F4C1984178175ACE4A75BE23059C3E0A] - 21/01/2014 - 07:01:36 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys   [128992]  =>Adware.BDSearch
O58 - SDL:[MD5.90FC18CBEFCD54BE4288541558E5187E] - 09/01/2014 - 08:42:40 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\BprotectEx.sys   [83264]  =>Adware.BDSearch
O58 - SDL:[MD5.A398ED024F739E7BE74ECFFA8A713A89] - 27/04/2010 - 13:43:50 ---A- . (...) -- C:\Windows\System32\Drivers\cpqdfw.sys   [24376]
O58 - SDL:[MD5.10FB0FF62AF6262BF88E3607E2AE2A69] - 27/04/2010 - 13:43:50 ---A- . (...) -- C:\Windows\System32\Drivers\cqcpu.sys   [24376]
O58 - SDL:[MD5.6E42F2E5B5BDE3FE4066C9B2D6091E17] - 22/01/2014 - 08:20:39 ---A- . (.360安全中心 - 360Efimon Driver.) -- C:\Windows\System32\Drivers\efimon.sys   [23624]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys   [530496]
O58 - SDL:[MD5.7315593DAE6C00E378B3A812640AE44E] - 01/09/2005 - 21:40:26 ---A- . (...) -- C:\Windows\System32\Drivers\FBIKB_NT.Sys   [4352]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys   [31232]
O58 - SDL:[MD5.CAA8BC6737DFA3BF1A50175CFB226788] - 19/06/2010 - 00:36:04 ---A- . (.Siliten - Flex Define Keyboard Driver.) -- C:\Windows\System32\Drivers\InputFilter_FlexDef2b.sys   [17920]
O58 - SDL:[MD5.0BEE791C7C7ACE453C134E73633C497D] - 12/04/2012 - 02:48:38 ---A- . (...) -- C:\Windows\System32\Drivers\pmxdrv.sys   [31152]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise  SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys   [24656]
O58 - SDL:[MD5.DCC8845692DEA3477BCF6CE9D06C711F] - 10/06/2011 - 07:35:04 ---A- . (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\System32\Drivers\stwrt64.sys   [528384]
O58 - SDL:[MD5.3151D9E8B0CB8FFDFF63E2266F907A66] - 31/07/2013 - 17:24:50 ---A- . (.TENCENT - TesSafe64 NT Driver.) -- C:\Windows\System32\TesSafe.sys   [159160]  =>Adware.TencentAddressBar
~ Drivers: 21 Legitimates Filtered in 00mn 01s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1  =>.Nicolas Coolman
~ ADS:  Scanned in 00mn 00s



---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 03/01/2014 - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BdApiUtil64.sys (BdApiUtil)  .(.Baidu, Inc. - Baidu Antivirus BdApi Driver.) - LEGACY_BDAPIUTIL =>Adware.BDSearch
O64 - Services: CurCS - 21/01/2014 - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BdCameraProtect64.sys (BdCameraProtect)  .(.Baidu, Inc. - Baidu Antivirus Camera Protector Driver.) - LEGACY_BDCAMERAPROTECT =>Adware.BDSearch
O64 - Services: CurCS - 21/01/2014 - C:\Windows\system32\drivers\Bfilter.sys (Bfilter)  .(.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - LEGACY_BFILTER =>Adware.BDSearch
O64 - Services: CurCS - 21/01/2014 - C:\Windows\system32\drivers\Bfmon.sys (Bfmon)  .(.Baidu, Inc. - Baidu FS Monitor Driver.) - LEGACY_BFMON =>Adware.BDSearch
O64 - Services: CurCS - 21/01/2014 - C:\Windows\system32\drivers\Bprotect.sys (Bprotect)  .(.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) - LEGACY_BPROTECT =>Adware.BDSearch
O64 - Services: CurCS - 09/01/2014 - C:\Windows\system32\drivers\BprotectEx.sys (BprotectEx)  .(.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - LEGACY_BPROTECTEX =>Adware.BDSearch
O64 - Services: CurCS - 09/01/2014 - C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys (PCFApiUtil)  .(.Baidu, Inc. - Baidu Antivirus BdApi Driver.) - LEGACY_PCFAPIUTIL =>Adware.BDSearch
~ Legacy: 102 Legitimates Filtered in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys:  Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys:  Scanned in 00mn 00s



---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{B5C8FFC3-2622-4C99-949C-2A85B9289566}" | In - Public - P6 - TRUE | .(.G4box Inc. - crossfirePT_launcher.) -- C:\Program Files (x86)\Z8Games\CrossFire\CF_G4box.exe
O87 - FAEL: "{7961910F-B38F-418F-BB66-A176EA0AF94C}" | In - Public - P17 - TRUE | .(.G4box Inc. - crossfirePT_launcher.) -- C:\Program Files (x86)\Z8Games\CrossFire\CF_G4box.exe
O87 - FAEL: "TCP Query User{3F587BFA-1584-426A-A016-4F355CC501A4}C:\sbllock\sbllock.exe" | In - Public - P6 - TRUE | .(.No owner - Sbllock Main Module.) -- C:\sbllock\sbllock.exe
O87 - FAEL: "UDP Query User{69E48E87-70E6-46A3-8DAE-3E219C2F5226}C:\sbllock\sbllock.exe" | In - Public - P17 - TRUE | .(.No owner - Sbllock Main Module.) -- C:\sbllock\sbllock.exe
O87 - FAEL: "TCP Query User{2D4E17BF-B32A-4987-B0BE-D7DD5109AE23}C:\program files (x86)\ongame\zone4\zone4_bra.exe" | In - Private - P6 - TRUE | .(.Infovine - Zone4.) -- C:\program files (x86)\ongame\zone4\zone4_bra.exe
O87 - FAEL: "UDP Query User{436D7693-179C-4009-B278-A5626EEE4734}C:\program files (x86)\ongame\zone4\zone4_bra.exe" | In - Private - P17 - TRUE | .(.Infovine - Zone4.) -- C:\program files (x86)\ongame\zone4\zone4_bra.exe
~ Firewall: 290 Legitimates Filtered in 00mn 02s



---\\ Pesquisa dos pacotes WindowsInstaller (WIS) (O93) (NTFS)
[MD5.A3AEEC9A9B6984F2E22B90FDC9A23AB8] [WIS][29/11/2013] (.Skype Technologies S.A. - Skype.) -- C:\Windows\Installer\25ded.msi   [24993792]
[MD5.F8733C3B5D6F5516758F0E10C421617E] [WIS][12/04/2012] (.HP Remote Solution - HP Remote Solution Installation.) -- C:\Windows\Installer\26b1a.msi   [267776]
~ WIS: 94 Legitimates Filtered in 00mn 11s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 04/02/2014 257928 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 25/02/2011 241648 |  (CLKMSVC10_38F51D56) . (.CyberLink.) - c:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
SS - | Auto 04/09/2013 116648 |  (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 04/09/2013 116648 |  (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Auto 04/02/2014 2222416 |  (Hamachi2Svc) . (.LogMeIn Inc..) - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
SS - | Demand 28/03/2011 799800 |  (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
SS - | Demand 06/02/2014 118896 |  (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 30/01/2014 98560 |  (OverwolfUpdaterService) . (.Overwolf LTD.) - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
SS - | Auto 05/09/2013 171680 |  (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 27/01/2014 571816 |  (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
SS - | Demand 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SR - | Auto 03/03/2009 89600 |  (AESTFilters) . (.Andrea Electronics Corporation.) - C:\Program Files\IDT\WDM\AESTSr64.exe
SR - | Auto 19/12/2013 440376 |  (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
SR - | Auto 27/11/2013 440376 |  (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 21/01/2014 1923376 |  (BAVSvc) . (.Baidu, Inc..) - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BAVSvc.exe =>Adware.BDSearch
SR - | Auto 21/01/2014 459416 |  (BHipsSvc) . (.Baidu, Inc..) - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BHipsSvc.exe =>Adware.BDSearch
SR - | Auto 10/07/1658 0 |  (ezSharedSvc) . (.EasyBits Software AS.) - C:\Windows\System32\ezSharedSvcHost.exe  =>.EasyBits Software AS
SR - | Auto 09/06/2011 264008 |  (FPLService) . (.HP.) - C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
SR - | Auto 09/06/2011 85560 |  (HP Support Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe  =>.Hewlett-Packard Co
SR - | Auto 11/10/2010 346168 |  (HPClientSvc) . (.Hewlett-Packard Company.) - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
SR - | Auto 28/03/2011 94264 |  (HPDrvMntSvc.exe) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
SR - | Auto 24/02/2011 212944 |  (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
SR - | Auto 04/02/2014 377616 |  (LMIGuardianSvc) . (.LogMeIn, Inc..) - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
SR - | Auto 01/02/2011 326168 |  (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 03/01/2014 679920 |  (PCFasterSvc_{PCFaster_4.0.0.0}) . (.Baidu Inc..) - C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFasterSvc.exe =>Adware.BDSearch
SR - | Auto 05/05/2011 1128952 |  (pdfcDispatcher) . (.PDF Complete Inc.) - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
SR - | Auto 10/07/1658 0 |  (PnkBstrA) . (...) - C:\Windows\system32\PnkBstrA.exe
SR - | Auto 18/05/2010 327064 |  (SpyHunter 4 Service) . (.Enigma Software Group USA, LLC..) - C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4Service.exe =>Crapware.SpyHunter
SR - | Auto 10/06/2011 302592 |  (STacSV) . (.IDT, Inc..) - C:\Program Files\IDT\WDM\STacSV64.exe
SR - | Auto 01/02/2011 2656280 |  (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 10/07/1658 0 |  (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe  =>.Microsoft Corporation
SR - | Auto 13/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Services:  Scanned in 00mn 13s



---\\ Scâner Aditional (088)
Database Version : 13030 - (06/02/2014)
Clés trouvées (Keys found) : 7
Valeurs trouvées (Values found) : 4
Dossiers trouvés  (Folders found) : 8
Fichiers trouvés  (Files found) : 15

[HKLM\SYSTEM\CurrentControlSet\Services\BAVSvc]   =>Adware.BDSearch^
[HKLM\SYSTEM\CurrentControlSet\Services\BHipsSvc]   =>Adware.BDSearch^
[HKLM\SYSTEM\CurrentControlSet\Services\PCFasterSvc_{PCFaster_4.0.0.0}]   =>Adware.BDSearch^
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Baidu PC Faster Update]   =>Adware.BDSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0]   =>Adware.BDSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\RightSurf]   =>PUP.RightSurf^
[HKLM\SYSTEM\CurrentControlSet\Services\SpyHunter 4 Service]   =>Crapware.SpyHunter
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:Baidu Antivirus   =>Adware.BDSearch^
C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x2qbhatz.default-1391303851727\extensions\{2d7886a0-85bb-4bf2-b684-ba92b4b21d23}   =>PUP.SaveSense^
C:\Program Files (x86)\Baidu Security   =>Adware.BDSearch^
C:\ProgramData\Baidu   =>Adware.BDSearch^
C:\ProgramData\Baidu Security   =>Adware.BDSearch^
C:\Users\André\AppData\Roaming\Baidu Security   =>Adware.BDSearch^
C:\Users\André\AppData\Local\SaveSense   =>PUP.SaveSense^
C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster   =>Adware.BDSearch^
C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter   =>Crapware.SpyHunter^
C:\Program Files (x86)\Enigma Software Group\SpyHunter\Spyhunter4.exe   =>Crapware.SpyHunter^
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavTray.exe   =>Adware.BDSearch^
C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PcfTray.exe   =>Adware.BDSearch^
C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4Service.exe   =>Crapware.SpyHunter^
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BAVSvc.exe   =>Adware.BDSearch^
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BHipsSvc.exe   =>Adware.BDSearch^
C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFasterSvc.exe   =>Adware.BDSearch^
C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\Updater.exe   =>Adware.BDSearch^
[HKCU\Software\Baidu Security]   =>Adware.BDSearch^
[HKCU\Software\UpdaterEX]   =>PUP.Dealply^
[HKLM\Software\Wow6432Node\Baidu Security]   =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\Baidu_Drp_pos]   =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\Conduit]   =>Toolbar.Conduit^
[HKLM\Software\Wow6432Node\baidu]   =>Adware.BDSearch^
C:\Users\André\Desktop\SpyHunter.lnk   =>Crapware.SpyHunter
~ Additionnel Scan: 481122 Items scanned in 00mn 34s



---\\ Sumário das deteções encontradas na sua estação
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]   =>Crapware.SpyHunter
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>Adware.BDSearch
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]   =>PUP.SaveSense
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]   =>PUP.RightSurf
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]   =>PUP.DealPly
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]   =>Toolbar.Conduit
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]   =>Adware.TencentAddressBar
~ MSI: 7 link(s) detected in 00mn 34s



~ 1316 Legitimates filtered by white list
End of the scan (564 lines in 04mn 19s)(0)

 Copie todo script que te passei.

Quando tiver copiado todo o texto deste arquivo, Vá no menu: Iniciar > Todos os programas > ZHP > Abra o Zhpfix > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas. Copie este relatório e poste em sua próxima resposta.

Rapport de ZHPFix 2014.2.3.1 par Nicolas Coolman, Update du 03/02/2014
Fichier d'export Registre :
Run by André at 09/02/2014 11:52:23
High Elevated Privileges : OK
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)

Reciclagem vazia (00mn 10s)
Reparação de atalhos do navegador

========== Softwares ==========
AUSENTE Uninstall Process: c:\program files (x86)\baidu security\pc faster\4.0.0.0\uninstcaller.exe

========== Processo memória ==========
ELIMINA REINICIAR: Memory Process: C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavTray.exe
ELIMINA REINICIAR: Memory Process: C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PcfTray.exe
ELIMINA REINICIAR: Memory Process: C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BAVSvc.exe
ELIMINA REINICIAR: Memory Process: C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BHipsSvc.exe
ELIMINA REINICIAR: Memory Process: C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFasterSvc.exe
ELIMINA REINICIAR: Memory Process: C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\Updater.exe

========== Estado dos serviços ==========
BDAPIUTIL Parado
BDCAMERAPROTECT Parado
BFILTER Parado
BFMON Parado
BPROTECT Parado
BPROTECTEX Parado
PCFAPIUTIL Parado

========== Chaves do Registo ==========
ELIMINÉ:³ Service: BAVSvc
ELIMINÉ:³ Service: BHipsSvc
ELIMINÉ:³ Service: PCFasterSvc_{PCFaster_4.0.0.0}
ELIMINÉ:³ HKCU\Software\Baidu Security
ELIMINÉ:³ HKLM\Software\Wow6432Node\Baidu Security
ELIMINÉ: HKLM\Software\Wow6432Node\Baidu_Drp_pos
ELIMINÉ:³ HKLM\SYSTEM\CurrentControlSet\Services\BAVSvc
ELIMINÉ:³ HKLM\SYSTEM\CurrentControlSet\Services\BHipsSvc
ELIMINÉ:³ HKLM\SYSTEM\CurrentControlSet\Services\PCFasterSvc_{PCFaster_4.0.0.0}

========== Valores do Registo ==========
ERRO RunValue: Baidu Antivirus
ERRO RunValue: Baidu PC Faster 4.0.0.0
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINA REINICIAR: c:\program files (x86)\baidu security\baidu antivirus\bav.exe
ELIMINA REINICIAR: c:\windows\system32\drivers\bfilter.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bprotect.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bfmon.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bprotectex.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\360avflt.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\efimon.sys
ELIMINA REINICIAR: c:\windows\system32\tessafe.sys
ELIMINÉ Flash Cookies (0) (0 octets)
ELIMINÉ Temporários windows (44) (45.410.858 octets)

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
6 : Processo memória
9 : Chaves do Registo
8 : Valores do Registo
1 : Pastas
10 : Ficheiros
1 : Softwares
7 : Estado dos serviços
1 : Restauração Sistema


End of clean in 06mn 44s

========== Caminho do ficheiro do relatório ==========
C:\Users\André\AppData\Roaming\ZHP\ZHPFix[R1].txt - 08/02/2014 12:35:11 [19391]
C:\Users\André\AppData\Roaming\ZHP\ZHPFix[R2].txt - 08/02/2014 12:49:22 [17267]
C:\Users\André\AppData\Roaming\ZHP\ZHPFix[R3].txt - 08/02/2014 12:58:48 [894]

Outros problemas foram removidos e alguns problemas serão removidos quando você reiniciar o PC.

Como está o PC atualmente?

Bom dia, segunda-feira se vc tiver um tempo para continuar a me  ajudar ficaria muito grato, desde já obrigado.
Rapport de ZHPFix 2014.2.3.1 par Nicolas Coolman, Update du 03/02/2014
Fichier d'export Registre :
Run by André at 09/02/2014 11:52:23
High Elevated Privileges : OK
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)

Reciclagem vazia (00mn 10s)
Reparação de atalhos do navegador

========== Softwares ==========
AUSENTE Uninstall Process: c:\program files (x86)\baidu security\pc faster\4.0.0.0\uninstcaller.exe

========== Processo memória ==========
ELIMINA REINICIAR: Memory Process: C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavTray.exe
ELIMINA REINICIAR: Memory Process: C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PcfTray.exe
ELIMINA REINICIAR: Memory Process: C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BAVSvc.exe
ELIMINA REINICIAR: Memory Process: C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BHipsSvc.exe
ELIMINA REINICIAR: Memory Process: C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFasterSvc.exe
ELIMINA REINICIAR: Memory Process: C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\Updater.exe

========== Estado dos serviços ==========
BDAPIUTIL Parado
BDCAMERAPROTECT Parado
BFILTER Parado
BFMON Parado
BPROTECT Parado
BPROTECTEX Parado
PCFAPIUTIL Parado

========== Chaves do Registo ==========
ELIMINÉ:³ Service: BAVSvc
ELIMINÉ:³ Service: BHipsSvc
ELIMINÉ:³ Service: PCFasterSvc_{PCFaster_4.0.0.0}
ELIMINÉ:³ HKCU\Software\Baidu Security
ELIMINÉ:³ HKLM\Software\Wow6432Node\Baidu Security
ELIMINÉ: HKLM\Software\Wow6432Node\Baidu_Drp_pos
ELIMINÉ:³ HKLM\SYSTEM\CurrentControlSet\Services\BAVSvc
ELIMINÉ:³ HKLM\SYSTEM\CurrentControlSet\Services\BHipsSvc
ELIMINÉ:³ HKLM\SYSTEM\CurrentControlSet\Services\PCFasterSvc_{PCFaster_4.0.0.0}

========== Valores do Registo ==========
ERRO RunValue: Baidu Antivirus
ERRO RunValue: Baidu PC Faster 4.0.0.0
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINA REINICIAR: c:\program files (x86)\baidu security\baidu antivirus\bav.exe
ELIMINA REINICIAR: c:\windows\system32\drivers\bfilter.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bprotect.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bfmon.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bprotectex.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\360avflt.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\efimon.sys
ELIMINA REINICIAR: c:\windows\system32\tessafe.sys
ELIMINÉ Flash Cookies (0) (0 octets)
ELIMINÉ Temporários windows (44) (45.410.858 octets)

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
6 : Processo memória
9 : Chaves do Registo
8 : Valores do Registo
1 : Pastas
10 : Ficheiros
1 : Softwares
7 : Estado dos serviços
1 : Restauração Sistema


End of clean in 06mn 44s

========== Caminho do ficheiro do relatório ==========
C:\Users\André\AppData\Roaming\ZHP\ZHPFix[R1].txt - 08/02/2014 12:35:11 [19391]
C:\Users\André\AppData\Roaming\ZHP\ZHPFix[R2].txt - 08/02/2014 12:49:22 [17267]
C:\Users\André\AppData\Roaming\ZHP\ZHPFix[R3].txt - 08/02/2014 12:58:48 [894]
C:\Users\André\AppData\Roaming\ZHP\ZHPFix[R4].txt - 09/02/2014 11:52:33 [3399]

Este é o mesmo log que você já tinha postado agora há pouco.

Mas você não respondeu minha pergunta:

Outros problemas foram removidos e alguns problemas serão removidos quando você reiniciar o PC.

Como está o PC atualmente?

Google chrome  abre como awsomehp é o único problema.

É estranho porque não consta mais o awsomehp no log.

Seria bom neste caso desinstalar o Chrome e depois baixá-lo e instalá-lo novamente.

Depois nos diga, por gentileza, se o problema resolveu.