Computador cheio de propagandas e outros problemas nos navegadores

Boa tarde! Galera, estou com uns pop aparecendo a todo momento. Preciso muito da ajuda de vocês.
Passei o AdWClear e apareceu este relatorio

# AdwCleaner v3.023 - Relatório criado 10/04/2014 às 14:46:07
# Atualizado 01/04/2014 por Xplode
# Sistema Operacional : Windows 8 Single Language  (64 bits)
# Usuário : janaina - ROSA
# Executando de : C:\Users\janaina\Downloads\adwcleaner.exe
# Opção : Limpar

***** [ Serviços ] *****

Serviço Deletada : WajamUpdaterV3

***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\Program Files (x86)\Wajam
Pasta Deletada : C:\Users\janaina\AppData\Local\lollipop
Pasta Deletada : C:\Users\janaina\AppData\Local\Temp\AirInstaller
Pasta Deletada : C:\Users\janaina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Lollipop
Pasta Deletada : C:\Users\janaina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
Arquivo Deletada : C:\END
Arquivo Deletada : C:\WINDOWS\Tasks\View Password Update.job
Arquivo Deletada : C:\WINDOWS\System32\Tasks\View Password Update
Arquivo Deletada : C:\WINDOWS\Tasks\View Password_wd.job
Arquivo Deletada : C:\WINDOWS\System32\Tasks\View Password_wd

***** [ Atalhos ] *****


***** [ Registro ] *****

Chave Deletedo : HKCU\Software\Classes\Applications\lollipop.exe
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\wajam.WajamBHO
Chave Deletedo : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
Chave Deletedo : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
Chave Deletedo : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{10AD2C61-0898-4348-8600-14A342F22AC3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10AD2C61-0898-4348-8600-14A342F22AC3}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10AD2C61-0898-4348-8600-14A342F22AC3}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10AD2C61-0898-4348-8600-14A342F22AC3}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Chave Deletedo : HKCU\Software\installedbrowserextensions
Chave Deletedo : HKCU\Software\lollipop
Chave Deletedo : HKCU\Software\Wajam
Chave Deletedo : HKCU\Software\AppDataLow\Software\ViewPassword
Chave Deletedo : HKLM\Software\installedbrowserextensions
Chave Deletedo : HKLM\Software\Wajam
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
Chave Deletedo : [x64] HKLM\SOFTWARE\installedbrowserextensions

***** [ Navegadores ] *****

-\\ Internet Explorer v10.0.9200.16843


-\\ Google Chrome v34.0.1847.116

[ Arquivo : C:\Users\janaina\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [4200 octets] - [10/04/2014 14:44:16]
AdwCleaner[S0].txt - [3870 octets] - [10/04/2014 14:46:07]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3930 octets] ##########


Agradeço a atenção
Janaina Rosa

 Oi Janaina.

 Desative temporariamente seu antivírus para evitar conflitos.

Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.

Oi Power Max

Esta ai o relatório do zoe:


Zoek.exe v5.0.0.0 Updated 07-March-2014
Tool run by janaina on 10/04/2014 at 15:58:05,59.
Microsoft Windows 8 Single Language 6.2.9200 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\janaina\Downloads\zoek (1).exe [Scan all users] [Script inserted]

==== System Restore Info ======================

10/04/2014 15:59:25 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\SupraSavings deleted
C:\PROGRA~2\Plus-HD-9.5 deleted
C:\windows\SysNative\tasks\Baidu PC Faster Update deleted

==== Firefox Extensions Registry ======================

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{1a97dd74-09e3-439d-91c2-e24d3b436295}"="C:\Program Files (x86)\View-Password Corp\158.xpi" [06/04/2014 13:45]

==== Chrome Look ======================

Google Docs - janaina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - janaina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - janaina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - janaina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - janaina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Plus-HD-9.5 - janaina\AppData\Local\Google\Chrome\User Data\Default\Extensions\olnkgiapbjhdboldbhkagdodklkphaip
Gmail - janaina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chrome Fix ======================

C:\Users\janaina\AppData\Local\Google\Chrome\User Data\Default\Extensions\olnkgiapbjhdboldbhkagdodklkphaip deleted successfully
C:\Users\janaina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_olnkgiapbjhdboldbhkagdodklkphaip_0.localstorage deleted successfully
C:\Users\janaina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_olnkgiapbjhdboldbhkagdodklkphaip_0.localstorage-journal deleted successfully
C:\Users\janaina\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_olnkgiapbjhdboldbhkagdodklkphaip_0 deleted successfully
C:\Users\janaina\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\olnkgiapbjhdboldbhkagdodklkphaip deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.uol.com.br/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.uol.com.br/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{03425738-0AFC-41A1-9DDE-AAEDBD02673E} Unknown Url="Not_Found"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\Users\janaina\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\janaina\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2894573857-1799168657-3252545815-1001\Software\Microsoft\Internet Explorer\SearchScopes\{03425738-0AFC-41A1-9DDE-AAEDBD02673E} deleted successfully

==== Deleting CLSID Registry Values ======================


==== shortcuts on Users Desktops ======================

C:\Users\Default\Desktop\Cyberlink Power2Go.lnk - C:\Program Files (x86)\Lenovo\Power2Go\Power2Go.exe
C:\Users\Default User\Desktop\Cyberlink Power2Go.lnk - C:\Program Files (x86)\Lenovo\Power2Go\Power2Go.exe
C:\Users\janaina\Desktop\Baidu PC Faster.lnk - C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFaster.exe -shortcut
C:\Users\janaina\Desktop\Cyberlink Power2Go.lnk - C:\Program Files (x86)\Lenovo\Power2Go\Power2Go.exe
C:\Users\USURIO~1\Desktop\Cyberlink Power2Go.lnk - C:\Program Files (x86)\Lenovo\Power2Go\Power2Go.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\Guia de Usuário.lnk -
C:\Users\Public\Desktop\Intel AppUp(SM) center.lnk - C:\Program Files (x86)\Intel\IntelAppStore\bin\AppUp.exe --domain F0399437-FD0C-4A48-B101-F0314A6172E4
C:\Users\Public\Desktop\Lenovo PowerDVD 10.lnk - C:\Program Files (x86)\Lenovo\PowerDVD10\PDVDLaunchPolicy.exe
C:\Users\Public\Desktop\Lenovo Solution Center.lnk - C:\Program Files (x86)\Lenovo\Lenovo Solution Center\LSC.exe
C:\Users\Public\Desktop\Lenovo YouCam.lnk - C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe
C:\Users\Public\Desktop\McAfee Internet Security.lnk - C:\Program Files (x86)\mcafee.com\agent\mcagent.exe /desktopicon /platui
C:\Users\Public\Desktop\OneKey Recovery.lnk - C:\Program Files\Lenovo\OneKey App\OneKey Recovery\OneKey Recovery.exe
C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk - C:\Program Files (x86)\Panda Security\Panda Cloud Cleaner\PCloudCleaner.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk - C:\Program Files (x86)\Microsoft SkyDrive\SkyDriveSetup.exe
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk - C:\Program Files (x86)\Microsoft SkyDrive\SkyDriveSetup.exe
C:\Users\janaina\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk -
C:\Users\janaina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\janaina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk - C:\Users\janaina\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
C:\Users\janaina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster\Baidu PC Faster.lnk - C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFaster.exe -startmenu
C:\Users\janaina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster\Feedback.lnk - C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFasterFeedback.exe
C:\Users\janaina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster\Uninstall.lnk - C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\UninstCaller.exe
C:\Users\janaina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Power2Go\Ajuda Online de Power2Go.lnk - C:\Program Files (x86)\Lenovo\Power2Go\Language\Ptb\Power2Go.chm
C:\Users\janaina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Power2Go\Leia-me.lnk - C:\Program Files (x86)\Lenovo\Power2Go\Language\Ptb\Readme.htm
C:\Users\janaina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Power2Go\Power2Go Express.lnk - C:\Program Files (x86)\Lenovo\Power2Go\Power2GoExpress.exe
C:\Users\janaina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Power2Go\Power2Go.lnk - C:\Program Files (x86)\Lenovo\Power2Go\Power2Go.exe
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk - C:\Program Files (x86)\Microsoft SkyDrive\SkyDriveSetup.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster\Baidu PC Faster.lnk - C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFaster.exe -startmenu
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster\Feedback.lnk - C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFasterFeedback.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster\Uninstall.lnk - C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\UninstCaller.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee\McAfee Internet Security.lnk - C:\Program Files (x86)\mcafee.com\agent\mcagent.exe /desktopicon /platui
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Access 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\MSACCESS.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Enviar para o OneNote 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\ONENOTEM.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\EXCEL.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneNote 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\ONENOTE.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outlook 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\OUTLOOK.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\POWERPNT.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Publisher 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\MSPUB.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\WINWORD.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Centro de Carregamento do Office 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\MSOUC.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Preferências de Idioma do Office 2013.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security\Panda Cloud Cleaner\Panda Cloud Cleaner.lnk - C:\Program Files (x86)\Panda Security\Panda Cloud Cleaner\PCloudCleaner.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security\Panda Cloud Cleaner\Uninstall Panda Cloud Cleaner.lnk - C:\Program Files (x86)\Panda Security\Panda Cloud Cleaner\unins000.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\janaina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\janaina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\janaina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\janaina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\janaina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk - C:\Users\janaina\AppData\Roaming\Microsoft\Windows\Libraries
C:\Users\janaina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\janaina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\janaina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\UserGuide.lnk - C:\Program Files (x86)\Lenovo\UserGuide\UserGuide.exe
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyServer"="http=127.0.0.1:13828"
"ProxyEnable"=dword:00000001

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-9.5 deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\janaina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\janaina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\janaina\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=207 folders=15 10073846 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\janaina\AppData\Local\Temp will be emptied at reboot
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\janaina\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 10/04/2014 at 16:23:10,71 ======================

Baixe o programa Junkware Removal Tool no link abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executar corretamente o programa acima é só seguir as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.

Não sei se é relevante mas o pop up que aparece aqui tem o seguinte nome
rvzr-a.akamaihd.net/sd/dw32.html

SEGUE RELATORIO DO JUNK

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8 Single Language x64
Ran by janaina on 10/04/2014 at 23:54:54,26
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2894573857-1799168657-3252545815-1001\Software\wajam



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11/04/2014 at  0:14:30,57
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 Faça o download do < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >  < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )

|- Desabilite temporariamente seu antivírus para evitar conflitos e execute "ZHPDiag2.exe", para instalar a ferramenta.
 
|- Execute o ícone do pergaminho. ( ZHPDiag )

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
 
|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
 
|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

~ Relatório do ZHPDiag v2014.4.9.16 - Nicolas Coolman (09/04/2014)
~ Iniciado por janaina (11/04/2014 00:34:33)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user


---\\ Navegadores Internet
MSIE: Internet Explorer v10.0.9200.16843
GCIE: Google Chrome v34.0.1847.116 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 8 Single Language, 64-bit (Build 9200)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
McAfee Internet Security v12.8.944
Panda Cloud Cleaner v1.0.98
Windows Defender W8

---\\ Softwares d'optimização do sistema

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3961 MB (58% free)
System Restore: Activé (Enable)
System drive C: has 384 GB (90%) free of 425 GB

---\\ Modo de conexão ao sistema
~ Computer Name: ROSA
~ User Name: janaina
~ All Users Names: janaina, HomeGroupUser$, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\janaina\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\janaina\AppData\Roaming\
~ %Desktop% : C:\Users\janaina\Desktop\
~ %Favorites% : C:\Users\janaina\Favorites\
~ %LocalAppData% : C:\Users\janaina\AppData\Local\
~ %StartMenu% : C:\Users\janaina\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 384 Go of 425 Go)
D: Hard drive, Flash drive, Thumb drive (Free 23 Go of 25 Go)
E: CD-ROM drive (Not Inserted)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.E13A31D5254C25406A7946BDD9B06364] - (.Microsoft Corporation - Windows Explorer.) (.11/10/2012 - 04:35:16.) -- C:\Windows\Explorer.exe [2380944]
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.26/07/2012 - 00:08:50.) -- C:\Windows\System32\Wininit.exe [132608]
[MD5.79EDF01FA13D886F8E1B655D542011FB] - (.Microsoft Corporation - Internet Extensions para Win32.) (.23/02/2014 - 05:13:41.) -- C:\Windows\System32\wininet.dll [2241536]
[MD5.BCF2036A0DD579E47C008C133550283E] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.11/10/2012 - 02:46:58.) -- C:\Windows\System32\Winlogon.exe [517120]
[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.26/07/2012 - 00:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408]
[MD5.7C0E0EDF18D6CC565D7BFBB451709FA5] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.04/09/2013 - 00:11:23.) -- C:\Windows\system32\Drivers\AFD.sys [576512]
[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 02:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840]
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.25/07/2012 - 23:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544]
[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.25/07/2012 - 23:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080]
[MD5.09D9EB9E7898F8E6561473A20CC808B9] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.25/07/2012 - 23:26:53.) -- C:\Windows\system32\Drivers\DfsC.sys [118784]
[MD5.7D87B5B6C7188D553E11B59DC7F0B111] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/09/2012 - 03:08:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168]
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Driver de porta i8042.) (.25/07/2012 - 23:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640]
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.25/07/2012 - 23:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920]
[MD5.93179D48066918323628CB016D8C94DC] - (.Microsoft Corporation - Minirdr SMB do Windows NT.) (.01/10/2013 - 20:16:21.) -- C:\Windows\system32\Drivers\MRxSmb.sys [370688]
[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.25/07/2012 - 23:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776]
[MD5.76929F4A69E425911A63B407E26C2589] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.02/02/2013 - 07:54:54.) -- C:\Windows\system32\Drivers\ntfs.sys [1933544]
[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Driver de porta paralela.) (.25/07/2012 - 23:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984]
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.25/07/2012 - 23:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.25/07/2012 - 23:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712]
[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 02:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248]
[MD5.2FB3CDFD5EAF4CD9D4AFAF96877D13AE] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.26/07/2012 - 01:57:09.) -- C:\Windows\system32\Drivers\volsnap.sys [332016]
~ Generic Processes: Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes Favoris (My Favorites) : 1/7
~ Mes Documents (My Documents) : 1/31
~ Mon Bureau (My Desktop) : 1/9
~ Menu demarrer (Programs) : 1/29
~ Hidden Files: Scanned in 00mn 00s



---\\ Processos lançados
[MD5.713B823A60C321CACBA33B33D49E8684] - (.Vimicro - VM331 StiMnt.) -- C:\Program Files (x86)\USB Camera\VM331STI.exe [552960] [PID.4828]
[MD5.C2513AEB3F326B8811E2A37C9A7F930B] - (.CyberLink Corp. - CyberLink YouCam Tray.) -- C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [168464] [PID.4908]
[MD5.301B95F8BD50A1C581CCBF786717E98A] - (.Baidu Inc. - PC Faster Tray.) -- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PcfTray.exe [1300672] [PID.3976] =>Adware.BDSearch
[MD5.D342CD9148D4F9BC75304C658D52C25E] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286192] [PID.6836]
[MD5.2EBBBFC120593C683796092F2DDA0EFC] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032] [PID.4648]
[MD5.F4651164AA1330735ADEA50AD0A326F2] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8208896] [PID.3132]
~ Processes Running: Scanned in 00mn 00s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\janaina\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)

---\\ Pasta de extensão do Google Chrome

~ Google Lines Browser: 15 Legitimates Filtered in 00mn 01s



---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@mcafee.com/MSC,version=10] - (...) -- C:\Program Files\mcafee\msc\npMcSnFFPl64.dll
~ Firefox Browser: 1 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ IE Browser: 16 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: Guia de Usuário.lnk . (.Lenovo - UserGuide.) -- C:\Program Files (x86)\Lenovo\UserGuide\UserGuide.exe
O4 - GS\Desktop [Public]: Panda Cloud Cleaner.lnk . (...) -- C:\Program Files (x86)\Panda Security\Panda Cloud Cleaner\PCloudCleaner.exe
O4 - GS\Program [Public]: Desktop.lnk - Chave orfã
O4 - GS\QuickLaunch [janaina]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [janaina]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [janaina]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [janaina]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [janaina]: UserGuide.lnk . (.Lenovo - UserGuide.) -- C:\Program Files (x86)\Lenovo\UserGuide\UserGuide.exe
O4 - GS\Program [janaina]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [janaina]: Baidu PC Faster.lnk . (.Baidu Inc. - PC Faster.) -- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFaster.exe =>Adware.BDSearch
~ Global Startup: 39 Legitimates Filtered in 00mn 00s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [IAStorIcon] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
O4 - HKLM\..\Run: [cAudioFilterAgent] . (.Conexant Systems, Inc. - Conexant High Definition Audio Filter Agent.) -- C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
O4 - HKLM\..\Run: [SmartAudio] . (.Conexant Systems, Inc. - SmartAudio CPL (32bit).) -- C:\Program Files\CONEXANT\SAII\SACpl.exe
O4 - HKLM\..\Run: [Energy Management] . (.Lenovo (Beijing) Limited - Lenovo Energy Management Software 8.0.) -- C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
O4 - HKLM\..\Run: [EnergyUtility] . (.Lenovo(beijing) Limited - Lenovo Battery Management Software Ver 8.0.) -- C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
O4 - HKLM\..\Wow6432Node\Run: [331BigDog] . (.Vimicro - VM331 StiMnt.) -- C:\Program Files (x86)\USB Camera\VM331STI.exe
O4 - HKLM\..\Wow6432Node\Run: [YouCam Tray] . (.CyberLink Corp. - CyberLink YouCam Tray.) -- C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
O4 - HKLM\..\Wow6432Node\Run: [mcui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
O4 - HKLM\..\Wow6432Node\Run: [Intel AppUp(SM) center] . (.Intel Corporation - Intel Services Manager.) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
O4 - HKLM\..\Wow6432Node\Run: [mcpltui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
O4 - HKLM\..\Wow6432Node\Run: [Baidu PC Faster 4.0.0.0] . (.Baidu Inc. - PC Faster.) -- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFaster.exe =>Adware.BDSearch
~ Application: Scanned in 00mn 00s



---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: Se&nd to OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Lync Click to Call [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\lync.exe (.not file.)
O9 - Extra button: OneNote Lin&ked Notes [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll =>.Microsoft Corporation
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{091AC16B-95F0-4D4D-A3EF-459E314C8113}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\..\{694DCEE5-15BD-462D-8695-C61BBEA9FC14}: DhcpNameServer = 201.6.2.109 201.6.2.119 201.6.4.116
O17 - HKLM\System\CS1\Services\Tcpip\..\{091AC16B-95F0-4D4D-A3EF-459E314C8113}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CS1\Services\Tcpip\..\{694DCEE5-15BD-462D-8695-C61BBEA9FC14}: DhcpNameServer = 201.6.2.109 201.6.2.119 201.6.4.116
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 201.6.2.109 201.6.2.119 201.6.4.116
~ Domain: Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Baidu PC Faster Service 4.0.0.0 (PCFasterSvc_{PCFaster_4.0.0.0}) . (.Baidu Inc. - Baidu PC Faster Service.) - C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFasterSvc.exe =>Adware.BDSearch
O23 - Service: SecureAssist (SecureAssist) . (.SecureAssist - No Comment.) - c:\Program Files\SupraSavings\SecureAssist.exe =>PUP.SupraSavings
O23 - Service: View Password (ViewPassword) . (...) - C:\Program Files (x86)\View-Password Corp\ViewPassword158.exe =>PUP.ViewPassword
O23 - Service: xmkysecqun64 (xmkysecqun64) . (...) - C:\Program Files\003\xmkysecqun64.exe
~ Services: 23 Legitimates Filtered in 00mn 14s



---\\ Tarefas planificadas automaticamente (039)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\0e4d16f3-aeba-446f-852b-650bd7def58b-3.job [2784]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\0e4d16f3-aeba-446f-852b-650bd7def58b-4.job [2180]
[MD5.00000000000000000000000000000000] [APT] [0e4d16f3-aeba-446f-852b-650bd7def58b-3] (...) -- C:\Program Files (x86)\Plus-HD-9.5\0e4d16f3-aeba-446f-852b-650bd7def58b-3.exe (.not file.) [0] =>Adware.PlusHD
[MD5.00000000000000000000000000000000] [APT] [0e4d16f3-aeba-446f-852b-650bd7def58b-4] (...) -- C:\Program Files (x86)\Plus-HD-9.5\0e4d16f3-aeba-446f-852b-650bd7def58b-4.exe (.not file.) [0] =>Adware.PlusHD
~ Scheduled Task: 20 Legitimates Filtered in 00mn 06s



---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (BprotectEx) . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - C:\WINDOWS\system32\drivers\BprotectEx.sys
~ Drivers: 36 Legitimates Filtered in 00mn 00s



---\\ Software instalados (042)
O42 - Logiciel: Baidu PC Faster - (.Baidu, Inc..) [HKLM][64Bits] -- Baidu PC Faster 4.0.0.0 =>Adware.BDSearch
O42 - Logiciel: SupraSavings - (.SupraSavings.) [HKLM][64Bits] -- {E6B105B8-1F65-4428-9397-1DFD8A03B94D} =>PUP.SupraSavings
O42 - Logiciel: View Password - (.View Password.) [HKLM][64Bits] -- fbb3e194-5429-4678-81a9-0ffe630cc630 =>PUP.ViewPassword
O42 - Logiciel: suprasavings - (.suprasavings.) [HKLM][64Bits] -- suprasavings =>PUP.SupraSavings
~ Logic: 17 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Baidu Security] =>Adware.BDSearch
[HKCU\Software\SupraSavings] =>PUP.SupraSavings
[HKLM\Software\Baidu Security] =>Adware.BDSearch
[HKLM\Software\LevelQualityWatcher] =>PUP.LevelQualityWatcher
[HKLM\Software\Rr Savings]
[HKLM\Software\Wow6432Node\Baidu Security] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\Baidu_Drp_pos] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\Plus-HD-9.5] =>Adware.PlusHD
[HKLM\Software\Wow6432Node\SupraSavings] =>PUP.SupraSavings
~ Key Software: 160 Legitimates Filtered in 00mn 00s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 31/03/2014 - 19:34:39 - [79,460] ----D C:\Program Files (x86)\Baidu Security =>Adware.BDSearch
O43 - CFD: 06/04/2014 - 13:45:27 - [1,472] ----D C:\Program Files (x86)\View-Password Corp =>PUP.ViewPassword
O43 - CFD: 06/04/2014 - 13:20:45 - [73,918] ----D C:\ProgramData\Baidu Security =>Adware.BDSearch
O43 - CFD: 31/03/2014 - 19:35:53 - [0,035] ----D C:\Users\janaina\AppData\Roaming\Baidu Security =>Adware.BDSearch
O43 - CFD: 31/03/2014 - 19:35:30 - [0,004] ----D C:\Users\janaina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster =>Adware.BDSearch
~ Program Folder: 101 Legitimates Filtered in 00mn 07s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.4B916278E1487A5CD5F8F9A521980026] - 07/04/2014 - 16:13:47 ---A- . (...) -- C:\Windows\System32\ApnDatabase.xml [385614]
O44 - LFC:[MD5.759023D05C6393E86E7C97343B2F3035] - 10/04/2014 - 14:54:53 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [155144]
O44 - LFC:[MD5.163CCDA5BBCF97B24F989412F4B80485] - 10/04/2014 - 14:54:53 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [763854]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 10/04/2014 - 15:57:51 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.B37FE0ECDA77C2F637E2F56AAEE96C13] - 10/04/2014 - 16:23:10 ---A- . (...) -- C:\zoek-results.log [16247]
O44 - LFC:[MD5.691EF5966CE866B766CE00BECFCFA589] - 31/03/2014 - 18:00:17 ---A- . (...) -- C:\Windows\System32\Drivers\mfencbdc.inf [5442]
O44 - LFC:[MD5.12F0F8D3F84FAB8F31D073286FE131CB] - 31/03/2014 - 18:00:17 ---A- . (...) -- C:\Windows\System32\Drivers\mfencrk.inf [2641]
O44 - LFC:[MD5.90FC18CBEFCD54BE4288541558E5187E] - 31/03/2014 - 19:35:34 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\BprotectEx.sys [83264]
O44 - LFC:[MD5.0DE593914F0268FB2B4DE7B9C7B33057] - 31/03/2014 - 19:38:12 ---A- . (.SecureAssist - WFP driver.) -- C:\Windows\System32\Drivers\SAWFP64.sys [41768] =>PUP.SupraSavings
O44 - LFC:[MD5.DB2302BF830AB9F2CAE9F497D832ED70] - 31/03/2014 - 19:38:17 ---A- . (...) -- C:\Windows\System32\SecureAssist.ini [5584] =>PUP.SupraSavings
O44 - LFC:[MD5.81C8DAA98382F7F63E15D4559D27464C] - 31/03/2014 - 19:38:17 ---A- . (...) -- C:\Windows\System32\SecureAssistOff.ini [2536] =>PUP.SupraSavings
~ Files: 277 Legitimates Filtered in 00mn 07s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 21 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 8 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:[MD5.90FC18CBEFCD54BE4288541558E5187E] - 09/01/2014 - 08:42:40 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\BprotectEx.sys [83264]
O58 - SDL:[MD5.0DE593914F0268FB2B4DE7B9C7B33057] - 18/03/2014 - 15:12:04 ---A- . (.SecureAssist - WFP driver.) -- C:\Windows\System32\Drivers\SAWFP64.sys [41768] =>PUP.SupraSavings
O58 - SDL:[MD5.4E85355B94CFCB67C135F6521A4895A7] - 26/07/2012 - 02:00:55 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [30960]
~ Drivers: 21 Legitimates Filtered in 00mn 03s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] Web - (Web) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.1AA449F1A1106E8BD72FE1B31271E932] [SPRF][31/03/2014] (.BitTorrent Inc. - µTorrent.) -- C:\Users\janaina\Desktop\582-uTorrent.exe [1853008] =>P2P.BitTorrent
[MD5.74574F0628DF642F043C3DAC5B83ACF8] [SPRF][06/04/2014] (.MPC-HC Team - MPC-HC Setup.) -- C:\Users\janaina\Desktop\827-MPC-HC.1.7.3.x86.exe [10503776]
~ Files: 2 Legitimates Filtered in 00mn 00s



---\\ Listagem dos códigos dos software (PUC) (090)
O90 - PUC: "11C6590D06F0EF3499DA25E4384317BB" . (.Energy Management.) -- C:\WINDOWS\Installer\{D0956C11-0F60-43FE-99AD-524E833471BB}\ARPPRODUCTICON.exe
O90 - PUC: "421D4F645E0221D4EB25CE71A7A7B424" . (.OneKey Recovery.) -- C:\WINDOWS\Installer\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}\ARPPRODUCTICON.exe
O90 - PUC: "8B501B6E56F182443979D1DFA8309BD4" . (.SupraSavings.) -- c:\WINDOWS\Installer\{E6B105B8-1F65-4428-9397-1DFD8A03B94D}\icon64.ico =>PUP.SupraSavings
O90 - PUC: "8FC2C70F35C43CE418266A22E163BE88" . (.Guia de Usuário.) -- C:\WINDOWS\Installer\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}\ARPPRODUCTICON.exe
O90 - PUC: "BD04C21DD7DC68D42958E5F22E63394E" . (.SupraSavings.) -- c:\WINDOWS\Installer\{D12C40DB-CD7D-4D86-9285-5E2FE23693E4}\icon64.ico =>PUP.SupraSavings
~ Update Products: 22 Legitimates Filtered in 00mn 00s



---\\ Pesquisa dos pacotes WindowsInstaller (WIS) (O93) (NTFS)
[MD5.9D0767859EE938C0C4FAC30693109843] [WIS][31/03/2014] (.SupraSavings - SupraSavings.) -- C:\Windows\Installer\85b226.msi [3162112] =>PUP.SupraSavings
[MD5.9A5263D3C011F34BFA10C5458CF27197] [WIS][31/03/2014] (.SupraSavings - SupraSavings.) -- C:\Windows\Installer\8738b7.msi [4997120] =>PUP.SupraSavings
~ WIS: 21 Legitimates Filtered in 00mn 02s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 25/01/2013 277488 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Auto 10/04/2014 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 10/04/2014 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 19/02/2014 1662424 | (LSCWinService) . (...) - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
SS - | Demand 26/01/2012 332080 | (McAWFwk) . (.McAfee, Inc..) - C:\Program Files\mcafee\msc\McAWFwk.exe
SS - | Demand 02/08/2013 602944 | (McODS) . (.McAfee, Inc..) - C:\Program Files\mcafee\VirusScan\mcods.exe
SS - | Auto 11/05/2012 200728 | (McOobeSv) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
SS - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SS - | Auto 20/09/2012 29696 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SR - | Auto 03/12/2012 202400 | (CxAudMsg) . (.Conexant Systems Inc..) - C:\WINDOWS\system32\CxAudMsg64.exe
SR - | Auto 30/07/2013 328928 | (HomeNetSvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 31/01/2013 15344 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Demand 24/04/2012 169752 | (ICCS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
SR - | Auto 19/06/2012 634632 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 06/11/2012 165760 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 06/11/2012 276864 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 28/01/2014 178528 | (McAPExe) . (.McAfee, Inc..) - C:\Program Files\McAfee\MSC\McAPexe.exe
SR - | Auto 30/07/2013 328928 | (McMPFSvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 30/07/2013 328928 | (McNaiAnn) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 30/07/2013 328928 | (mcpltsvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 30/07/2013 328928 | (McProxy) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 21/01/2014 1025712 | (mfecore) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
SR - | Auto 17/03/2014 219752 | (mfefire) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
SR - | Auto 17/03/2014 185792 | (mfevtp) . (.McAfee, Inc..) - C:\WINDOWS\system32\mfevtps.exe
SR - | Auto 30/07/2013 328928 | (MSK80Service) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 03/01/2014 679920 | (PCFasterSvc_{PCFaster_4.0.0.0}) . (.Baidu Inc..) - C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFasterSvc.exe =>Adware.BDSearch
SR - | Auto 10/07/1658 0 | (SAService) . (.Conexant Systems, Inc..) - C:\Windows\System32\SAsrv.exe
SR - | Auto 12/03/2014 1558032 | (SecureAssist) . (.SecureAssist.) - c:\Program Files\SupraSavings\SecureAssist.exe =>PUP.SupraSavings
SR - | Auto 06/11/2012 364416 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 06/04/2014 142848 | (ViewPassword) . (...) - C:\Program Files (x86)\View-Password Corp\ViewPassword158.exe =>PUP.ViewPassword
SR - | Demand 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 31/03/2014 706560 | (xmkysecqun64) . (...) - C:\Program Files\003\xmkysecqun64.exe

~ Services: Scanned in 00mn 11s



---\\ Scâner Aditional (088)
Database Version : 13044 - (09/04/2014)
Clés trouvées (Keys found) : 7
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 5
Fichiers trouvés (Files found) : 12

[HKLM\SYSTEM\CurrentControlSet\Services\PCFasterSvc_{PCFaster_4.0.0.0}] =>Adware.BDSearch^
[HKLM\SYSTEM\CurrentControlSet\Services\SecureAssist] =>PUP.SupraSavings^
[HKLM\SYSTEM\CurrentControlSet\Services\ViewPassword] =>PUP.ViewPassword^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0] =>Adware.BDSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E6B105B8-1F65-4428-9397-1DFD8A03B94D}] =>PUP.SupraSavings^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\fbb3e194-5429-4678-81a9-0ffe630cc630] =>PUP.ViewPassword^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\suprasavings] =>PUP.SupraSavings^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:Baidu PC Faster 4.0.0.0 =>Adware.BDSearch^
C:\Program Files (x86)\Baidu Security =>Adware.BDSearch^
C:\Program Files (x86)\View-Password Corp =>PUP.ViewPassword^
C:\ProgramData\Baidu Security =>Adware.BDSearch^
C:\Users\janaina\AppData\Roaming\Baidu Security =>Adware.BDSearch^
C:\Users\janaina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster =>Adware.BDSearch^
C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PcfTray.exe =>Adware.BDSearch^
[HKCU\Software\Baidu Security] =>Adware.BDSearch^
[HKCU\Software\SupraSavings] =>PUP.SupraSavings^
[HKLM\Software\Baidu Security] =>Adware.BDSearch^
[HKLM\Software\LevelQualityWatcher] =>PUP.LevelQualityWatcher^
[HKLM\Software\Wow6432Node\Baidu Security] =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\Baidu_Drp_pos] =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\Plus-HD-9.5] =>Adware.PlusHD^
[HKLM\Software\Wow6432Node\SupraSavings] =>PUP.SupraSavings^
C:\Users\janaina\Desktop\582-uTorrent.exe =>P2P.BitTorrent^
C:\Windows\Installer\85b226.msi =>PUP.SupraSavings^
C:\Windows\Installer\8738b7.msi =>PUP.SupraSavings^
~ Additionnel Scan: 171807 Items scanned in 00mn 37s



---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.BDSearch
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.SupraSavings
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.ViewPassword
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.PlusHD
~ MSI: 4 link(s) detected in 00mn 00s



~ 1015 Legitimates filtered by white list
End of the scan (465 lines in 01mn 50s)(0)

 Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

 Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta.

Rapport de ZHPFix 2014.4.7.2 par Nicolas Coolman, Update du 07/04/2014
Fichier d'export Registre :
Run by janaina at 11/04/2014 01:13:31
High Elevated Privileges : OK
Windows 8 Home Premium Edition, 64-bit (Build 9200)

Reciclagem vazia (00mn 04s)
Reparação de atalhos do navegador

========== Softwares ==========
AUSENTE Uninstall Process: c:\program files (x86)\baidu security\pc faster\4.0.0.0\uninstcaller.exe
ELIMINÉ: SupraSavings
AUSENTE Uninstall Process: c:\program files (x86)\view-password corp\uninstall.exe

========== Processo memória ==========
ELIMINA REINICIAR: Memory Process: C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PcfTray.exe

========== Chaves do Registo ==========
ELIMINÉ Logiciel Key: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\fbb3e194-5429-4678-81a9-0ffe630cc630]
ELIMINÉ:³ Service: PCFasterSvc_{PCFaster_4.0.0.0}
ELIMINÉ: Service: SecureAssist
ELIMINÉ: Service: ViewPassword
ELIMINÉ: Service: xmkysecqun64
ELIMINÉ:* HKLM\Software\Rr Savings
ELIMINÉ:³ HKLM\Software\Wow6432Node\Baidu Security
ELIMINÉ: HKLM\Software\Wow6432Node\Baidu_Drp_pos
ELIMINÉ: HKLM\Software\Wow6432Node\Plus-HD-9.5
ELIMINÉ: HKLM\Software\Wow6432Node\SupraSavings
ELIMINÉ: [HKLM\Software\Classes\Installer\Products\\BD04C21DD7DC68D42958E5F22E63394E]
ELIMINÉ: [HKLM\Software\Classes\Installer\Features\BD04C21DD7DC68D42958E5F22E63394E]
ELIMINÉ:³ HKLM\SYSTEM\CurrentControlSet\Services\PCFasterSvc_{PCFaster_4.0.0.0}
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\suprasavings
ELIMINÉ:³ HKCU\Software\Baidu Security
ELIMINÉ:* HKLM\Software\Baidu Security
ELIMINÉ:* HKLM\Software\LevelQualityWatcher

========== Valores do Registo ==========
ERRO RunValue: Baidu PC Faster 4.0.0.0
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINÉ: c:\users\janaina\desktop\baidu pc faster.lnk
ELIMINA REINICIAR: c:\program files (x86)\baidu security\pc faster\4.0.0.0\pcfaster.exe
ELIMINÉ: c:\program files\suprasavings\secureassist.exe
ELIMINA REINICIAR: c:\program files\003\xmkysecqun64.exe
ELIMINÉ: c:\windows\tasks\0e4d16f3-aeba-446f-852b-650bd7def58b-3.job
ELIMINÉ: c:\windows\tasks\0e4d16f3-aeba-446f-852b-650bd7def58b-4.job
ELIMINA REINICIAR: c:\windows\system32\drivers\bprotectex.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\sawfp64.sys
ELIMINA REINICIAR: c:\windows\system32\secureassist.ini
ELIMINA REINICIAR: c:\windows\system32\secureassistoff.ini
ELIMINÉ: c:\program files\003\xmkysecqun64.exe
ELIMINÉ: C:\Windows\Installer\8738b7.msi
ELIMINÉ Temporários windows (0) (0 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Tarefa planificada ==========
ELIMINÉ: 0e4d16f3-aeba-446f-852b-650bd7def58b-3
ELIMINÉ: 0e4d16f3-aeba-446f-852b-650bd7def58b-3
ELIMINÉ: 0e4d16f3-aeba-446f-852b-650bd7def58b-3
ELIMINÉ: 0e4d16f3-aeba-446f-852b-650bd7def58b-3
ELIMINÉ: 0e4d16f3-aeba-446f-852b-650bd7def58b-4
ELIMINÉ: 0e4d16f3-aeba-446f-852b-650bd7def58b-4

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
1 : Processo memória
17 : Chaves do Registo
7 : Valores do Registo
1 : Pastas
14 : Ficheiros
3 : Softwares
6 : Tarefa planificada
1 : Restauração Sistema


End of clean in 06mn 40s

========== Caminho do ficheiro do relatório ==========
C:\Users\janaina\AppData\Roaming\ZHP\ZHPFix[R1].txt - 11/04/2014 01:13:35 [3619]

 Abra novamente o ( ZHPDiag )

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
 
|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
 
|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

~ Relatório do ZHPDiag v2014.4.11.18 - Nicolas Coolman (11/04/2014)
~ Iniciado por janaina (11/04/2014 11:26:31)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by program


---\\ Navegadores Internet
MSIE: Internet Explorer v10.0.9200.16843
GCIE: Google Chrome v34.0.1847.116 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 8 Single Language, 64-bit (Build 9200)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
McAfee Internet Security v12.8.944
Panda Cloud Cleaner v1.0.98
Windows Defender W8

---\\ Softwares d'optimização do sistema

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3961 MB (63% free)
System Restore: Activé (Enable)
System drive C: has 384 GB (90%) free of 425 GB

---\\ Modo de conexão ao sistema
~ Computer Name: ROSA
~ User Name: janaina
~ All Users Names: janaina, HomeGroupUser$, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\janaina\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\janaina\AppData\Roaming\
~ %Desktop% : C:\Users\janaina\Desktop\
~ %Favorites% : C:\Users\janaina\Favorites\
~ %LocalAppData% : C:\Users\janaina\AppData\Local\
~ %StartMenu% : C:\Users\janaina\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 384 Go of 425 Go)
D: Hard drive, Flash drive, Thumb drive (Free 23 Go of 25 Go)
E: CD-ROM drive (Not Inserted)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.E13A31D5254C25406A7946BDD9B06364] - (.Microsoft Corporation - Windows Explorer.) (.11/10/2012 - 04:35:16.) -- C:\Windows\Explorer.exe [2380944]
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.26/07/2012 - 00:08:50.) -- C:\Windows\System32\Wininit.exe [132608]
[MD5.79EDF01FA13D886F8E1B655D542011FB] - (.Microsoft Corporation - Internet Extensions para Win32.) (.23/02/2014 - 05:13:41.) -- C:\Windows\System32\wininet.dll [2241536]
[MD5.BCF2036A0DD579E47C008C133550283E] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.11/10/2012 - 02:46:58.) -- C:\Windows\System32\Winlogon.exe [517120]
[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.26/07/2012 - 00:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408]
[MD5.7C0E0EDF18D6CC565D7BFBB451709FA5] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.04/09/2013 - 00:11:23.) -- C:\Windows\system32\Drivers\AFD.sys [576512]
[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 02:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840]
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.25/07/2012 - 23:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544]
[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.25/07/2012 - 23:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080]
[MD5.09D9EB9E7898F8E6561473A20CC808B9] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.25/07/2012 - 23:26:53.) -- C:\Windows\system32\Drivers\DfsC.sys [118784]
[MD5.7D87B5B6C7188D553E11B59DC7F0B111] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/09/2012 - 03:08:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168]
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Driver de porta i8042.) (.25/07/2012 - 23:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640]
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.25/07/2012 - 23:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920]
[MD5.93179D48066918323628CB016D8C94DC] - (.Microsoft Corporation - Minirdr SMB do Windows NT.) (.01/10/2013 - 20:16:21.) -- C:\Windows\system32\Drivers\MRxSmb.sys [370688]
[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.25/07/2012 - 23:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776]
[MD5.76929F4A69E425911A63B407E26C2589] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.02/02/2013 - 07:54:54.) -- C:\Windows\system32\Drivers\ntfs.sys [1933544]
[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Driver de porta paralela.) (.25/07/2012 - 23:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984]
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.25/07/2012 - 23:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.25/07/2012 - 23:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712]
[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 02:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248]
[MD5.2FB3CDFD5EAF4CD9D4AFAF96877D13AE] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.26/07/2012 - 01:57:09.) -- C:\Windows\system32\Drivers\volsnap.sys [332016]
~ Generic Processes: Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes Favoris (My Favorites) : 1/7
~ Mes Documents (My Documents) : 1/31
~ Mon Bureau (My Desktop) : 1/10
~ Menu demarrer (Programs) : 1/26
~ Hidden Files: Scanned in 00mn 00s



---\\ Processos lançados
[MD5.713B823A60C321CACBA33B33D49E8684] - (.Vimicro - VM331 StiMnt.) -- C:\Program Files (x86)\USB Camera\VM331STI.exe [552960] [PID.464]
[MD5.C2513AEB3F326B8811E2A37C9A7F930B] - (.CyberLink Corp. - CyberLink YouCam Tray.) -- C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [168464] [PID.2332]
[MD5.2EBBBFC120593C683796092F2DDA0EFC] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032] [PID.5280]
[MD5.D342CD9148D4F9BC75304C658D52C25E] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286192] [PID.5692]
[MD5.70F963D1EC8FD27D8F21363C90A8EE38] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8210432] [PID.5444]
~ Processes Running: Scanned in 00mn 00s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\janaina\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)

---\\ Pasta de extensão do Google Chrome

~ Google Lines Browser: 15 Legitimates Filtered in 00mn 01s



---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@mcafee.com/MSC,version=10] - (...) -- C:\Program Files\mcafee\msc\npMcSnFFPl64.dll
~ Firefox Browser: 1 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ IE Browser: 16 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: Guia de Usuário.lnk . (.Lenovo - UserGuide.) -- C:\Program Files (x86)\Lenovo\UserGuide\UserGuide.exe
O4 - GS\Desktop [Public]: Panda Cloud Cleaner.lnk . (...) -- C:\Program Files (x86)\Panda Security\Panda Cloud Cleaner\PCloudCleaner.exe
O4 - GS\Program [Public]: Desktop.lnk - Chave orfã
O4 - GS\QuickLaunch [janaina]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [janaina]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [janaina]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [janaina]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [janaina]: UserGuide.lnk . (.Lenovo - UserGuide.) -- C:\Program Files (x86)\Lenovo\UserGuide\UserGuide.exe
O4 - GS\Program [janaina]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Global Startup: 38 Legitimates Filtered in 00mn 00s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [IAStorIcon] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
O4 - HKLM\..\Run: [cAudioFilterAgent] . (.Conexant Systems, Inc. - Conexant High Definition Audio Filter Agent.) -- C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
O4 - HKLM\..\Run: [SmartAudio] . (.Conexant Systems, Inc. - SmartAudio CPL (32bit).) -- C:\Program Files\CONEXANT\SAII\SACpl.exe
O4 - HKLM\..\Run: [Energy Management] . (.Lenovo (Beijing) Limited - Lenovo Energy Management Software 8.0.) -- C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
O4 - HKLM\..\Run: [EnergyUtility] . (.Lenovo(beijing) Limited - Lenovo Battery Management Software Ver 8.0.) -- C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
O4 - HKLM\..\Wow6432Node\Run: [331BigDog] . (.Vimicro - VM331 StiMnt.) -- C:\Program Files (x86)\USB Camera\VM331STI.exe
O4 - HKLM\..\Wow6432Node\Run: [YouCam Tray] . (.CyberLink Corp. - CyberLink YouCam Tray.) -- C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
O4 - HKLM\..\Wow6432Node\Run: [mcui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
O4 - HKLM\..\Wow6432Node\Run: [Intel AppUp(SM) center] . (.Intel Corporation - Intel Services Manager.) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
O4 - HKLM\..\Wow6432Node\Run: [mcpltui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
O4 - HKLM\..\Wow6432Node\Run: [Baidu PC Faster 4.0.0.0] C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFaster.exe (.not file.) =>Adware.BDSearch
~ Application: Scanned in 00mn 00s



---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: Se&nd to OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Lync Click to Call [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\lync.exe (.not file.)
O9 - Extra button: OneNote Lin&ked Notes [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll =>.Microsoft Corporation
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{091AC16B-95F0-4D4D-A3EF-459E314C8113}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\..\{694DCEE5-15BD-462D-8695-C61BBEA9FC14}: DhcpNameServer = 201.6.2.109 201.6.2.119 201.6.4.116
O17 - HKLM\System\CS1\Services\Tcpip\..\{091AC16B-95F0-4D4D-A3EF-459E314C8113}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CS1\Services\Tcpip\..\{694DCEE5-15BD-462D-8695-C61BBEA9FC14}: DhcpNameServer = 201.6.2.109 201.6.2.119 201.6.4.116
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 201.6.2.109 201.6.2.119 201.6.4.116
~ Domain: Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Baidu PC Faster Service 4.0.0.0 (PCFasterSvc_{PCFaster_4.0.0.0}) . (...) - C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFasterSvc.exe (.not file.) =>Adware.BDSearch
~ Services: 20 Legitimates Filtered in 00mn 08s



---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (BprotectEx) . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - C:\WINDOWS\system32\drivers\BprotectEx.sys
~ Drivers: 36 Legitimates Filtered in 00mn 00s



---\\ Software instalados (042)
O42 - Logiciel: Baidu PC Faster - (.Baidu, Inc..) [HKLM][64Bits] -- Baidu PC Faster 4.0.0.0 =>Adware.BDSearch
~ Logic: 15 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Baidu Security] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\Baidu Security] =>Adware.BDSearch
[HKLM\Software\suprasavings] =>PUP.SupraSavings
~ Key Software: 147 Legitimates Filtered in 00mn 00s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 31/03/2014 - 19:34:39 - [148,167] ----D C:\Program Files (x86)\Baidu Security =>Adware.BDSearch
O43 - CFD: 11/04/2014 - 01:11:09 - [0,001] ----D C:\ProgramData\Baidu Security =>Adware.BDSearch
~ Program Folder: 99 Legitimates Filtered in 00mn 10s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.4B916278E1487A5CD5F8F9A521980026] - 07/04/2014 - 16:13:47 ---A- . (...) -- C:\Windows\System32\ApnDatabase.xml [385614]
O44 - LFC:[MD5.759023D05C6393E86E7C97343B2F3035] - 10/04/2014 - 14:54:53 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [155144]
O44 - LFC:[MD5.163CCDA5BBCF97B24F989412F4B80485] - 10/04/2014 - 14:54:53 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [763854]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 10/04/2014 - 15:57:51 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.B37FE0ECDA77C2F637E2F56AAEE96C13] - 10/04/2014 - 16:23:10 ---A- . (...) -- C:\zoek-results.log [16247]
O44 - LFC:[MD5.691EF5966CE866B766CE00BECFCFA589] - 31/03/2014 - 18:00:17 ---A- . (...) -- C:\Windows\System32\Drivers\mfencbdc.inf [5442]
O44 - LFC:[MD5.12F0F8D3F84FAB8F31D073286FE131CB] - 31/03/2014 - 18:00:17 ---A- . (...) -- C:\Windows\System32\Drivers\mfencrk.inf [2641]
O44 - LFC:[MD5.90FC18CBEFCD54BE4288541558E5187E] - 31/03/2014 - 19:35:34 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\BprotectEx.sys [83264]
O44 - LFC:[MD5.0DE593914F0268FB2B4DE7B9C7B33057] - 31/03/2014 - 19:38:12 ---A- . (.SecureAssist - WFP driver.) -- C:\Windows\System32\Drivers\SAWFP64.sys [41768] =>PUP.SupraSavings
O44 - LFC:[MD5.DB2302BF830AB9F2CAE9F497D832ED70] - 31/03/2014 - 19:38:17 ---A- . (...) -- C:\Windows\System32\SecureAssist.ini [5584] =>PUP.SupraSavings
O44 - LFC:[MD5.81C8DAA98382F7F63E15D4559D27464C] - 31/03/2014 - 19:38:17 ---A- . (...) -- C:\Windows\System32\SecureAssistOff.ini [2536] =>PUP.SupraSavings
~ Files: 277 Legitimates Filtered in 00mn 08s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 21 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 8 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:[MD5.90FC18CBEFCD54BE4288541558E5187E] - 09/01/2014 - 08:42:40 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\BprotectEx.sys [83264]
O58 - SDL:[MD5.0DE593914F0268FB2B4DE7B9C7B33057] - 18/03/2014 - 15:12:04 ---A- . (.SecureAssist - WFP driver.) -- C:\Windows\System32\Drivers\SAWFP64.sys [41768] =>PUP.SupraSavings
O58 - SDL:[MD5.4E85355B94CFCB67C135F6521A4895A7] - 26/07/2012 - 02:00:55 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [30960]
~ Drivers: 21 Legitimates Filtered in 00mn 04s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] Web - (Web) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.1AA449F1A1106E8BD72FE1B31271E932] [SPRF][31/03/2014] (.BitTorrent Inc. - µTorrent.) -- C:\Users\janaina\Desktop\582-uTorrent.exe [1853008] =>P2P.BitTorrent
[MD5.74574F0628DF642F043C3DAC5B83ACF8] [SPRF][06/04/2014] (.MPC-HC Team - MPC-HC Setup.) -- C:\Users\janaina\Desktop\827-MPC-HC.1.7.3.x86.exe [10503776]
~ Files: 2 Legitimates Filtered in 00mn 00s



---\\ Listagem dos códigos dos software (PUC) (090)
O90 - PUC: "11C6590D06F0EF3499DA25E4384317BB" . (.Energy Management.) -- C:\WINDOWS\Installer\{D0956C11-0F60-43FE-99AD-524E833471BB}\ARPPRODUCTICON.exe
O90 - PUC: "421D4F645E0221D4EB25CE71A7A7B424" . (.OneKey Recovery.) -- C:\WINDOWS\Installer\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}\ARPPRODUCTICON.exe
O90 - PUC: "8FC2C70F35C43CE418266A22E163BE88" . (.Guia de Usuário.) -- C:\WINDOWS\Installer\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}\ARPPRODUCTICON.exe
~ Update Products: 20 Legitimates Filtered in 00mn 00s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Auto 13/03/2014 836168 | C:\WINDOWS\TEMP\005682~1.exe (0056821397226257mcinstcleanup) . (.McAfee, Inc..) - C:\Windows\Temp\0056821397226257mcinst.exe
SS - | Demand 25/01/2013 277488 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Auto 10/04/2014 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 10/04/2014 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 19/02/2014 1662424 | (LSCWinService) . (...) - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
SS - | Demand 26/01/2012 332080 | (McAWFwk) . (.McAfee, Inc..) - C:\Program Files\mcafee\msc\McAWFwk.exe
SS - | Demand 02/08/2013 602944 | (McODS) . (.McAfee, Inc..) - C:\Program Files\mcafee\VirusScan\mcods.exe
SS - | Auto 11/05/2012 200728 | (McOobeSv) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
SS - | Auto 10/07/1658 0 | (PCFasterSvc_{PCFaster_4.0.0.0}) . (...) - C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFasterSvc.exe =>Adware.BDSearch
SS - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation

SR - | Auto 03/12/2012 202400 | (CxAudMsg) . (.Conexant Systems Inc..) - C:\WINDOWS\system32\CxAudMsg64.exe
SR - | Auto 30/07/2013 328928 | (HomeNetSvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 31/01/2013 15344 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Demand 24/04/2012 169752 | (ICCS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
SR - | Auto 19/06/2012 634632 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 06/11/2012 165760 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 06/11/2012 276864 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 28/01/2014 178528 | (McAPExe) . (.McAfee, Inc..) - C:\Program Files\McAfee\MSC\McAPexe.exe
SR - | Auto 30/07/2013 328928 | (McMPFSvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 30/07/2013 328928 | (McNaiAnn) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 30/07/2013 328928 | (mcpltsvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 30/07/2013 328928 | (McProxy) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 21/01/2014 1025712 | (mfecore) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
SR - | Auto 17/03/2014 219752 | (mfefire) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
SR - | Auto 17/03/2014 185792 | (mfevtp) . (.McAfee, Inc..) - C:\WINDOWS\system32\mfevtps.exe
SR - | Auto 30/07/2013 328928 | (MSK80Service) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 10/07/1658 0 | (SAService) . (.Conexant Systems, Inc..) - C:\Windows\System32\SAsrv.exe
SR - | Auto 06/11/2012 364416 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Demand 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 20/09/2012 29696 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Services: Scanned in 00mn 12s



---\\ Scâner Aditional (088)
Database Version : 13044 - (11/04/2014)
Clés trouvées (Keys found) : 2
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 2
Fichiers trouvés (Files found) : 4

[HKLM\SYSTEM\CurrentControlSet\Services\PCFasterSvc_{PCFaster_4.0.0.0}] =>Adware.BDSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0] =>Adware.BDSearch^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:Baidu PC Faster 4.0.0.0 =>Adware.BDSearch^
C:\Program Files (x86)\Baidu Security =>Adware.BDSearch^
C:\ProgramData\Baidu Security =>Adware.BDSearch^
[HKCU\Software\Baidu Security] =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\Baidu Security] =>Adware.BDSearch^
[HKLM\Software\suprasavings] =>PUP.SupraSavings^
C:\Users\janaina\Desktop\582-uTorrent.exe =>P2P.BitTorrent^
~ Additionnel Scan: 172119 Items scanned in 00mn 33s



---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.BDSearch
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.SupraSavings
~ MSI: 2 link(s) detected in 00mn 00s



~ 992 Legitimates filtered by white list
End of the scan (410 lines in 01mn 49s)(0)

 Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

 Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta.

Power Max, quando roda este programa ele quer desinstalar o Baidu. Mas o Baidu ainda esta aqui. É para desinstalar?

Rapport de ZHPFix 2014.4.7.2 par Nicolas Coolman, Update du 07/04/2014
Fichier d'export Registre :
Run by janaina at 11/04/2014 12:02:37
High Elevated Privileges : OK
Windows 8 Home Premium Edition, 64-bit (Build 9200)

Reciclagem vazia (00mn 03s)

========== Softwares ==========
AUSENTE Uninstall Process: c:\program files (x86)\baidu security\pc faster\4.0.0.0\uninstcaller.exe

========== Chaves do Registo ==========
ELIMINÉ Logiciel Key: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0]
ELIMINÉ: Service: PCFasterSvc_{PCFaster_4.0.0.0}
ELIMINÉ Driver Key: BprotectEx
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ: HKLM\Software\Wow6432Node\Baidu Security
ELIMINÉ:* HKLM\Software\suprasavings

========== Valores do Registo ==========
ELIMINÉ RunValue: Baidu PC Faster 4.0.0.0

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINA REINICIAR: c:\windows\system32\drivers\bprotectex.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\sawfp64.sys
ELIMINA REINICIAR: c:\windows\system32\secureassist.ini
ELIMINA REINICIAR: c:\windows\system32\secureassistoff.ini
ELIMINÉ Temporários windows (115) (5.755.782 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
6 : Chaves do Registo
1 : Valores do Registo
1 : Pastas
6 : Ficheiros
1 : Softwares
1 : Restauração Sistema


End of clean in 00mn 30s

========== Caminho do ficheiro do relatório ==========
C:\Users\janaina\AppData\Roaming\ZHP\ZHPFix[R1].txt - 11/04/2014 01:13:35 [3701]
C:\Users\janaina\AppData\Roaming\ZHP\ZHPFix[R2].txt - 11/04/2014 12:02:41 [1714]

Há outros antivirus gratuitos bem melhores que este Baidu. Sugiro que o desinstale, se ele ainda estiver no PC.
_________________________________________________________________________________

 Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] e salve-o no Desktop (Área de Trabalho)

Obs: Ao acessar o link acima, clique no botão Download Now 64-Bit Version

*Execute o FRST e aceite o contrato


*Clique [Scan]


*Ao término clique [OK] > [OK]



*Serão criados dois relatórios no Desktop: FRST.txt e Addition.txt

Poste estes dois relatórios em sua próxima resposta. (Obs: se não couber em uma só resposta, pode dividi-la em mais postagens).

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by janaina at 2014-04-11 12:17:57
Running from C:\Users\janaina\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

µTorrent (HKCU\...\uTorrent) (Version: 3.4.0.30635 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.83 - Adobe Systems Incorporated)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.64.52.0 - Conexant)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.4 - Lenovo)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2963 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.0.1083 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.0.0.1083 - Intel Corporation) Hidden
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.738.1 - Intel Corporation) Hidden
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 3.13.301.1 - Vimicro)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 1.0.4.0 - Lenovo)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.1219 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4331.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.4331.52 - CyberLink Corp.) Hidden
Lenovo Solution Center (HKLM\...\{C51863E5-EB09-43A5-9D43-26A32587EEAC}) (Version: 2.4.002.00 - Lenovo Group Limited)
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 4.1.3423 - CyberLink Corp.) Hidden
McAfee Internet Security (HKLM-x32\...\MSC) (Version: 12.8.944 - McAfee, Inc.)
Microsoft Office 365 Home Premium - pt-br (HKLM\...\O365HomePremRetail - pt-br) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4454.1510 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4454.1510 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4454.1510 - Microsoft Corporation) Hidden
Pacote de Driver do Windows - Lenovo (ACPIVPC) System (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo)
Pacote de Driver do Windows - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
Panda Cloud Cleaner (HKLM-x32\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.0.98 - Panda Security)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.9109 - CyberLink Corp.)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.15 - Qualcomm Atheros Communications Inc.)
Realtek USB Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.2.9200.39036 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
SupraSavings (Version: 1.0.0.0 - SupraSavings) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.5.2.0 - Synaptics Incorporated)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.9 - Lenovo)
ZHPDiag 2014 (HKLM-x32\...\ZHPDiag_is1) (Version: 2014 - Nicolas Coolman)

==================== Restore Points =========================

31-03-2014 21:01:39 Remoção do Pacote de Idioma
05-04-2014 22:03:35 Windows Update
09-04-2014 03:25:48 Installed Lenovo Solution Center.
10-04-2014 18:58:58 zoek.exe restore point

==================== Hosts content: ==========================

2012-07-26 02:26 - 2014-04-10 15:59 - 00000840 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {02C3F1E7-4411-4753-B5A5-F90F1E926F6D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-10] (Google Inc.)
Task: {07CA6A7F-9AB4-4719-B7BF-C527A75C4B1F} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-04-04] (Synaptics Incorporated)
Task: {09834616-2292-4CB8-AB3A-A16BDEEE2705} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {165358DA-1E47-4954-8180-67979913A68C} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-02-19] ()
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {1ED24514-6AE7-40E9-B7A2-C9A8E384EFE0} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-19] (Lenovo)
Task: {21354964-7999-429B-81EE-64577180FED5} - System32\Tasks\Lenovo\LSC\RebootCountTask => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2014-02-19] (Lenovo)
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {243CF9D4-819B-4FCB-9AC3-66D5E0955AA5} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)
Task: {3419BB3D-EC45-4296-92B7-91B406A6F0E5} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\WINDOWS\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {41C7BD77-E192-48F3-BC5F-35DD4A5BB284} - System32\Tasks\Lenovo\LSC\LSCTaskService => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCTaskService.exe [2014-02-19] ()
Task: {46869602-303F-4273-8296-899F3283CF6B} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Cscript.exe "C:\ProgramData\Baidu Security\Duplicaterecord.js"
Task: {74F98AAB-84B6-4404-9846-7F7712A77462} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-10] (Google Inc.)
Task: {7D58A18E-CE97-4CEA-A0D9-F596BE053B70} - \Baidu PC Faster Update No Task File
Task: {8662F21B-D994-4976-9CAB-B97E4696AEDB} - \View Password_wd No Task File
Task: {93FECE80-DDD2-4EC6-BFB4-D4756725EC57} - System32\Tasks\Lenovo\LSC\Time72Task => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2014-02-19] (Lenovo)
Task: {942F08E9-B949-4848-9ADF-F8E340EA1C8B} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2013-06-03] (Lenovo)
Task: {A3D1ED41-FC27-4448-AAB3-6F15FAAFA85F} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2014-02-19] (Lenovo)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {B636A119-E4FC-4E8C-AAA9-031DA375D8B5} - \View Password Update No Task File
Task: {BA9E7E8B-2D70-466C-A43C-A0C13EC8FA71} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2012-12-07] (Microsoft Corporation)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {D0C8FCF3-6509-4A2B-AFD0-C1E75DB895FC} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-04-09] (Microsoft Corporation)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-04-09 15:47 - 2012-11-10 10:29 - 00375872 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2rui.dll
2014-04-09 15:47 - 2012-12-07 07:04 - 00513616 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2r64.dll
2014-04-09 15:47 - 2012-12-07 07:05 - 00607312 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2013-10-01 20:10 - 2013-01-02 16:55 - 00175008 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2013-04-01 02:59 - 2013-01-16 01:27 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-10-01 15:30 - 2012-11-06 02:31 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-04-10 14:22 - 2014-04-01 22:57 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\chrome_elf.dll
2014-04-10 14:22 - 2014-04-01 22:57 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libglesv2.dll
2014-04-10 14:22 - 2014-04-01 22:57 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libegl.dll
2014-04-10 14:22 - 2014-04-01 22:57 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dll
2014-04-10 14:22 - 2014-04-01 22:58 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll
2014-04-10 14:22 - 2014-04-01 22:57 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAWFP => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SecureAssist => ""="service"

==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/11/2014 01:08:19 AM) (Source: Application Error) (User: )
Description: Nome do aplicativo com falha: MsiExec.exe, versão: 5.0.9200.16384, carimbo de data/hora: 0x5010a60b
Nome do módulo com falha: SHELL32.dll, versão: 6.2.9200.16774, carimbo de data/hora: 0x52a287c6
Código de exceção: 0xc0000005
Deslocamento da falha: 0x000795d1
ID do processo com falha: 0xbdc
Hora de início do aplicativo com falha: 0xMsiExec.exe0
Caminho do aplicativo com falha: MsiExec.exe1
Caminho do módulo com falha: MsiExec.exe2
ID do Relatório: MsiExec.exe3
Nome completo do pacote com falha: MsiExec.exe4
ID do aplicativo relativo ao pacote com falha: MsiExec.exe5

Error: (04/11/2014 00:38:02 AM) (Source: Application Error) (User: )
Description: Nome do aplicativo com falha: SecureAssist.exe, versão: 2.2.8.13, carimbo de data/hora: 0x5319e309
Nome do módulo com falha: KERNELBASE.dll, versão: 6.2.9200.16815, carimbo de data/hora: 0x52f2ca60
Código de exceção: 0xe06d7363
Deslocamento da falha: 0x00000000000264a8
ID do processo com falha: 0x350
Hora de início do aplicativo com falha: 0xSecureAssist.exe0
Caminho do aplicativo com falha: SecureAssist.exe1
Caminho do módulo com falha: SecureAssist.exe2
ID do Relatório: SecureAssist.exe3
Nome completo do pacote com falha: SecureAssist.exe4
ID do aplicativo relativo ao pacote com falha: SecureAssist.exe5

Error: (04/11/2014 00:33:46 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: ROSA)
Description: Falha na ativação do aplicativo ZinioLLC.Zinio_0q6dqzpp40p2e!App com o erro: -2144927151. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.


System errors:
=============
Error: (04/11/2014 11:27:17 AM) (Source: Service Control Manager) (User: )
Description: Não foi possível iniciar o serviço pcicsa.sys devido ao seguinte erro:
%%2

Error: (04/11/2014 01:18:23 AM) (Source: Service Control Manager) (User: )
Description: Não foi possível iniciar o serviço Baidu PC Faster Service 4.0.0.0 devido ao seguinte erro:
%%2

Error: (04/11/2014 00:57:15 AM) (Source: Service Control Manager) (User: )
Description: Não foi possível iniciar o serviço pcicsa.sys devido ao seguinte erro:
%%2

Error: (04/11/2014 00:38:04 AM) (Source: Service Control Manager) (User: )
Description: O serviço SecureAssist foi encerrado inesperadamente. Isso aconteceu 1 vez(es).


Microsoft Office Sessions:
=========================
Error: (04/11/2014 01:08:19 AM) (Source: Application Error)(User: )
Description: MsiExec.exe5.0.9200.163845010a60bSHELL32.dll6.2.9200.1677452a287c6c0000005000795d1bdc01cf553baafd408fc:\Windows\syswow64\MsiExec.exeC:\WINDOWS\SYSTEM32\SHELL32.dlle9ad46f7-c12e-11e3-be7d-641c67617a04

Error: (04/11/2014 00:38:02 AM) (Source: Application Error)(User: )
Description: SecureAssist.exe2.2.8.135319e309KERNELBASE.dll6.2.9200.1681552f2ca60e06d736300000000000264a835001cf54f238d53fb3c:\Program Files\SupraSavings\SecureAssist.exeC:\WINDOWS\system32\KERNELBASE.dllaec87a65-c12a-11e3-be7c-641c67617a04

Error: (04/11/2014 00:33:46 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: ROSA)
Description: ZinioLLC.Zinio_0q6dqzpp40p2e!App-2144927151


==================== Memory info ===========================

Percentage of memory in use: 39%
Total physical RAM: 3961.77 MB
Available physical RAM: 2406.59 MB
Total Pagefile: 4665.77 MB
Available Pagefile: 2908.52 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:425.24 GB) (Free:383.99 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:23.21 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: B9FC3CEE)

Partition: GPT Partition Type.

==================== End Of Log ============================

Você postou o Additional scan. Faltou só o outro log.

O Relatorio FRST esta anexado porque ele é muito grande e nao esatava cabendo aqui

 Acesse o site [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] e envie estes arquivos destacados em negrito abaixo (um de cada vez) para serem analisados no site:
C:\WINDOWS\system32\Drivers\SAWFP64.sys
C:\WINDOWS\system32\SecureAssist.ini
C:\WINDOWS\system32\SecureAssistOff.ini

Assim que a verificação de cada arquivo acima terminar, copie o link que aparecerá na barra de endereço de seu navegador e poste estes links em sua próxima resposta juntamente com o relatório do Farbar (FRST) pedido abaixo.
___________________________________________________________________________________________________________

 Baixe o arquivo fixlist.txt que está anexado nesta postagem e salve-o no desktop (área de trabalho).

Execute o FRST. Clique no botão Fix.

Aguarde e ao final, o log Fixlog.txt será salvo no seu desktop.

Selecione, copie e cole o conteúdo deste Fixlog.txt em sua próxima resposta juntamente com os links das análises dos arquivos no site Virus Total.

Power Max,
Boa noite.

Me desculpe, mas eu não consigo achar estes arquivos.

Então faça o restante dos procedimentos que te passei.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-04-2014 01
Ran by janaina at 2014-04-13 21:12:17 Run:1
Running from C:\Users\janaina\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
SearchScopes: HKLM - DefaultScope {03425738-0AFC-41A1-9DDE-AAEDBD02673E} URL =
SearchScopes: HKCU - Web URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys [X]
2014-04-11 12:02 - 2014-04-11 12:02 - 00000000 ____D () C:\Users\Todos os Usuários\Baidu Security
2014-04-11 12:02 - 2014-04-11 12:02 - 00000000 ____D () C:\ProgramData\Baidu Security
2014-03-31 19:35 - 2014-04-11 01:08 - 00000000 ____D () C:\Program Files\suprasavings
2014-03-31 19:35 - 2014-03-31 19:35 - 00000000 ____D () C:\Users\Public\Documents\Baidu Security
2014-03-31 19:35 - 2014-01-09 08:42 - 00083264 _____ (Baidu, Inc.) C:\WINDOWS\system32\Drivers\BprotectEx.sys
2014-03-31 19:34 - 2014-04-11 01:11 - 00000000 ____D () C:\Program Files\003
2014-04-11 12:02 - 2014-04-11 12:02 - 00000000 ____D () C:\Users\Todos os Usuários\Baidu Security
2014-04-11 12:02 - 2014-04-11 12:02 - 00000000 ____D () C:\ProgramData\Baidu Security
2014-04-06 13:20 - 2014-04-06 13:20 - 00003544 _____ () C:\WINDOWS\System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633
SupraSavings (Version: 1.0.0.0 - SupraSavings) Hidden
Task: {46869602-303F-4273-8296-899F3283CF6B} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Cscript.exe "C:\ProgramData\Baidu Security\Duplicaterecord.js"
Task: {7D58A18E-CE97-4CEA-A0D9-F596BE053B70} - \Baidu PC Faster Update No Task File
Task: {8662F21B-D994-4976-9CAB-B97E4696AEDB} - \View Password_wd No Task File
Task: {B636A119-E4FC-4E8C-AAA9-031DA375D8B5} - \View Password Update No Task File
end
*****************

HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\Web => Key deleted successfully.
HKCR\CLSID\Web => Key not found.
PCFApiUtil => Service deleted successfully.
C:\Users\Todos os Usuários\Baidu Security => Moved successfully.
"C:\ProgramData\Baidu Security" => File/Directory not found.
C:\Program Files\suprasavings => Moved successfully.
C:\Users\Public\Documents\Baidu Security => Moved successfully.
C:\WINDOWS\system32\Drivers\BprotectEx.sys => Moved successfully.
C:\Program Files\003 => Moved successfully.
"C:\Users\Todos os Usuários\Baidu Security" => File/Directory not found.
"C:\ProgramData\Baidu Security" => File/Directory not found.
C:\WINDOWS\System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D12C40DB-CD7D-4D86-9285-5E2FE23693E4}\\SystemComponent => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{46869602-303F-4273-8296-899F3283CF6B} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{46869602-303F-4273-8296-899F3283CF6B} => Key deleted successfully.
C:\Windows\System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\060184C3-9766-46a0-B258-F4518A0B2633 => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7D58A18E-CE97-4CEA-A0D9-F596BE053B70} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7D58A18E-CE97-4CEA-A0D9-F596BE053B70} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Baidu PC Faster Update => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8662F21B-D994-4976-9CAB-B97E4696AEDB} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8662F21B-D994-4976-9CAB-B97E4696AEDB} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\View Password_wd => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B636A119-E4FC-4E8C-AAA9-031DA375D8B5} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B636A119-E4FC-4E8C-AAA9-031DA375D8B5} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\View Password Update => Key deleted successfully.

==== End of Fixlog ====

Faça o download do Malwarebytes em um destes links abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para instalá-lo e executá-lo corretamente siga, por gentileza, as dicas desta postagem:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Na sua próxima resposta poste este log (relatório) do Malwarebytes.

Ficamos no aguardo.

Malwarebytes Anti-Malware
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Scan Date: 15/04/2014
Scan Time: 16:32:58
Logfile: log mal.txt
Administrator: Yes

Version: 2.00.1.1004
Malware Database: v2014.04.15.08
Rootkit Database: v2014.03.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Chameleon: Disabled

OS: Windows 8
CPU: x64
File System: NTFS
User: janaina

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 238332
Time Elapsed: 2 hr, 25 min, 26 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 3
PUP.Optional.AdPeak.A, HKLM\SOFTWARE\CLASSES\APPID\{76A60138-58B3-4e27-85FB-8FEF344A8998}, Quarantined, [fca8ea407b00c274d22b40d2ab57cf31],
PUP.Optional.AdPeak.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{76A60138-58B3-4E27-85FB-8FEF344A8998}, Quarantined, [fca8ea407b00c274d22b40d2ab57cf31],
PUP.Optional.SupraSavings.A, HKU\S-1-5-21-2894573857-1799168657-3252545815-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\APPDATALOW\SOFTWARE\Supra Savings, Quarantined, [c7dda783205b49edb562f972d82a28d8],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 5
PUP.Optional.AdPeak.A, C:\temp\InstallFilter64.msi, Quarantined, [c9db5bcf9cdff3434c2736073bc52cd4],
PUP.Optional.SupraSavings.A, C:\temp\t.msi, Quarantined, [505401293d3e2a0c154b28f047bd5ca4],
PUP.Optional.AirAdInstaller, C:\Users\janaina\Downloads\SoftwareUpdate.exe, Quarantined, [851f2901e299b68090793dfde61aad53],
PUP.Optional.OptimumInstaller.A, C:\Users\janaina\Downloads\StartDownload (1).exe, Quarantined, [01a33eec9fdcab8b2c038dbb4bb63ac6],
PUP.Optional.OptimumInstaller.A, C:\Users\janaina\Downloads\StartDownload.exe, Quarantined, [f9ab70ba532891a5aa85f5534ab728d8],

Physical Sectors: 0
(No malicious items detected)


(end)

Como está o PC após estas limpezas?

Ele parece normal =)