Computador com programas indesejados e vírus

Como está o PC?

esta otimo, mas ainda percebo alguns travamentos nos navegadores, sem o not estar em alto processamento

Você seguiu esta dica abaixo para escolher os programas que iniciam com o Windows? Quanto menos programas iniciando, melhor é:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

sim, agora tem apenas o avast e o utorrent iniciando junto com o sistema, mas ainda percebo travamentos pequenos nos navegadores tipico de virus. o que vc acha?

Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] e salve-o no Desktop (Área de Trabalho)

Obs: Ao acessar o link acima, clique no botão Download Now 64-Bit Version

Execute o Farbar seguindo as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

*Serão criados dois relatórios no Desktop: FRST.txt e Addition.txt

Poste estes dois relatórios em sua próxima resposta. (Obs: se não couber em uma só resposta, pode dividi-la em mais postagens).

b

falta o Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-05-2014
Ran by cesar at 2014-05-10 23:30:53
Running from C:\Users\cesar\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.31139 - BitTorrent Inc.)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{69AD9F5D-5FF4-384F-1F29-85CBDD366DAB}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
AMD VISION Engine Control Center (x32 Version: 2012.0828.2156.37465 - Advanced Micro Devices, Inc.) Hidden
Any Video Converter 5.5.6 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.2 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.9 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.9 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.0.4 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.1.3 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.03.0004 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.4 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.18.159 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4924.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4924.52 - CyberLink Corp.) Hidden
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0027 - ASUS)
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 3.8.7943 - DsNET Corp)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2018 - Avast Software)
Azteca (x32 Version: 2.2.0.97 - WildTangent) Hidden
Battle vs. Chess (HKLM-x32\...\Battle vs. Chess_is1) (Version: 1.0 - Zuxxez Entertainment)
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Brutal Chess (HKLM-x32\...\Brutal Chess) (Version: - )
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0828.2156.37465 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0828.2156.37465 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.0828.2156.37465 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.0828.2155.37465 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.0828.2155.37465 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.0828.2155.37465 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.0828.2155.37465 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.0828.2155.37465 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.0828.2155.37465 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.0828.2155.37465 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.0828.2155.37465 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.0828.2155.37465 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.0828.2155.37465 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.0828.2155.37465 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.0828.2155.37465 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.0828.2155.37465 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.0828.2155.37465 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.0828.2155.37465 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.0828.2155.37465 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.0828.2155.37465 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.0828.2155.37465 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.0828.2155.37465 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.0828.2155.37465 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.0828.2155.37465 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.0828.2155.37465 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.0828.2156.37465 - Advanced Micro Devices, Inc.) Hidden
Celestia 1.6.1 (HKLM-x32\...\Celestia_is1) (Version: - Shatters Software)
Cut the Rope (x32 Version: 3.0.2.38 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Galeria de Fotografias (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria de Fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Malwarebytes Anti-Malware versão 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Flight Simulator 2004 A Century of Flight (HKLM-x32\...\Flight Simulator 9.0) (Version: 9.0 - Microsoft)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{F97E3841-CA9D-4964-9D64-26066241D26F}) (Version: 3.3.24.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{8FB1B528-E260-451E-9B55-E9152F94B80B}) (Version: 3.2.3.0 - Microsoft Corporation)
Microsoft Office 365 - pt-br (HKLM\...\O365HomePremRetail - pt-br) (Version: 15.0.4605.1003 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
MKV Player 2.1.13 (HKLM-x32\...\MKV Player_is1) (Version: - )
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 28.0 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 pt-BR)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4605.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4605.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4605.1003 - Microsoft Corporation) Hidden
Opera Stable 21.0.1432.57 (HKLM-x32\...\Opera 21.0.1432.57) (Version: 21.0.1432.57 - Opera Software ASA)
Paragon HFS+ for Windows™ 9.1 (HKLM-x32\...\{456534C0-51E7-11DF-B336-005056C00008}) (Version: 1.00 - Nome de sua empresa:)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Peggle (x32 Version: 2.2.0.95 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 1.2.0.41 - Ralink)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6777 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Stellarium 0.12.4 (HKLM-x32\...\Stellarium_is1) (Version: 0.12.4 - Stellarium team)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
TapinRadio 1.59.2 (HKLM-x32\...\TapinRadio_is1) (Version: - Raimersoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.0.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden
Windows Driver Package - ASUS (ATP) Mouse (01/10/2013 1.0.0.170) (HKLM\...\4A9DE1E9EBC800B7F01739D4DE7363EF6751BDF5) (Version: 01/10/2013 1.0.0.170 - ASUS)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
ZHPDiag 2014 (HKLM-x32\...\ZHPDiag_is1) (Version: 2014 - Nicolas Coolman)

==================== Restore Points =========================

28-04-2014 04:01:33 Ponto de Verificação Agendado
03-05-2014 01:08:39 Windows Update
06-05-2014 14:23:26 Windows Update
08-05-2014 14:57:23 avast! antivirus system restore point
10-05-2014 03:58:06 zoek.exe restore point

==================== Hosts content: ==========================

2013-08-22 10:25 - 2014-05-10 00:59 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {17B29112-8990-44EE-B14D-616832F8E108} - System32\Tasks\Microsoft Office 15 Sync Maintenance for CASA-cesar casa => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-04-11] (Microsoft Corporation)
Task: {18EA2F42-6B5D-46A8-8511-047DD973D6B9} - \SomotoUpdateCheckerAutoStart No Task File <==== ATTENTION
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {36BD7116-42A8-4833-869A-9A7137D082DA} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2982737377-722400272-4200008662-1004UA => C:\Users\helen_000\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-03-23] (Facebook Inc.)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {47BDE9EC-FCC2-4715-BF55-050C85984F98} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {47F8AFED-0A0A-47D7-BFEF-918090D14ECB} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-05-08] (AVAST Software)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4CA8D6F0-784D-4251-9032-A58A66423130} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-04-16] (AsusTek)
Task: {4D98C28A-38F0-44BE-AA45-244EEA7B9FEF} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-08-22] (ASUSTeK Computer Inc.)
Task: {5A3484C4-E66C-4606-B809-3950A3FCAC5D} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)
Task: {65D2553D-9F5A-4161-A423-71D7C2854A80} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {79726CF9-6C13-4786-8824-485551ACD2BB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-11] (Google Inc.)
Task: {7ABBBC95-D80A-4FAD-ACEE-4201EC871E6E} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-03-30] (Microsoft Corporation)
Task: {822E50BB-864C-44D4-BDEE-0DFD20BD265C} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2982737377-722400272-4200008662-1004Core => C:\Users\helen_000\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-03-23] (Facebook Inc.)
Task: {8551FC1B-7577-44E5-84D9-3C8608CCF810} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2982737377-722400272-4200008662-1001Core => C:\Users\cesar\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-04-25] (Facebook Inc.)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A29536AB-4B20-415E-B36E-83CE72383E06} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-08-06] (ASUS)
Task: {B9C36060-EBA7-4FEF-B54E-FD1452E3D324} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2982737377-722400272-4200008662-1001UA => C:\Users\cesar\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-04-25] (Facebook Inc.)
Task: {C7BBA75E-8483-4D1D-AEAE-6A63D7029F9A} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D05C4246-8A5A-422B-87E2-7F34F6B0B50B} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-04-11] (Microsoft Corporation)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DECD89D1-92BE-40CD-BDE5-E4C80C852567} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-07-24] (ASUSTek Computer Inc.)
Task: {DEE87EE0-DB65-4970-9B2D-03A73094F002} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-11] (Google Inc.)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F5E2E84B-B16C-4059-AAE9-62B89445654B} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {FB7A73CA-9232-4F35-85A3-4AFAF95DC156} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-28] (Adobe Systems Incorporated)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2982737377-722400272-4200008662-1001Core.job => C:\Users\cesar\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2982737377-722400272-4200008662-1001UA.job => C:\Users\cesar\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2982737377-722400272-4200008662-1004Core.job => C:\Users\helen_000\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2982737377-722400272-4200008662-1004UA.job => C:\Users\helen_000\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-07-26 01:31 - 2013-07-26 01:31 - 00066768 _____ () C:\Program Files (x86)\Paragon Software\HFS+ for Windows 9.1\apmwinsrv.exe
2014-04-04 20:58 - 2013-10-31 18:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-04-04 14:13 - 2014-03-25 13:21 - 00629928 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2012-12-19 03:10 - 2012-12-19 03:10 - 00072192 _____ () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
2012-08-24 21:26 - 2012-08-24 21:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2014-05-10 16:02 - 2014-05-10 16:02 - 02253312 _____ () C:\Program Files\AVAST Software\Avast\defs\14051001\algo.dll
2014-03-12 05:09 - 2014-03-12 05:09 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2012-08-24 21:17 - 2012-08-24 21:17 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2014-04-27 12:47 - 2014-04-23 21:33 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll
2014-04-27 12:47 - 2014-04-23 21:33 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libglesv2.dll
2014-04-27 12:47 - 2014-04-23 21:33 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libegl.dll
2014-04-27 12:47 - 2014-04-23 21:33 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\pdf.dll
2014-04-27 12:47 - 2014-04-23 21:33 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll
2014-04-27 12:47 - 2014-04-23 21:33 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll
2014-04-27 12:47 - 2014-04-23 21:33 - 13692232 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\cesar\OneDrive:ms-properties
AlternateDataStreams: C:\Users\helen_000\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: ASUSPRP => "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
MSCONFIG\startupreg: ASUSWebStorage => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe /S
MSCONFIG\startupreg: RemoteControl10 => "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/10/2014 06:48:52 PM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: O programa BackgroundTaskHost.exe versão 6.3.9600.16384 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID do Processo: c30

Hora de Início: 01cf6c98380f78d5

Hora de Término: 4294967295

Caminho do Aplicativo: C:\WINDOWS\System32\BackgroundTaskHost.exe

ID do Relatório: dcf9d466-d88c-11e3-beb1-d850e69e3001

Nome completo do pacote com falha: Microsoft.BingNews_3.0.2.258_x64__8wekyb3d8bbwe

ID do aplicativo relativo ao pacote com falha: AppexNews

Error: (05/10/2014 06:33:39 PM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: O programa wwahost.exe versão 6.3.9600.17031 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID do Processo: 13e0

Hora de Início: 01cf6c96c5303f19

Hora de Término: 4294967295

Caminho do Aplicativo: C:\WINDOWS\syswow64\wwahost.exe

ID do Relatório: b9716e40-d88a-11e3-beb1-d850e69e3001

Nome completo do pacote com falha: Microsoft.SkypeApp_2.8.0.1001_x86__kzf8qxf38zg5c

ID do aplicativo relativo ao pacote com falha: App

Error: (05/10/2014 06:14:49 PM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: O programa IEXPLORE.EXE versão 11.0.9600.17037 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID do Processo: 15ac

Hora de Início: 01cf6c94d677e197

Hora de Término: 404

Caminho do Aplicativo: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

ID do Relatório: 1c88e347-d888-11e3-beb1-d850e69e3001

Nome completo do pacote com falha:

ID do aplicativo relativo ao pacote com falha:

Error: (05/10/2014 05:13:08 PM) (Source: Google Update) (User: CASA) (EventID: 20)
Description: Network Request Error.
Error: 0x80040801. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80040801. Http status code 0.
trying WinHTTP.
Send request returned 0x80040801. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80040801. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80040801. Http status code 0.
trying WinHTTP.
Send request returned 0x80040801. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80040801. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80040801. Http status code 0.
trying WinHTTP.
Send request returned 0x80040801. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80040801. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80040801. Http s

Error: (05/10/2014 03:03:48 PM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: O programa wwahost.exe versão 6.3.9600.17031 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID do Processo: 163c

Hora de Início: 01cf6c796f46b1be

Hora de Término: 4294967295

Caminho do Aplicativo: C:\WINDOWS\syswow64\wwahost.exe

ID do Relatório: 65f567a4-d86d-11e3-beb1-d850e69e3001

Nome completo do pacote com falha: Microsoft.SkypeApp_2.8.0.1001_x86__kzf8qxf38zg5c

ID do aplicativo relativo ao pacote com falha: App

Error: (05/10/2014 01:40:35 AM) (Source: Application Error) (User: ) (EventID: 1000)
Description: Nome do aplicativo com falha: wwahost.exe, versão: 6.3.9600.17031, carimbo de data/hora: 0x53085904
Nome do módulo com falha: KERNELBASE.dll, versão: 6.3.9600.17055, carimbo de data/hora: 0x532943a3
Código de exceção: 0x00000004
Deslocamento da falha: 0x00011d4d
ID do processo com falha: 0xaa0
Hora de início do aplicativo com falha: 0xwwahost.exe0
Caminho do aplicativo com falha: wwahost.exe1
Caminho do módulo com falha: wwahost.exe2
ID do Relatório: wwahost.exe3
Nome completo do pacote com falha: wwahost.exe4
ID do aplicativo relativo ao pacote com falha: wwahost.exe5


System errors:
=============
Error: (05/10/2014 11:57:27 AM) (Source: DCOM) (User: CASA) (EventID: 10010)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (05/10/2014 11:57:27 AM) (Source: DCOM) (User: CASA) (EventID: 10010)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (05/10/2014 11:57:27 AM) (Source: DCOM) (User: CASA) (EventID: 10010)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (05/10/2014 11:57:27 AM) (Source: DCOM) (User: CASA) (EventID: 10010)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (05/10/2014 11:57:26 AM) (Source: DCOM) (User: CASA) (EventID: 10010)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (05/10/2014 11:57:26 AM) (Source: DCOM) (User: CASA) (EventID: 10010)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (05/10/2014 11:57:26 AM) (Source: DCOM) (User: CASA) (EventID: 10010)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (05/10/2014 11:57:26 AM) (Source: DCOM) (User: CASA) (EventID: 10010)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (05/10/2014 02:46:57 AM) (Source: DCOM) (User: CASA) (EventID: 10010)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (05/10/2014 02:46:57 AM) (Source: DCOM) (User: CASA) (EventID: 10010)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}


Microsoft Office Sessions:
=========================
Error: (05/10/2014 06:48:52 PM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: BackgroundTaskHost.exe6.3.9600.16384c3001cf6c98380f78d54294967295C:\WINDOWS\System32\BackgroundTaskHost.exedcf9d466-d88c-11e3-beb1-d850e69e3001Microsoft.BingNews_3.0.2.258_x64__8wekyb3d8bbweAppexNews

Error: (05/10/2014 06:33:39 PM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: wwahost.exe6.3.9600.1703113e001cf6c96c5303f194294967295C:\WINDOWS\syswow64\wwahost.exeb9716e40-d88a-11e3-beb1-d850e69e3001Microsoft.SkypeApp_2.8.0.1001_x86__kzf8qxf38zg5cApp

Error: (05/10/2014 06:14:49 PM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: IEXPLORE.EXE11.0.9600.1703715ac01cf6c94d677e197404C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE1c88e347-d888-11e3-beb1-d850e69e3001

Error: (05/10/2014 05:13:08 PM) (Source: Google Update) (User: CASA) (EventID: 20)
Description: Network Request Error.
Error: 0x80040801. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80040801. Http status code 0.
trying WinHTTP.
Send request returned 0x80040801. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80040801. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80040801. Http status code 0.
trying WinHTTP.
Send request returned 0x80040801. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80040801. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80040801. Http status code 0.
trying WinHTTP.
Send request returned 0x80040801. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80040801. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80040801. Http s

Error: (05/10/2014 03:03:48 PM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: wwahost.exe6.3.9600.17031163c01cf6c796f46b1be4294967295C:\WINDOWS\syswow64\wwahost.exe65f567a4-d86d-11e3-beb1-d850e69e3001Microsoft.SkypeApp_2.8.0.1001_x86__kzf8qxf38zg5cApp

Error: (05/10/2014 01:40:35 AM) (Source: Application Error) (User: ) (EventID: 1000)
Description: wwahost.exe6.3.9600.1703153085904KERNELBASE.dll6.3.9600.17055532943a30000000400011d4daa001cf6c09f94070faC:\WINDOWS\syswow64\wwahost.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dll39862d30-d7fd-11e3-beaf-d850e69e3001Microsoft.SkypeApp_2.8.0.1001_x86__kzf8qxf38zg5cApp


CodeIntegrity Errors:
===================================
Date: 2014-04-18 23:21:37.611
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Definition Updates\{DC03F76C-1A26-4C15-B4D3-D9F0B0FD3ED6}\mpengine.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Baixe o arquivo fixlist.txt que está anexado nesta postagem e salve-o no mesmo lugar onde você deixou o Farbar (FRST64) que é este local abaixo:
C:\Users\cesar\Downloads

Execute o FRST64. Clique no botão Fix.

Aguarde e ao final, o log Fixlog.txt será salvo.

Selecione, copie e cole o conteúdo deste Fixlog.txt em sua próxima resposta e nos diga como está seu PC depois disto.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 15-05-2014
Ran by cesar at 2014-05-17 00:25:53 Run:2
Running from C:\Users\cesar\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
HKLM\...\Policies\Explorer: [NoControlPanel] 0
R3 BprotectEx; \??\C:\WINDOWS\System32\drivers\BprotectEx.sys [X]
R3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys [X]
2014-05-15 12:55 - 2014-05-15 12:55 - 00000000 ____D () C:\Users\cesar\AppData\Roaming\Baidu Security
2014-05-15 12:54 - 2014-05-15 12:54 - 00000000 ____D () C:\Users\Public\Documents\Baidu
2014-05-15 12:52 - 2014-05-15 12:55 - 00000000 ____D () C:\Users\Todos os Usuários\Baidu Security
2014-05-15 12:52 - 2014-05-15 12:55 - 00000000 ____D () C:\ProgramData\Baidu Security
2014-05-15 12:52 - 2014-05-15 12:52 - 00000000 ____D () C:\Program Files (x86)\Baidu Security
Task: {18EA2F42-6B5D-46A8-8511-047DD973D6B9} - \SomotoUpdateCheckerAutoStart No Task File <==== ATTENTION
end
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => Value deleted successfully.
BprotectEx => Service deleted successfully.
PCFApiUtil => Service deleted successfully.
C:\Users\cesar\AppData\Roaming\Baidu Security => Moved successfully.
C:\Users\Public\Documents\Baidu => Moved successfully.
C:\Users\Todos os Usuários\Baidu Security => Moved successfully.
"C:\ProgramData\Baidu Security" => File/Directory not found.
C:\Program Files (x86)\Baidu Security => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{18EA2F42-6B5D-46A8-8511-047DD973D6B9} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SomotoUpdateCheckerAutoStart => Key not found.

==== End of Fixlog ====

Como está o PC?

olha já esta muito melhor!! mas não igual antes de começar esses virus nele, ainda dá pequenas travadas em videos mesmo sem processamento alto do not, para entrar nos sites ele fica processando um pouco a pagina para depois entrar. antes essas coisas não aconteciam, o que vc acha?

Desative temporariamente seu antivírus para evitar conflitos.

*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.

Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by cesar on 18/05/2014 at 10:58:15,43.
Microsoft Windows 8.1 Single Language 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\cesar\Downloads\zoek (1).exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-05-10-044828.log 24143 bytes
C:\zoek-results2014-05-12-030514.log 29910 bytes
C:\zoek-results2014-05-13-183911.log 21453 bytes

==== Folders Found ======================

2014-05-08 14:00:39 2014-05-08 14:00:39 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-05-15 15:52:17 2014-05-15 15:52:17 -------- d-----w- C:\FRST\Quarantine\C\Program Files (x86)\Baidu Security
2014-05-15 15:55:32 2014-05-15 15:55:32 -------- d-----w- C:\FRST\Quarantine\C\Users\cesar\AppData\Roaming\Baidu Security
2014-05-15 15:54:47 2014-05-15 15:54:47 -------- d-----w- C:\FRST\Quarantine\C\Users\Public\Documents\Baidu
2014-05-10 14:16:49 2014-05-10 14:16:50 -------- d-----w- C:\Users\cesar\AppData\Roaming\ZHP\Quarantine\Baidu Security.DIR
2014-05-10 14:16:49 2014-03-14 00:58:59 -------- d-----w- C:\Users\cesar\AppData\Roaming\ZHP\Quarantine\Baidu Security.DIR\Baidu Antivirus
2014-05-10 14:16:50 2014-03-12 20:52:54 -------- d-----w- C:\Users\cesar\AppData\Roaming\ZHP\Quarantine\Baidu Security.DIR\Baidu Security
2014-05-10 14:16:51 2014-03-12 21:13:01 -------- d-----w- C:\Users\cesar\AppData\Roaming\ZHP\Quarantine\Baidu Security.DIR\Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall
2014-05-10 14:16:51 2014-03-12 21:13:01 -------- d-----w- C:\Users\cesar\AppData\Roaming\ZHP\Quarantine\Baidu Security.DIR\Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall HK
2014-03-12 20:46:20 2014-03-12 20:59:44 -------- d-----w- C:\Users\Public\Documents\Baidu Security

==== Files Found ======================


==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster\LogUp]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Processing]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Temp]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]

[HKEY_USERS\.DEFAULT\Software\Baidu]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]

[HKEY_USERS\.DEFAULT\Software\Baidu Security]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"ucloud"="u.br.bav.baidu.com"

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.br.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.br.bav.baidu.com/cgi-bin/url_visit_action.cgi"

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster]

[HKEY_USERS\S-1-5-21-2982737377-722400272-4200008662-1001\Software\Baidu Security]

[HKEY_USERS\S-1-5-21-2982737377-722400272-4200008662-1001\Software\Baidu Security\PC Faster]

[HKEY_USERS\S-1-5-21-2982737377-722400272-4200008662-1001\Software\Baidu Security\PC Faster\4.0.0.0]

[HKEY_USERS\S-1-5-21-2982737377-722400272-4200008662-1001\Software\Baidu Security\PC Faster\4.0.0.0\CleanRecord]

[HKEY_USERS\S-1-5-21-2982737377-722400272-4200008662-1001\Software\Baidu Security\PC Faster\4.0.0.0\Install]

[HKEY_USERS\S-1-5-21-2982737377-722400272-4200008662-1001\Software\Baidu Security\PC Faster\4.0.0.0\Install\7870203]

[HKEY_USERS\S-1-5-21-2982737377-722400272-4200008662-1001\Software\Baidu Security\PC Faster\4.0.0.0\Install\7870203]
"url"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_uninstall_channel_info.cgi?uninstall_channel=Baixaki|br|IBD|Bundle&version=4.0.5.67371&userid=d3bbb8523008e26514e60b0dff6e098b&old_userid=TE8513L9-D850E69E3001!2b283ca3-a7cf-4f61-bbd7-ad6a4c770106@#D850E69E3001&install_time=2014-05-15 15:54:47&parent_name="

[HKEY_USERS\S-1-5-21-2982737377-722400272-4200008662-1001\Software\Baidu Security\PC Faster\4.0.0.0\Install\7870765]

[HKEY_USERS\S-1-5-21-2982737377-722400272-4200008662-1001\Software\Baidu Security\PC Faster\4.0.0.0\Install\7870765]
"url"="http://sync.security.baidu.co.th/cgi-bin-py/get_uninstall_channel_info.cgi?uninstall_channel=Baixaki|br|IBD|Bundle&version=4.0.5.67371&userid=d3bbb8523008e26514e60b0dff6e098b&old_userid=TE8513L9-D850E69E3001!2b283ca3-a7cf-4f61-bbd7-ad6a4c770106@#D850E69E3001&install_time=2014-05-15 15:54:47&parent_name="

[HKEY_USERS\S-1-5-21-2982737377-722400272-4200008662-1001\Software\Baidu Security\PC Faster\4.0.0.0\Statistic]

[HKEY_USERS\S-1-5-21-2982737377-722400272-4200008662-1001\Software\Baidu Security\PC Faster\4.0.0.0\UUReport]

[HKEY_USERS\S-1-5-21-2982737377-722400272-4200008662-1001\Software\Baidu Security\PC Faster\Setup]

[HKEY_USERS\S-1-5-18\Software\Baidu]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]

[HKEY_USERS\S-1-5-18\Software\Baidu Security]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"ucloud"="u.br.bav.baidu.com"

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.br.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.br.bav.baidu.com/cgi-bin/url_visit_action.cgi"

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster]

==== C:\zoek_backup content ======================

C:\zoek_backup (files=128 folders=26 5107886 bytes)

==== EOF on 18/05/2014 at 11:06:23,58 ======================

Desative temporariamente seu antivírus para evitar conflitos.

*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.

Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by cesar on 18/05/2014 at 11:18:57,43.
Microsoft Windows 8.1 Single Language 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\cesar\Downloads\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-05-10-044828.log 24143 bytes
C:\zoek-results2014-05-12-030514.log 29910 bytes
C:\zoek-results2014-05-13-183911.log 21453 bytes
C:\zoek-results2014-05-18-140623.log 6742 bytes

==== System Restore Info ======================

18/05/2014 11:22:02 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster\LogUp]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Processing]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Temp]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[-HKEY_USERS\.DEFAULT\Software\Baidu]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"ucloud"=-
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"dcloud"=-
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"rcloud"=-
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster]
[-HKEY_USERS\S-1-5-21-2982737377-722400272-4200008662-1001\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-2982737377-722400272-4200008662-1001\Software\Baidu Security\PC Faster]
[-HKEY_USERS\S-1-5-21-2982737377-722400272-4200008662-1001\Software\Baidu Security\PC Faster\4.0.0.0]
[-HKEY_USERS\S-1-5-21-2982737377-722400272-4200008662-1001\Software\Baidu Security\PC Faster\4.0.0.0\CleanRecord]
[-HKEY_USERS\S-1-5-21-2982737377-722400272-4200008662-1001\Software\Baidu Security\PC Faster\4.0.0.0\Install]
[-HKEY_USERS\S-1-5-21-2982737377-722400272-4200008662-1001\Software\Baidu Security\PC Faster\4.0.0.0\Install\7870203]
[HKEY_USERS\S-1-5-21-2982737377-722400272-4200008662-1001\Software\Baidu Security\PC Faster\4.0.0.0\Install\7870203]
"url"=-
[-HKEY_USERS\S-1-5-21-2982737377-722400272-4200008662-1001\Software\Baidu Security\PC Faster\4.0.0.0\Install\7870765]
[HKEY_USERS\S-1-5-21-2982737377-722400272-4200008662-1001\Software\Baidu Security\PC Faster\4.0.0.0\Install\7870765]
"url"=-
[-HKEY_USERS\S-1-5-21-2982737377-722400272-4200008662-1001\Software\Baidu Security\PC Faster\4.0.0.0\Statistic]
[-HKEY_USERS\S-1-5-21-2982737377-722400272-4200008662-1001\Software\Baidu Security\PC Faster\4.0.0.0\UUReport]
[-HKEY_USERS\S-1-5-21-2982737377-722400272-4200008662-1001\Software\Baidu Security\PC Faster\Setup]
[-HKEY_USERS\S-1-5-18\Software\Baidu]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"ucloud"=-
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"dcloud"=-
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"rcloud"=-
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster]

==== Deleting Files \ Folders ======================

C:\Users\Public\Documents\Baidu Security deleted

==== Folders Found ======================

2014-05-08 14:00:39 2014-05-08 14:00:39 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-05-15 15:52:17 2014-05-15 15:52:17 -------- d-----w- C:\FRST\Quarantine\C\Program Files (x86)\Baidu Security
2014-05-15 15:55:32 2014-05-15 15:55:32 -------- d-----w- C:\FRST\Quarantine\C\Users\cesar\AppData\Roaming\Baidu Security
2014-05-15 15:54:47 2014-05-15 15:54:47 -------- d-----w- C:\FRST\Quarantine\C\Users\Public\Documents\Baidu
2014-05-10 14:16:49 2014-05-10 14:16:50 -------- d-----w- C:\Users\cesar\AppData\Roaming\ZHP\Quarantine\Baidu Security.DIR
2014-05-10 14:16:49 2014-03-14 00:58:59 -------- d-----w- C:\Users\cesar\AppData\Roaming\ZHP\Quarantine\Baidu Security.DIR\Baidu Antivirus
2014-05-10 14:16:50 2014-03-12 20:52:54 -------- d-----w- C:\Users\cesar\AppData\Roaming\ZHP\Quarantine\Baidu Security.DIR\Baidu Security
2014-05-10 14:16:51 2014-03-12 21:13:01 -------- d-----w- C:\Users\cesar\AppData\Roaming\ZHP\Quarantine\Baidu Security.DIR\Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall
2014-05-10 14:16:51 2014-03-12 21:13:01 -------- d-----w- C:\Users\cesar\AppData\Roaming\ZHP\Quarantine\Baidu Security.DIR\Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall HK
2014-05-18 14:26:46 2014-05-18 14:26:46 -------- d---a-w- C:\zoek_backup\C_Users_Public_Documents_Baidu Security

==== Files Found ======================


==== Registry Search Results for "Baidu" ======================


[HKEY_USERS\.DEFAULT\Software\Baidu Security]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\S-1-5-21-2982737377-722400272-4200008662-1001\Software\Baidu Security]

[HKEY_USERS\S-1-5-21-2982737377-722400272-4200008662-1001\Software\Baidu Security\PC Faster]

[HKEY_USERS\S-1-5-21-2982737377-722400272-4200008662-1001\Software\Baidu Security\PC Faster\4.0.0.0]

[HKEY_USERS\S-1-5-21-2982737377-722400272-4200008662-1001\Software\Baidu Security\PC Faster\4.0.0.0\Install]

[HKEY_USERS\S-1-5-21-2982737377-722400272-4200008662-1001\Software\Baidu Security\PC Faster\4.0.0.0\Install\7870203]

[HKEY_USERS\S-1-5-21-2982737377-722400272-4200008662-1001\Software\Baidu Security\PC Faster\4.0.0.0\Install\7870765]

[HKEY_USERS\S-1-5-18\Software\Baidu Security]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]

==== C:\zoek_backup content ======================

C:\zoek_backup (files=130 folders=32 5115053 bytes)

==== EOF on 18/05/2014 at 11:30:45,43 ======================

Desative temporariamente seu antivírus para evitar conflitos.

*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.

Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by cesar on 18/05/2014 at 12:55:18,22.
Microsoft Windows 8.1 Single Language 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\cesar\Downloads\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-05-10-044828.log 24143 bytes
C:\zoek-results2014-05-12-030514.log 29910 bytes
C:\zoek-results2014-05-13-183911.log 21453 bytes
C:\zoek-results2014-05-18-140623.log 6742 bytes
C:\zoek-results2014-05-18-143045.log 7233 bytes

==== System Restore Info ======================

18/05/2014 12:56:53 Zoek.exe System Restore Point Created Succesfully.

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_USERS\.DEFAULT\Software\Baidu Security]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
[-HKEY_USERS\S-1-5-21-2982737377-722400272-4200008662-1001\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-2982737377-722400272-4200008662-1001\Software\Baidu Security\PC Faster]
[-HKEY_USERS\S-1-5-21-2982737377-722400272-4200008662-1001\Software\Baidu Security\PC Faster\4.0.0.0]
[-HKEY_USERS\S-1-5-21-2982737377-722400272-4200008662-1001\Software\Baidu Security\PC Faster\4.0.0.0\Install]
[-HKEY_USERS\S-1-5-21-2982737377-722400272-4200008662-1001\Software\Baidu Security\PC Faster\4.0.0.0\Install\7870203]
[-HKEY_USERS\S-1-5-21-2982737377-722400272-4200008662-1001\Software\Baidu Security\PC Faster\4.0.0.0\Install\7870765]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]

==== Registry Search Results for "Baidu" ======================

No instances of string "Baidu" found.

==== C:\zoek_backup content ======================

C:\zoek_backup (files=130 folders=32 5115053 bytes)

==== EOF on 18/05/2014 at 12:59:30,46 ======================

O Baidu foi removido do seu PC. Melhorou um pouco ou ainda não?

melhorou!! esta 90% agora!!! a meu ver esta excelente, se você acredita que á ainda mawares nele, pode me passar mais procedimentos que o farei

Se você desconfia que possam ainda haver vírus no PC, você pode fazer o seguinte:

Acesse o site abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Execute o Nod32 Online seguindo as dicas deste artigo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Após o término do escaneamento será gerado um relatório (log) que estará no seguinte local do seu computador:
C:\Arquivos de programas\Eset\Eset Online Scanner\log.txt

Na sua próxima resposta poste este log do Nod32 Online.

Ficamos no aguardo de sua resposta.

ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
# version=8
# IEXPLORE.EXE=11.00.9600.16384 (winblue_rtm.130821-1623)
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=7343c98920809e40bf44d1d21a555d43
# engine=18315
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-05-19 08:19:28
# local_time=2014-05-19 05:19:28 (-0300, Hora oficial do Brasil)
# country="Brazil"
# lang=1033
# osver=6.3.9600 NT
# compatibility_mode=5893 16776574 100 52 0 4784637 0 0
# scanned=226356
# found=5
# cleaned=5
# scan_time=24630
sh=B4DF4E07B121C83FB8FC3C71CA4C5E6F54C3D957 ft=1 fh=e5e411c7ef9f1a1a vn="a variant of MSIL/Adware.PullUpdate.C application (cleaned by deleting - quarantined)" ac=C fn="C:\FRST\Quarantine\C\WINDOWS\SysWOW64\MovieMode.48CA2AEFA22D.2.6.78.dll.xBAD"
sh=AFBE631FAE4B96305E6A10C64BFA754FEF147B35 ft=1 fh=c71c00117cf53383 vn="a variant of Win32/Injected.F trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Users\cesar\Downloads\atube-catcher-385188-32-bits.exe"
sh=1814DC8C8906190793E022F74E9E00CD241ED7AC ft=1 fh=c71c00115388452c vn="a variant of Win32/Injected.F trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Users\cesar\Downloads\tapin-radio-1581-32-bits (1).exe"
sh=1814DC8C8906190793E022F74E9E00CD241ED7AC ft=1 fh=c71c00115388452c vn="a variant of Win32/Injected.F trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Users\cesar\Downloads\tapin-radio-1581-32-bits.exe"
sh=07890F9EE51F055CE4B408BEB777A512D04CA139 ft=0 fh=0000000000000000 vn="a variant of Win32/Packed.VMProtect.AAA trojan (deleted (after the next restart) - quarantined)" ac=C fn="D:\Users\cesar\Downloads\Battle.vs.Chess-SKIDROW\sr-bvsc.iso"

O log do Nod32 está limpo, só encontrou alguns problemas em seus downloads. Como está o PC?

esta exelente! na verdade então deu errado, pois deixei a madrugada ligado aqui para fazer o scan, até a hora que eu vi estava em 40% e 4 arquivos infectados, especificados como trojan em win38. alguém fechou a janela de scan agora de manhã sem querer, vou fazer a verificação denovo

No log dele estão constando alguns trojans, mas todos estavam em arquivos de download.