Computador lento

Boa tarde,

Meu computador está lento, acusando que tem vírus toda hora, abrindo várias janelas da internet e navegador muito lento.

Obrigado

Olá.

Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Você precisa estar registrado e conectado para ver este link.]

Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:

Remova adwares e toolbars maliciosas com o Adwcleaner

* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt

# AdwCleaner v4.109 - Relatório criado 04/02/2015 às 19:19:40
# Atualizado 24/01/2015 por Xplode
# Database : 2015-02-04.1 [Live]
# Sistema Operacional : Windows 8 Pro (64 bits)
# Usuário : Thiago - PC
# Executando de : C:\Users\Thiago\Downloads\AdwCleaner.exe
# Opção : Limpar

***** [ Serviços ] *****

[#] Serviço Deletada : globalUpdate
[#] Serviço Deletada : globalUpdatem
Serviço Deletada : servervo
Serviço Deletada : serversu
Serviço Deletada : {75c3b424-f399-4561-aeba-97a661cdfaae}Gw64

***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\apn
Pasta Deletada : C:\ProgramData\baidu
Pasta Deletada : C:\ProgramData\BreakingNewsAlert
Pasta Deletada : C:\Program Files (x86)\globalUpdate
Pasta Deletada : C:\Program Files (x86)\PennyBee
Pasta Deletada : C:\Program Files (x86)\predm
Pasta Deletada : C:\Program Files (x86)\surf slide
Pasta Deletada : C:\Users\Thiago\AppData\Local\Temp\surf slide
Pasta Deletada : C:\Users\Thiago\AppData\Local\Gameo
Pasta Deletada : C:\Users\Thiago\AppData\Local\globalUpdate
Pasta Deletada : C:\Users\Thiago\AppData\Local\SmartWeb
Pasta Deletada : C:\Users\Thiago\AppData\Local\BreakingNewsAlert
Pasta Deletada : C:\Users\Thiago\AppData\LocalLow\SmartWeb
Pasta Deletada : C:\Users\Thiago\AppData\Roaming\Gameo
Pasta Deletada : C:\Users\Thiago\AppData\Roaming\SoftwareUpdater
Pasta Deletada : C:\Users\Thiago\AppData\Roaming\Systweak
Pasta Deletada : C:\Users\Thiago\AppData\Roaming\VOPackage
Pasta Deletada : C:\Users\Thiago\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
Arquivo Deletada : C:\ProgramData\Duplicaterecord.js
Arquivo Deletada : C:\Windows\System32\roboot64.exe
Arquivo Deletada : C:\Windows\System32\drivers\{75c3b424-f399-4561-aeba-97a661cdfaae}Gw64.sys
Arquivo Deletada : C:\Users\Thiago\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Hao123.lnk
Arquivo Deletada : C:\Users\Thiago\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartWeb.lnk
Arquivo Deletada : C:\Users\Thiago\Desktop\Continue Live Installation.lnk
Arquivo Deletada : C:\Users\Thiago\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Arquivo Deletada : C:\Users\Thiago\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
Arquivo Deletada : C:\Users\Thiago\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage
Arquivo Deletada : C:\Users\Thiago\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage-journal
Arquivo Deletada : C:\Users\Thiago\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
Arquivo Deletada : C:\Users\Thiago\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal
Arquivo Deletada : C:\Users\Thiago\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage
Arquivo Deletada : C:\Users\Thiago\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage-journal
Arquivo Deletada : C:\Users\Thiago\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal

***** [ Tarefas ] *****

Tarefa Deletedo : globalUpdateUpdateTaskMachineCore
Tarefa Deletedo : globalUpdateUpdateTaskMachineUA
Tarefa Deletedo : gameo_update
Tarefa Deletedo : a1e823c5-efe0-4b3c-b993-95da5de7541f-1-6
Tarefa Deletedo : a1e823c5-efe0-4b3c-b993-95da5de7541f-1-7
Tarefa Deletedo : a1e823c5-efe0-4b3c-b993-95da5de7541f-5
Tarefa Deletedo : a1e823c5-efe0-4b3c-b993-95da5de7541f-5_user
Tarefa Deletedo : a1e823c5-efe0-4b3c-b993-95da5de7541f-6
Tarefa Deletedo : a1e823c5-efe0-4b3c-b993-95da5de7541f-7

***** [ Atalhos ] *****


***** [ Registro ] *****

Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Valor Deletedo : HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel [Homepage]
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Chave Deletedo : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Chave Deletedo : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Chave Deletedo : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{916ACF26-E1A6-45DA-B34F-2147D400448C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{916ACF26-E1A6-45DA-B34F-2147D400448C}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\Web
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKCU\Software\GlobalUpdate
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\InstalledBrowserExtensions
Chave Deletedo : HKCU\Software\systweak
Chave Deletedo : HKCU\Software\TutoTag
Chave Deletedo : HKCU\Software\gameo
Chave Deletedo : HKCU\Software\AppDataLow\Software\DynConIE
Chave Deletedo : HKCU\Software\AppDataLow\Software\SmartWeb
Chave Deletedo : HKLM\SOFTWARE\GlobalUpdate
Chave Deletedo : HKLM\SOFTWARE\InstalledBrowserExtensions
Chave Deletedo : HKLM\SOFTWARE\MyBestOffersToday
Chave Deletedo : HKLM\SOFTWARE\systweak
Chave Deletedo : HKLM\SOFTWARE\Tutorials
Chave Deletedo : HKLM\SOFTWARE\webssearchesSoftware
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdater
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SmartWeb
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BreakingNewsAlert
Chave Deletedo : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions

***** [ Navegadores ] *****

-\\ Internet Explorer v10.0.9200.17183

Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Google Chrome v40.0.2214.94


*************************

AdwCleaner[R0].txt - [5460 octets] - [15/08/2014 16:18:37]
AdwCleaner[R1].txt - [1106 octets] - [16/08/2014 20:22:20]
AdwCleaner[R2].txt - [15047 octets] - [04/02/2015 19:16:52]
AdwCleaner[S0].txt - [4720 octets] - [15/08/2014 16:22:11]
AdwCleaner[S1].txt - [1108 octets] - [16/08/2014 20:23:21]
AdwCleaner[S2].txt - [13323 octets] - [04/02/2015 19:19:40]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [13384 octets] ##########

Desative temporariamente seu antivírus para evitar conflitos.

* Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Você precisa estar registrado e conectado para ver este link.]

Para executá-lo corretamente siga as dicas deste tutorial:

Exclua adwares e outras ameaças de seu PC e browsers com o aplicativo Zoek

* Assim que ele concluir a limpeza dos problemas acesse o log (relatório) do Zoek que estará em C:\zoek-results.txt e copie todo seu conteúdo e poste em sua próxima resposta.

Zoek.exe v5.0.0.0 Updated 05-February-2015
Tool run by Thiago on 05/02/2015 at 7:45:10,74.
Microsoft Windows 8 Pro 6.2.9200 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Thiago\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

05/02/2015 07:45:43 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\CinemaP-1.9cV03.02 deleted successfully
C:\PROGRA~3\CorelDRAW Graphics Suite X7 x64 deleted successfully
C:\Users\Thiago\AppData\Roaming\Baidu Security deleted successfully
C:\Users\Thiago\AppData\Roaming\Corel deleted successfully
C:\Users\Thiago\AppData\Roaming\WSE_Taplika deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\YHGdUvfsC deleted successfully

==== Deleting Files \ Folders ======================

C:\PROGRA~3\CorelDRAW Graphics Suite X7 x64 not found
C:\PROGRA~2\2ae8e4a4-2953-40ef-b397-bec264467640 deleted
C:\PROGRA~2\WSE_Taplika deleted
C:\PROGRA~2\Search Vortex deleted
C:\Users\Thiago\AppData\Roaming\WB.CFG deleted
C:\Users\Thiago\AppData\Roaming\GoldenGate deleted
C:\PROGRA~3\Package Cache deleted
C:\Windows\tasks\KCEUZLVN.job deleted
C:\windows\SysNative\tasks\KCEUZLVN deleted
C:\windows\SysNative\tasks\060184C3-9766-46a0-B258-F4518A0B2633 deleted
C:\windows\SysNative\tasks\WSE_Taplika deleted
C:\Windows\tasks\WSE_Taplika.job deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\GPT.INI deleted
C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted
C:\Users\Thiago\AppData\Roaming\KCEUZLVN.exe deleted
"C:\Users\Thiago\AppData\Local\{D41A6DDC-52A7-473D-91F8-9EDD0DB2A4F0}" deleted
"C:\Users\Thiago\AppData\Roaming\KCEUZLVN" deleted
"C:\PROGRA~3\TOkhDMx\info.dat" not deleted
"C:\PROGRA~3\TOkhDMx\YHGdUvfsC.dat" not deleted
"C:\PROGRA~3\TOkhDMx\YHGdUvfsC.exe" deleted
"C:\PROGRA~3\TOkhDMx\dat\dUtYUIS.dll" not deleted
"C:\PROGRA~3\TOkhDMx\dat\meWKwhekyw.exe" not deleted
"C:\PROGRA~3\TOkhDMx\dat\meWKwhekyw.exe.config" not deleted
"C:\PROGRA~3\TOkhDMx\dat\OwzxwfSSJH.dll" not deleted
"C:\PROGRA~3\TOkhDMx\dat\pgaxMuGmSa.exe" not deleted
"C:\PROGRA~3\TOkhDMx\dat\pgaxMuGmSa.exe.config" not deleted
"C:\PROGRA~3\TOkhDMx" not deleted
"C:\PROGRA~3\TOkhDMx\dat" not deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [04/02/2015 19:21]

==== Chromium Look ======================

Google Chrome Version: 40.0.2214.94 (Up to date, latest Stable version: 40.0.2214.94)

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[04/02/2015 17:26]
lfkjojacgdjkninepeghaamnapdjmlfn - No path found[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
lfkjojacgdjkninepeghaamnapdjmlfn - No path found[]

Google Drive - Thiago\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Thiago\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Thiago\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Avast Online Security - Thiago\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Google Wallet - Thiago\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Thiago\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Fix ======================

C:\Users\Thiago\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage deleted successfully
C:\Users\Thiago\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully
C:\Users\Thiago\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{589B893E-773C-4941-88C2-0DCC718E621C} Microsoft (Bing) Url="http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01"

==== Reset Google Chrome ======================

C:\Users\Thiago\AppData\Local\Google\Chrome\User Data\Default\Preferences will be reset at reboot
C:\Users\Thiago\AppData\Local\Google\Chrome\User Data\Default\Web Data will be reset at reboot

==== shortcuts on Users Desktops ======================

C:\Users\Thiago\Desktop\Cedente - Atalho.lnk - C:\8.144-2 THIAGO GALVAO DE RESENDE\Sicoob\Cedente.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Thiago\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe [Você precisa estar registrado e conectado para ver este link.]
C:\Users\Thiago\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk - C:\Users\Thiago\AppData\Roaming\Dropbox\bin\Dropbox.exe /home
C:\Users\Thiago\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Uninstall Dropbox.lnk - C:\Users\Thiago\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
C:\Users\Thiago\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - C:\Users\Thiago\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1033-7B44-AB0000000001}\SC_Reader.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [Você precisa estar registrado e conectado para ver este link.]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files\Java\jre1.8.0_31\bin\javacpl.exe -tab about
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files\Java\jre1.8.0_31\bin\javacpl.exe -tab update
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configurar Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_31\bin\javacpl.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files\Java\jre1.8.0_31\bin\javacpl.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Obter Ajuda.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Sobre o Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_31\bin\javacpl.exe -tab about
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Verificar Atualizações.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visite Java.com.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Access 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\accicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Enviar para o OneNote 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\joticon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\xlicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Lync 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\lyncicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneDrive for Business 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\grv_icons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneNote 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\joticon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outlook 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\outicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\pptico.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\wordicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Gerenciador de Gravação do Lync.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape\PhotoScape.lnk - C:\Program Files (x86)\PhotoScape\PhotoScape.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape\Uninstall PhotoScape.lnk - C:\Program Files (x86)\PhotoScape\uninstall.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Thiago\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [Você precisa estar registrado e conectado para ver este link.]
C:\Users\Thiago\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe [Você precisa estar registrado e conectado para ver este link.]
C:\Users\Thiago\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk - C:\Program Files (x86)\PhotoScape\PhotoScape.exe
C:\Users\Thiago\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Thiago\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Thiago\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -
C:\Users\Thiago\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk - C:\Users\Thiago\AppData\Roaming\Microsoft\Windows\Libraries
C:\Users\Thiago\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [Você precisa estar registrado e conectado para ver este link.]
C:\Users\Thiago\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe [Você precisa estar registrado e conectado para ver este link.]
C:\Users\Thiago\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\PhotoScape.lnk - C:\Program Files (x86)\PhotoScape\PhotoScape.exe
C:\Users\Thiago\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\SGI.lnk - C:\Realtec\Sgi\Exe\SGI.exe
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== shortcuts After Repair ======================

C:\Users\Thiago\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Thiago\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Thiago\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Thiago\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Thiago\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Thiago\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Thiago\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Thiago\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=97 folders=83 14945954 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Thiago\AppData\Local\Temp will be emptied at reboot
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Thiago\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\PROGRA~3\TOkhDMx\info.dat" not found
"C:\PROGRA~3\TOkhDMx\YHGdUvfsC.dat" not found
"C:\PROGRA~3\TOkhDMx\dat\dUtYUIS.dll" not found
"C:\PROGRA~3\TOkhDMx\dat\meWKwhekyw.exe" not found
"C:\PROGRA~3\TOkhDMx\dat\meWKwhekyw.exe.config" not found
"C:\PROGRA~3\TOkhDMx\dat\OwzxwfSSJH.dll" not found
"C:\PROGRA~3\TOkhDMx\dat\pgaxMuGmSa.exe" not found
"C:\PROGRA~3\TOkhDMx\dat\pgaxMuGmSa.exe.config" not found
"C:\Users\Thiago\AppData\Local\Google\Chrome\User Data\Default\Preferences" not found
"C:\Users\Thiago\AppData\Local\Google\Chrome\User Data\Default\Web Data" not found
"C:\PROGRA~3\TOkhDMx" not found

==== EOF on 05/02/2015 at 8:07:24,84 ======================

Faça o download do Malwarebytes em um destes links abaixo:
[Você precisa estar registrado e conectado para ver este link.]
[Você precisa estar registrado e conectado para ver este link.]

Para instalá-lo e executá-lo corretamente siga, por gentileza, as dicas desta postagem:

Tutorial do Malwarebytes Anti-Malware

Na sua próxima resposta poste este log (relatório) do Malwarebytes.

Ficamos no aguardo.

Malwarebytes Anti-Malware
[Você precisa estar registrado e conectado para ver este link.]

Data da Verificação: 05/02/2015
Hora da Verificação: 17:01:05
Arquivo de Log: LOg.txt
Administrador: Sim

Versão: 2.00.4.1028
Base de Dados de Malware: v2015.02.05.08
Base de Dados de Rootkit: v2015.02.03.01
Licença: Grátis
Proteção de Malware: Desabilitado
Proteção de Site Malicioso: Desabilitado
Auto-Proteção: Desabilitado

SO: Windows 8
Processador: x64
Sistema de Arquivos: NTFS
Usuário: Thiago

Tipo da Verificação: Verificação Personalizada
Resultado: Terminado
Objetos Verificados: 494079
Tempo Decorrido: 1 hr, 48 min, 31 seg

Memória: Habilitado
Inicialização: Habilitado
Sistema de Arquivos: Habilitado
Arquivos Compactados: Habilitado
Rootkits: Habilitado
Heurística: Habilitado
PUP: Habilitado
PUM: Habilitado

Processos: 0
(Nenhum item malicioso detectado)

Módulos: 0
(Nenhum item malicioso detectado)

Chaves de Registro: 10
PUP.Optional.Taplika.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\lfkjojacgdjkninepeghaamnapdjmlfn, Quarentena, [f81ab26893f7b87ede6dcfb99b6826da],
PUP.Optional.Cinema.A, HKLM\SOFTWARE\WOW6432NODE\CinemaP-1.9cV03.02-nv, Quarentena, [da38cb4f3b4f90a6081f287507fc54ac],
PUP.Optional.Cinema.A, HKLM\SOFTWARE\WOW6432NODE\CinemaP-1.9cV03.02-nv-ie, Quarentena, [888a41d9098160d62007425b60a337c9],
PUP.Optional.Taplika.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\lfkjojacgdjkninepeghaamnapdjmlfn, Quarentena, [ed254ad0abdff541ec5ff593b053926e],
PUP.Optional.Cinema.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CinemaP-1.9cV03.02-nv, Quarentena, [3ed4d8425f2b90a63deb306dee1520e0],
PUP.Optional.Cinema.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CinemaP-1.9cV03.02-nv-ie, Quarentena, [c949dc3eef9b6fc78f99faa35da6de22],
PUP.Optional.Cinema.A, HKU\S-1-5-21-1201532935-1622083873-4088909700-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CinemaP-1.9cV03.02-nv, Quarentena, [1df538e24545c472f92fcfcec53e8e72],
PUP.Optional.Cinema.A, HKU\S-1-5-21-1201532935-1622083873-4088909700-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CinemaP-1.9cV03.02-nv-ie, Quarentena, [e32fd347305aa2946dbbc7d6aa59e11f],
PUP.Optional.Taplika.A, HKU\S-1-5-21-1201532935-1622083873-4088909700-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Taplika Browser, Quarentena, [e72baf6be8a23cfa36143454ab58bc44],
PUP.Optional.Taplika.A, HKU\S-1-5-21-1201532935-1622083873-4088909700-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\lfkjojacgdjkninepeghaamnapdjmlfn, Quarentena, [8a88100a4149191d98b41177699a2ed2],

Valores de Registro: 2
PUP.Optional.SmartWeb.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|SmartWeb, C:\Users\Thiago\AppData\Local\SmartWeb\SmartWebHelper.exe, Quarentena, [0e04ab6f2c5e3cfa6d597519d42feb15]
PUP.Optional.MBot.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|mbot_br_553, Quarentena, [3cd6cf4b4c3eef47e5a27c23e221bf41],

Dados de Registro: 0
(Nenhum item malicioso detectado)

Pastas: 1
PUP.Optional.BreakingNewsAlert.A, C:\Users\Thiago\AppData\Local\BreakingNewsAlert, Quarentena, [1ff39288fe8ce155a7f6f59bc142d22e],

Arquivos: 18
PUP.Optional.SmartWeb.A, C:\AdwCleaner\Quarantine\C\Users\Thiago\AppData\Local\SmartWeb\SmartWebApp.exe.vir, Quarentena, [e52d95857119d56103512dca867b11ef],
PUP.Optional.SmartWeb.A, C:\AdwCleaner\Quarantine\C\Users\Thiago\AppData\Local\SmartWeb\SmartWebHelper.exe.vir, Quarentena, [19f97c9e37531620035164939c65f40c],
PUP.Optional.SmartWeb.A, C:\AdwCleaner\Quarantine\C\Users\Thiago\AppData\Local\SmartWeb\swhk.dll.vir, Quarentena, [ab67809a17733303262ebe39c9389b65],
PUP.Optional.SmartWeb.A, C:\AdwCleaner\Quarantine\C\Users\Thiago\AppData\Local\SmartWeb\uninst.exe.vir, Quarentena, [a66cb367fd8dca6c104433c4c63b3ac6],
PUP.Optional.Nova.A, C:\Program Files (x86)\Baidu Security\cd0053f7-ac6e-4202-85f5-5a8df4a9a0cf.dll, Quarentena, [1ff39a80404a3afc64c28d79857d9769],
PUP.Optional.Elite, C:\Users\Thiago\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000000, Quarentena, [3cd644d6385225112a054316926e52ae],
PUP.Optional.Somoto, C:\Users\Thiago\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\00\00000000, Quarentena, [15fd7aa025654bebe1a0a370689a41bf],
PUP.Optional.Firseria, C:\Users\Thiago\Downloads\PhotoScape.exe, Quarentena, [49c955c54d3d87af9ef7e2c356afc13f],
PUP.Optional.CrossRider.A, C:\zoek_backup\C_Users_Thiago_AppData_Roaming_KCEUZLVN.exe.vir, Quarentena, [3cd61dfd26644cea2f8d6283c540db25],
PUP.Optional.Nova.A, C:\zoek_backup\C_PROGRA~2_2ae8e4a4-2953-40ef-b397-bec264467640\e2d8b403-286a-4d2f-963d-21e70ddf9bfb.dll, Quarentena, [e13143d7eaa0a78f86a0bb4bec16a858],
PUP.Optional.DealKeeper.A, C:\zoek_backup\C_PROGRA~2_Deal Keeper\updateDealKeeper.exe, Quarentena, [c2507aa0a8e2fb3bbb93fcda7988c739],
PUP.Optional.BreakingNewsAlert.A, C:\zoek_backup\C_PROGRA~3_TOkhDMx\YHGdUvfsC.exe, Quarentena, [b0624ecc3c4e59dda34a965c45bcf20e],
PUP.Optional.BreakingNewsAlert.A, C:\zoek_backup\C_PROGRA~3_TOkhDMx\dat\meWKwhekyw.exe, Quarentena, [947e12082c5e4fe74ca1ce2491706c94],
PUP.Optional.BreakingNewsAlert.A, C:\zoek_backup\C_PROGRA~3_TOkhDMx\dat\pgaxMuGmSa.exe, Quarentena, [32e043d7dcae9f972cc1ad458d74ef11],
PUP.Optional.OptimizerMonitor.A, C:\Windows\SysWOW64\OptimizerMonitor.ini, Quarentena, [ef23b466aedca294622a6a1a48bbb947],
PUP.Optional.OptimizerMonitor.A, C:\Windows\System32\OptimizerMonitorOff.ini, Quarentena, [bb57fb1f800a9b9b0786780cb44ff709],
PUP.Optional.OptimizerMonitor.A, C:\Windows\SysWOW64\OptimizerMonitorOff.ini, Quarentena, [aa687f9b088291a51875f68e758eb947],
PUP.Optional.BreakingNewsAlert.A, C:\Users\Thiago\AppData\Local\BreakingNewsAlert\data2.dat, Quarentena, [1ff39288fe8ce155a7f6f59bc142d22e],

Setores Físicos: 0
(Nenhum item malicioso detectado)


(end)

Faça o download do < ZHPCleaner >  < [Você precisa estar registrado e conectado para ver esta imagem.]> ( ... de Nicolas Coolman )

Obs: Ao acessar o link acima clique no botão Télécharger referente ao ZHPCleaner para baixá-lo, tal como mostra a imagem abaixo:

[Você precisa estar registrado e conectado para ver esta imagem.]

Para executá-lo corretamente siga as dicas desta postagem:

Tutorial completo do ZHPCleaner

Após a utilização dele, copie todo o conteúdo do seu relatório ZHPCleaner.txt e poste em sua próxima resposta.

~ ZHPCleaner v2015.2.5.51 by Nicolas Coolman (05/02/2015)
~ Run by Thiago (Administrator) (05/02/2015 20:15:33)
~ Forum : [Você precisa estar registrado e conectado para ver este link.]
~ Facebook : [Você precisa estar registrado e conectado para ver este link.]
~ State version : Version OK
~ Type : Repair
~ Report : C:\Users\Thiago\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Thiago\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Windows 8, 64-bit (Build 9200)


---\\ Services (0)
~ No malicious items found.


---\\ Browser internet (0)
~ No malicious items found.


---\\ Hosts file (2)
REPLACED:
Number of found redirections 1/22


---\\ Scheduled automatic tasks. (0)
~ No malicious items found.


---\\ Explorer ( File, Folder) (12)
MOVED folder: C:\ProgramData\Baidu Security\RpData (Adware.BDPlugin)
MOVED folder: C:\ProgramData\Baidu Security (Adware.BDPlugin)
MOVED file: C:\Windows\Prefetch\MYBESTOFFERSTODAY.TMP-B1C4108B.pf (PUP.MyBestOffersToday)
MOVED file: C:\Windows\Prefetch\PACKAGE_MYBESTOFFERSTODAY_INS-76117C48.pf (PUP.MyBestOffersToday)
MOVED file: C:\Windows\Prefetch\PREDM.TMP-301A2145.pf (Adware.Downware)
MOVED file: C:\Windows\Prefetch\PREDM.TMP-A7CA0A60.pf (Adware.Downware)
MOVED file: C:\Windows\Prefetch\SYSTWEAKASP.TMP-C62665CF.pf (PUP.Systweak)
MOVED file: C:\Windows\Prefetch\TAPLIKA.EXE-37EBA673.pf (PUP.Taplika)
MOVED file: C:\Windows\Prefetch\VOPACKAGE.EXE-219D0F55.pf (Adware.Downware)
MOVED file: C:\Windows\Prefetch\WINCHECKWRAPPER.EXE-D94850E4.pf (PUP.Wincheck)
MOVED file*: C:\Users\Thiago\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_gameofthrones.wikia.com_0.localstorage (PUP.Gameo)
MOVED file*: C:\Users\Thiago\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_gameofthrones.wikia.com_0.localstorage-journal (PUP.Gameo)


---\\ Registry ( Key, Value, Data) (6)
DELETED key: [X64] HKLM\SYSTEM\CurrentControlSet\Services\serverjo [C:\Users\Thiago\AppData\Roaming\VOPackage\JOSrv.exe] (Adware.Downware)
DELETED key: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Update surf slide ["C:\Program Files (x86)\surf slide\updatesurfslide.exe"] (PUP.SurfSlide)
DELETED value: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\uTorrent ["C:\Users\Thiago\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED] (Heuristic.KeyRun)
DELETED key: HKLM\SOFTWARE\Wow6432Node\d94cc2c1-3085-4b63-96c6-1dfd8dadf8bc [] (PUP.CrossRider)
DELETED key*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\shoppingate.info [260162] (PUP.ShoppinGate)
DELETED key*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update surf slide [] (PUP.SurfSlide)



---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Mozilla Firefox)
~ Browser not found (Opera Software)
~ The system has been restarted.


---\\ Statistics
~ Items scanned : 77603
~ Items found : 1
~ Items repaired : 18


End of clean at 20:23:29
===================
ZHPCleaner-[R]-05022015-20_23_29.txt

Baixe o programa Junkware Removal Tool no link abaixo:
[Você precisa estar registrado e conectado para ver este link.]

Para executar corretamente o programa acima é só seguir as dicas deste tutorial:

Tutorial do Junkware Removal Tool

* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 8 Pro x64
Ran by Thiago on 05/02/2015 at 22:36:05,72
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\baidu security"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05/02/2015 at 22:41:06,00
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Faça o download do < ZHPDiag >  < [Você precisa estar registrado e conectado para ver esta imagem.]> ( ... de Nicolas Coolman )

Obs: Ao acessar o link acima clique no botão Télécharger referente ao ZHPDiag para baixá-lo, tal como mostra a imagem abaixo:

[Você precisa estar registrado e conectado para ver esta imagem.]

Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:

Tutorial de instalação e execução do aplicativo ZHPDiag

* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.
_____________________________________________________________________________

Obs: Caso o relatório do ZHPDiag fique muito grande e não couber na sua resposta, acesse o site Cjoint:
[Você precisa estar registrado e conectado para ver este link.]

Clique no botão Escolher arquivo > Selecione o arquivo do log (relatório) e clique no botão Abrir.

Clique no botão Créer le lien Cjoint

Copie o link que aparecerá ao lado da frase Le lien a été créé e poste este link em sua próxima resposta.

No momento estou no trabalho, mas amanhã te passo o próximo procedimento, OK?

Ok, muito obrigado. Ficarei aguardando.

 Selecione e copie todo o texto destacado em vermelho abaixo (começando em script zhpfix e indo até emptyclsid)

script zhpfix
SysRestore
O4 - HKLM\..\RunOnce: [ZHPCleaner_File1] cmd\c erase C:\Users\Thiago\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_gameofthrones.wikia.com_0.localstorage (.not file.)   =>PUP.Gameo
O4 - HKLM\..\RunOnce: [ZHPCleaner_File2] cmd\c erase C:\Users\Thiago\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_gameofthrones.wikia.com_0.localstorage-journal (.not file.)   =>PUP.Gameo
O4 - HKLM\..\RunOnce: [ZHPCleaner] Notepad C:\Users\Thiago\AppData\Roaming\ZHP\ZHPCleaner.txt (.not file.)   =>.Nicolas Coolman
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe   =>.Piriform Ltd
O4 - HKUS\S-1-5-21-1201532935-1622083873-4088909700-1001\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe   =>.Piriform Ltd
[HKCU\Software\Baidu Security]    
[HKCU\Software\Baixaki]    
[HKCU\Software\KCEUZLVN]
[HKLM\Software\Baidu Security]    
[HKLM\Software\Wow6432Node\Baidu Security]    
[HKLM\Software\Wow6432Node\Baidu_Drp_pos]    
O43 - CFD: 09/08/2014 - 21:31:05 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hao123-Brazil
O45 - LFCP:[MD5.447AB841E92B52964B83AD31A12088F2] - 03/02/2015 - 22:12:25 ---A- - C:\Windows\Prefetch\SURFSLIDE.PURBROWSE64.EXE-F9905A49.pf   =>PUP.SurfSlide
O45 - LFCP:[MD5.FFCAC8E8931CBEAA593305FDCF4979BA] - 03/02/2015 - 22:03:04 ---A- - C:\Windows\Prefetch\SURFSLIDESETUP.EXE-A18DC96E.pf   =>PUP.SurfSlide
O45 - LFCP:[MD5.A20DD4EA5C6607638D4D5AD75AB660DD] - 04/02/2015 - 16:25:37 ---A- - C:\Windows\Prefetch\UPDATESURFSLIDE.EXE-F57B11FA.pf   =>PUP.SurfSlide
O61 - LFC: 02/02/2015 - 22:54:27 ---A- . (...) -- C:\Users\Thiago\AppData\Local\Temp\jrt\get.bat   [14924]
O61 - LFC: 02/02/2015 - 22:54:27 ---A- . (...) -- C:\Users\Thiago\AppData\Local\Temp\jrt\misc.bat   [191237]
O61 - LFC: 02/02/2015 - 22:54:27 ---A- . (...) -- C:\Users\Thiago\AppData\Local\Temp\jrt\runvalues.bat   [11201]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]:ZHPCleaner_File1   =>PUP.Gameo^
ShortcutFix
EmptyTemp
EmptyFlash
emptyclsid
_____________________________________________________________________________________________________________

 Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta.

Nota: Esse script foi elaborado somente para este computador, de acordo com os arquivos e chaves presentes.

Aos visitantes: Se estiverem com um problema semelhante, não utilizem esse script, pois o uso sem supervisão pode causar danos ao sistema.

Rapport de ZHPFix 2015.1.15.1 par Nicolas Coolman, Update du 15/01/2015
Fichier d'export Registre :
Run by Thiago at 07/02/2015 10:24:39
High Elevated Privileges : OK
Windows 8 Business Edition, 64-bit (Build 9200)

Reciclagem vazia (00mn 12s)
Reparação de atalhos do navegador

========== Chaves do Registo ==========
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ: HKCU\Software\Baixaki
ELIMINÉ: HKCU\Software\KCEUZLVN
ELIMINÉ:* HKLM\Software\Baidu Security
ELIMINÉ: HKLM\Software\Wow6432Node\Baidu_Drp_pos

========== Valores do Registo ==========
ELIMINÉ RunValue: ZHPCleaner_File1
ELIMINÉ RunValue: ZHPCleaner_File2
ELIMINÉ RunValue: ZHPCleaner

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINÉ: c:\windows\prefetch\surfslide.purbrowse64.exe-f9905a49.pf
ELIMINÉ: c:\windows\prefetch\surfslidesetup.exe-a18dc96e.pf
ELIMINÉ: c:\windows\prefetch\updatesurfslide.exe-f57b11fa.pf
ELIMINÉ: c:\users\thiago\appdata\local\temp\jrt\get.bat
ELIMINÉ: c:\users\thiago\appdata\local\temp\jrt\misc.bat
ELIMINÉ: c:\users\thiago\appdata\local\temp\jrt\runvalues.bat
ELIMINÉ Temporários windows (0) (0 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
5 : Chaves do Registo
3 : Valores do Registo
1 : Pastas
8 : Ficheiros
1 : Restauração Sistema


End of clean in 00mn 48s

========== Caminho do ficheiro do relatório ==========
C:\Users\Thiago\AppData\Roaming\ZHP\ZHPFix[R1].txt - 07/02/2015 10:24:51 [1556]

como está o computador?

Está muito melhor, parou de abrir várias janelas e está bem mais rápido.

Fico feliz que o problema tenha sido resolvido.

Só para finalizar siga estes tutoriais abaixo, por gentileza:

Excluindo erros e otimizando seu PC com o CCleaner

Elimine arquivos inúteis de seu PC com o PureRa
_______________________________________________________________________________________________________________________

Para remover os programas usados na limpeza deste PC e criar um novo ponto de restauração seguro e sem problemas, utilize o DelFix seguindo as dicas deste tutorial.
_______________________________________________________________________________________________________________________

Foi um prazer ajudar. Conte sempre conosco!

O PC ficou muito bom, obrigado.

CASO RESOLVIDO

Necessitando nova verificação para este computador, basta abrir um Novo Tópico e relatar o problema.