Notebook lento

Alguém poderia me ajudar, por gentileza? Abaixo o relatorio do Hijackthis. Muito obrigada!

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:07:00, on 30/01/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal

Running processes:
C:\PROGRA~2\GbPlugin\GbpSv.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Sarah\Desktop\HijackThis.exe
C:\Windows\SysWOW64\rundll32.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll (file missing)
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: DealPly - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files (x86)\DealPly\DealPlyIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll
O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
O4 - HKLM\..\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\oem\Roxio Burn\RoxioBurnLauncher.exe"
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [spydig.exe] C:\Program Files (x86)\SpyDig\spydig.exe
O4 - HKLM\..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
O4 - HKLM\..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_3AA6F76B1F039D21D0A8ED450CE79138] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\RunOnce: [Adobe Speed Launcher] 1422606371
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: www14.bancobrasil.com.br
O15 - Trusted Zone: www2.bancobrasil.com.br
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~2\Google\GOOGLE~3\GO36F4~1.DLL
O20 - Winlogon Notify:  GbPluginBb - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll
O20 - Winlogon Notify:  GbPluginCef - C:\Program Files (x86)\GbPlugin\gbiehCef.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_4df47d9dbfb58b44\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Serviço de atualização Ask (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe
O23 - Service: Gerenciador do Google Desktop 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Reimage Real Time Protector (ReimageRealTimeProtector) - Reimage® - C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
O23 - Service: RoxMediaDB12OEM - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
O23 - Service: Roxio Hard Drive Watcher 12 (RoxWatch12) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_4df47d9dbfb58b44\STacSV64.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: DW WLAN Tray Service (wltrysvc) - Dell Inc. - C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 16432 bytes

Oi Cecilia.

Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt

Ficamos na espera.

Olá, não consegui encontrar o tutorial citado na sua resposta, então baixei o Adwcleaner, executei e cliquei em LIMPAR. Não sei se era isso que era pra fazer. Aí vai o relatório da limpeza:

# AdwCleaner v4.109 - Relatório criado 31/01/2015 às 15:42:27
# Atualizado 24/01/2015 por Xplode
# Database : 2015-01-26.1 [Live]
# Sistema Operacional : Windows 7 Home Basic Service Pack 1 (64 bits)
# Usuário : Sarah - SARAH-PC
# Executando de : C:\Users\Sarah\Desktop\AdwCleaner.exe
# Opção : Limpar

***** [ Serviços ] *****

Serviço Deletada : APNMCP
Serviço Deletada : ReimageRealTimeProtector

***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\~0
Pasta Deletada : C:\ProgramData\apn
Pasta Deletada : C:\ProgramData\AskPartnerNetwork
Pasta Deletada : C:\ProgramData\ShopperPro
Pasta Deletada : C:\ProgramData\WindowsMangerProtect
Pasta Deletada : C:\ProgramData\Reimage Protector
Pasta Deletada : C:\ProgramData\IHProtectUpDate
Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
Pasta Deletada : C:\Program Files (x86)\AskPartnerNetwork
Pasta Deletada : C:\Program Files (x86)\DealPly
Pasta Deletada : C:\Program Files (x86)\Desk 365
Pasta Deletada : C:\Program Files (x86)\FoxTab
Pasta Deletada : C:\Program Files (x86)\ShopperPro
Pasta Deletada : C:\Program Files (x86)\SoftwareUpdater
Pasta Deletada : C:\Program Files (x86)\Uniblue
Pasta Deletada : C:\Program Files (x86)\YTDownloader
Pasta Deletada : C:\Program Files (x86)\snipsmart
Pasta Deletada : C:\Program Files (x86)\SearchSnacks
Pasta Deletada : C:\Program Files (x86)\STab
Pasta Deletada : C:\Program Files (x86)\Common Files\337
Pasta Deletada : C:\Users\Sarah\AppData\Local\Temp\apn
Pasta Deletada : C:\Users\Sarah\AppData\Local\Temp\snipsmart
Pasta Deletada : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\DealPly
Pasta Deletada : C:\Program Files\Reimage
Pasta Deletada : C:\Program Files\SearchSnacks
Pasta Deletada : C:\Users\Sarah\AppData\Local\AskPartnerNetwork
Pasta Deletada : C:\Users\Sarah\AppData\Local\PackageAware
Pasta Deletada : C:\Users\Sarah\AppData\Local\CrashRpt
Pasta Deletada : C:\Users\Sarah\AppData\LocalLow\Conduit
Pasta Deletada : C:\Users\Sarah\AppData\Roaming\DealPly
Pasta Deletada : C:\Users\Sarah\AppData\Roaming\Desk 365
Pasta Deletada : C:\Users\Sarah\AppData\Roaming\digitalsite
Pasta Deletada : C:\Users\Sarah\AppData\Roaming\FoxTab
Pasta Deletada : C:\Users\Sarah\AppData\Roaming\Uniblue
Pasta Deletada : C:\Users\Sarah\AppData\Roaming\webssearches
Pasta Deletada : C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
Pasta Deletada : C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Arquivo Deletada : C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk
Arquivo Deletada : C:\Windows\Reimage.ini
Arquivo Deletada : C:\Users\Sarah\AppData\Local\Temp\ReimageRepair.exe
Arquivo Deletada : C:\Users\Sarah\AppData\Local\foxtab_speeddial.crx
Arquivo Deletada : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\istartsurf.xml
Arquivo Deletada : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\webssearches.xml
Arquivo Deletada : C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
Arquivo Deletada : C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_istart.webssearches.com_0.localstorage
Arquivo Deletada : C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_istart.webssearches.com_0.localstorage-journal
Arquivo Deletada : C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Arquivo Deletada : C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
Arquivo Deletada : C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.softonic.com.br_0.localstorage
Arquivo Deletada : C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.softonic.com.br_0.localstorage-journal
Arquivo Deletada : C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage
Arquivo Deletada : C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage-journal
Arquivo Deletada : C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal

***** [ Tarefas ] *****

Tarefa Deletedo : Dealply
Tarefa Deletedo : DealPlyUpdate
Tarefa Deletedo : RegistryBooster
Tarefa Deletedo : ReimageUpdater
Tarefa Deletedo : Reimage Reminder

***** [ Atalhos ] *****


***** [ Registro ] *****

Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaajpkhjdkhhnkmgfjodbkfpbmibkkk
Chave Deletedo : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\aaaajpkhjdkhhnkmgfjodbkfpbmibkkk
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Chave Deletedo : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\ijblflkdjdopkpdgllkmlbgcffjbnfda
Chave Deletedo : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Chave Deletedo : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{065C1A21-97F8-45FB-A9F0-861B60FACEC8}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3204358F-5904-46A6-841F-D6B5BE3EF4E3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3AE67737-0E3E-44AA-AA5E-46A68BF017FF}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3EE5B726-044A-48D2-AA7B-049BD9A0F62A}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{60FBBE03-57FF-49D8-B38E-053D3F489825}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{6A5182F1-C0B8-42B8-96CC-7F329CD46913}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{6C153418-8E4D-4FAF-AF27-5201E38463A7}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A26A2F05-AC4D-4A1E-9531-9125F7309B78}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{CC5D6240-7DF0-435D-9B9B-F8586A99DE86}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F343045E-E20A-46E1-82D8-9962C43EFC9E}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{FBB360DC-CB6C-4D6A-808A-2C773151BFFF}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{FFD7DDAC-EC28-42A5-8D39-917B9078604B}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{8DCB7100-DF86-4384-8842-8FA844297B3F}]
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Chave Deletedo : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
Chave Deletedo : HKCU\Software\AskPartnerNetwork
Chave Deletedo : HKCU\Software\DealPly
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\Softonic
Chave Deletedo : HKCU\Software\Reimage
Chave Deletedo : HKLM\SOFTWARE\AskPartnerNetwork
Chave Deletedo : HKLM\SOFTWARE\DealPly
Chave Deletedo : HKLM\SOFTWARE\Uniblue
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Chave Deletedo : [x64] HKLM\SOFTWARE\Reimage
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Reimage Repair
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
Dados Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Navegadores ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v35.0 (x86 it)


-\\ Google Chrome v40.0.2214.93


*************************

AdwCleaner[R0].txt - [10044 octets] - [30/01/2015 19:53:49]
AdwCleaner[S0].txt - [9454 octets] - [31/01/2015 15:42:27]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9514 octets] ##########

Você fez certo, vários problemas foram removidos. Mas se tiver alguma dúvida, é só me perguntar.
______________________________________________

Desative temporariamente seu antivírus para evitar conflitos.

* Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

 Para executá-lo corretamente siga as dicas deste tutorial:

Exclua adwares e outras ameaças de seu PC e browsers com o aplicativo Zoek
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Assim que ele concluir a limpeza dos problemas acesse o log (relatório) do Zoek que estará em C:\zoek-results.txt e copie todo seu conteúdo e poste em sua próxima resposta.

Relatório do Zoek:



Zoek.exe v5.0.0.0 Updated 27-01-2015
Tool run by Sarah on 31/01/2015 at 19:07:33,58.
Microsoft Windows 7 Home Basic 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Sarah\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2015-01-31-210019.log 9413 bytes

==== System Restore Info ======================

31/01/2015 19:13:23 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Sarah\AppData\Roaming\Mozilla\Firefox\Profiles\1q9y6mln.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.uol.com.br");
user_pref("browser.search.selectedEngine", "Pesquisa Segura");
user_pref("browser.search.order.1", "Pesquisa Segura");
user_pref("keyword.URL", "http://br.search.yahoo.com/search?fr=mcafee&type=A111BR0&p=");
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\Sarah\AppData\Roaming\Mozilla\Firefox\Profiles\1q9y6mln.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\Sarah\AppData\Roaming\Thunderbird\Profiles\9madfjft.default\prefs.js:

Added to C:\Users\Sarah\AppData\Roaming\Thunderbird\Profiles\9madfjft.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

"C:\Windows\Installer\32c1d09.msi" not found

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Sarah\AppData\Roaming\Mozilla\Firefox\Profiles\1q9y6mln.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\Sarah\AppData\Roaming\Thunderbird\Profiles\9madfjft.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [17/12/2014 07:59]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{e4f94d1e-2f53-401e-8885-681602c0ddd8}"="C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi" [04/04/2014 08:36]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Sarah\AppData\Roaming\Mozilla\Firefox\Profiles\1q9y6mln.default
- avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
- Undetermined - {b9db16a4-6edc-47ec-a1f4-b86292ed211d}
- Undetermined - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
- Undetermined - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
- Undetermined - {87F8774F-B485-47E2-A755-A40A8A5E886C}
- DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
- leethax.net extension - %ProfilePath%\extensions\leethax@leethax.net.xpi

ProfilePath: C:\Users\Sarah\AppData\Roaming\Thunderbird\Profiles\9madfjft.default
- Thunderbird Address Book Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Sarah\AppData\Roaming\Mozilla\Firefox\Profiles\1q9y6mln.default
BFD1CDA328C83054154DD05EA233F79B - C:\Users\Sarah\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll - Módulo de Proteção - Banco do Brasil
FF7BE908352D36D50E308F49162FEA32 - C:\Users\Sarah\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll - Módulo de Proteção - Banco do Brasil


==== Chromium Look ======================

Google Chrome Version: 40.0.2214.93 (Up to date, latest Stable version: 40.0.2214.93)

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[14/08/2014 18:13]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
pgacfjdigcddmmncljpflgcfpfahebkh - C:\Users\Sarah\AppData\Local\GAS Tecnologia\GBBD\bb\sf.crx[]

selector is not a valid CSS selector - Sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
Booking.com for Chromeâ„¢ - Sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgkeilefmpmbamgcejhjpiecahcbipip
Avast Online Security - Sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
GBBD Banco do Brasil - Sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkeabchhfifpaaoefpockjhaphjmoapp
Ghostery - Sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij
MailTrack for Gmail - Sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndnaehgpjlnokgebbaldlmgkapkpjkkb
Google Wallet - Sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== Chromium Fix ======================

C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_staticf.dealply.com_0.localstorage deleted successfully
C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_staticf.dealply.com_0.localstorage-journal deleted successfully
C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully
C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_br.ask.com_0.localstorage deleted successfully
C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_br.ask.com_0.localstorage-journal deleted successfully
C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_it.ask.com_0.localstorage deleted successfully
C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_it.ask.com_0.localstorage-journal deleted successfully
C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_services.powerreviews.com_0.localstorage deleted successfully
C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_services.powerreviews.com_0.localstorage-journal deleted successfully
C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_free-sound-recorder.softonic.com.br_0.localstorage deleted successfully
C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_free-sound-recorder.softonic.com.br_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.brasiliano.it/"
"Default_Page_URL"="http://www.22find.com/newtab?utm_source=b&utm_medium=cor&from=cor&uid=SAMSUNGXHM321HI_S2B4J56B212414212414&ts=1359710031"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://www.22find.com/newtab?utm_source=b&utm_medium=cor&from=cor&uid=SAMSUNGXHM321HI_S2B4J56B212414212414&ts=1359710031"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://www.22find.com/newtab?utm_source=b&utm_medium=cor&from=cor&uid=SAMSUNGXHM321HI_S2B4J56B212414212414&ts=1359710031"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.brasiliano.it/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{4B222E50-EB7B-447B-AF37-FA7DCB9F7AAC} Unknown Url="Not_Found"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rlz=1I7GGHP_pt-BRBR428&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7"
{A6AB3232-A556-4400-B23B-ED9ED7A4D8C1} Bing Url="http://www.bing.com/search?q={searchTerms}&form=BIE9DF&pc=BIE9&src=IE-SearchBox"

==== Reset Google Chrome ======================

C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3362647166-1076317137-1461017360-1000\Software\Microsoft\Internet Explorer\SearchScopes\{4B222E50-EB7B-447B-AF37-FA7DCB9F7AAC} deleted successfully

==== Deleting CLSID Registry Values ======================


==== shortcuts on Users Desktops ======================

C:\Users\Sarah\Desktop\HotPotatoes 6.lnk - C:\Program Files (x86)\HotPotatoes6\HotPot.exe
C:\Users\Sarah\Desktop\Iniciar-BankerFix - Atalho.lnk - C:\LinhaDefensiva\Iniciar-BankerFix.vbs
C:\Users\Sarah\Desktop\IRPF2012 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk -
C:\Users\Sarah\Desktop\IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk -
C:\Users\Sarah\Desktop\XnViewMP.lnk - C:\Program Files (x86)\XnViewMP\xnview.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\avast Free Antivirus.lnk -
C:\Users\Public\Desktop\BrOffice 3.3.lnk - C:\Program Files (x86)\LibreOffice 3\program\soffice.exe
C:\Users\Public\Desktop\FileZilla Client.lnk - C:\Program Files (x86)\FileZilla FTP Client\filezilla.exe
C:\Users\Public\Desktop\Ganhos de Capital 2013.lnk - C:\Arquivos de Programas RFB\GCAP2013\GCAP2013.exe
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe
C:\Users\Public\Desktop\Macromedia Dreamweaver 8.lnk - C:\Program Files (x86)\Macromedia\Dreamweaver 8\Dreamweaver.exe
C:\Users\Public\Desktop\Macromedia Fireworks 8.lnk - C:\Program Files (x86)\Macromedia\Fireworks 8\Fireworks.exe
C:\Users\Public\Desktop\Macromedia Flash 8.lnk - C:\Program Files (x86)\Macromedia\Flash 8\Flash.exe
C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\McUICnt.exe SecurityScanner.dll
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\Nero Home.lnk - C:\Program Files (x86)\Nero\Nero 7\Nero Home\NeroHome.exe -ScParameter=8
C:\Users\Public\Desktop\Nero StartSmart.lnk - C:\Program Files (x86)\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe -ScParameter=8
C:\Users\Public\Desktop\Nokia Ovi Suite.lnk - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
C:\Users\Public\Desktop\QuickTime Player.lnk - C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1046-7B44-AB0000000001}\SC_Reader.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast\avast Free Antivirus.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Português (Brasil))\Microsoft Excel Starter 2010.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Português (Brasil))\Microsoft Word Starter 2010.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Português (Brasil))\Ferramentas do Microsoft Office 2010\Centro de Carregamento do Microsoft Office 2010.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Português (Brasil))\Ferramentas do Microsoft Office 2010\Microsoft Media Gallery.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Português (Brasil))\Ferramentas do Microsoft Office 2010\Microsoft Office Picture Manager.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Português (Brasil))\Ferramentas do Microsoft Office 2010\Microsoft Office Starter To-Go Device Manager 2010.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\Silverlight.Configuration.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Sarah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Sarah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Sarah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero Home.lnk - C:\Program Files (x86)\Nero\Nero 7\Nero Home\NeroHome.exe -ScParameter=8
C:\Users\Sarah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk - C:\Program Files (x86)\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe -ScParameter=8
C:\Users\Sarah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\RegistryBooster.lnk - C:\Program Files (x86)\Uniblue\RegistryBooster\registrybooster.exe
C:\Users\Sarah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Sarah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Sarah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe
C:\Users\Sarah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Live Cam Avatar Creator.lnk -
C:\Users\Sarah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\MegaJogos.lnk - C:\Users\Sarah\MegaJogos\starter.exe apps\multiplayer.conf
C:\Users\Sarah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Mozilla Thunderbird.lnk - C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Users\Sarah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Notepad.lnk - C:\Windows\system32\notepad.exe
C:\Users\Sarah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Windows Anytime Upgrade.lnk -
C:\Users\Sarah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Windows Live Messenger.lnk - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Users\Sarah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Wordpad.lnk - C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe
C:\Users\Sarah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Calculator.lnk - C:\Windows\system32\calc.exe
C:\Users\Sarah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\EasyCleaner executable.lnk - C:\Users\Sarah\Downloads\EClea2_0 (1)\EasyClea.exe
C:\Users\Sarah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Sarah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Sarah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== shortcuts After Repair ======================

C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe -extoff

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FECF7F8A6AC39EC4F8AEB81BF868680F deleted successfully
HKEY_CURRENT_USER\Software\Policies\Google deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\pgacfjdigcddmmncljpflgcfpfahebkh deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E55B3271-7CA8-4D0C-AE06-69A24856E997}_is1 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A8F7FCEF-3CA6-4CE9-8FEA-8BB18F8686F0} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\FECF7F8A6AC39EC4F8AEB81BF868680F deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Sarah\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Sarah\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Sarah\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Sarah\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Sarah\AppData\Local\Mozilla\Firefox\Profiles\1q9y6mln.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=43 folders=12 57637158 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Sarah\AppData\Local\Temp will be emptied at reboot
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Sarah\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 31/01/2015 at 20:55:51,28 ======================

Faça o download do < ZHPCleaner >  < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Obs: Ao acessar o link acima clique no botão Télécharger referente ao ZHPCleaner para baixá-lo, tal como mostra a imagem abaixo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Para executá-lo corretamente siga as dicas desta postagem:

Tutorial completo do ZHPCleaner
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Após a utilização dele, copie todo o conteúdo do seu relatório ZHPCleaner.txt e poste em sua próxima resposta.

~ ZHPCleaner v2015.1.31.45 by Nicolas Coolman (31/01/2015)
~ Run by Sarah (Administrator) (01/02/2015 08:09:44)
~ Forum : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Facebook : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ State version : Version OK
~ Type : Repair
~ Report : C:\Users\Sarah\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Sarah\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Windows 7, 64-bit Service Pack 1 (Build 7601)


---\\ Services (0)
~ No malicious items found.


---\\ Browser internet (0)
~ No malicious items found.


---\\ Hosts file (2)
REPLACED:
Number of found redirections 1/22


---\\ Scheduled automatic tasks. (0)
~ No malicious items found.


---\\ Explorer ( File, Folder) (16)
MOVED folder: C:\Users\Sarah\AppData\Roaming\1B2Y1E1P1C1Q1F2W1G1I1F1T1Q1BtF1R1F1HtF1S1C\Easy Cleaner Packages (Adware.InstallCore)
MOVED folder: C:\Users\Sarah\AppData\Roaming\1B2Y1E1P1C1Q1F2W1G1I1F1T1Q1BtF1R1F1HtF1S1C (Adware.InstallCore)
MOVED folder: C:\ProgramData\Baidu Security\PC Faster (Adware.BDPlugin)
MOVED folder: C:\ProgramData\Baidu Security\RpData (Adware.BDPlugin)
MOVED folder: C:\ProgramData\Baidu Security (Adware.BDPlugin)
MOVED file: C:\Windows\Installer\4480a.msi [APN, LLC - Ask.com ® - Install Builder] (Toolbar.Ask)
MOVED file: C:\Users\Sarah\Downloads\MyWebFaceSetup2.3.80.2.GRman000.exe [MyWebSearch.com - My Web Search Bar Installer] (PUP.MyWebFace)
MOVED file: C:\Users\Sarah\Downloads\ReimageSetup.exe [Reimage® - Reimage Repair Setup] (PUP.ReimageRepair)
MOVED file*: C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_api.snipsmart.info_0.localstorage (PUP.SnipSmart)
MOVED file*: C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_api.snipsmart.info_0.localstorage-journal (PUP.SnipSmart)
MOVED file*: C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_hdapp1008-a.akamaihd.net_0.localstorage (PUP.AkamaiHD)
MOVED file*: C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_hdapp1008-a.akamaihd.net_0.localstorage-journal (PUP.AkamaiHD)
MOVED file*: C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_br.similarsites.com_0.localstorage (Adware.SimilarSites)
MOVED file*: C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_br.similarsites.com_0.localstorage-journal (Adware.SimilarSites)
MOVED file*: C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_salustiano-pereira-de-araujo.catalogo.med.br_0.localstorage (PUP.Salus)
MOVED file*: C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_salustiano-pereira-de-araujo.catalogo.med.br_0.localstorage-journal (PUP.Salus)


---\\ Registry ( Key, Value, Data) (3)
DELETED key: HKCR\CLSID\{982A3C94-BE06-422B-9B4F-484B8FABF166} [NMBAppGlobalSettingsExtensionTVWizard Class] (PUP.TVWizard)
DELETED key*: HKCU\Software\reimagerepair [] (PUP.ReimageRepair)
DELETED key*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\dealply.com [0] (PUP.DealPly)



---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Opera Software)
~ Repair canceled by the user (Google Chrome)
~ Repair canceled by the user (Internet Explorer)
~ The system has been restarted.


---\\ Statistics
~ Items scanned : 75332
~ Items found : 1
~ Items repaired : 19


End of clean at 08:26:10
===================
ZHPCleaner-[R]-01022015-08_26_10.txt

 Faça o download do Malwarebytes em um destes links abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para instalá-lo e executá-lo corretamente siga, por gentileza, as dicas desta postagem:

Tutorial do Malwarebytes Anti-Malware
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Na sua próxima resposta poste este log (relatório) do Malwarebytes.

Ficamos no aguardo.

Malwarebytes Anti-Malware
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Data da Verificação: 01/02/2015
Hora da Verificação: 10:30:31
Arquivo de Log:
Administrador: Sim

Versão: 2.00.4.1028
Base de Dados de Malware: v2015.02.01.03
Base de Dados de Rootkit: v2015.01.14.01
Licença: Grátis
Proteção de Malware: Desabilitado
Proteção de Site Malicioso: Desabilitado
Auto-Proteção: Desabilitado

SO: Windows 7 Service Pack 1
Processador: x64
Sistema de Arquivos: NTFS
Usuário: Sarah

Tipo da Verificação: Verificação Personalizada
Resultado: Terminado
Objetos Verificados: 587306
Tempo Decorrido: 2 hr, 21 min, 15 seg

Memória: Habilitado
Inicialização: Habilitado
Sistema de Arquivos: Habilitado
Arquivos Compactados: Habilitado
Rootkits: Habilitado
Heurística: Habilitado
PUP: Habilitado
PUM: Habilitado

Processos: 0
(Nenhum item malicioso detectado)

Módulos: 0
(Nenhum item malicioso detectado)

Chaves de Registro: 3
PUP.Optional.DealPly.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DealPly, , [bc9538bfe4a5a591ad78ddaf828158a8],
PUP.Optional.DealPly.A, HKU\S-1-5-21-3362647166-1076317137-1461017360-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\gaiilaahiahdejapggenmdmafpmbipje, , [98b94ea90089b581719f624c58ab5ea2],
PUP.Optional.Qone8, HKU\S-1-5-21-3362647166-1076317137-1461017360-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [db7613e4731642f49f4c55945ca8d030],

Valores de Registro: 0
(Nenhum item malicioso detectado)

Dados de Registro: 0
(Nenhum item malicioso detectado)

Pastas: 0
(Nenhum item malicioso detectado)

Arquivos: 5
PUP.DealPly, C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPly\DealPlyIE.dll.vir, , [cb8614e36722b4822b534191a95c748c],
PUP.Optional.Dealply, C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPly\DealPlyUpdate.exe.vir, , [afa26394e6a370c67783ce0563a24ab6],
PUP.Optional.Dealply, C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPly\DealPlyUpdateRun.exe.vir, , [213046b1cabf6accea10547fc24310f0],
PUP.Optional.Softonic.A, C:\zoek_backup\C_Users_Sarah_Downloads_SoftonicDownloader_para_free-sound-recorder.exe.vir, , [96bbd225e9a07cba19579ca9936e35cb],
PUP.Optional.OutBrowse, C:\Users\Sarah\Downloads\chrome.exe, , [e36ef601e2a762d455c63f9c05fc4eb2],

Setores Físicos: 0
(Nenhum item malicioso detectado)


(end)

Está constando que o Malwarebytes encontrou algumas ameaças, mas você ainda não as excluiu. Selecione as ameaças e as envie para a quarentena do Malwarebytes, como é mostrado no tutorial que te passei.

Depois disto poste o novo log que o Malwarebytes irá criar.

Fico no aguardo.

Olá, executei novamente o Malwarebytes e ele não encontrou nenhuma ameaça. Verifiquei que tem alguns arquivos na quarentena, mas não consegui encontrar o log para postar aqui.

Baixe o programa Junkware Removal Tool no link abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executar corretamente o programa acima é só seguir as dicas deste tutorial:

Tutorial do Junkware Removal Tool
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 7 Home Basic x64
Ran by Sarah on 08/02/2015 at 17:26:19,79
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\pcdr"
Successfully deleted: [Folder] "C:\Users\Sarah\AppData\Roaming\baidu security"
Successfully deleted: [Folder] "C:\Users\Sarah\AppData\Roaming\pcdr"
Successfully deleted: [Folder] "C:\Program Files (x86)\baidu security"
Successfully deleted: [Folder] "C:\Program Files (x86)\pcsafedoctor"



~~~ FireFox

Emptied folder: C:\Users\Sarah\AppData\Roaming\mozilla\firefox\profiles\1q9y6mln.default\minidumps [12 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08/02/2015 at 17:34:12,43
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Faça o download do < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )

Obs: Ao acessar o link acima clique no botão Télécharger referente ao ZHPDiag para baixá-lo, tal como mostra a imagem abaixo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.
_____________________________________________________________________________

Obs: Caso o relatório do ZHPDiag fique muito grande e não couber na sua resposta, acesse o site Cjoint:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Clique no botão Escolher arquivo > Selecione o arquivo do log (relatório) e clique no botão Abrir.

Clique no botão Créer le lien Cjoint

Copie o link que aparecerá ao lado da frase Le lien a été créé e poste este link em sua próxima resposta.

 Há programas desnecessários iniciando junto com o Windows, o que torna o seu PC mais lento. Para corrigir isto, siga as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

De preferência deixe apenas os programas de segurança (anti-vírus/anti-spywares/firewall) iniciarem junto com o Windows.

Use também o programa Ccleaner, indicado neste tutorial acima, para fazer uma limpeza e otimização do PC.
______________________________________________________

   Selecione e copie todo o texto destacado em vermelho abaixo (começando em script zhpfix e indo até emptyclsid)

script zhpfix
SysRestore
O39 - APT: rbmonitor - (...) -- C:\Windows\Tasks\rbmonitor.job   [344]    
O39 - APT: rbmonitor - (...) -- C:\Windows\System32\Tasks\rbmonitor   [344]
O3 - Toolbar: (no name) - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} Chave orfã
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Chave orfã    
O4 - HKLM\..\RunOnce: [PC-Doctor for Windows REBOOT] Chave orfã
O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (.not file.)    
O4 - HKLM\..\Wow6432Node\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (.not file.)    
O4 - HKLM\..\Wow6432Node\Run: [spydig.exe] C:\Program Files (x86)\SpyDig\spydig.exe (.not file.)    
O4 - HKUS\S-1-5-21-3362647166-1076317137-1461017360-1000\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (.not file.)    
[MD5.00000000000000000000000000000000] [APT] [rbmonitor] (...) -- C:\Program Files (x86)\Uniblue\RegistryBooster\rbmonitor.exe (.not file.)   [0]    
[MD5.10E074589D8F16165386604E409B0931] [APT] [{19B92189-F3FC-4E5F-B4D6-99B4614E12CB}] (.Igor Pavlov.) -- C:\Users\Sarah\Downloads\bankerfix.exe   [178597]
[MD5.10E074589D8F16165386604E409B0931] [APT] [{6F4F9F65-F618-4E3B-9A04-235C082F6192}] (.Igor Pavlov.) -- C:\Users\Sarah\Downloads\bankerfix (1).exe   [178597]
[MD5.00000000000000000000000000000000] [APT] [{DD1633A8-8BDC-4326-BD6B-F3C25BD90D0A}] (...) -- C:\Users\Sarah\Desktop\bankerfix.exe (.not file.)   [0]
O42 - Logiciel: Ask Toolbar - (.APN, LLC.) [HKLM][64Bits] -- {4F524A2D-5637-006A-76A7-A758B70C1500}   =>Toolbar.Avira
O42 - Logiciel: Bing Bar - (.Microsoft Corporation.) [HKLM][64Bits] -- {77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}   =>Toolbar.Bing
O42 - Logiciel: PCSafeDoctor - (.pcsafedoctor.com, Inc..) [HKLM][64Bits] -- PCSafeDoctor_is1
[HKCU\Software\ASKDefaultSearch]    
[HKCU\Software\ASKHomePage]    
[HKCU\Software\Baixaki]    
[HKCU\Software\superdownloads.com.br]
[HKLM\Software\Wow6432Node\PSafe]    
O43 - CFD: 01/02/2013 - 07:22:44 - [] ----D C:\Program Files (x86)\PSafe    
O43 - CFD: 01/02/2013 - 07:16:38 - [] ----D C:\ProgramData\PSafe    
O58 - SDL:30/12/2010 - 10:54:06 ---A- . (...) -- C:\Windows\SysWOW64\drivers\RKHit.sys   [34736]    
O61 - LFC: 10/02/2015 - 18:11:44 ---A- . (...) -- C:\Users\Sarah\AppData\Local\Temp\nspBD19.tmp\nsProcess.dll   [4608]
O61 - LFC: 10/02/2015 - 18:11:44 ---A- . (...) -- C:\Users\Sarah\AppData\Local\Temp\nsu3786.tmp\nsProcess.dll   [4608]
O61 - LFC: 10/02/2015 - 18:11:44 ---A- . (...) -- C:\Users\Sarah\AppData\Local\Temp\nsu5D4D.tmp\nsProcess.dll   [4608]
O90 - PUC: "D2A425F47365A600677A7A857BC05100" . (.Ask Toolbar.) -- C:\Windows\Installer\{4F524A2D-5637-006A-76A7-A758B70C1500}\ToolbarIcon.exe   =>Toolbar.Ask
O90 - PUC: "E17A8F77515323848B2BF2E1BD2D0E1F" . (.Bing Bar.) -- C:\Windows\Installer\{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}\icon_installer_ico   =>Toolbar.Bing
[MD5.ABEF7661B4220CE229906A46AA316102] [WIS][28/02/2011] (.Microsoft Corporation - Bing Bar.) -- C:\Windows\Installer\4b994e.msi   [4422144]   =>Toolbar.Bing
SS - | Demand 28/02/2011 183560 |  (BBSvc) . (.Microsoft Corporation..) - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.exe   =>Toolbar.Bing
SR - | Auto 25/02/2011 249648 |  (SeaPort) . (.Microsoft Corporation.) - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.exe   =>Toolbar.Bing
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4F524A2D-5637-006A-76A7-A758B70C1500}]   =>Toolbar.Avira^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}]   =>Toolbar.Bing^
[HKLM\SYSTEM\CurrentControlSet\Services\RKHit]   =>Rogue.SpywareCease
C:\Windows\Installer\4b994e.msi   =>Toolbar.Bing^
ShortcutFix
EmptyTemp
EmptyFlash
emptyclsid
_____________________________________________________________________________________________________________

 Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta.

Nota: Esse script foi elaborado somente para este computador, de acordo com os arquivos e chaves presentes.

Aos visitantes: Se estiverem com um problema semelhante, não utilizem esse script, pois o uso sem supervisão pode causar danos ao sistema.

Por favor, confirme se compreendi suas instruções:

São dois passos: Primeiro eu uso o Ccleaner para fazer uma limpeza e escolher os programas que se iniciam com o Windows. Após esta limpeza, eu uso o zhpfix, com o script em vermelho. É isto, né?

Obrigada.

Sim, é isto mesmo.

Rapport de ZHPFix 2015.1.15.1 par Nicolas Coolman, Update du 15/01/2015
Fichier d'export Registre :
Run by Sarah at 27/02/2015 07:42:25
High Elevated Privileges : OK
Windows 7 Home Basic Edition, 64-bit Service Pack 1 (Build 7601)

Reciclagem vazia (00mn 02s)
Reparação de atalhos do navegador

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINÉ: c:\program files (x86)\microsoft\bingbar\seaport.exe
ELIMINÉ Temporários windows (2) (16.384 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
1 : Pastas
3 : Ficheiros
1 : Restauração Sistema


End of clean in 00mn 17s

========== Caminho do ficheiro do relatório ==========
C:\Users\Sarah\AppData\Roaming\ZHP\ZHPFix[R1].txt - 27/02/2015 07:40:37 [2649]
C:\Users\Sarah\AppData\Roaming\ZHP\ZHPFix[R2].txt - 27/02/2015 07:42:28 [920]

Abra novamente o ( ZHPDiag )

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique "COMPLETA" e aguarde a conclusão:

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Ao concluir, poste o relatório ZHPDiag.txt

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
_______________________________________________

Obs: Caso o relatório do ZHPDiag fique muito grande e não couber na sua resposta, acesse o site Cjoint:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Clique no botão Escolher arquivo > Selecione o arquivo do log (relatório) e clique no botão Abrir.

Clique no botão Créer le lien Cjoint

Copie o link que aparecerá ao lado da frase Le lien a été créé e poste este link em sua próxima resposta.

 Sugiro que desinstale o Mcafee Security Scan, que é desnecessário.
_________________________________________________________________

 Ainda há programas desnecessários iniciando junto com o Windows, seria importante seguir aquele tutorial que te passei para escolher os programas que iniciam com o sistema.
________________________________________________________________

 Selecione e copie todo o texto destacado em vermelho abaixo (começando em script zhpfix e indo até emptyclsid)

script zhpfix
SysRestore
O3 - Toolbar: (no name) - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} Chave orfã    
O4 - GS\QuickLaunch [Sarah]: RegistryBooster.lnk . (...)  -- C:\Program Files (x86)\Uniblue\RegistryBooster\registrybooster.exe (.not file.)   =>PUP.UniblueSystem
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe   =>.Piriform Ltd
O4 - HKUS\S-1-5-21-3362647166-1076317137-1461017360-1000\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe   =>.Piriform Ltd
O43 - CFD: 25/02/2015 - 09:41:59 - [0] ----D C:\ProgramData\boost_interprocess    
O61 - LFC: 25/02/2015 - 11:06:09 ---A- . (...) -- C:\Users\Sarah\AppData\Roaming\unins000.exe   [815826]
O69 - SBI: SearchScopes [HKCU] {012E1000-F331-11DB-8314-0800200C9A66} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]    
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]    
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
[MD5.9B993BBFF6CE802D35E4AB0A0178560C] [SPRF][25/02/2015] (.No owner - Setup/Uninstall.) -- C:\Users\Sarah\AppData\Roaming\unins000.exe   [815826]
ShortcutFix
EmptyTemp
EmptyFlash
emptyclsid
_____________________________________________________________________________________________________________

 Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta e nos diga como está o PC depois disto e se os problemas foram resolvidos.

Nota: Esse script foi elaborado somente para este computador, de acordo com os arquivos e chaves presentes.

Aos visitantes: Se estiverem com um problema semelhante, não utilizem esse script, pois o uso sem supervisão pode causar danos ao sistema.

Desinstalei o Mcaffee Security Scan. Agora desativar programas que iniciam com o windows eu fico muito insegura, pois não sei identificar os programas indispensáveis à inicialização, então fico com medo de tirar alguma coisa e o windows nao iniciar mais...

Aí vai o relatório do ZHPFIX:

Rapport de ZHPFix 2015.2.17.3 par Nicolas Coolman, Update du 17/02/2015
Fichier d'export Registre :
Run by Sarah at 08/03/2015 15:31:27
High Elevated Privileges : OK
Windows 7 Home Basic Edition, 64-bit Service Pack 1 (Build 7601)

Reciclagem vazia (02mn 12s)
Reparação de atalhos do navegador

========== Chaves do Registo ==========
ELIMINÉ: [HKLM\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}]
ELIMINÉ: SearchScopes :{012E1000-F331-11DB-8314-0800200C9A66}
ELIMINÉ: SearchScopes :{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
ELIMINÉ: SearchScopes :{6A1806CD-94D4-4689-BA73-E35EA1EA9990}

========== Valores do Registo ==========
ELIMINÉ: Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F}
ELIMINÉ RunValue: CCleaner Monitoring

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINÉ: c:\users\sarah\appdata\roaming\microsoft\internet explorer\quick launch\registrybooster.lnk
ELIMINA REINICIAR: c:\program files\ccleaner\ccleaner64.exe
ELIMINÉ: c:\users\sarah\appdata\roaming\unins000.exe
ELIMINÉ Temporários windows (39) (7.037.716 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
4 : Chaves do Registo
2 : Valores do Registo
1 : Pastas
5 : Ficheiros
1 : Restauração Sistema


End of clean in 02mn 53s

========== Caminho do ficheiro do relatório ==========
C:\Users\Sarah\AppData\Roaming\ZHP\ZHPFix[R1].txt - 27/02/2015 07:40:37 [2649]
C:\Users\Sarah\AppData\Roaming\ZHP\ZHPFix[R2].txt - 27/02/2015 07:42:28 [999]
C:\Users\Sarah\AppData\Roaming\ZHP\ZHPFix[R3].txt - 08/03/2015 15:33:40 [1656]

Como está o PC atualmente?

Está bem mais ágil do que antes!