Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking Digg  Social bookmarking Delicious  Social bookmarking Reddit  Social bookmarking Stumbleupon  Social bookmarking Slashdot  Social bookmarking Yahoo  Social bookmarking Google  Social bookmarking Blinklist  Social bookmarking Blogmarks  Social bookmarking Technorati  

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14443 usuários registrados
O último usuário registrado atende pelo nome de Caio Flavio

Os nossos membros postaram um total de 35198 mensagens em 3565 assuntos
Últimos assuntos
» Notebook lento, acho que está com virus
por joram Hoje à(s) 18:38

Quem está conectado
2 usuários online :: Nenhum usuário registrado, Nenhum Invisível e 2 Visitantes

Nenhum

O recorde de usuários online foi de 108 em Qui 15 Maio 2014, 21:18
Buscar
 
 

Resultados por:
 


Rechercher Busca avançada

Novembro 2017
SegTerQuaQuiSexSabDom
  12345
6789101112
13141516171819
20212223242526
27282930   

Calendário Calendário


remoção de virus "Ad by Meteoroids"

Ver o tópico anterior Ver o tópico seguinte Ir em baixo

remoção de virus "Ad by Meteoroids"

Mensagem por Rafael FD em Sex 31 Out 2014, 16:06

Boa tarde galera...

Estou com esse pequeno problema que aparece no lado esquerdo da minha tela!

Agradeço, por vcs sempre me ajudaram a limpar esses invasores.
avatar
Rafael FD
Iniciante
Iniciante

Mensagens : 36
Reputação : 1
Data de inscrição : 20/06/2014

Voltar ao Topo Ir em baixo

Re: remoção de virus "Ad by Meteoroids"

Mensagem por joram em Sex 31 Out 2014, 16:32

Boa Tarde! Rafael FD  

< [Você precisa estar registrado e conectado para ver esta imagem.] >

> Poste o log do HijackThis,segundo a [Você precisa estar registrado e conectado para ver este link.].

A+

_________________
[Você precisa estar registrado e conectado para ver este link.] >> O que há de melhor,para desinfectar seu computador!
[Você precisa estar registrado e conectado para ver este link.] >> Não deixem de conhecer!
[Você precisa estar registrado e conectado para ver este link.] >> Tradição em informática!
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: remoção de virus "Ad by Meteoroids"

Mensagem por Rafael FD em Sex 31 Out 2014, 16:41

Pronto, ja baixei o programa e agora qual a opção de limpeza?

OBS: ja deletei o meteoroids mas ainda aparece algumas propagandas chatas no meu navegador!!
avatar
Rafael FD
Iniciante
Iniciante

Mensagens : 36
Reputação : 1
Data de inscrição : 20/06/2014

Voltar ao Topo Ir em baixo

Re: remoção de virus "Ad by Meteoroids"

Mensagem por joram em Sex 31 Out 2014, 16:46

Boa Tarde! Rafael FD  

> Poste o log do HijackThis,segundo a [Você precisa estar registrado e conectado para ver este link.].

A+

_________________
[Você precisa estar registrado e conectado para ver este link.] >> O que há de melhor,para desinfectar seu computador!
[Você precisa estar registrado e conectado para ver este link.] >> Não deixem de conhecer!
[Você precisa estar registrado e conectado para ver este link.] >> Tradição em informática!
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: remoção de virus "Ad by Meteoroids"

Mensagem por Rafael FD em Sex 31 Out 2014, 17:29

O bom desse site, é o interesse das pessoas em ajudar...
Pq nesse mundo da internet tem muito ***.

Valeu

Segue o log:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:28:07, on 31/10/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Iara Coelho\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Ralink\Common\RaUI.exe
C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Iara Coelho\Downloads\HijackThis (1).exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = [Você precisa estar registrado e conectado para ver este link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:49408;https=127.0.0.1:49408
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Snap.DoEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - mscoree.dll (file missing)
O2 - BHO: NetCrawl - {769a91da-209f-47fe-88b9-b0321b0982c8} - C:\Program Files (x86)\NetCrawl\NetCrawlbho.dll (file missing)
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: gooternet - {9be122ba-2b3a-41fd-acf8-7a39b18d3ffe} - C:\Program Files (x86)\gooternet\EBC56F62-D860-4589-9652-94E16A43CBF1.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll (file missing)
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Iara Coelho\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Iara Coelho\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
O4 - HKCU\..\Run: [ContentExplorer] "C:\Users\Iara Coelho\AppData\Roaming\ContentExplorer\ContentExplorer.exe"
O4 - HKCU\..\Run: [Browser Infrastructure Helper] C:\Users\Iara Coelho\AppData\Local\Smartbar\Application\SnapDo.exe startup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files (x86)\Ralink\Common\RaUI.exe
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O20 - AppInit_DLLs: C:\Users\Iara Coelho\AppData\Local\Smartbar\Application\Resources\crdlil.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IePlugin Services (IePluginServices) - Cherished Technololgy LIMITED - C:\ProgramData\IePluginServices\PluginService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
O23 - Service: Ralink Registry Writer 64 (RalinkRegistryWriter64) - Ralink Technology, Corp. - C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
O23 - Service: Update gooternet - Unknown owner - C:\Program Files (x86)\gooternet\updategooternet.exe
O23 - Service: Update NetCrawl - Unknown owner - C:\Program Files (x86)\NetCrawl\updateNetCrawl.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: Wajam Web Enhancer - Wajam Internet Technologies Inc. - C:\Program Files\Wajam Web Enhancer\wajam_64.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14650 bytes
avatar
Rafael FD
Iniciante
Iniciante

Mensagens : 36
Reputação : 1
Data de inscrição : 20/06/2014

Voltar ao Topo Ir em baixo

Re: remoção de virus "Ad by Meteoroids"

Mensagem por joram em Sex 31 Out 2014, 17:42

Boa Tarde! Rafael FD

> Abra a ferramenta HijackThis.
> Clique: Do a system scan only

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [Você precisa estar registrado e conectado para ver este link.]

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Você precisa estar registrado e conectado para ver este link.]

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = [Você precisa estar registrado e conectado para ver este link.]

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = [Você precisa estar registrado e conectado para ver este link.]

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:49408;https=127.0.0.1:49408

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback>

O2 - BHO: Snap.DoEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - mscoree.dll (file missing)

O2 - BHO: NetCrawl - {769a91da-209f-47fe-88b9-b0321b0982c8} - C:\Program Files (x86)\NetCrawl\NetCrawlbho.dll (file missing)

O3 - Toolbar: Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll (file missing)

O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Iara Coelho\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

> Marque estas entradas e clique: Fix Checked >> Sim!
> Reinicie e poste novo relatório do HijackThis.

A+
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: remoção de virus "Ad by Meteoroids"

Mensagem por Rafael FD em Dom 02 Nov 2014, 23:11

Obrigado Joram.

Segue o log:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:11:00, on 02/11/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Iara Coelho\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Ralink\Common\RaUI.exe
C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Users\Iara Coelho\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = [Você precisa estar registrado e conectado para ver este link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:50618;https=127.0.0.1:50618
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: Snap.DoEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - mscoree.dll (file missing)
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: gooternet - {9be122ba-2b3a-41fd-acf8-7a39b18d3ffe} - C:\Program Files (x86)\gooternet\EBC56F62-D860-4589-9652-94E16A43CBF1.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Iara Coelho\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [ContentExplorer] "C:\Users\Iara Coelho\AppData\Roaming\ContentExplorer\ContentExplorer.exe"
O4 - HKCU\..\Run: [Browser Infrastructure Helper] C:\Users\Iara Coelho\AppData\Local\Smartbar\Application\SnapDo.exe startup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-21-2138212033-2169333751-162243810-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Facebook Update] "C:\Users\Iara Coelho\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver (User '?')
O4 - HKUS\S-1-5-21-2138212033-2169333751-162243810-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-21-2138212033-2169333751-162243810-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files (x86)\Ralink\Common\RaUI.exe
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O20 - AppInit_DLLs: C:\Users\Iara Coelho\AppData\Local\Smartbar\Application\Resources\crdlil.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IePlugin Services (IePluginServices) - Cherished Technololgy LIMITED - C:\ProgramData\IePluginServices\PluginService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
O23 - Service: Ralink Registry Writer 64 (RalinkRegistryWriter64) - Ralink Technology, Corp. - C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
O23 - Service: Update gooternet - Unknown owner - C:\Program Files (x86)\gooternet\updategooternet.exe
O23 - Service: Update NetCrawl - Unknown owner - C:\Program Files (x86)\NetCrawl\updateNetCrawl.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: Wajam Web Enhancer - Wajam Internet Technologies Inc. - C:\Program Files\Wajam Web Enhancer\wajam_64.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12984 bytes
avatar
Rafael FD
Iniciante
Iniciante

Mensagens : 36
Reputação : 1
Data de inscrição : 20/06/2014

Voltar ao Topo Ir em baixo

Re: remoção de virus "Ad by Meteoroids"

Mensagem por joram em Dom 02 Nov 2014, 23:53

Boa Noite! Rafael FD

> Baixe: < [Você precisa estar registrado e conectado para ver este link.] > ( ... par Xplode )
>
> Ou daqui: < [Você precisa estar registrado e conectado para ver este link.] >
> Ao acessar,clique em "Download Now".
>
> Salve-o no desktop!

< [Você precisa estar registrado e conectado para ver esta imagem.] >

> Clique direito em adwcleaner.exe,e escolha sua execução como administrador.

[Você precisa estar registrado e conectado para ver esta imagem.]

> Ps: Dê início ao scan,clicando em "Examinar". 

< [Você precisa estar registrado e conectado para ver esta imagem.] >

> Ao concluir,clique "Limpar" >> Ok >> Ok >> Ok.
> Copie o log ou clique "Relatório".
> Poste: < C:\AdwCleaner\AdwCleaner[S0].txt > 

A+
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: remoção de virus "Ad by Meteoroids"

Mensagem por Rafael FD em Seg 03 Nov 2014, 14:55

Boa tarde!!

Segue o log:
# AdwCleaner v3.311 - Report created 03/11/2014 at 14:44:22
# Updated 30/09/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Iara Coelho - IARACOELHO-PC
# Running from : C:\Users\Iara Coelho\Downloads\adwcleaner_3.311.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : IePluginServices
Service Deleted : nethfdrv
[#] Service Deleted : NethxxpService
[#] Service Deleted : ServiceUpdater
[#] Service Deleted : Update NetCrawl

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\baidu
Folder Deleted : C:\ProgramData\IePluginServices
Folder Deleted : C:\Program Files (x86)\baidu
Folder Deleted : C:\Program Files (x86)\NetCrawl
Folder Deleted : C:\Program Files (x86)\SupTab
Folder Deleted : C:\Program Files (x86)\Media_Play_AIR+
Folder Deleted : C:\Users\IARACO~1\AppData\Local\Temp\baidu
Folder Deleted : C:\Users\IARACO~1\AppData\Local\Temp\NetCrawl
Folder Deleted : C:\Users\IARACO~1\AppData\Local\Temp\Smartbar
Folder Deleted : C:\Users\Iara Coelho\AppData\Local\LPT
Folder Deleted : C:\Users\Iara Coelho\AppData\Local\Smartbar
Folder Deleted : C:\Users\Iara Coelho\AppData\LocalLow\Smartbar
Folder Deleted : C:\Users\Iara Coelho\AppData\Roaming\baidu
Folder Deleted : C:\Users\Iara Coelho\AppData\Roaming\webssearches
Folder Deleted : C:\Users\Public\Documents\baidu
File Deleted : C:\Windows\SysWOW64\hfpapi.dll
File Deleted : C:\Windows\SysWOW64\installd.exe
File Deleted : C:\Windows\SysWOW64\nethtsrv.exe
File Deleted : C:\Windows\SysWOW64\netupdsrv.exe
File Deleted : C:\Windows\System32\drivers\nethfdrv.sys

***** [ Scheduled Tasks ] *****

Task Deleted : AmiUpdXp
Task Deleted : globalUpdateUpdateTaskMachineCore
Task Deleted : SaveSense
Task Deleted : SaveSenseLiveUpdateTaskMachineCore
Task Deleted : SaveSenseLiveUpdateTaskMachineUA

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\Iara Coelho\Desktop\Katana - Chrome.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Iara Coelho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Iara Coelho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
Shortcut Disinfected : C:\Users\Iara Coelho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\Iara Coelho\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Iara Coelho\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk

***** [ Registry ] *****

Key Deleted : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\[Você precisa estar registrado e conectado para ver este link.]
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\[Você precisa estar registrado e conectado para ver este link.]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Infrastructure Helper]
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bho
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateFindRight_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateFindRight_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\utilFindRight_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\utilFindRight_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\FixMyRegistry.exe
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{997E3BFB-F821-411C-8B96-D61D415EC8FA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1070C156-160B-47A0-B7D9-1860396BAB57}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{27CE191D-733B-4450-AFCD-096D105288C3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{39A29266-D3E4-462D-AB05-F93B1053F6CF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{44FC7A33-2E5C-48DC-B6F5-B81E8005D122}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{73192D81-6D24-4C40-BF7B-2507C6FA0B1A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{88C606E7-BA26-41CB-8CC3-D1E313E34E75}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{93D3100A-BBB6-456C-96FC-82CAC5F383AC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{997E3BFB-F821-411C-8B96-D61D415EC8FA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9E0546FF-D44F-4FE4-A324-995FCACB8D33}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CDDAB3A4-E64D-4AE0-9E1D-F3132F5F913F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E66A759D-367F-433E-85C6-ED7F040BCC32}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F4B8D46C-4EEE-401B-8607-DC03025F34B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{769A91DA-209F-47FE-88B9-B0321B0982C8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{769A91DA-209F-47FE-88B9-B0321B0982C8}
[#] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{92AA6038-35C9-4666-893F-84716DEC281C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{27CE191D-733B-4450-AFCD-096D105288C3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\NetCrawl
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\smartbarbackup
Key Deleted : HKCU\Software\smartbarlog
Key Deleted : HKCU\Software\Wajam
Key Deleted : HKCU\Software\AppDataLow\Software\DynConIE
Key Deleted : HKCU\Software\AppDataLow\Software\Media_Play_AIR+
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\NetCrawl
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\supWPM
Key Deleted : HKLM\SOFTWARE\webssearchesSoftware
Key Deleted : HKLM\SOFTWARE\Media_Play_AIR+
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\inethnfd
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Media_Play_AIR+
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NetCrawl
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17344

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Google Chrome v38.0.2125.111

[ File : C:\Users\Iara Coelho\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Startup_urls] : [Você precisa estar registrado e conectado para ver este link.]
Deleted [Homepage] : [Você precisa estar registrado e conectado para ver este link.]

*************************

AdwCleaner[R0].txt - [16633 octets] - [23/01/2014 00:26:48]
AdwCleaner[R1].txt - [1796 octets] - [23/02/2014 12:47:25]
AdwCleaner[R2].txt - [12399 octets] - [10/03/2014 15:14:22]
AdwCleaner[R3].txt - [36519 octets] - [20/06/2014 16:26:25]
AdwCleaner[R4].txt - [18322 octets] - [03/11/2014 14:43:34]
AdwCleaner[S0].txt - [16575 octets] - [23/01/2014 00:44:15]
AdwCleaner[S1].txt - [1844 octets] - [23/02/2014 12:47:54]
AdwCleaner[S2].txt - [9577 octets] - [10/03/2014 15:18:45]
AdwCleaner[S3].txt - [29981 octets] - [20/06/2014 16:26:50]
AdwCleaner[S4].txt - [15967 octets] - [03/11/2014 14:44:22]

########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [16028 octets] ##########
avatar
Rafael FD
Iniciante
Iniciante

Mensagens : 36
Reputação : 1
Data de inscrição : 20/06/2014

Voltar ao Topo Ir em baixo

Re: remoção de virus "Ad by Meteoroids"

Mensagem por joram em Seg 03 Nov 2014, 16:09

Boa Tarde! Rafael FD

> Baixe: < [Você precisa estar registrado e conectado para ver este link.] > ( ... by Oleg N. Scherbakov )

> Salve-o no desktop!
> Desabilite seu antivírus!
> Para Windows 7,clique direito em JRT.exe e execute-o ... 

[Você precisa estar registrado e conectado para ver esta imagem.]

[Você precisa estar registrado e conectado para ver esta imagem.]

> Aguarde a conclusão e poste o relatório. ( JRT.txt )

A+
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: remoção de virus "Ad by Meteoroids"

Mensagem por Rafael FD em Ter 04 Nov 2014, 03:00

Boa noite!!

Segue o log:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.5 (10.31.2014:1)
OS: Windows 7 Ultimate x64
Ran by Iara Coelho on 04/11/2014 at 2:57:15,18
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\update netcrawl
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\util findright
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\NetCrawl_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\NetCrawl_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\updateNetCrawl_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\updateNetCrawl_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\NetCrawl_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\NetCrawl_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\updateNetCrawl_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\updateNetCrawl_RASMANCS



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\baidu security"
Successfully deleted: [Folder] "C:\Users\Iara Coelho\AppData\Roaming\baidu security"
Successfully deleted: [Folder] "C:\Program Files (x86)\baidu security"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04/11/2014 at 3:00:07,26
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
avatar
Rafael FD
Iniciante
Iniciante

Mensagens : 36
Reputação : 1
Data de inscrição : 20/06/2014

Voltar ao Topo Ir em baixo

Re: remoção de virus "Ad by Meteoroids"

Mensagem por joram em Ter 04 Nov 2014, 06:44

Bom Dia! Rafael FD

[Você precisa estar registrado e conectado para ver este link.]

> Abra a ferramenta AdwCleaner e clique em "Desinstalar".
> Confirme a solicitação!
>
> Baixe: < [Você precisa estar registrado e conectado para ver este link.] > ( ... by techsupportall.com )
> Salve-a no desktop!

[Você precisa estar registrado e conectado para ver esta imagem.]

> Execute o arquivo Adware-Removal-Tool-v3.9.1.exe <<

[Você precisa estar registrado e conectado para ver este link.]

> Dê início a verificação,clicando em Scan.

[Você precisa estar registrado e conectado para ver este link.]

> Ao concluir seu prescan,clique OK.
> Ps: Cada guia irá mostrar o que será removido!

[Você precisa estar registrado e conectado para ver este link.]

> Clique "Next" >> Aguarde!

< Computador >> Windows (C:) >> Program Files >> Adware-Removal-Tool >> Reports >> Repair_Logs_2014_11_dia_h_min_seg.txt <<

> Poste o relatório! 

Abs!
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: remoção de virus "Ad by Meteoroids"

Mensagem por Rafael FD em Ter 04 Nov 2014, 20:33

Valeu cara!! (y)

Segue o log:
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

Adware Removal Tool v3.9
Time: 2014_11_04_20_16_38
OS: Windows 7 - 64 Bit
Account Name: Iara Coelho
U0L0S138

\\\\\\\\\\\\\\\\\\\\\\\ Repair Logs \\\\\\\\\\\\\\\\\\\\\\

Deleted - File - C:\program files\Adobe\Adobe Premiere Pro CS5.5\Settings\EveScripts\ClipSpeedDialog.eve
Deleted - File - C:\Users\Iara Coelho\Appdata\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_www.awesomehp.com_0.localstorage
Deleted - File - C:\Users\Iara Coelho\Appdata\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_www.awesomehp.com_0.localstorage-journal
Deleted - File - C:\Users\Iara Coelho\Appdata\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_traducao.babylon.com_0.localstorage
Deleted - File - C:\Users\Iara Coelho\Appdata\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_traducao.babylon.com_0.localstorage-journal
Deleted - Folder - C:\Users\Iara Coelho\Appdata\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_yontoodesktop.ex_68114970be2bd3fbc7793fb783da2f5c97f55_09f97987
Deleted - Folder - C:\Users\Iara Coelho\Appdata\Roaming\ZHP\Quarantine\Baidu Security.DIR\PC Faster
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\AppDataLow\Software\Plus-HD-V1.6\Background:__ondocumentstart_script__
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\AppDataLow\Software\Plus-HD-V1.6\Background:__ondocumentstart_script_store__
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\AppDataLow\Software\Plus-HD-V1.6\Db\Internal\monetization_plugin_bundledUrls:value
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\AppDataLow\Software\Plus-HD-V1.6\Manifest:name
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\AppDataLow\Software\Plus-HD-V1.6\Plugins\102:name
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\AppDataLow\Software\Plus-HD-V1.6\Plugins\220:javascript
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\AppDataLow\Software\Plus-HD-V1.6\Plugins\9:javascript
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\AppDataLow\Software\Plus-HD-V1.6\Plugins\91:javascript
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}:masterclsid
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{472734EA-242A-422B-ADF8-83D1E48CC825}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{459c5283-30ac-4d45-951c-202e91a70903}:appname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{459c5283-30ac-4d45-951c-202e91a70903}:apppath
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{93374be8-f67f-46ca-b239-7368621ed02e}:appname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ca7abff5-3bd1-4a0c-82e4-15340003b85d}:appname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ca7abff5-3bd1-4a0c-82e4-15340003b85d}:apppath
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{12831E3F-EE81-487E-9743-D3BEB7E285F8}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{191D9DCA-EC8-49C9-9961-3003ACBC259}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1CBCDBF5-B1F1-497B-9D9B-15FD43FEC193}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1FF90E0A-AF86-48B4-86C8-56BC08FB51}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{246521A1-53D6-4218-A7E7-37C7B8169B48}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{25E98209-403E-4A8F-A65A-DBF1A8C380A}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2E1318BB-D025-4D6F-A57A-53D57AFA77B}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{30E3B789-D40D-456D-8AFD-D5D5336FEC2B}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{330A6583-DD74-4367-8217-737FA43848F0}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{372EE352-B80-494C-A817-FD94224CE7F7}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3B405FD9-151C-4B93-8E3E-107DDC2B316}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3EB89319-E1EA-4359-8273-A3B469E78BE4}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{429C6215-C33A-4868-B6D8-CC1412DBF2B3}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{433A75C9-4E84-4089-A5A3-95436AF2F233}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{457238DD-B25A-4CC9-807F-C36718FABAEA}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{459c5283-30ac-4d45-951c-202e91a70903}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{459c5283-30ac-4d45-951c-202e91a70903}:apppath
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{46C10529-8CD7-44B6-B68A-CD66FD9D1C58}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4A70999A-AF46-436B-9AF2-A4FCDCF7AEBE}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4D763ED1-D8EF-416D-ABB2-805E2FDD025}:apppath
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4E78F63B-4A8D-42AD-A944-F97A4A53E1}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{53C7BC8E-31F3-4279-A834-E02892991F4A}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{58AC344C-CC98-436C-B16E-62EAAC1C3BA3}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{590F9974-6D9E-40B1-9C41-F669D11B616C}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5B4D0F7D-FBFF-4FC3-BCEB-33194BDEE294}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5BC8F5B8-DB37-4D09-B6E4-6613C0AA2199}:apppath
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5BD28469-51D5-4F28-946F-581AE3808132}:apppath
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5F8B1067-334E-4144-A68B-B1BCFE30F25C}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{645422B6-DDF9-4E68-80E6-91A04CA5144B}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{660AA852-4506-48F3-9C68-A9D8B90F762}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{675746F5-FCB6-4557-8DC5-FDD5CC151AC0}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6861EEF6-5064-4DF4-BD47-9CB381099D9}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6949D6D2-D654-42D9-B29D-8B5A405E4978}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6F197B6A-9C4A-47F1-B06F-27A593767634}:apppath
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{747BF7A6-F724-4BB1-BCE7-2714F7E7253}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7766C782-8BE9-4912-A4C6-1379176CC31}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7836A505-53C2-44F1-BBA4-531FE6536BCC}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A73F438-33CC-43A4-8F1E-15C143DDBA8}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7B5CC374-360C-4837-8F79-ADED4DFEB12D}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7BBE1887-CE5C-4FED-AE93-DE8624F0C938}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7C638E45-CF31-4CD2-9512-4733F2365C94}:apppath
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8012FB3-1D90-4A48-A91C-2C1756431971}:apppath
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80C195E6-84CA-480C-B7C2-961C2AB690C5}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{828FA8F9-EB62-4E5A-8D9C-647F9FC01688}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{84304F23-F8BA-45F3-B04C-E1969858328A}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{84304F23-F8BA-45F3-B04C-E1969858328A}:apppath
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{84638F1D-E509-4A27-96D2-9B2EA232047}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{84638F1D-E509-4A27-96D2-9B2EA232047}:apppath
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8DF01DB8-DA69-457D-AAE5-35DB66C155E1}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{900E85A8-2455-4F16-8647-983DEE13B62}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{93374be8-f67f-46ca-b239-7368621ed02e}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{97C7C112-35B3-424F-A943-A3141E3BBC99}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9AADFBF5-FDCD-40B6-89B7-3EB3B989BBE}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9AD8DBE1-30C2-4A95-A925-37C233A33650}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9D87178B-5F9C-4D06-A7FF-78E21513B257}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A1CFF81-C48C-4001-A890-25E01819548}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A3052555-B565-47DC-AF43-BB1E867C1364}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A4D85B84-92B2-47DE-9391-473E9FEF2BDA}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A524A320-17D4-42E7-B15B-8096DBF8AAB2}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A811EA13-E27D-4BEB-A4CB-D73FE4433DE4}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AAACE4E7-AEFB-4A3C-8C1-D9B8FD7C578}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ADC56575-61B2-45DD-A49E-F6167BD89DF3}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFA725AB-DBEA-4E91-B046-54B66EB4BF0}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B1279C0A-AF35-4AD6-8C94-90F67865DD0}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BEF0CFD-BE6E-499A-9D7-A4A19FF8DEA6}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C6AD20CC-84F2-4A4D-AC23-E44262EA4897}:apppath
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C6F17439-AC0F-4BE2-9681-B4764ADB7959}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7C6B465-91D8-4E8C-B9F-542D88A740FA}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CA150B28-2936-46A5-9D42-80A3EA902AC7}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ca7abff5-3bd1-4a0c-82e4-15340003b85d}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ca7abff5-3bd1-4a0c-82e4-15340003b85d}:apppath
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CD5C0F24-1A22-4182-9423-88F88E9FE2E6}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D3E7F070-4F99-4FB0-8B80-C3F0EA641E9A}:apppath
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D605487B-E541-4FFD-85D5-45D75BC67F4}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D6AC9C4A-C09-49A7-A4A1-41541E4F892E}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E007E2D5-DF6E-46DC-821E-DB75A2548393}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E1B04702-8B9F-4F1B-BAA2-732DB65359B2}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E1B53A58-4ACA-4903-93C9-754B8AAED86}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E20EE133-51B8-411E-9AC9-148630427E25}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E502D457-2946-4075-903D-C872729BF364}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ED6E52D2-4939-47D3-9720-26A9CFD5B761}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ED6E52D2-4939-47D3-9720-26A9CFD5B761}:apppath
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f1726916-b206-4e90-acf1-08e3d5897218}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F298AA08-7E08-48E2-8A9B-7798A3B3607F}:apppath
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FA77AE0F-D489-4E2B-976C-E0F814E9920}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FA97B3EE-1086-4C83-A564-43CE89E266D2}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FEAFE16D-2810-4989-B334-C37F76936527}:appname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\windows\Currentversion\Uninstall\{EAF386F0-7205-40F2-8DA6-1BABEEFCBE89}:displayicon
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\windows\Currentversion\Uninstall\{F33C8209-E8E0-49C8-8D7E-363CD346C801}:displayicon
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\microsoft\windows\Currentversion\Uninstall\{3072d9c7-9c3b-4eaa-a3e7-a30e5f40d954}:displayname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\microsoft\windows\Currentversion\Uninstall\{3072d9c7-9c3b-4eaa-a3e7-a30e5f40d954}:displayicon
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\microsoft\windows\Currentversion\Uninstall\{96b51d28-e860-4adb-b9ba-dcab2e7e6c2e}:displayicon
Deleted - RegistryValue - HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Plus-HD-V1.6:plus-hd-v1.6-graspi
Deleted - RegistryValue - HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Plus-HD-V1.6:plus-hd-v1.6-grasph
Deleted - RegistryValue - HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Plus-HD-V1.6:plus-hd-v1.6-ver
Deleted - RegistryValue - HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Plus-HD-V1.6:plus-hd-v1.6-data0
Deleted - RegistryValue - HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Plus-HD-V1.6:plus-hd-v1.6-data1
Deleted - RegistryValue - HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Plus-HD-V1.6:plus-hd-v1.6-data2
Deleted - RegistryValue - HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Plus-HD-V1.6:plus-hd-v1.6-data3
Deleted - RegistryValue - HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Plus-HD-V1.6:plus-hd-v1.6-data4
Deleted - RegistryValue - HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Plus-HD-V1.6:plus-hd-v1.6-data5
Deleted - RegistryValue - HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Plus-HD-V1.6:plus-hd-v1.6-data6
Deleted - RegistryValue - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION:plus-hd-v1.6-bg.exe
Deleted - RegistryValue - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION:snapdo.exe
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE:Plus-HD-V1.6
Deleted - RegistryKey - HKEY_CURRENT_USER\SOFTWARE\AppDataLow\Software:Plus-HD-V1.6
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{2EECD738-5844-4A99-B4B6-146BF802613B}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{472734EA-242A-422B-ADF8-83D1E48CC825}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{98889811-442D-49DD-99D7-DC866BE87DBC}

\\ Finished


OBS: tem uma propaganda chata no youtube: powered by contentedexplorer.
já tentei tirar, mas esse infeliz fica no meu youtube, rsrs
avatar
Rafael FD
Iniciante
Iniciante

Mensagens : 36
Reputação : 1
Data de inscrição : 20/06/2014

Voltar ao Topo Ir em baixo

Re: remoção de virus "Ad by Meteoroids"

Mensagem por joram em Ter 04 Nov 2014, 20:56

Boa Noite! Rafael FD

> Baixe: < [Você precisa estar registrado e conectado para ver este link.] >

> Instale o antimalware,com duplo-clique em seu executável! ( mbam-setup.exe )

[Você precisa estar registrado e conectado para ver este link.] 

> Desmarque a caixa: "Ativar trial gratuito do Malwarebytes Anti-Malware PRO"
> Marque as checkbox:

<1> Atualizar Malwarebytes Anti-Malware
<2> Executar Malwarebytes Anti-Malware

> Clique em "Concluir".
> Caso haja atualizações,elas serão baixadas e instaladas.
> Clique em "Settings" e no campo Language,coloque: Portuguese (Brasil)
> Clique em "Detecção e proteção".

> Marque: Verificar por Rootkits

> Em "Detecções PUP",selecione: Tratar detecções como malware

> Clique em Verificar >> Verificar ameaça.
> Clique em "Verificar agora".
> Aguarde a conclusão do scan!
> Caso haja detecções,clique no botão "Mover todos para a Quarentena".
> Clique em "Aplicar ações".
> Ao concluir,aceite a solicitação ao reboot,que pode ocorrer 2 vezes.
> Poste o relatório! ( Aba Histórico >> Logs de aplicativos )
> Ps: Utilize o formato ".txt" para exportar o relatório.

A+
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: remoção de virus "Ad by Meteoroids"

Mensagem por Rafael FD em Ter 04 Nov 2014, 21:36

Boa noite!!

A unica coisa q apareceu foi isso:

Malwarebytes Anti-Malware
[Você precisa estar registrado e conectado para ver este link.]


Update, 03/11/2014 13:22:37, SYSTEM, IARACOELHO-PC, Scheduler, Malware Database, 2014.11.3.2, 2014.11.3.6,
Update, 03/11/2014 15:34:23, SYSTEM, IARACOELHO-PC, Scheduler, Malware Database, 2014.11.3.6, 2014.11.3.7,
Update, 03/11/2014 16:49:08, SYSTEM, IARACOELHO-PC, Scheduler, Malware Database, 2014.11.3.7, 2014.11.3.8,
Update, 03/11/2014 18:46:43, SYSTEM, IARACOELHO-PC, Scheduler, Malware Database, 2014.11.3.8, 2014.11.3.9,
Update, 03/11/2014 20:22:20, SYSTEM, IARACOELHO-PC, Scheduler, Malware Database, 2014.11.3.9, 2014.11.3.10,
Update, 03/11/2014 21:38:24, SYSTEM, IARACOELHO-PC, Scheduler, Malware Database, 2014.11.3.10, 2014.11.3.11,

(end)

OBS: agora vejo q posso usar os emoticons, rs.
agora vc vê q os vírus quase dominaram meu pc!
avatar
Rafael FD
Iniciante
Iniciante

Mensagens : 36
Reputação : 1
Data de inscrição : 20/06/2014

Voltar ao Topo Ir em baixo

Re: remoção de virus "Ad by Meteoroids"

Mensagem por Rafael FD em Ter 04 Nov 2014, 21:38

Boa noite!!

Agora consigo editar meus textos aqui. lol


Malwarebytes Anti-Malware
[Você precisa estar registrado e conectado para ver este link.]


Update, 03/11/2014 13:22:37, SYSTEM, IARACOELHO-PC, Scheduler, Malware Database, 2014.11.3.2, 2014.11.3.6,
Update, 03/11/2014 15:34:23, SYSTEM, IARACOELHO-PC, Scheduler, Malware Database, 2014.11.3.6, 2014.11.3.7,
Update, 03/11/2014 16:49:08, SYSTEM, IARACOELHO-PC, Scheduler, Malware Database, 2014.11.3.7, 2014.11.3.8,
Update, 03/11/2014 18:46:43, SYSTEM, IARACOELHO-PC, Scheduler, Malware Database, 2014.11.3.8, 2014.11.3.9,
Update, 03/11/2014 20:22:20, SYSTEM, IARACOELHO-PC, Scheduler, Malware Database, 2014.11.3.9, 2014.11.3.10,
Update, 03/11/2014 21:38:24, SYSTEM, IARACOELHO-PC, Scheduler, Malware Database, 2014.11.3.10, 2014.11.3.11,

(end)
avatar
Rafael FD
Iniciante
Iniciante

Mensagens : 36
Reputação : 1
Data de inscrição : 20/06/2014

Voltar ao Topo Ir em baixo

Re: remoção de virus "Ad by Meteoroids"

Mensagem por joram em Ter 04 Nov 2014, 21:41

Boa Noite! Rafael FD

> Está incorreto! Não é o relatório solicitado.
> Leia calmamente as instruções,faça novo scan e poste o relatório.

A+

_________________
[Você precisa estar registrado e conectado para ver este link.] >> O que há de melhor,para desinfectar seu computador!
[Você precisa estar registrado e conectado para ver este link.] >> Não deixem de conhecer!
[Você precisa estar registrado e conectado para ver este link.] >> Tradição em informática!
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: remoção de virus "Ad by Meteoroids"

Mensagem por Rafael FD em Qua 05 Nov 2014, 03:36

Já escaneei 2 vezes. Dessa vez não apareceu vírus!
Abri o log e estava vazio.
avatar
Rafael FD
Iniciante
Iniciante

Mensagens : 36
Reputação : 1
Data de inscrição : 20/06/2014

Voltar ao Topo Ir em baixo

Re: remoção de virus "Ad by Meteoroids"

Mensagem por joram em Qua 05 Nov 2014, 06:10

/!\ Bom Dia! Rafael FD /!\

< [Você precisa estar registrado e conectado para ver este link.] >

> Poste novo relatório do HijackThis,para análise.
> Tudo Ok? Os adwares,ainda,lhe incomodam?

A+
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: remoção de virus "Ad by Meteoroids"

Mensagem por Rafael FD em Qua 05 Nov 2014, 18:02

Meu jovem, os problemas já foram resolvidos. As propagandas chatas desapareceram.
Obrigado pela ajuda!
avatar
Rafael FD
Iniciante
Iniciante

Mensagens : 36
Reputação : 1
Data de inscrição : 20/06/2014

Voltar ao Topo Ir em baixo

Re: remoção de virus "Ad by Meteoroids"

Mensagem por joram em Qua 05 Nov 2014, 18:33

Caso Resolvido

Necessitando novo auxílio para este computador,basta abrir "Novo Tópico" e relatar o problema.

_________________
[Você precisa estar registrado e conectado para ver este link.] >> O que há de melhor,para desinfectar seu computador!
[Você precisa estar registrado e conectado para ver este link.] >> Não deixem de conhecer!
[Você precisa estar registrado e conectado para ver este link.] >> Tradição em informática!
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: remoção de virus "Ad by Meteoroids"

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Voltar ao Topo Ir em baixo

Ver o tópico anterior Ver o tópico seguinte Voltar ao Topo


 
Permissão deste fórum:
Você não pode responder aos tópicos neste fórum