Flux 
Social bookmarking
Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking
Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking
Estatísticas
Temos 14810 usuários registradosO último membro registrado é Josevinil
Os nossos membros postaram um total de 36047 mensagens em 3685 assuntos
Quem está conectado?
Há 16 usuários online :: 0 registrados, 0 invisíveis e 16 visitantes Nenhum
O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
Top dos mais postadores
| Power Max |
| |||
| joram |
| |||
| Wings [In Memoriam] |
| |||
| caedurodrigues |
| |||
| Amigo Brasileiro |
| |||
| luizvilarinho |
| |||
| Danii |
| |||
| Admin |
| |||
| Danilo Marsaro |
| |||
| Andreata |
|
Delta Search nos navegadores!
3 participantes
Página 1 de 1
Delta Search nos navegadores!
por krica Qui 22 Ago 2013, 20:46
Olá! Pessoal
Estou com um pequeno problema, ontem quando fui dormir o pc está tudo ok, com abas abertas, mas hoje quando acordei parecia que o computador tinha sido reiniciado porque as abas do Google Chrome que eu deixei na barra de tarefas tinha fechado e quando fui abrir apareceu esse maldito Delta Search, fui ao google saber como retirava e eu consegui retirar do Google, IE, Mozila só que agora todos os arquivos que estavam com o 7Zip passaram para um icone com 3 livros é o tal de Winzipper Application, como eu faço para tirar esse Winzipper e voltar a usar o 7Zip, eu tenho o Windows 7 Ultimate e também gostaria de saber qual o programa seguro que eu posso usar para malware, spyware, porque já é a 2ª vez que entra esse tal de delta Search.
Abraços
Krica
Estou com um pequeno problema, ontem quando fui dormir o pc está tudo ok, com abas abertas, mas hoje quando acordei parecia que o computador tinha sido reiniciado porque as abas do Google Chrome que eu deixei na barra de tarefas tinha fechado e quando fui abrir apareceu esse maldito Delta Search, fui ao google saber como retirava e eu consegui retirar do Google, IE, Mozila só que agora todos os arquivos que estavam com o 7Zip passaram para um icone com 3 livros é o tal de Winzipper Application, como eu faço para tirar esse Winzipper e voltar a usar o 7Zip, eu tenho o Windows 7 Ultimate e também gostaria de saber qual o programa seguro que eu posso usar para malware, spyware, porque já é a 2ª vez que entra esse tal de delta Search.
Abraços
Krica
krica- Membro
- Mensagens : 250
Reputação : 3
Data de inscrição : 24/01/2013
Re: Delta Search nos navegadores!
por Wings [In Memoriam] Qui 22 Ago 2013, 21:14
Olá krica
Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] e salve-o no Desktop (Área de Trabalho)
*Execute-o, clique [Do a system scan and save a logfile] e cole o relatório apresentado
Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] e salve-o no Desktop (Área de Trabalho)*Execute-o, clique [Do a system scan and save a logfile] e cole o relatório apresentado
![Wings [In Memoriam]](https://2img.net/u/1712/29/07/67/avatars/414-76.jpg)
Wings [In Memoriam]- Moderador
- Mensagens : 1080
Reputação : 282
Data de inscrição : 19/08/2013
Localização : Rio de Janeiro - RJ -
Re: Delta Search nos navegadores!
por krica Qui 22 Ago 2013, 22:20
Oi! Wings
Obrigada por responder, fiz o procedimento, mas logo que começou apareceu uma mensagem eu tirei um print eu dei OK e continuou, abaixo vou colocar o print e depois o Log.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
LOG HIJACKTHIS
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:12:52, on 22/08/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16660)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\uTorrent.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Cristina\AppData\Roaming\Betcat\WebCakeDesktop.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\Messenger Plus! for Skype.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe
G:\Arquivos de programas\eMule\emule.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\program files (x86)\avira\antivir desktop\avcenter.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Cristina\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Foxit Toolbar - {73c7d5b0-7b03-444a-84c7-ce1ba03b5573} - C:\Program Files (x86)\Foxit\tbFoxi.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Foxit Toolbar - {73c7d5b0-7b03-444a-84c7-ce1ba03b5573} - C:\Program Files (x86)\Foxit\tbFoxi.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Foxit Toolbar - {73c7d5b0-7b03-444a-84c7-ce1ba03b5573} - C:\Program Files (x86)\Foxit\tbFoxi.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll" (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [MessengerPlusForSkypeService] "C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [WebCake Desktop] C:\Users\Cristina\AppData\Roaming\Betcat\WebCakeDesktop.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "F:\Alcohol 120\axcmd.exe" /automount
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Agendamento (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Messenger Plus! Service (MsgPlusService) - Yuna Software - C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - Unknown owner - F:\Alcohol 120\StarWind\StarWindServiceAE.exe (file missing)
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WebCake Desktop Updater - cake bake - C:\Program Files (x86)\Betcat\WBDesktop.Updater.1.0.0.16.exe
O23 - Service: WinZiper service (winzipersvc) - Taiwan Shui Mu Chih Ching Technology Limited. - C:\Program Files (x86)\WinZipper\winzipersvc.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wsys Service (WsysSvc) - Wsys Co., Ltd. - C:\ProgramData\eSafe\eGdpSvc.exe
--
End of file - 13819 bytes
abraços
krica
Obrigada por responder, fiz o procedimento, mas logo que começou apareceu uma mensagem eu tirei um print eu dei OK e continuou, abaixo vou colocar o print e depois o Log.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
LOG HIJACKTHIS
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:12:52, on 22/08/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16660)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\uTorrent.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Cristina\AppData\Roaming\Betcat\WebCakeDesktop.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\Messenger Plus! for Skype.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe
G:\Arquivos de programas\eMule\emule.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\program files (x86)\avira\antivir desktop\avcenter.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Cristina\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Foxit Toolbar - {73c7d5b0-7b03-444a-84c7-ce1ba03b5573} - C:\Program Files (x86)\Foxit\tbFoxi.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Foxit Toolbar - {73c7d5b0-7b03-444a-84c7-ce1ba03b5573} - C:\Program Files (x86)\Foxit\tbFoxi.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Foxit Toolbar - {73c7d5b0-7b03-444a-84c7-ce1ba03b5573} - C:\Program Files (x86)\Foxit\tbFoxi.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll" (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [MessengerPlusForSkypeService] "C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [WebCake Desktop] C:\Users\Cristina\AppData\Roaming\Betcat\WebCakeDesktop.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "F:\Alcohol 120\axcmd.exe" /automount
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Agendamento (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Messenger Plus! Service (MsgPlusService) - Yuna Software - C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - Unknown owner - F:\Alcohol 120\StarWind\StarWindServiceAE.exe (file missing)
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WebCake Desktop Updater - cake bake - C:\Program Files (x86)\Betcat\WBDesktop.Updater.1.0.0.16.exe
O23 - Service: WinZiper service (winzipersvc) - Taiwan Shui Mu Chih Ching Technology Limited. - C:\Program Files (x86)\WinZipper\winzipersvc.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wsys Service (WsysSvc) - Wsys Co., Ltd. - C:\ProgramData\eSafe\eGdpSvc.exe
--
End of file - 13819 bytes
abraços
krica
krica- Membro
- Mensagens : 250
Reputação : 3
Data de inscrição : 24/01/2013
Re: Delta Search nos navegadores!
por Wings [In Memoriam] Qui 22 Ago 2013, 22:24
Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] e salve-o no Desktop (Área de Trabalho)*Clique com o botão direito do mouse no hosts-perm e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Aguarde a mensagem The Permissions on the HOSTS file have been reset e tecle [ENTER]
Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (...de Xplode) e salve-o no Desktop (Área de Trabalho)*Salve qualquer trabalho aberto e feche o seu navegador
*Execute-o, clique [Scan] e aguarde o término
*Clique [Clean] e aguarde o término
*Clique [Report] e cole o relatório apresentado
Wings [In Memoriam]- Moderador
- Mensagens : 1080
Reputação : 282
Data de inscrição : 19/08/2013
Localização : Rio de Janeiro - RJ -
Re: Delta Search nos navegadores!
por krica Qui 22 Ago 2013, 23:08
Wings por favor me tire uma dúvida é que eu antigamente tinha Windows XP e recentemente formatei o pc e o tecnico colocou esse Windows 7, então para mim tudo está sendo novidade e esse windows pergunta muita coisa, baixei o programa Hosts-Perm como vc orientou e quando cliquei em executar como administrador apareceu uma caixa de mensagem dizendo:
Deseja permitir que o programa a seguir faça alterações neste computador
Nome do Programa: Processador de comandos do windows
Eu fiquei na duvida se podia clicar no sim e depois aparece a tal mensagem que vc falou, desculpe a minha falta de experiência. Nesse caso eu posso clicar no sim, esses programas eles depois pedem para ser reiniciado.
abraços
krica
krica- Membro
- Mensagens : 250
Reputação : 3
Data de inscrição : 24/01/2013
Re: Delta Search nos navegadores!
por Wings [In Memoriam] Qui 22 Ago 2013, 23:16
Clique sim............
Wings [In Memoriam]- Moderador
- Mensagens : 1080
Reputação : 282
Data de inscrição : 19/08/2013
Localização : Rio de Janeiro - RJ -
Re: Delta Search nos navegadores!
por krica Sex 23 Ago 2013, 01:04
Wings, fiz o procedimento cliquei em sim, apareceu uma caixa preta que rolou tudo rápido não dava nem para ler e depois fechou fiquei esperando aparecer a tal mensagem para eu poder dar o Enter, e não apareceu e assim mesmo, posso fazer o 2º procedimento do Adwcleaner.
abraços
krica
krica- Membro
- Mensagens : 250
Reputação : 3
Data de inscrição : 24/01/2013
Re: Delta Search nos navegadores!
por Wings [In Memoriam] Sex 23 Ago 2013, 08:52
Bom dia krica
Sim continue com o procedimento.
Sim continue com o procedimento.
Wings [In Memoriam]- Moderador
- Mensagens : 1080
Reputação : 282
Data de inscrição : 19/08/2013
Localização : Rio de Janeiro - RJ -
Re: Delta Search nos navegadores!
por krica Sex 23 Ago 2013, 09:10
Bom Dia, Wings
Fiz o procedimento, vou colocar o relatorio.
# AdwCleaner v3.000 - Report created 23/08/2013 at 09:02:29
# Updated 20/08/2013 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Cristina - CRISTINA-PC
# Running from : C:\Users\Cristina\Desktop\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : WebCake Desktop Updater
Service Deleted : WsysSvc
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\APN
Folder Deleted : C:\ProgramData\eSafe
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Program Files (x86)\Iminent
Folder Deleted : C:\Program Files (x86)\WebCake
Folder Deleted : C:\Program Files (x86)\Foxit
Folder Deleted : C:\Program Files (x86)\Common Files\337
Folder Deleted : C:\Users\Cristina\AppData\Local\Foxit
Folder Deleted : C:\Users\Cristina\AppData\Local\Temp\APN
Folder Deleted : C:\Users\Cristina\AppData\Local\Temp\Desk365
Folder Deleted : C:\Users\Cristina\AppData\Local\Temp\eIntaller
Folder Deleted : C:\Users\Cristina\AppData\Roaming\eIntaller
Folder Deleted : C:\Users\Cristina\AppData\Roaming\WebCake
Folder Deleted : C:\Users\Cristina\AppData\Roaming\Mozilla\Firefox\Profiles\ajftixue.default\Extensions\plugin@getwebcake.com
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Cristina\AppData\Roaming\Mozilla\Firefox\Profiles\ajftixue.default\user.js
***** [ Shortcuts ] *****
Shortcut Disinfected : C:\Users\Cristina\Desktop\Atalhos não utilizados da área de trabalho\Mozilla Firefox.lnk
Shortcut Disinfected : C:\Users\Cristina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\Cristina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Cristina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [WebCake Desktop]
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Deleted : HKLM\SOFTWARE\Classes\AppID\
Key Deleted : HKLM\SOFTWARE\Classes\AppID\
Key Deleted : HKLM\SOFTWARE\Classes\AppID\
Key Deleted : HKLM\SOFTWARE\Classes\AppID\
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{73C7D5B0-7B03-444A-84C7-CE1BA03B5573}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\
Key Deleted : HKLM\SOFTWARE\Classes\Interface\
Key Deleted : HKLM\SOFTWARE\Classes\Interface\
Key Deleted : HKLM\SOFTWARE\Classes\Interface\
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{73C7D5B0-7B03-444A-84C7-CE1BA03B5573}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{73C7D5B0-7B03-444A-84C7-CE1BA03B5573}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{73C7D5B0-7B03-444A-84C7-CE1BA03B5573}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Iminent
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Foxit
Key Deleted : HKLM\Software\delta-homesSoftware
Key Deleted : HKLM\Software\Desksvc
Key Deleted : HKLM\Software\eSafeSecControl
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\Software\portaldositesSoftware
Key Deleted : HKLM\Software\V9
Key Deleted : HKLM\Software\Foxit
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Foxit Toolbar
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16660
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
-\\ Mozilla Firefox v22.0 (pt-BR)
[ File : C:\Users\Cristina\AppData\Roaming\Mozilla\Firefox\Profiles\ajftixue.default\prefs.js ]
Line Deleted : user_pref("browser.search.defaultenginename", "delta-homes");
Line Deleted : user_pref("browser.search.order.1", "delta-homes");
Line Deleted : user_pref("browser.search.selectedEngine", "delta-homes");
Line Deleted : user_pref("extensions.enabledAddons", "plugin%40getwebcake.com:1.00.01,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0");
Line Deleted : user_pref("extensions.helperbar.DockingPositionDown", false);
Line Deleted : user_pref("extensions.helperbar.SmartbarDisabled", false);
Line Deleted : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
Line Deleted : user_pref("extensions.helperbar.Visibility", true);
Line Deleted : user_pref("extensions.helperbar.countryiso", "br");
Line Deleted : user_pref("extensions.helperbar.date", "b0607");
Line Deleted : user_pref("extensions.helperbar.downloadprovider", "pb2");
Line Deleted : user_pref("extensions.helperbar.installationid", "b5928b7c-b168-49cb-90cb-d23eaa1a448a");
Line Deleted : user_pref("extensions.helperbar.installdate", "07/06/2013");
Line Deleted : user_pref("extensions.helperbar.ppctid", "mpls_lin");
Line Deleted : user_pref("extensions.helperbar.publisher", "messengerplus");
Line Deleted : user_pref("extensions.helperbar.uid", "71419eaa");
Line Deleted : user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"smartwebprinting@hp.com\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\HP\\\\Digital Imaging\\\\Smart Web Printin[...]
Line Deleted : user_pref("extentions.webcake.defaultEnableAppsList", "layers,brain/features,newOffers/wc");
Line Deleted : user_pref("extentions.webcake.installId", "d65383ee-105e-4ecd-91b4-8433a3838575");
-\\ Google Chrome v29.0.1547.57
[ File : C:\Users\Cristina\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted : urls_to_restore_on_startup
*************************
AdwCleaner[R0].txt - [18097 octets] - [23/08/2013 09:01:05]
AdwCleaner[S0].txt - [13951 octets] - [23/08/2013 09:02:29]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [14012 octets] ##########
abraços
krica
krica- Membro
- Mensagens : 250
Reputação : 3
Data de inscrição : 24/01/2013
Re: Delta Search nos navegadores!
por Wings [In Memoriam] Sex 23 Ago 2013, 09:14
Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (...de Oleg N. Scherbakov) e salve-o no Desktop (Área de Trabalho)*Feche o seu navegador (Firefox, IE, Google Chrome)
*Clique com o botão direito do mouse no JRT e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Tecle [ENTER]
*Ao surgir a mensagem The scan completed succesfully, feche a janela e cole o relatório JRT.txt localizado no Desktop
Wings [In Memoriam]- Moderador
- Mensagens : 1080
Reputação : 282
Data de inscrição : 19/08/2013
Localização : Rio de Janeiro - RJ -
Re: Delta Search nos navegadores!
por krica Sex 23 Ago 2013, 10:00
Relatorio do JRT
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.4 (08.22.2013:1)
OS: Windows 7 Ultimate x64
Ran by Cristina on 23/08/2013 at 9:51:56,89
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A0B10EBE-4E51-4CAE-949B-E6B9E7D68CEA}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Users\Cristina\AppData\Roaming\betcat"
Successfully deleted: [Folder] "C:\Program Files (x86)\betcat"
~~~ FireFox
Successfully deleted the following from C:\Users\Cristina\AppData\Roaming\mozilla\firefox\profiles\ajftixue.default\prefs.js
user_pref("iminent.webbooster.scripts.minibar.ROOTEXTENSION", "chrome://iminentwebbooster/content/minibar");
user_pref("iminent.webbooster.scripts.minibar.Services.BHPCode", "01");
user_pref("iminent.webbooster.scripts.minibar.Services.DefaultEvent", "000");
user_pref("iminent.webbooster.scripts.minibar.Services.DefaultWebSite", "000");
user_pref("iminent.webbooster.scripts.minibar.Services.IminentClientCode", "11");
user_pref("iminent.webbooster.scripts.minibar.Services.SmartFavCode", "02");
user_pref("iminent.webbooster.scripts.minibar.ShowThankyouPixel", "0");
user_pref("iminent.webbooster.scripts.minibar.displayFavLinks", "1");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent102", "1371182150731");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent134", "1371181756565");
Emptied folder: C:\Users\Cristina\AppData\Roaming\mozilla\firefox\profiles\ajftixue.default\minidumps [2 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 23/08/2013 at 9:56:20,25
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
abraços
krica
krica- Membro
- Mensagens : 250
Reputação : 3
Data de inscrição : 24/01/2013
Re: Delta Search nos navegadores!
por Wings [In Memoriam] Sex 23 Ago 2013, 10:03
Estamos terminando.
Depois removeremos todos os programas usados....OK?
Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (...de Smeenk) e salve-o no Desktop (Área de Trabalho)
*Mantenha-se conectado com a Internet
*Clique com o botão direito do mouse no Zoek e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Cole as linhas em marrom no espaço
startupall;
autoclean;
emptyalltemp;
*Feche o seu navegador e clique [Run Script]
*Durante o scan a mensagem abaixo será apresentada. Aguarde o término...pode demorar!
Acesse [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
*Clique [Selecionar arquivo...], localize o relatório C:\zoek-results.txt e clique [Abrir]
*Selecione 4 jours e clique [Créer le lien Cjoint]
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
*Cole o link criado ao lado de Le lien a été créé:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Depois removeremos todos os programas usados....OK?
Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (...de Smeenk) e salve-o no Desktop (Área de Trabalho)*Mantenha-se conectado com a Internet
*Clique com o botão direito do mouse no Zoek e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Cole as linhas em marrom no espaço
startupall;
autoclean;
emptyalltemp;
*Feche o seu navegador e clique [Run Script]
*Durante o scan a mensagem abaixo será apresentada. Aguarde o término...pode demorar!
*Caso a reinicialização do PC seja solicitada, clique [OK]
Zoek.exe is running now.
Do not start any browser windows, they will be closed automatically.
Please wait! This window will close when finished.
A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log
Acesse [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]*Clique [Selecionar arquivo...], localize o relatório C:\zoek-results.txt e clique [Abrir]
*Selecione 4 jours e clique [Créer le lien Cjoint]
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
*Cole o link criado ao lado de Le lien a été créé:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Wings [In Memoriam]- Moderador
- Mensagens : 1080
Reputação : 282
Data de inscrição : 19/08/2013
Localização : Rio de Janeiro - RJ -
Re: Delta Search nos navegadores!
por krica Sex 23 Ago 2013, 12:19
Wings, fiz o procedimento quando chegou o tal zoek ele toda hora fechava o google e eu não conseguia concluir, mas consegui colocar o arquivo, agora o endereço que apareceu foi esse, vc não disse o que fazer com esse endereço se era mandar para vc ou abrir em outra aba.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
abraços
krica
krica- Membro
- Mensagens : 250
Reputação : 3
Data de inscrição : 24/01/2013
Re: Delta Search nos navegadores!
por Wings [In Memoriam] Sex 23 Ago 2013, 12:28
OK...o PC está limpo.
Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (...de Xplode) e salve-o no Desktop (Área de Trabalho)
*Execute-o, clique [Run] e cole o relatório apresentado
Delete o DelFix e o arquivo C:\DelFix.txt
Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (...de Xplode) e salve-o no Desktop (Área de Trabalho)*Execute-o, clique [Run] e cole o relatório apresentado
Delete o DelFix e o arquivo C:\DelFix.txt
Wings [In Memoriam]- Moderador
- Mensagens : 1080
Reputação : 282
Data de inscrição : 19/08/2013
Localização : Rio de Janeiro - RJ -
Re: Delta Search nos navegadores!
por krica Sex 23 Ago 2013, 12:37
Wings, depois que respondi foi o que o pc reiniciou e apareceu esse relatorio do Zoek.
Zoek.exe Version 4.0.0.4 Updated 19-08-2013
Tool run by Cristina on 23/08/2013 at 12:10:20,97.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Cristina\Desktop\zoek.exe [Script inserted]
==== System Restore Info ======================
23/08/2013 12:11:26 Zoek.exe System Restore Point Created Succesfully.
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\winzipersvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\winzipersvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\winzipersvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\winzipersvc deleted successfully
==== FireFox Fix ======================
ProfilePath: C:\Users\Cristina\AppData\Roaming\Mozilla\Firefox\Profiles\ajftixue.default
user.js not found
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 0);
---- Lines browser.startup.page modified from prefs.js ----
---- FireFox user.js and prefs.js backups ----
prefs_082013_1214_.backup
==== Deleting Files \ Folders ======================
"C:\Users\Cristina\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx" deleted
"C:\windows\SysNative\tasks\Desk 365 RunAsStdUser" deleted
"C:\Program Files (x86)\WinZipper\eshellctx64.dll" deleted
"C:\Program Files (x86)\WinZipper" not deleted
"C:\Users\Cristina\AppData\Roaming\WinZipper" deleted
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper" deleted
==== Startup Registry Enabled ======================
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-21-2190345193-3870661874-3027621967-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"Xvid"="C:\Program Files (x86)\Xvid\CheckUpdate.exe"
"uTorrent"="C:\Program Files (x86)\uTorrent.exe /MINIMIZED"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"AlcoholAutomount"="F:\Alcohol 120\axcmd.exe /automount"
[HKEY_USERS\S-1-5-21-2190345193-3870661874-3027621967-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_USERS\S-1-5-21-2190345193-3870661874-3027621967-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"avgnt"="C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe /min"
"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
"RemoteControl"="C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe"
"LanguageShortcut"="C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe"
"HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe"
"MessengerPlusForSkypeService"="C:\Program Files (x86)\Yuna Software\Messenger Plus for Skype\MsgPlusForSkypeService.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"Xvid"="C:\Program Files (x86)\Xvid\CheckUpdate.exe"
"uTorrent"="C:\Program Files (x86)\uTorrent.exe /MINIMIZED"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"AlcoholAutomount"="F:\Alcohol 120\axcmd.exe /automount"
==== Startup Folders ======================
2013-06-06 15:25:48 2099 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [21/08/2013 07:11]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [05/06/2013 14:45]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [05/06/2013 14:45]
==== Firefox Extensions ======================
==== Firefox Plugins ======================
Profilepath: C:\Users\Cristina\AppData\Roaming\Mozilla\Firefox\Profiles\ajftixue.default
0C8597DBC74AAF5179471BA013E3C6B4 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll - Shockwave Flash
D7324EB1EDCB8990F8522DE0311359E9 - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.17
78006383FEDBCDC290B8BD178903D6AB - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll - Shockwave for Director / Shockwave for Director
15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
ifohbjbgfchkkfhphahclmkpgejiplfo - C:\Users\Cristina\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx[]
Google Wallet Service - Cristina - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
==== Chrome Fix ======================
C:\Users\Cristina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_7-zip.softonic.com.br_0.localstorage deleted successfully
C:\Users\Cristina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_7-zip.softonic.com.br_0.localstorage-journal deleted successfully
C:\Users\Cristina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_dvdfab.softonic.com.br_0.localstorage deleted successfully
C:\Users\Cristina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_dvdfab.softonic.com.br_0.localstorage-journal deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com.br/"
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com.br/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== Deleting CLSID Registry Keys ======================
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Cristina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Cristina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\users\Cristina\AppData\Local\Mozilla\Firefox\Profiles\ajftixue.default\Cache will be emptied at reboot
==== Empty Chrome Cache ======================
C:\users\Cristina\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Cristina\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Program Files (x86)\WinZipper" not found
==== EOF on 23/08/2013 at 12:21:50,33 ======================
krica
krica- Membro
- Mensagens : 250
Reputação : 3
Data de inscrição : 24/01/2013
Re: Delta Search nos navegadores!
por Wings [In Memoriam] Sex 23 Ago 2013, 12:41
Faça o procedimento do DelFix que informei acima.
Delete o Hosts-Perm.
Um abraço....
Delete o Hosts-Perm.
Um abraço....
Wings [In Memoriam]- Moderador
- Mensagens : 1080
Reputação : 282
Data de inscrição : 19/08/2013
Localização : Rio de Janeiro - RJ -
Re: Delta Search nos navegadores!
por krica Sex 23 Ago 2013, 13:05
Relatório Delfix
# DelFix v10.4 - Logfile created 23/08/2013 at 13:03:24
# Updated 19/07/2013 by Xplode
# Username : Cristina - CRISTINA-PC
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
~ Removing disinfection tools ...
Deleted : C:\zoek-results.log
Deleted : C:\Users\Cristina\Desktop\AdwCleaner.exe
Deleted : C:\Users\Cristina\Desktop\JRT.exe
Deleted : C:\Users\Cristina\Desktop\JRT.txt
Deleted : C:\Users\Cristina\Desktop\HijackThis.exe
Deleted : C:\Users\Cristina\Desktop\hijackthis.log
Deleted : C:\Users\Cristina\Desktop\Sinopse.doc
Deleted : C:\Users\Cristina\Desktop\zoek.exe
Deleted : HKLM\SOFTWARE\AdwCleaner
########## - EOF - ##########
abraços
krica
# DelFix v10.4 - Logfile created 23/08/2013 at 13:03:24
# Updated 19/07/2013 by Xplode
# Username : Cristina - CRISTINA-PC
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
~ Removing disinfection tools ...
Deleted : C:\zoek-results.log
Deleted : C:\Users\Cristina\Desktop\AdwCleaner.exe
Deleted : C:\Users\Cristina\Desktop\JRT.exe
Deleted : C:\Users\Cristina\Desktop\JRT.txt
Deleted : C:\Users\Cristina\Desktop\HijackThis.exe
Deleted : C:\Users\Cristina\Desktop\hijackthis.log
Deleted : C:\Users\Cristina\Desktop\Sinopse.doc
Deleted : C:\Users\Cristina\Desktop\zoek.exe
Deleted : HKLM\SOFTWARE\AdwCleaner
########## - EOF - ##########
abraços
krica
krica- Membro
- Mensagens : 250
Reputação : 3
Data de inscrição : 24/01/2013
Re: Delta Search nos navegadores!
por Admin Sex 23 Ago 2013, 13:19
Caso Resolvido!
Caso a autora do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.
Caso a autora do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.
Admin- Administrador Fundador
- Mensagens : 515
Reputação : 49
Data de inscrição : 26/05/2008
Idade : 46
Localização : Brasil -
Tópicos semelhantes» Preciso de ajuda para deletar um tal de "Delta-Homes"!
» remover do-search
» como eliminar br.yhs4.search ?
» Remover o Safe Search do Google
» Retirar Start Web Search do meu Computador
» remover do-search
» como eliminar br.yhs4.search ?
» Remover o Safe Search do Google
» Retirar Start Web Search do meu Computador
Página 1 de 1
Permissões neste sub-fórum
Não podes responder a tópicos|
|
|