RISOLTO come eliminare claro search

Pubblicità
Claro search

Buongiorno chi mi può aiutare? Ieri ho scaricato winzip e da quel momento mi è apparso come motore di ricerca claro search ... ho già fatto la scansione con combofix ed ho il report...cosa devo fare adesso??? grazie
 
Eliminare Claro Search

Ciao a tutti, sono nuova del forum, avrei bisogno del tecnico24 per risolvere il problema Claro Search poichè
credo sia responsabile del mal funzionamento di un programma che ho utilizzo per lavoro.
Ho letto altre discussioni in cui si diceva di scaricare OTL e con i giusti settaggi avviare Run Scan.
è stato generato il file OTL.txt che allego ma non Extras.txt....non capisco perchè così mi sono bloccata!!

Tecnico24 mi darebbe una mano? Grazie!!
 

Allegati

  • OTL.Txt
    OTL.Txt
    178.9 KB · Visualizzazioni: 259
Re: Eliminare Claro Search

adiludesign ha detto:
Ciao a tutti, sono nuova del forum, avrei bisogno del tecnico24 per risolvere il problema Claro Search poichè
credo sia responsabile del mal funzionamento di un programma che ho utilizzo per lavoro.
Ho letto altre discussioni in cui si diceva di scaricare OTL e con i giusti settaggi avviare Run Scan.
è stato generato il file OTL.txt che allego ma non Extras.txt....non capisco perchè così mi sono bloccata!!

Tecnico24 mi darebbe una mano? Grazie!!
Clicca per espandere...
Ripeti la scansione con OTL , che va scaricato sul desktop.
Poi allega pure Extras.txt
 
Ciao a tutti, sono nuova del forum, avrei bisogno del tecnico24 per risolvere il problema Claro Search poichè
credo sia responsabile del mal funzionamento di un programma che utilizzo per lavoro.
Ho letto altre discussioni in cui si diceva di scaricare OTL e con i giusti settaggi avviare Run Scan.
sono stati generati i file che allego.

Tecnico24 mi darebbe una mano? Grazie!!

- - - Updated - - -

Ho spostato qui la discussione, corretto?
 

Allegati

@adiludesign
Apri OTL
sotto il box custom scans/fixes
copia ed incolla queste righe in grassetto:

:Services

:OTL
SRV - (vToolbarUpdater13.2.0) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe ()
SRV - (Browser Manager) -- C:\ProgramData\Browser Manager\2.3.759.138\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\browsermngr.exe ()
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.chatzum.com/?q={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2851640
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = ChatZum Search
IE - HKU\S-1-5-21-1568723182-1663762481-543968236-1000\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = Claro Search
IE - HKU\S-1-5-21-1568723182-1663762481-543968236-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Claro Search
IE - HKU\S-1-5-21-1568723182-1663762481-543968236-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.claro-search.com/?q={searchTerms}&affID=114508&tt=4212_6&babsrc=SP_clro&mntrId=1e25747b0000000000000026832e5c5b
IE - HKU\S-1-5-21-1568723182-1663762481-543968236-1000\..\SearchScopes\{36D607DD-A50E-4BA4-A739-67557A819020}: "URL" = http://findgala.com/?&uid=5689&q={searchTerms}
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 71 more lines...

:Files
C:\Users\Utente\AppData\Local\Lollipop
C:\ProgramData\IBUpdaterService
C:\ProgramData\Browser Manager
C:\Windows\UDB.zip
C:\Windows\IDB.zip
C:\Users\Utente\AppData\Roaming\Babylon

:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command]
""=""%1" %*"

:commands
[purity]
[emptytemp]
[RESETHOSTS]
[EMPTYFLASH]
[Reboot]
Clicca per espandere...

Clicca sul bottone
2eejtxj.jpg

Aspetta le operazioni e il riavvio del pc.
Al ritorno posta il report che ti appare.

Poi segui questa guida
http://www.tomshw.it/forum/sicurezz...omputer-infetto-leggere-prima-di-postare.html
esegui AdwCleaner e posta il report post-eliminazione [S1].txt
 
ELIMINARE CLARO SEARCH

Ciao Tecnico 24 ti chiedo disperatamente di aiutarmi ad eliminare claro search...ho letto vari post a riguardo e ho
avviato otl,
ho ottenuto i 2 reports,
mi sono collegata a wikisend x l'upload dei files
ora cosa devo fare?
GRAZIE PER L'AIUTO!!!
 
Re: ELIMINARE CLARO SEARCH

luciana86 ha detto:
Ciao Tecnico 24 ti chiedo disperatamente di aiutarmi ad eliminare claro search...ho letto vari post a riguardo e ho
avviato otl,
ho ottenuto i 2 reports,
mi sono collegata a wikisend x l'upload dei files
ora cosa devo fare?
GRAZIE PER L'AIUTO!!!
Clicca per espandere...
Continuamo qui.
posta il link per scaricarli.
 
Re: ELIMINARE CLARO SEARCH

luciana86 ha detto:
Ciao Tecnico 24 questi sono i miei reports
ti posto anche i downloads:
Wikisend: free file sharing service
Wikisend: free file sharing service
Clicca per espandere...

Apri OTL
sotto il box custom scans/fixes
inserisci queste righe in grassetto

:Services

:OTL
PRC - C:\Documents and Settings\All Users\Documenti\AppData\PoApp\PService.exe (PService)
SRV - (SoftwareUpd) -- C:\Documents and Settings\cici\Impostazioni locali\Dati applicazioni\SoftwareUpdater\SoftwareUpdService.exe (SoftwareUpdService)
SRV - (PowerOffer Service) -- C:\Documents and Settings\cici\Impostazioni locali\Dati applicazioni\PosService\Pos.exe (PowerOfferService)
SRV - (ServUpdater) -- C:\Documents and Settings\cici\Impostazioni locali\Dati applicazioni\ServUpdater\ServiceUpd.exe (ServiceUpd)
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (WDICA) -- File not found
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Search
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://search.chatzum.com/?q={searchTerms}
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Search
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Search
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Search
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Search
IE - HKU\S-1-5-21-861567501-1004336348-839522115-1003\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=wbst&s={searchTerms}&f=4
IE - HKU\S-1-5-21-861567501-1004336348-839522115-1003\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.claro-search.com/?q={searchTerms}&affID=114506&tt=4812_4&babsrc=SP_clro&mntrId=701badbd000000000000002215cf26de
IE - HKU\S-1-5-21-861567501-1004336348-839522115-1003\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = http://search.chatzum.com/?q={SearchTerms}
IE - HKU\S-1-5-21-861567501-1004336348-839522115-1003\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2849853
IE - HKU\S-1-5-21-861567501-1004336348-839522115-1003\..\SearchScopes\{CD74B6A7-9831-49B8-8C8B-38D02AD86429}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&form=MS8TDF&pc=MS8TDF&src=IE-SearchBox
FF - prefs.js..browser.search.selectedEngine: "Cerca..."
FF - prefs.js..browser.startup.homepage: "http://search.findeer.com/"
FF - prefs.js..extensions.enabledAddons: crossriderapp5060@crossrider.com:0.85.36
FF - prefs.js..extensions.enabledAddons: {b64982b1-d112-42b5-b1e4-d3867c4533f8}:2.3.759.138
FF - prefs.js..extensions.enabledItems: emoticoons-toolbar@emoticoons.com:1.2
FF - prefs.js..network.proxy.type: 0
CHR - plugin: Conduit Chrome Plugin (Enabled) = C:\Documents and Settings\cici\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\gkjdegoaioeecahaflmobghfcihcdkpf\10.11.21.5_0\plugins/ConduitChromeApiPlugin.dll
CHR - plugin: Conduit Radio Plugin (Enabled) = C:\Documents and Settings\cici\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\gkjdegoaioeecahaflmobghfcihcdkpf\10.11.21.5_0\plugins/np-cwmp.dll
O4 - HKLM..\Run: [PosService] C:\Documents and Settings\All Users\Documenti\AppData\PoApp\PLauncher.exe (PLauncher)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programmi\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{23387030-FFE8-4134-B154-DA11795376C1}: NameServer = 176.31.229.24,176.31.229.25
[2012/11/03 12.24.10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\cici\Impostazioni locali\Dati applicazioni\ABBYY
[2012/10/13 10.02.26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\IBUpdaterService
[2012/10/08 12.37.35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\cici\Impostazioni locali\Dati applicazioni\PowerOffer
[2012/10/08 12.37.34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\cici\Impostazioni locali\Dati applicazioni\ServUpdater
[2012/10/08 12.37.34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\cici\Impostazioni locali\Dati applicazioni\PosService
[2012/10/08 10.09.45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\cici\Dati applicazioni\EmoticoonsToolbar
[2012/10/08 10.09.40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\cici\Impostazioni locali\Dati applicazioni\SoftwareUpdater
[2012/10/12 19.29.01 | 000,006,834 | ---- | M] () -- C:\Documents and Settings\cici\Impostazioni locali\Dati applicazioni\unins000.dat
[2012/10/12 19.28.58 | 000,715,038 | ---- | M] () -- C:\Documents and Settings\cici\Impostazioni locali\Dati applicazioni\unins000.exe
[2012/10/12 19.28.55 | 000,000,776 | ---- | M] () -- C:\WINDOWS\unins000.dat
[2012/10/12 19.28.44 | 000,716,318 | ---- | M] () -- C:\WINDOWS\unins000.exe
[2012/10/13 10.02.49 | 000,000,098 | ---- | M] () -- C:\user.js
[2012/11/13 19.40.44 | 000,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012/01/06 16.44.23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Babylon
[2012/10/08 12.55.59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\cici\Dati applicazioni\EmoticoonsToolbar
[2010/12/07 20.19.47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\cici\Dati applicazioni\facemoods.com

:Files
ipconfig /flushdns /c

:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command]
""=""%1" %*"

:commands
[purity]
[emptytemp]
[RESETHOSTS]
[EMPTYFLASH]
[start explorer]
[CLEARALLRESTOREPOINTS]
[Reboot]
Clicca per espandere...

Clicca su RUN FIX
aspetta le operazioni e il riavvio del computer
al ritorno posta il log che ti appare.

Esegui adwcleaner e posta il report post-eliminazione
http://www.tomshw.it/forum/sicurezz...omputer-infetto-leggere-prima-di-postare.html
 
All processes killed
========== SERVICES/DRIVERS ==========
========== OTL ==========
No active process named PService.exe was found!
Service SoftwareUpd stopped successfully!
Service SoftwareUpd deleted successfully!
File C:\Documents and Settings\cici\Impostazioni locali\Dati applicazioni\SoftwareUpdater\SoftwareUpdService.ex e not found.
Service PowerOffer Service stopped successfully!
Service PowerOffer Service deleted successfully!
C:\Documents and Settings\cici\Impostazioni locali\Dati applicazioni\PosService\Pos.exe moved successfully.
Service ServUpdater stopped successfully!
Service ServUpdater deleted successfully!
C:\Documents and Settings\cici\Impostazioni locali\Dati applicazioni\ServUpdater\ServiceUpd.exe moved successfully.
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
File File not found not found.
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
File File not found not found.
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
File File not found not found.
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
File File not found not found.
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
File File not found not found.
Service lbrtfdc stopped successfully!
Service lbrtfdc deleted successfully!
File File not found not found.
Service i2omgmt stopped successfully!
Service i2omgmt deleted successfully!
File File not found not found.
Service Changer stopped successfully!
Service Changer deleted successfully!
File File not found not found.
Service WDICA stopped successfully!
Service WDICA deleted successfully!
File File not found not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-861567501-1004336348-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0D7562AE-8EF6-416d-A838-AB665251703A}\ not found.
Registry key HKEY_USERS\S-1-5-21-861567501-1004336348-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_USERS\S-1-5-21-861567501-1004336348-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}\ not found.
Registry key HKEY_USERS\S-1-5-21-861567501-1004336348-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_USERS\S-1-5-21-861567501-1004336348-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{CD74B6A7-9831-49B8-8C8B-38D02AD86429}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CD74B6A7-9831-49B8-8C8B-38D02AD86429}\ not found.
Prefs.js: "Cerca..." removed from browser.search.selectedEngine
Prefs.js: "http://search.findeer.com/" removed from browser.startup.homepage
Prefs.js: crossriderapp5060@crossrider.com:0.85.36 removed from extensions.enabledAddons
Prefs.js: {b64982b1-d112-42b5-b1e4-d3867c4533f8}:2.3.759.138 removed from extensions.enabledAddons
Prefs.js: emoticoons-toolbar@emoticoons.com:1.2 removed from extensions.enabledItems
Prefs.js: 0 removed from network.proxy.type
File C:\Documents and Settings\cici\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\gkjdegoaioeecahaflmobghfci hcdkpf\10.11.21.5_0\plugins/ConduitChromeApiPlugin.dll not found.
File C:\Documents and Settings\cici\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\gkjdegoaioeecahaflmobghfci hcdkpf\10.11.21.5_0\plugins/np-cwmp.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\PosService deleted successfully.
C:\Documents and Settings\All Users\Documenti\AppData\PoApp\PLauncher.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully.
C:\Programmi\ConduitEngine\prxConduitEngine.dll moved successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfac es\{23387030-FFE8-4134-B154-DA11795376C1}\\NameServer| /E : value set successfully!
C:\Documents and Settings\cici\Impostazioni locali\Dati applicazioni\ABBYY\ScanManager\6.00 folder moved successfully.
C:\Documents and Settings\cici\Impostazioni locali\Dati applicazioni\ABBYY\ScanManager folder moved successfully.
C:\Documents and Settings\cici\Impostazioni locali\Dati applicazioni\ABBYY folder moved successfully.
C:\Documents and Settings\All Users\Dati applicazioni\IBUpdaterService folder moved successfully.
C:\Documents and Settings\cici\Impostazioni locali\Dati applicazioni\PowerOffer folder moved successfully.
C:\Documents and Settings\cici\Impostazioni locali\Dati applicazioni\ServUpdater\settings folder moved successfully.
C:\Documents and Settings\cici\Impostazioni locali\Dati applicazioni\ServUpdater folder moved successfully.
C:\Documents and Settings\cici\Impostazioni locali\Dati applicazioni\PosService\settings folder moved successfully.
C:\Documents and Settings\cici\Impostazioni locali\Dati applicazioni\PosService folder moved successfully.
C:\Documents and Settings\cici\Dati applicazioni\EmoticoonsToolbar folder moved successfully.
C:\Documents and Settings\cici\Impostazioni locali\Dati applicazioni\SoftwareUpdater\settings folder moved successfully.
C:\Documents and Settings\cici\Impostazioni locali\Dati applicazioni\SoftwareUpdater folder moved successfully.
C:\Documents and Settings\cici\Impostazioni locali\Dati applicazioni\unins000.dat moved successfully.
C:\Documents and Settings\cici\Impostazioni locali\Dati applicazioni\unins000.exe moved successfully.
C:\WINDOWS\unins000.dat moved successfully.
C:\WINDOWS\unins000.exe moved successfully.
C:\user.js moved successfully.
C:\WINDOWS\imsins.BAK moved successfully.
C:\Documents and Settings\All Users\Dati applicazioni\Babylon folder moved successfully.
Folder C:\Documents and Settings\cici\Dati applicazioni\EmoticoonsToolbar\ not found.
C:\Documents and Settings\cici\Dati applicazioni\facemoods.com\facemoods folder moved successfully.
C:\Documents and Settings\cici\Dati applicazioni\facemoods.com folder moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Configurazione IP di Windows
Svuotata la cache del resolver DNS.
C:\Documents and Settings\cici\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\cici\Desktop\cmd.txt deleted successfully.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\ open\command\\""|""%1" %*" /E : value set successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: All Users

User: cici
->Temp folder emptied: 153108776 bytes
->Temporary Internet Files folder emptied: 12317207 bytes
->FireFox cache emptied: 43958010 bytes
->Google Chrome cache emptied: 23930080 bytes
->Flash cache emptied: 17057 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 3345430 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 331 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 3615357 bytes
%systemroot%\System32 .tmp files removed: 2676037 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 20715595 bytes
RecycleBin emptied: 1167 bytes

Total Files Cleaned = 252,00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYFLASH]

User: Administrator

User: All Users

User: cici
->Flash cache emptied: 0 bytes

User: Default User

User: LocalService

User: NetworkService
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

Unable to stop System Restore Service. Error code 1717. Restore points not cleared.
Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.69.0 log created on 11292012_193130


Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.


PendingFileRenameOperations files...


Registry entries deleted on Reboot...
 
Pubblicità
Pubblicità
Indietro
Top