Condividi:        

DO-SEARCH..COME RIMUOVERLO?

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: m.paolo, kadosh, Luke57

DO-SEARCH..COME RIMUOVERLO?

Postdi thethunder » 29/11/13 01:07

Buongiorno a tutti...volevo sapere come fare per rimuovere " do-search".
Ho provato con Malware bytes e Super Antispyware ma niente.. :(
Grazie per l'aiuto e buona giornata.
thethunder
Utente Senior
 
Post: 104
Iscritto il: 12/08/06 10:13

Sponsor
 

Re: DO-SEARCH..COME RIMUOVERLO?

Postdi shel » 29/11/13 08:05

ciao prova a fare queste scansioni

scarica adwcleaner

clicca su scan e poi su ''clean'' conferma con OK le varie finestre che ti compariranno.

alla fine clicca su Report e allega il contenuto



Scarica OTL e salvalo sul desktop

Metti la spunta su SCAN ALL USERS.

Sotto output, metti la spunta su minimal output

Clicca sulla freccettina di File Age e seleziona 60 Days

Metti la spunta a LOP Check e Purity Check.

Clicca su RUN SCAN

Lascia fare la scansione senza interferire.

Al termine della scansione trovi due log sul desktop. OTL.txt ed Extras.txt, salvali e caricali su Wikisend,
shel
Utente Senior
 
Post: 1326
Iscritto il: 29/08/08 21:56

Re: DO-SEARCH..COME RIMUOVERLO?

Postdi thethunder » 29/11/13 10:29

Ciao...allego report di AdwCleaner e ho caricato i report di OTL su Wikisend..
Grazie per la disponibilità.

# AdwCleaner v3.013 - Report created 29/11/2013 at 10:23:56
# Updated 24/11/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Sarika - SARIKA-PC
# Running from : C:\Users\Sarika\Desktop\TOOLS\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16464


-\\ Mozilla Firefox v

[ File : C:\Users\Sarika\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js ]


[ File : C:\Users\Sarika\AppData\Roaming\Mozilla\Firefox\Profiles\[ofr2][opt]rs0\prefs.js ]


-\\ Google Chrome v31.0.1650.57

[ File : C:\Users\Sarika\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [25214 octets] - [28/11/2013 20:21:44]
AdwCleaner[R1].txt - [1174 octets] - [28/11/2013 20:27:31]
AdwCleaner[R2].txt - [1239 octets] - [28/11/2013 22:08:54]
AdwCleaner[R3].txt - [1233 octets] - [29/11/2013 00:23:05]
AdwCleaner[R4].txt - [1158 octets] - [29/11/2013 10:23:56]
AdwCleaner[S0].txt - [24726 octets] - [28/11/2013 20:23:57]
AdwCleaner[S1].txt - [1302 octets] - [28/11/2013 22:09:56]
AdwCleaner[S2].txt - [1297 octets] - [29/11/2013 00:23:53]

########## EOF - C:\AdwCleaner\AdwCleaner[R4].txt - [1399 octets] ##########
thethunder
Utente Senior
 
Post: 104
Iscritto il: 12/08/06 10:13

Re: DO-SEARCH..COME RIMUOVERLO?

Postdi shel » 29/11/13 10:48

quando finisce la scansione adwcleaner devi cliccare clean e poi su su report

ho caricato i report di OTL su Wikisend..


io non lo vedo
shel
Utente Senior
 
Post: 1326
Iscritto il: 29/08/08 21:56

Re: DO-SEARCH..COME RIMUOVERLO?

Postdi thethunder » 29/11/13 11:14

ok...allego report ADW CEANER dopo aver cancellato file..
adesso invio nuovamente i log di OTL su WIKISEND.
Grazie

# AdwCleaner v3.013 - Report created 29/11/2013 at 11:09:37
# Updated 24/11/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Sarika - SARIKA-PC
# Running from : C:\Users\Sarika\Desktop\TOOLS\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16464


-\\ Mozilla Firefox v

[ File : C:\Users\Sarika\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js ]


[ File : C:\Users\Sarika\AppData\Roaming\Mozilla\Firefox\Profiles\[ofr2][opt]rs0\prefs.js ]


-\\ Google Chrome v31.0.1650.57

[ File : C:\Users\Sarika\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [25214 octets] - [28/11/2013 20:21:44]
AdwCleaner[R1].txt - [1174 octets] - [28/11/2013 20:27:31]
AdwCleaner[R2].txt - [1239 octets] - [28/11/2013 22:08:54]
AdwCleaner[R3].txt - [1233 octets] - [29/11/2013 00:23:05]
AdwCleaner[R4].txt - [1479 octets] - [29/11/2013 10:23:56]
AdwCleaner[R5].txt - [1539 octets] - [29/11/2013 11:08:48]
AdwCleaner[S0].txt - [24726 octets] - [28/11/2013 20:23:57]
AdwCleaner[S1].txt - [1302 octets] - [28/11/2013 22:09:56]
AdwCleaner[S2].txt - [1297 octets] - [29/11/2013 00:23:53]
AdwCleaner[S3].txt - [1462 octets] - [29/11/2013 11:09:37]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1522 octets] ##########
thethunder
Utente Senior
 
Post: 104
Iscritto il: 12/08/06 10:13

Re: DO-SEARCH..COME RIMUOVERLO?

Postdi thethunder » 29/11/13 11:18

thethunder
Utente Senior
 
Post: 104
Iscritto il: 12/08/06 10:13

Re: DO-SEARCH..COME RIMUOVERLO?

Postdi shel » 29/11/13 11:48

apri otl e copia questo codice nel box bianco del programma poi premi RUX FIX e allega il log che rilascia a fine scansione



Codice: Seleziona tutto
:OTL
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://do-search.com/?type=hp&ts=1385311456&from=tugs&uid=WDCXWD7500BPVT-80HXZT3_WD-WXG1E51TXS32TXS32
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://do-search.com/web/?type=ds&ts=1385311456&from=tugs&uid=WDCXWD7500BPVT-80HXZT3_WD-WXG1E51TXS32TXS32&q={searchTerms}
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://do-search.com/web/?type=ds&ts=1385311456&from=tugs&uid=WDCXWD7500BPVT-80HXZT3_WD-WXG1E51TXS32TXS32&q={searchTerms}
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://do-search.com/?type=hp&ts=1385311456&from=tugs&uid=WDCXWD7500BPVT-80HXZT3_WD-WXG1E51TXS32TXS32
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
[2012/06/20 13:08:21 | 000,159,744 | ---- | C] () -- C:\Windows\SysWow64\fazgbahc.dat
@Alternate Data Stream - 24 bytes -> C:\Windows:866080B12FBFB049
@Alternate Data Stream - 194 bytes -> C:\ProgramData\Temp:8927A071
@Alternate Data Stream - 131 bytes -> C:\ProgramData\Temp:DCADFB80

:Files
ipconfig /flushdns /c

:commands
[purity]
[emptytemp]
[RESETHOSTS]
[start explorer]
[CLEARALLRESTOREPOINTS]
[Reboot]
shel
Utente Senior
 
Post: 1326
Iscritto il: 29/08/08 21:56

Re: DO-SEARCH..COME RIMUOVERLO?

Postdi thethunder » 29/11/13 12:31

Fatto....allego il report di OTL.
Grazie

All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ deleted successfully.
C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll moved successfully.
C:\Windows\SysWOW64\fazgbahc.dat moved successfully.
ADS C:\Windows:866080B12FBFB049 deleted successfully.
ADS C:\ProgramData\Temp:8927A071 deleted successfully.
ADS C:\ProgramData\Temp:DCADFB80 deleted successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Configurazione IP di Windows
Cache del resolver DNS svuotata.
C:\Users\Sarika\Desktop\cmd.bat deleted successfully.
C:\Users\Sarika\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: AppData

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: Sarika
->Temp folder emptied: 6312559 bytes
->Temporary Internet Files folder emptied: 1008161 bytes
->Java cache emptied: 6219918 bytes
->Google Chrome cache emptied: 151426909 bytes
->Flash cache emptied: 541 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 506996 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67941 bytes
RecycleBin emptied: 3121711 bytes

Total Files Cleaned = 161,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.69.0 log created on 11292013_122542

Files\Folders moved on Reboot...
C:\Users\Sarika\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
thethunder
Utente Senior
 
Post: 104
Iscritto il: 12/08/06 10:13

Re: DO-SEARCH..COME RIMUOVERLO?

Postdi shel » 29/11/13 12:42

vedi ancora do-search ?
shel
Utente Senior
 
Post: 1326
Iscritto il: 29/08/08 21:56

Re: DO-SEARCH..COME RIMUOVERLO?

Postdi thethunder » 29/11/13 15:03

si,lo vedo ancora..si apre quando apro Google.. :cry:
thethunder
Utente Senior
 
Post: 104
Iscritto il: 12/08/06 10:13

Re: DO-SEARCH..COME RIMUOVERLO?

Postdi shel » 29/11/13 18:02

Disattiva temporaneamente l'antivirus

scarica Junkware Removal Tool
clicca sull'icona di JRT e attendi pazientemente la fine della scansione
Una volta terminata dovrebbe aprirsi il log sul desktop come JRT.txt

riesegui anche una nuova scansione con otl

allega i rapporti
shel
Utente Senior
 
Post: 1326
Iscritto il: 29/08/08 21:56

Re: DO-SEARCH..COME RIMUOVERLO?

Postdi thethunder » 29/11/13 22:34

Ok,grazie..
Fatto nuova scansione con OTL ma mi ha rilasciato un solo rapporto che allego.

http://wikisend.com/download/310192/OTL.Txt

Allego di seguito report JRT
Grazie.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by Sarika on 29/11/2013 at 22:04:30,31
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Bar



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-190520634-3373757380-1744416852-1001\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-190520634-3373757380-1744416852-1001\Software\wajam
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011441179}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011441179}



~~~ Files

Successfully deleted: [File] "C:\Windows\Tasks\wise registry cleaner schedule task.job"
Successfully deleted: [File] "C:\chromehplog.txt"



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{01F34CB3-F1F8-4691-BE0E-227D78E68DD7}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{02C3DE38-1A9A-4414-86AA-1F2DE7B919FF}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{0DCB7FD5-1DA7-48D4-BA16-AE79EB5E1ECD}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{0F7D9BF4-F2A2-4D04-B726-DA791E216292}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{0F9BFAD8-E7A4-4946-AEF8-62D2B5E43782}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{10685E72-3875-4E6A-BB2B-18E0002009E9}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{12ADE02E-0D53-4FE5-BBD4-D99F15316D84}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{12BF00AD-3449-4820-A2A6-E25C8DFAC43C}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{15D17BBF-3791-4AD9-9028-91D82B9A23FD}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{1680E01C-B095-426D-A097-3D1002DFAB0F}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{16B5D4DC-5FC2-4D95-89E0-7BA36260F620}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{18328749-A1A9-4C82-B793-B3F10B183D42}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{1C6671DF-8C65-4D87-8486-40DD48066F2E}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{205516EC-7A3A-4EF7-A330-2AA92074B3DB}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{23F52063-8C18-484D-B311-2AC35A201D03}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{26A10201-2754-445D-904B-8CF6C3CE8A31}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{27A186AD-BB53-424A-9B15-32E502A05C37}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{27D9C735-A00F-4622-85AE-E2236E9BB5AB}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{29649005-6222-47DD-A0B1-A71F7C958B4C}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{2BFACA67-4D5B-497D-B275-4171EEC4EB11}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{2C644157-492E-4918-8A2C-65C2FAAC467D}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{2EE7764D-8AC8-455F-B6CA-7CE96F9FC41E}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{316BF3ED-787A-469B-8193-471871BE6ECB}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{34FEFEF2-C409-4D38-9123-29D5A4E4694B}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{37C7A495-6DE1-4696-8F3B-A6A4D9CB37C3}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{39D603A4-081F-4EFB-89BE-458FB36D8E3E}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{3B3579FC-B8F0-4E25-9B3D-4D9AA47B8B9A}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{3B5A6E51-DFBD-4811-833F-86AE883012EF}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{3C052E35-B0B6-4E3B-B6C3-0FB55933B473}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{3E2A385A-5ECB-4105-83A4-F20E1FBB2D27}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{409FA8D3-E7C4-48B5-911C-99CFE28466F5}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{411F9EAD-957E-41C7-8594-0E9DAB79AA35}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{43518646-C3F4-4E0D-A2D8-636174F78222}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{46E72189-AD07-40D5-A59F-5F74B6C3F66D}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{47DE20B2-3A3A-497D-8A5D-155F189B50EA}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{48D39476-EAA0-4176-8CE6-F52D6EA7795B}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{49219BAF-7BC0-4982-8730-19DFB91331FF}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{49AF7193-55E4-43CC-AB2A-F2D355BE043D}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{4ADB619D-F530-4303-BE3C-32CB07E7A74D}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{4F25228B-3707-4880-A916-9385CCC8FCD2}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{574758A4-C86C-4656-865F-96F916968BBD}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{595BD03B-AD00-402B-AAA8-1083FCAC6120}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{5DD3141F-CCAF-4C64-B69C-B8CC2F056BD9}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{5EE16950-A8DD-4FE8-A053-39E9A6F12337}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{63191C83-C7F0-4611-9F4C-1E9968F88739}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{63D3BDB0-7E12-4349-A287-3DC6D24A7217}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{647E3FBB-AB51-4374-A391-D84EB5F75E7B}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{674E24FA-2EB1-4A30-AF9E-0BC50B1C0736}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{68BC3EDB-1688-4AD2-91DA-49B0DD045732}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{68C01F33-EC29-41FB-838F-43D1F4E9A2A3}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{6C212870-FC4C-43DD-9A7E-499BC66F5560}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{6E12DFEA-0706-405B-87E6-BE74D36C157D}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{75AA8ED8-9466-4ABE-9141-8F2A5E3B3E2A}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{7792BF85-4106-4472-B362-32A7CA8DF081}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{78A3B0CE-B5BF-454C-AC6E-BF5D4E422434}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{7959881A-3969-4513-898B-3427B2671DDF}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{79AADCA6-18AD-47D5-A468-3FD4EA7ED9F1}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{80014CA6-B16D-4C0A-AA0F-8B45D3F80684}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{817BE017-D3DB-4866-B552-2384D654A19B}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{83CA7D29-0A2D-4EE2-AE78-7F7DDC2221C7}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{843DF16C-B264-4525-A566-143935B168E0}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{8A682F07-198D-46CA-A584-09DCE95BEFAE}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{90CEC569-C7E6-44F8-A4FF-A524714C4FFE}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{91260E9E-7166-4DEE-A560-9B2EF28623E5}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{913DD981-442D-43DE-88C9-6341C0E13DD5}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{917C3F81-0BE5-48EA-A66D-0F80000911C6}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{921E3A31-D2B7-40B6-AC4B-30D60DAE8E72}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{924281E6-B3D0-4AA1-B1AF-7A6DF2EEDBCC}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{92B01540-6430-4771-A317-A79C2796C74C}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{932DB689-5F88-4EA0-AAC9-64298B9D1266}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{945FA63C-ECC4-404D-89AE-CC93635A546A}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{97267878-D89A-459F-B81C-BCF8673452DF}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{98121910-0D58-4886-AF5E-71AD035E215A}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{9AD0BE7B-9CCC-4B7E-9D2A-5A6CEE6B2EFD}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{9DAD2EEF-CC4E-4AAA-A70C-2B57E50797A2}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{9EE4A130-ED20-44F0-88BE-DEE0303ADAF3}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{9F98512A-32C2-4B0A-9151-28D9B0268747}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{A19F645D-4269-47C6-920E-083377FEAD97}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{A57518F6-E154-40B7-AF68-77279E507503}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{A615235B-57AE-4230-A6E7-C6E334D52D5F}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{A7680904-9CCA-459A-8BCE-7F92585F8BEA}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{A7FCB2AD-E87F-47DE-8DD1-FC8364EDB20D}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{A9E5CF9B-1D25-45A7-83E8-1E1EBEBC25D9}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{AA622531-8CF8-4016-84FA-BB2590E08E1F}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{AB06D2C3-1E3B-4218-9CED-7340C46A5393}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{AF33C2E1-96B8-49F7-88BB-FE2DB405D207}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{AFD5272F-BF14-4C4C-BB28-046A8A7C2C90}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{AFEB676B-36BF-4C6D-A2B1-A71F117556D1}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{B04382A3-04D2-4B16-9A0F-165C79DC6F86}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{B081288A-BA01-4B6C-9547-D5905CAF049A}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{B0AF0358-4AE3-4FB1-A7AE-389E6AC6024A}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{B74A14C5-B01A-487D-AFFD-9AE18C566EC4}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{B7C59D0B-39C1-4653-897E-FA33E0D0A775}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{B8682A69-F05E-4F33-938E-AD82B8AF50D3}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{B9696648-F7A2-4243-8443-3E7CA3326D2B}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{BBA0A542-40F4-4BDD-8DD1-C1E1F5FD2E23}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{BE89C4F8-B5F6-495A-9923-060D2A6987C7}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{C2F936DB-A436-4D86-8CEC-BD737B2B448B}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{C403DF7E-803A-4102-A9FB-6ACC44D742F5}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{C4BA232A-AB05-433C-8388-1A9C29A7F676}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{C6CAE7E9-98C2-45A2-91EB-2045761D2573}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{C7901F3D-4B0F-4508-829A-A4384F2C641D}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{CAD4A25F-27B4-4D7A-8960-9EA5643297DA}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{CAFE7DA8-307E-4CC0-B63C-2B665CF228AB}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{CF7F5341-443D-4550-A220-FA4808130B73}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{CFBEDC5B-5FA0-45C7-A458-A64823B97E8D}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{D1762498-7EE4-4CC3-A53D-E0476C2A8DE1}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{D1B35772-02CE-4ADF-B1FF-CB572A6C8595}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{D220F315-FCF3-4D39-A22C-39985B6D2D30}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{D396A0C0-FF64-45CD-84B1-1595FCBC4ADC}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{D3AA94E8-04C5-4828-B415-C3C308FEE2A0}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{D41F826A-F481-422F-A2EB-38717C822410}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{DDAC2246-4D9B-425A-86EF-232DEF72510B}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{DDC26DDA-D93D-4DFC-8B6A-FAB01CDD48F9}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{E5BC4A75-90BE-46D5-ADF3-6BAF860F4543}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{E88B02D3-CC27-4DF6-A5B1-E40195CEE591}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{E9070CF4-1AF7-42F2-AA49-9F3C6040DD80}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{ED37E4D2-14FA-45BB-B9E9-B1074CEA1604}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{EDA15A18-A861-461A-8CD0-66DEFA5EB646}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{F04FA240-71A9-4238-947E-B0E6EA350CD4}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{F055C9D1-53CF-4900-B0A8-F810419131F4}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{F68B4283-6B97-49A6-AAE9-EDE82522CB42}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{F7869F2D-E1F6-455C-9C00-8D6AD913E5F6}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{F992FE4C-1E88-4661-807F-9D38BF155ECD}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{FAE0FF21-6ADA-4B58-A0A5-49D4F529723F}
Successfully deleted: [Empty Folder] C:\Users\Sarika\appdata\local\{FFC36996-DC27-457B-928A-04376AE6E964}



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 29/11/2013 at 22:11:09,35
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
thethunder
Utente Senior
 
Post: 104
Iscritto il: 12/08/06 10:13

Re: DO-SEARCH..COME RIMUOVERLO?

Postdi shel » 29/11/13 22:45

Bene

ora riesegui otl e allega il nuovo log, attento a non confonderlo con i precedenti
shel
Utente Senior
 
Post: 1326
Iscritto il: 29/08/08 21:56

Re: DO-SEARCH..COME RIMUOVERLO?

Postdi thethunder » 29/11/13 22:58

Fatto...nuovo report OTL
Grazie

http://wikisend.com/download/232252/otl.txt
thethunder
Utente Senior
 
Post: 104
Iscritto il: 12/08/06 10:13

Re: DO-SEARCH..COME RIMUOVERLO?

Postdi shel » 30/11/13 20:32

apri otl e copia questo codice, poi premi run fix riavvia il pc e allega il log che rilascia






Codice: Seleziona tutto
:OTL
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://do-search.com/?type=hp&ts=1385311456&from=tugs&uid=WDCXWD7500BPVT-80HXZT3_WD-WXG1E51TXS32TXS32
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://do-search.com/web/?type=ds&ts=1385311456&from=tugs&uid=WDCXWD7500BPVT-80HXZT3_WD-WXG1E51TXS32TXS32&q={searchTerms}
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://do-search.com/web/?type=ds&ts=1385311456&from=tugs&uid=WDCXWD7500BPVT-80HXZT3_WD-WXG1E51TXS32TXS32&q={searchTerms}
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://do-search.com/?type=hp&ts=1385311456&from=tugs&uid=WDCXWD7500BPVT-80HXZT3_WD-WXG1E51TXS32TXS32
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

:Files
ipconfig /flushdns /c

:commands
[purity]
[Reboot]
shel
Utente Senior
 
Post: 1326
Iscritto il: 29/08/08 21:56

Re: DO-SEARCH..COME RIMUOVERLO?

Postdi thethunder » 01/12/13 00:02

Ciao Shel...brutte notizie..ho acceso il pc stasera per vedere se mi avevi risposto e appena ho aperto Google che si apre sempre con Do-Search, sono apparse pagine pubblicitarie mai viste prima e poi mi è comparsa una notifica di Avast dicendomi che non ero protetto.Allora ho chiuso Google per vedere il problema e riattivando l'antivirus mi sono ritrovato il desktop invaso di foto di album che non conosco:
AlbumArt_{7230976C-7AD6-4190-84CB-62B09A4F9476}_Large ( questa è la dicitura ).
Poi anche due immagini con la ruota dentata con scritto "desktop.ini". Per non sbagliare ho creato una cartella sul desk e ho messo tutto li anche se mentre le spostavo una finestra mi avvisava che se le spostavo potevo compromettere il sistema.
A questo punto ho pensato bene di rifare tutte le scansioni che mi hai chiesto per cui ti allego i report.
Per OTL solo "OTL.txt" ma manca Extras.
Cosa è successo?
Grazie e buona domenica.

http://wikisend.com/download/113580/AdwCleaner[S4].txt
http://wikisend.com/download/452626/OTL.Txt
thethunder
Utente Senior
 
Post: 104
Iscritto il: 12/08/06 10:13

Re: DO-SEARCH..COME RIMUOVERLO?

Postdi shel » 01/12/13 01:55

Ciao Shel...brutte notizie..ho acceso il pc stasera per vedere se mi avevi risposto e appena ho aperto Google che si apre sempre con Do-Search


se non elimini quelle porcherie sarai invaso da pagine ed altro

esegui quello script con le istruzioni che ti ho dato, una volta terminato nella cartella C:\_OTL\MovedFiles\ verrà creato un log tipo ggMMaaaa_hhmmss.log che dovrai allegare dopodiche' apri nuovamente otl e clicca su cleanup, dovrebbero andasene anche quei desktop.ini


Fai anche una scansione con malwarebytes
Aggiornalo: clicca sulla scheda "aggiornamenti" => "controlla aggiornamenti"
Esegui una "scansione completa" (seleziona l'opzione)
A scansione completa, fai clic su OK => Mostra i Risultati.
Assicurarti che tutto sia selezionato e clicca clic su Rimuovi selezionati.
Se ti chiede di riavviare, riavvia per completare il processo di pulizia.
Posta il rapporto .
shel
Utente Senior
 
Post: 1326
Iscritto il: 29/08/08 21:56

Re: DO-SEARCH..COME RIMUOVERLO?

Postdi quizface » 01/12/13 11:01

Molti hanno risolto con la risposta di Robert A Boyd Level 5 su questo gruppo https://groups.google.com/forum/#!topic ... uGoXqgmhlQ
In pratica con Adwcleaner
Sono anche spiegate pero' altre soluzioni.
Se non siete sicuri di quello che scrivete, non scrivete niente, nessuno vi obbliga ed eviterete di confondere chi gia' e' confuso. Ciao..ciao
Avatar utente
quizface
Utente Senior
 
Post: 15071
Iscritto il: 03/10/04 00:36

Re: DO-SEARCH..COME RIMUOVERLO?

Postdi thethunder » 01/12/13 12:40

Ciao Shel..allego i report come mi hai chiesto..
Buona domenica.
Grazie

========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
========== FILES ==========
< ipconfig /flushdns /c >
Configurazione IP di Windows
Cache del resolver DNS svuotata.
C:\Users\Sarika\Desktop\cmd.bat deleted successfully.
C:\Users\Sarika\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

OTL by OldTimer - Version 3.2.69.0 log created on 12012013_100311


Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Versione database: v2013.12.01.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Sarika :: SARIKA-PC [amministratore]



01/12/2013 10:04:17
mbam-log-2013-12-01 (10-04-17).txt

Tipo di scansione: Scansione completa (C:\|D:\|Q:\|)
Opzioni di scansione attive: Memoria | Esecuzione automatica | Registro | File di sistema | Euristica/Extra | Euristica/Shuriken | PUP | PUM
Opzioni di scansione disattivate: P2P
Elementi esaminati: 581172
Tempo impiegato: 1 ore, 51 minuti, 2 secondi

Processi rilevati in memoria: 0
(non sono stati rilevati elementi nocivi)

Moduli di memoria rilevati: 0
(non sono stati rilevati elementi nocivi)

Chiavi di registro rilevate: 0
(non sono stati rilevati elementi nocivi)

Valori di registro rilevati: 0
(non sono stati rilevati elementi nocivi)

Voci rilevate nei dati di registro: 0
(non sono stati rilevati elementi nocivi)

Cartelle rilevate: 9
C:\Program Files (x86)\SaveSenseLive (PUP.Optional.SaveSense) -> Spostato in quarantena ed eliminato con successo.
C:\Program Files (x86)\SaveSenseLive\CrashReports (PUP.Optional.SaveSense) -> Spostato in quarantena ed eliminato con successo.
C:\Program Files (x86)\SaveSenseLive\Update (PUP.Optional.SaveSense) -> Spostato in quarantena ed eliminato con successo.
C:\Program Files (x86)\SaveSenseLive\Update\Download (PUP.Optional.SaveSense) -> Spostato in quarantena ed eliminato con successo.
C:\Program Files (x86)\SaveSenseLive\Update\Install (PUP.Optional.SaveSense) -> Spostato in quarantena ed eliminato con successo.
C:\ProgramData\SaveSenseLive (PUP.Optional.SaveSense) -> Spostato in quarantena ed eliminato con successo.
C:\ProgramData\SaveSenseLive\Update (PUP.Optional.SaveSense) -> Spostato in quarantena ed eliminato con successo.
C:\ProgramData\SaveSenseLive\Update\Log (PUP.Optional.SaveSense) -> Spostato in quarantena ed eliminato con successo.
C:\Users\Sarika\AppData\Roaming\SaveSense (PUP.Optional.SaveSense) -> Spostato in quarantena ed eliminato con successo.

File rilevati: 13
C:\Program Files\AutoCAD 2009\CURA x64(64bit) + x86(32bit)\x86Keygen.exe (RiskWare.Tool.HCK) -> Spostato in quarantena ed eliminato con successo.
C:\Program Files (x86)\SecurityXploded\FacebookPasswordDecryptor\FacebookPasswordDecryptor.exe (PUP.Hacktool.PasswordViewer) -> Spostato in quarantena ed eliminato con successo.
C:\Users\Sarika\AppData\Local\Google\Chrome\User Data\Default\File System\002\t\00\00000000 (PUP.Optional.Installrex) -> Spostato in quarantena ed eliminato con successo.
C:\Users\Sarika\AppData\Local\Google\Chrome\User Data\Default\File System\003\t\00\00000000 (PUP.Optional.OneClickDownloader.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\Sarika\AppData\Local\Google\Chrome\User Data\Default\File System\004\t\00\00000000 (PUP.Optional.OneClickDownloader.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\Sarika\AppData\Local\Google\Chrome\User Data\Default\File System\006\t\00\00000000 (PUP.Optional.OneClickDownloader.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\Sarika\AppData\Local\Google\Chrome\User Data\Default\File System\006\t\00\00000001 (PUP.Optional.OneClickDownloader.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\Sarika\AppData\Local\Google\Chrome\User Data\Default\File System\006\t\00\00000002 (PUP.Optional.OneClickDownloader.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\Sarika\AppData\Local\Google\Chrome\User Data\Default\File System\006\t\00\00000003 (PUP.Optional.OneClickDownloader.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\Sarika\AppData\Local\Google\Chrome\User Data\Default\File System\006\t\00\00000004 (PUP.Optional.OneClickDownloader.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\Sarika\Desktop\uni 5\Autodesk AutoCAD 2008 Ita\Crack\AutoCAD-2008-keygen.exe (RiskWare.Tool.CK) -> Spostato in quarantena ed eliminato con successo.
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\wajam_update[1].exe (PUP.Optional.Wajam) -> Spostato in quarantena ed eliminato con successo.
C:\ProgramData\SaveSenseLive\Update\Log\SaveSenseLive.log (PUP.Optional.SaveSense) -> Spostato in quarantena ed eliminato con successo.

(fine)
thethunder
Utente Senior
 
Post: 104
Iscritto il: 12/08/06 10:13

Re: DO-SEARCH..COME RIMUOVERLO?

Postdi shel » 01/12/13 13:06

hai allegerito il pc da quella porcheria

hai sempre gli stessi problemi??
shel
Utente Senior
 
Post: 1326
Iscritto il: 29/08/08 21:56

Prossimo

Torna a Sicurezza e Privacy


Topic correlati a "DO-SEARCH..COME RIMUOVERLO?":


Chi c’è in linea

Visitano il forum: Nessuno e 33 ospiti