Visualizzazione dei risultati da 1 a 10 su 10

Discussione: v9 .com

  1. #1
    Utente di HTML.it
    Registrato dal
    Nov 2006
    Messaggi
    285

    v9 .com

    Salve a tutti come posso rimuovere questo fastidioso virus? Grazie

  2. #2
    Utente di HTML.it
    Registrato dal
    Sep 2011
    Messaggi
    85
    da' una pulitina con Junkware Removal Tool

    poi scarica sul desktop OTL

    Metti la spunta su SCAN ALL USERS.
    Sotto output spunta minimal output

    in File Age seleziona 60 Days
    Metti la spunta a LOP Check and Purity Check.

    premi RUN SCAN e allega i due log (OTL.txt e Extras.txt).

  3. #3
    Utente di HTML.it
    Registrato dal
    Nov 2006
    Messaggi
    285
    Originariamente inviato da friedr
    da' una pulitina con Junkware Removal Tool

    poi scarica sul desktop OTL

    Metti la spunta su SCAN ALL USERS.
    Sotto output spunta minimal output

    in File Age seleziona 60 Days
    Metti la spunta a LOP Check and Purity Check.

    premi RUN SCAN e allega i due log (OTL.txt e Extras.txt).
    OTL.Txt
    Extras.Txt

  4. #4
    Utente di HTML.it
    Registrato dal
    Sep 2011
    Messaggi
    85
    apri OTL, e copia/incolla nel box bianco il seguente codice:

    :OTL
    PRC - C:\Users\utente\AppData\Local\tuto4pc_it_8\upt4pc_ it_8.exe
    PRC - C:\Users\Public\Documents\Application\CurrentFile\ ssadp.exe (ssadp)
    MOD - C:\Users\utente\AppData\Local\tuto4pc_it_8\upt4pc_ it_8.exe
    SRV - (LiveUpSC) -- C:\Users\utente\AppData\Local\SoftwareUpdater\Soft wareUpdService.exe (SoftwareUpdService)
    SRV - (SsupdService) -- C:\Users\utente\AppData\Local\ssupd\ssupd.exe (SsupdService)
    SRV - (SsroService) -- C:\Users\utente\AppData\Local\ServiceManager\ssro. exe (SsroService)
    DRV - (esgiguard) -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys File not found
    IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
    IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensi ons\\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}: C:\Program Files\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi
    O4 - HKLM..\Run: [SsroService] C:\Users\Public\Documents\Application\CurrentFile\ ssadl.exe (ssadl)
    O4 - HKLM..\RunOnce: [upt4pc_it_8.exe] C:\Users\utente\AppData\Local\tuto4pc_it_8\upt4pc_ it_8.exe ()
    [2013/08/23 21:05:04 | 000,000,000 | ---D | C] -- C:\Program Files\Pricora 4.1
    [2013/07/23 08:45:40 | 000,000,000 | ---D | C] -- C:\Program Files\tuto4pc_it_8
    @Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:373E1720

    :Files
    C:\Program Files\Pricora 4.1
    C:\Program Files\tuto4pc_it_8
    ipconfig /flushdns /c

    :reg
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\ open\command]
    ""=""%1" %*"

    :commands
    [purity]
    [emptytemp]
    [Emptyjava]
    [RESETHOSTS]
    [EMPTYFLASH]
    [start explorer]
    [Reboot]

    .....premi RUN FIX , e posta il log.

    poi esegui anche una scansione COMPLETA con Malwarebytes (aggiornato) ed elimina tutto quello che trova.

    in più, allega un log di Adwcleaner:
    clicca su SCAN, poi su REPORT e posta il log.

  5. #5
    Utente di HTML.it
    Registrato dal
    Nov 2006
    Messaggi
    285
    Originariamente inviato da friedr
    apri OTL, e copia/incolla nel box bianco il seguente codice:

    :OTL
    PRC - C:\Users\utente\AppData\Local\tuto4pc_it_8\upt4pc_ it_8.exe
    PRC - C:\Users\Public\Documents\Application\CurrentFile\ ssadp.exe (ssadp)
    MOD - C:\Users\utente\AppData\Local\tuto4pc_it_8\upt4pc_ it_8.exe
    SRV - (LiveUpSC) -- C:\Users\utente\AppData\Local\SoftwareUpdater\Soft wareUpdService.exe (SoftwareUpdService)
    SRV - (SsupdService) -- C:\Users\utente\AppData\Local\ssupd\ssupd.exe (SsupdService)
    SRV - (SsroService) -- C:\Users\utente\AppData\Local\ServiceManager\ssro. exe (SsroService)
    DRV - (esgiguard) -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys File not found
    IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
    IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensi ons\\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}: C:\Program Files\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi
    O4 - HKLM..\Run: [SsroService] C:\Users\Public\Documents\Application\CurrentFile\ ssadl.exe (ssadl)
    O4 - HKLM..\RunOnce: [upt4pc_it_8.exe] C:\Users\utente\AppData\Local\tuto4pc_it_8\upt4pc_ it_8.exe ()
    [2013/08/23 21:05:04 | 000,000,000 | ---D | C] -- C:\Program Files\Pricora 4.1
    [2013/07/23 08:45:40 | 000,000,000 | ---D | C] -- C:\Program Files\tuto4pc_it_8
    @Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:373E1720

    :Files
    C:\Program Files\Pricora 4.1
    C:\Program Files\tuto4pc_it_8
    ipconfig /flushdns /c

    :reg
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\ open\command]
    ""=""%1" %*"

    :commands
    [purity]
    [emptytemp]
    [Emptyjava]
    [RESETHOSTS]
    [EMPTYFLASH]
    [start explorer]
    [Reboot]

    .....premi RUN FIX , e posta il log.

    poi esegui anche una scansione COMPLETA con Malwarebytes (aggiornato) ed elimina tutto quello che trova.

    in più, allega un log di Adwcleaner:
    clicca su SCAN, poi su REPORT e posta il log.
    All processes killed
    Error: Unable to interpret <PRC - C:\Users\utente\AppData\Local\tuto4pc_it_8\upt4pc_ it_8.exe> in the current context!
    Error: Unable to interpret <PRC - C:\Users\Public\Documents\Application\CurrentFile\ ssadp.exe (ssadp)> in the current context!
    Error: Unable to interpret <MOD - C:\Users\utente\AppData\Local\tuto4pc_it_8\upt4pc_ it_8.exe> in the current context!
    Error: Unable to interpret <SRV - (LiveUpSC) -- C:\Users\utente\AppData\Local\SoftwareUpdater\Soft wareUpdService.exe (SoftwareUpdService)> in the current context!
    Error: Unable to interpret <SRV - (SsupdService) -- C:\Users\utente\AppData\Local\ssupd\ssupd.exe (SsupdService)> in the current context!
    Error: Unable to interpret <SRV - (SsroService) -- C:\Users\utente\AppData\Local\ServiceManager\ssro. exe (SsroService)> in the current context!
    Error: Unable to interpret <DRV - (esgiguard) -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys File not found> in the current context!
    Error: Unable to interpret <IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com> in the current context!
    Error: Unable to interpret <IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com> in the current context!
    Error: Unable to interpret <FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensi ons\\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}: C:\Program Files\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi> in the current context!
    Error: Unable to interpret <O4 - HKLM..\Run: [SsroService] C:\Users\Public\Documents\Application\CurrentFile\ ssadl.exe (ssadl)> in the current context!
    Error: Unable to interpret <O4 - HKLM..\RunOnce: [upt4pc_it_8.exe] C:\Users\utente\AppData\Local\tuto4pc_it_8\upt4pc_ it_8.exe ()> in the current context!
    Error: Unable to interpret <[2013/08/23 21:05:04 | 000,000,000 | ---D | C] -- C:\Program Files\Pricora 4.1> in the current context!
    Error: Unable to interpret <[2013/07/23 08:45:40 | 000,000,000 | ---D | C] -- C:\Program Files\tuto4pc_it_8> in the current context!
    Error: Unable to interpret <@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:373E1720> in the current context!
    ========== FILES ==========
    File\Folder C:\Program Files\Pricora 4.1 not found.
    File\Folder C:\Program Files\tuto4pc_it_8 not found.
    < ipconfig /flushdns /c >
    Configurazione IP di Windows
    Cache del resolver DNS svuotata.
    C:\Users\utente\Downloads\cmd.bat deleted successfully.
    C:\Users\utente\Downloads\cmd.txt deleted successfully.
    ========== REGISTRY ==========
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\ open\command\\""|""%1" %*" /E : value set successfully!
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Public
    ->Temp folder emptied: 0 bytes

    User: utente
    ->Temp folder emptied: 1400 bytes
    ->Temporary Internet Files folder emptied: 1552 bytes
    ->FireFox cache emptied: 14530540 bytes
    ->Google Chrome cache emptied: 0 bytes
    ->Flash cache emptied: 492 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 527506 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 14,00 mb


    [EMPTYJAVA]

    User: All Users

    User: Default

    User: Default User

    User: Public

    User: utente

    Total Java Files Cleaned = 0,00 mb

    C:\Windows\System32\drivers\etc\Hosts moved successfully.
    HOSTS file reset successfully

    [EMPTYFLASH]

    User: All Users

    User: Default

    User: Default User

    User: Public

    User: utente
    ->Flash cache emptied: 0 bytes

    Total Flash Files Cleaned = 0,00 mb


    OTL by OldTimer - Version 3.2.69.0 log created on 08292013_185536

    Files\Folders moved on Reboot...

    PendingFileRenameOperations files...

    Registry entries deleted on Reboot...

  6. #6
    Utente di HTML.it
    Registrato dal
    Nov 2006
    Messaggi
    285
    Originariamente inviato da imothep
    All processes killed
    Error: Unable to interpret <PRC - C:\Users\utente\AppData\Local\tuto4pc_it_8\upt4pc_ it_8.exe> in the current context!
    Error: Unable to interpret <PRC - C:\Users\Public\Documents\Application\CurrentFile\ ssadp.exe (ssadp)> in the current context!
    Error: Unable to interpret <MOD - C:\Users\utente\AppData\Local\tuto4pc_it_8\upt4pc_ it_8.exe> in the current context!
    Error: Unable to interpret <SRV - (LiveUpSC) -- C:\Users\utente\AppData\Local\SoftwareUpdater\Soft wareUpdService.exe (SoftwareUpdService)> in the current context!
    Error: Unable to interpret <SRV - (SsupdService) -- C:\Users\utente\AppData\Local\ssupd\ssupd.exe (SsupdService)> in the current context!
    Error: Unable to interpret <SRV - (SsroService) -- C:\Users\utente\AppData\Local\ServiceManager\ssro. exe (SsroService)> in the current context!
    Error: Unable to interpret <DRV - (esgiguard) -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys File not found> in the current context!
    Error: Unable to interpret <IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com> in the current context!
    Error: Unable to interpret <IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com> in the current context!
    Error: Unable to interpret <FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensi ons\\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}: C:\Program Files\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi> in the current context!
    Error: Unable to interpret <O4 - HKLM..\Run: [SsroService] C:\Users\Public\Documents\Application\CurrentFile\ ssadl.exe (ssadl)> in the current context!
    Error: Unable to interpret <O4 - HKLM..\RunOnce: [upt4pc_it_8.exe] C:\Users\utente\AppData\Local\tuto4pc_it_8\upt4pc_ it_8.exe ()> in the current context!
    Error: Unable to interpret <[2013/08/23 21:05:04 | 000,000,000 | ---D | C] -- C:\Program Files\Pricora 4.1> in the current context!
    Error: Unable to interpret <[2013/07/23 08:45:40 | 000,000,000 | ---D | C] -- C:\Program Files\tuto4pc_it_8> in the current context!
    Error: Unable to interpret <@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:373E1720> in the current context!
    ========== FILES ==========
    File\Folder C:\Program Files\Pricora 4.1 not found.
    File\Folder C:\Program Files\tuto4pc_it_8 not found.
    < ipconfig /flushdns /c >
    Configurazione IP di Windows
    Cache del resolver DNS svuotata.
    C:\Users\utente\Downloads\cmd.bat deleted successfully.
    C:\Users\utente\Downloads\cmd.txt deleted successfully.
    ========== REGISTRY ==========
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\ open\command\\""|""%1" %*" /E : value set successfully!
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Public
    ->Temp folder emptied: 0 bytes

    User: utente
    ->Temp folder emptied: 1400 bytes
    ->Temporary Internet Files folder emptied: 1552 bytes
    ->FireFox cache emptied: 14530540 bytes
    ->Google Chrome cache emptied: 0 bytes
    ->Flash cache emptied: 492 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 527506 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 14,00 mb


    [EMPTYJAVA]

    User: All Users

    User: Default

    User: Default User

    User: Public

    User: utente

    Total Java Files Cleaned = 0,00 mb

    C:\Windows\System32\drivers\etc\Hosts moved successfully.
    HOSTS file reset successfully

    [EMPTYFLASH]

    User: All Users

    User: Default

    User: Default User

    User: Public

    User: utente
    ->Flash cache emptied: 0 bytes

    Total Flash Files Cleaned = 0,00 mb


    OTL by OldTimer - Version 3.2.69.0 log created on 08292013_185536

    Files\Folders moved on Reboot...

    PendingFileRenameOperations files...

    Registry entries deleted on Reboot...

    # AdwCleaner v2.107 - Logfile creato il 29/08/2013 alle 19:25:15
    # Aggiornamento 21/01/2013 by Xplode
    # Sistema Operativo : Windows 7 Ultimate Service Pack 1 (32 bits)
    # Utente : utente - UTENTE-PC
    # Modalità Avvio : Modalità Normale
    # Eseguito da : C:\Users\utente\Downloads\adwcleaner.exe
    # Opzioni [Cerca]


    ***** [Servizi] *****


    ***** [File / Cartelle] *****

    Cartella Trovato : C:\ProgramData\Babylon
    Cartella Trovato : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tuto4pc
    File Trovato : C:\Users\Public\Desktop\iLivid.lnk

    ***** [Registro] *****

    Chiave Trovata : HKCU\Software\DataMngr
    Chiave Trovata : HKCU\Software\DataMngr_Toolbar
    Chiave Trovata : HKCU\Software\lollipop
    Chiave Trovata : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
    Chiave Trovata : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
    Chiave Trovata : HKCU\Software\Tuto4PC
    Chiave Trovata : HKCU\Software\Tutorials
    Chiave Trovata : HKCU\Software\TutoTag
    Chiave Trovata : HKLM\SOFTWARE\59e888cb76ded49
    Chiave Trovata : HKLM\SOFTWARE\Classes\Prod.cap
    Chiave Trovata : HKLM\Software\DataMngr
    Chiave Trovata : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Ap plication\WajamUpdater
    Chiave Trovata : HKU\S-1-5-21-312015245-1627973798-3076774996-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
    Chiave Trovata : HKU\S-1-5-21-312015245-1627973798-3076774996-1000\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}

    ***** [Browser Internet] *****

    -\\ Internet Explorer v10.0.9200.16660

    [OK] Registro Pulito.

    -\\ Mozilla Firefox v24.0 (it)

    File : C:\Users\utente\AppData\Roaming\Mozilla\Firefox\Pr ofiles\b30tma1l.default\prefs.js

    [OK] File Pulito.

    -\\ Google Chrome v29.0.1547.57

    File : C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Preferences

    [OK] File Pulito.

    *************************

    AdwCleaner[R1].txt - [2023 octets] - [29/08/2013 19:25:15]

    ########## EOF - C:\AdwCleaner[R1].txt - [2083 octets] ##########

  7. #7
    Utente di HTML.it
    Registrato dal
    Sep 2011
    Messaggi
    85
    riesegui Adwcleaner con quest'ultima versione:
    clicca su SCAN e poi su CLEAN.

    Poi riesegui OTL:
    copia/incolla nel box bianco quanto segue:

    :OTL
    PRC - C:\Users\Public\Documents\Application\CurrentFile\ ssadp.exe (ssadp)
    SRV - (LiveUpSC) -- C:\Users\utente\AppData\Local\SoftwareUpdater\Soft wareUpdService.exe (SoftwareUpdService)
    SRV - (SsupdService) -- C:\Users\utente\AppData\Local\ssupd\ssupd.exe (SsupdService)
    SRV - (SsroService) -- C:\Users\utente\AppData\Local\ServiceManager\ssro. exe (SsroService)
    IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
    IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
    O4 - HKLM..\Run: [SsroService] C:\Users\Public\Documents\Application\CurrentFile\ ssadl.exe (ssadl)

    :commands
    [Reboot]


    ..........premi RUN FIX lascia fare la scansione, riavvia e posta il log.

    disabilita questi 2 servizi : SsupdService e SsroService

  8. #8
    Utente di HTML.it
    Registrato dal
    Nov 2006
    Messaggi
    285
    Originariamente inviato da friedr
    riesegui Adwcleaner con quest'ultima versione:
    clicca su SCAN e poi su CLEAN.

    Poi riesegui OTL:
    copia/incolla nel box bianco quanto segue:

    :OTL
    PRC - C:\Users\Public\Documents\Application\CurrentFile\ ssadp.exe (ssadp)
    SRV - (LiveUpSC) -- C:\Users\utente\AppData\Local\SoftwareUpdater\Soft wareUpdService.exe (SoftwareUpdService)
    SRV - (SsupdService) -- C:\Users\utente\AppData\Local\ssupd\ssupd.exe (SsupdService)
    SRV - (SsroService) -- C:\Users\utente\AppData\Local\ServiceManager\ssro. exe (SsroService)
    IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
    IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
    O4 - HKLM..\Run: [SsroService] C:\Users\Public\Documents\Application\CurrentFile\ ssadl.exe (ssadl)


    Ciao Friedr il problema sembra risolto ma l'ultima scansione con Otl che mi hai chiesto di fare non mi da il file log dopo il riavvio. Intanto ti ringrazio!
    :commands
    [Reboot]


    ..........premi RUN FIX lascia fare la scansione, riavvia e posta il log.

    disabilita questi 2 servizi : SsupdService e SsroService

  9. #9
    Utente di HTML.it
    Registrato dal
    Sep 2011
    Messaggi
    85
    Ciao Friedr il problema sembra risolto ma l'ultima scansione con Otl che mi hai chiesto di fare non mi da il file log dopo il riavvio. Intanto ti ringrazio!
    ..bene, apri OTL e clicca su CLEAN UP .
    (pulizia finale con CCleaner di file e registro).

  10. #10
    Utente di HTML.it
    Registrato dal
    Nov 2006
    Messaggi
    285
    Originariamente inviato da friedr
    ..bene, apri OTL e clicca su CLEAN UP .
    (pulizia finale con CCleaner di file e registro).
    Ok grazie milleee!!!

Permessi di invio

  • Non puoi inserire discussioni
  • Non puoi inserire repliche
  • Non puoi inserire allegati
  • Non puoi modificare i tuoi messaggi
  •  
Powered by vBulletin® Version 4.2.1
Copyright © 2014 vBulletin Solutions, Inc. All rights reserved.