View Full Version : claro search su firefox
gabrybaldo
15-08-2012, 09:19
credo di aver preso un infezione, claro search, sono riuscito ad eliminare questo reindirizzamento della home page in explorer ed in chrome, ho disinstallato il programma ho anche eliminato il suo eseguibile che era presente nei file temporanei.
non riesco perņ eliminarlo da firefox
come antivirus ho AVG
ho fatto una scansione con malwarebytes e SUPERAntispyware ma non ho trovato niente .
non riesco un aiuto?
grazie
gabriele
gabrybaldo
15-08-2012, 20:19
credo sia connesso a babylon, ho trovto una cartella babylon contenente il seguente file log
su firefox torna sempre claro search anche modificando con about:config le voci modificate .
----------- 14/08/12 - running v9.0.5.18 on CORSAIR (user:Gabriele) -----------
Windows Path: C:\Windows
19:25:34 (Setup)-Command line: -trkInfo=[tb:iClaro] /tbGen="/tlbrid=iclaro" -3L34V.tmp\ClaroTB.exe" /aflt=babsst /babTrack="affID=115131" /instlRef=sst /S /srcExt=iclro -s /mds /mhp /mnt .
19:25:34 (Client)-LM file is C:\ProgramData\Babylon\BabAll.dat.
19:25:34 (Client)-LM imported to file.
19:25:34 (Client)-LM file access denied.
19:25:34 (Setup)-Setup start, installing version .
19:25:34 (Setup)-SourceDir: C:\Users\Gabriele\AppData\Local\Temp\BCAEE2D2-BAB0-7891-869E-B6DE7AD6F6D0\.
19:25:34 (Setup)-InstallDir: C:\Program Files (x86)\Babylon\Babylon-Pro\.
19:25:34 (Setup)-ImportInstallDir: 0.
19:25:34 (Setup)-SilentInstall: 1.
19:25:34 (Setup)-ExecuteBabylon: 1.
19:25:34 (Setup)-NeedToImport: 0.
19:25:34 (Setup)-MinRequirements: 0.
19:25:34 (Setup)-IsUpgrade: 0.
19:25:34 (Setup)-TBInstallState: 4.
19:25:34 (Setup)-SetupType: 50.
19:25:34 (Setup)-SetupFlags: 2.
19:25:34 (Setup)-PrevVersion: 0.
19:25:34 (Setup)-TBInstall: 1.
19:25:34 (Setup)-Report: http://info.babylon.com/stat/report.php?no_policy=1&lang=0&source=setup-start&stage=0&ver=9.0.5.18&affilID=115131&trkInfo=[pd:3372664197][pl:5][tb:iClaro]&vid=1344889872-2285885900&guid={B31D9565-7AD0-42D5-AD97-F9927D25CF56}&mntrId=428b1914000000000000002522f937f2&sufn=ClaroTB.exe&iev=9&ffv=14&crv=21&dwb=ie&sutp=50&sufl=2&dnld=0&dcnt=0&dtot=0&dlerr=0&tbp=0&prver=0&impdir=0&impt=0&exc=1&minreq=0&wvr=601&avr=QVZHIEFudGktVmlydXMgRnJlZSBFZGl0aW9uIDIwMTI=&tbtp=def&tbinst=1&w64=1&cntry=IT&osp=hp0:-534094650;hp1:-534094650;hp2:927461885;dsp0:-886302982;dsp1:0;dsp2:-425396809;&dnt=2.0,3.0,3.5,4.0.
19:25:35 (Setup)-Command line: -trkInfo=[TType:120812_bandext_3312_5] -trkInfo=[tb:iClaro] /tbGen="/tlbrid=iclaro" -3L34V.tmp\ClaroTB.exe" /aflt=babsst /babTrack="affID=115131" /instlRef=sst /S /srcExt=iclro -s /mds /mhp /mnt .
19:25:35 (Setup)-Custom Data (1).
19:25:35 (Setup)-Custom Data (1).
19:25:35 (Setup)-Custom Data (1).
19:25:35 (Setup)-Custom Data (1).
19:25:35 (Setup)-Custom Data (1).
19:25:38 (Setup)-File 1 (latest_6.7.zpb) out of 4: errCode - 200, complete - 100, opt - 0, latest - 1, required - 0.
----------- 14/08/12 - running v9.0.6.7 on CORSAIR (user:Gabriele) -----------
Windows Path: C:\Windows
19:25:38 (Setup)-Command line: -trkInfo=[tb:iClaro] /tbGen=/tlbrid=iclaro -3L34V.tmp\ClaroTB.exe /aflt=babsst /babTrack=affID=115131 /instlRef=sst /S /srcExt=iclro -s /mds /mhp /mnt -latest.
19:25:38 (Client)-LM file is C:\ProgramData\Babylon\BabAll.dat.
19:25:38 (Client)-LM imported to file.
19:25:38 (Client)-LM file access denied.
19:25:38 (Setup)-Setup start, installing version .
19:25:38 (Setup)-SourceDir: C:\Users\Gabriele\AppData\Local\Temp\BCAEE2D2-BAB0-7891-869E-B6DE7AD6F6D0\Latest\.
19:25:38 (Setup)-InstallDir: C:\Program Files (x86)\Babylon\Babylon-Pro\.
19:25:38 (Setup)-SilentInstall: 1.
19:25:38 (Setup)-ExecuteBabylon: 1.
19:25:38 (Setup)-MinRequirements: 0.
19:25:38 (Setup)-IsUpgrade: 0.
19:25:38 (Setup)-TBInstallState: 4.
19:25:38 (Setup)-SetupType: 50.
19:25:38 (Setup)-SetupFlags: 4a.
19:25:38 (Setup)-PrevVersion: 0.
19:25:38 (Setup)-TBInstall: 1.
19:25:38 (Setup)-Report: http://info.babylon.com/stat/report.php?no_policy=1&lang=0&source=setup-start&stage=0&ver=9.0.6.7&affilID=115131&trkInfo=[pd:3372664197][pl:5][tb:iClaro]&vid=1344889872-2285885900&guid={7A768293-60B0-4C42-8030-4259BFC08732}&mntrId=428b1914000000000000002522f937f2&sufn=Setup.exe&iev=9&ffv=14&crv=21&dwb=ie&sutp=50&sufl=74&tbp=0&prver=0&exc=1&minreq=0&dtct=-1145341807&wvr=601&avr=QVZHIEFudGktVmlydXMgRnJlZSBFZGl0aW9uIDIwMTI=&tbtp=def&tbinst=1&w64=1&cntry=IT&osp=hp0:-534094650;hp1:-534094650;hp2:927461885;dsp0:-886302982;dsp1:0;dsp2:-425396809;&dnt=2.0,3.0,3.5,4.0.
19:25:38 (Setup)-Command line: -trkInfo=[TType:120812_bandext_3312_3] -trkInfo=[tb:iClaro] /tbGen=/tlbrid=iclaro -3L34V.tmp\ClaroTB.exe /aflt=babsst /babTrack=affID=115131 /instlRef=sst /S /srcExt=iclro -s /mds /mhp /mnt -latest.
19:25:38 (Setup)-Custom Data (1).
19:25:38 (Setup)-Custom Data (1).
19:25:38 (Setup)-Custom Data (1).
19:25:38 (Setup)-Custom Data (1).
19:25:38 (Setup)-Custom Data (1).
19:25:38 (Setup)-Setup HP: http://isearch.claro-search.com/?affID=115131&tt=120812_bandext_3312_3&babsrc=HP_iclro&mntrId=428b1914000000000000002522f937f2.
19:25:38 (Setup)-Current HP (0): http://www.google.it/.
19:25:38 (Setup)-Setup DSP: Claro Search.
19:25:38 (Setup)-Current DSP (0): Bing.
19:25:38 (Setup)-Current DSP id (0): {0633EE93-D776-472f-A0FF-E1416B8B2E3A}.
19:25:39 (Setup)-Search properties were set - hp: 1, dsp: 1, (0x3).
19:25:39 (Setup)-DomainUrl: http://isearch.claro-search.com.
19:25:39 (Setup)-HomePageUrl: http://isearch.claro-search.com/?affID=115131&tt=120812_bandext_3312_3&babsrc=HP_iclro&mntrId=428b1914000000000000002522f937f2.
19:25:39 (Setup)-SearchName: Claro Search.
19:25:39 (Setup)-SearchProviderUrl: http://isearch.claro-search.com/?q={searchTerms}&affID=115131&tt=120812_bandext_3312_3&babsrc=SP_iclro&mntrId=428b1914000000000000002522f937f2.
19:25:39 (Setup)-ToolbarUrl: http://isearch.claro-search.com/?q={searchTerms}&affID=115131&tt=120812_bandext_3312_3&babsrc=TB_iclro&mntrId=428b1914000000000000002522f937f2.
19:25:39 (Setup)-NewTabUrl: http://isearch.claro-search.com/?affID=115131&tt=120812_bandext_3312_3&babsrc=NT_iclro&mntrId=428b1914000000000000002522f937f2.
19:25:44 (Setup)-File 1 (Setup-clrtb.zpb) out of 3: errCode - 200, complete - 100, opt - 0, latest - 0, required - 0.
19:25:44 (Setup)-Toolbar installation command: (C:\Users\Gabriele\AppData\Local\Temp\BCAEE2D2-BAB0-7891-869E-B6DE7AD6F6D0\Latest\MyBabylonTB.exe /lng=en /tlbrid=iclaro /babTrack="affID=115131&tt=120812_bandext_3312_3" /instlRef=sst /aflt=babsst /srcExt=iclro /tlbrid=iclaro /noXPI).
19:25:50 (Setup)-install XPI: C:\Program Files (x86)\\Claro LTD\\claro\\ClaroTB.xpi.
19:25:55 (Setup)-File 2 (PPC.zpb) out of 3: errCode - 200, complete - 100, opt - 0, latest - 0, required - 0.
19:25:56 (Setup)-File 3 (babcrmobj.zpb) out of 3: errCode - 200, complete - 100, opt - 0, latest - 0, required - 0.
19:25:56 (Setup)-Add-on (1, 25000, 0): "C:\Windows\system32\msiexec.exe" /I "C:\Users\Gabriele\AppData\Local\Temp\BCAEE2D2-BAB0-7891-869E-B6DE7AD6F6D0\Latest\BabylonObjectInstaller.msi" /qn.
19:25:56 (Setup)-Add-on (2, 25000, 0): "C:\Users\Gabriele\AppData\Local\Temp\BCAEE2D2-BAB0-7891-869E-B6DE7AD6F6D0\Latest\BrowserManagerSetup.exe" /mhp /mnt /mds /ini=C:\Users\Gabriele\AppData\Local\Temp\BCAEE2D2-BAB0-7891-869E-B6DE7AD6F6D0\Latest\SetupParams.ini /set.
19:26:11 (Setup)-ExitInstallation 90.
19:26:11 (Setup)-exit message loop.
19:26:36 (Setup)-ExitOnError: 90.
19:26:36 (Setup)-Report: http://info.babylon.com/stat/report.php?no_policy=1&lang=0&source=setup-end&stage=90&ver=9.0.6.7&affilID=115131&trkInfo=[TType:120812_bandext_3312_3][pd:3372664197][pl:5][tb:iClaro]&vid=1344889872-2285885900&guid={7A768293-60B0-4C42-8030-4259BFC08732}&mntrId=428b1914000000000000002522f937f2&sufn=Setup.exe&iev=9&ffv=14&crv=21&dwb=ie&sutp=50&sufl=74&tbp=0&prver=0&exc=1&minreq=0&dtct=-1145341807&wvr=601&avr=QVZHIEFudGktVmlydXMgRnJlZSBFZGl0aW9uIDIwMTI=&tbtp=none&tbinst=1&w64=1&cntry=IT&osp=hp0:-534094650;hp1:-534094650;hp2:927461885;dsp0:-886302982;dsp1:0;dsp2:-425396809;&dnt=2.0,3.0,3.5,4.0&spbi=&IE2_sdsps&IE1_shps&CR2_sdsps&CR1_shps&hp=1&dsp=1&tb=1&hpx=1&dspx=1&tbx=1&dnld=100&dcnt=3&dtot=3&dlerr=200&ao0=0&excd=7&rbts=0&rbtt=0.
19:26:37 (Setup)-Setup end.
19:26:37 (Setup)-ExitInstallation 91.
19:26:37 (Setup)-exit message loop.
19:26:37 (Setup)-ExitOnError: 91.
19:26:37 (Setup)-Report: http://info.babylon.com/stat/report.php?no_policy=1&lang=0&source=setup-end&stage=91&ver=9.0.5.18&affilID=115131&trkInfo=[TType:120812_bandext_3312_3][pd:3372664197][pl:5][tb:iClaro]&vid=1344889872-2285885900&guid={B31D9565-7AD0-42D5-AD97-F9927D25CF56}&mntrId=428b1914000000000000002522f937f2&sufn=ClaroTB.exe&iev=9&ffv=14&crv=21&dwb=ie&sutp=50&sufl=2&dnld=100&dcnt=1&dtot=4&dlerr=200&tbp=0&prver=0&impdir=0&impt=0&exc=1&minreq=0&wvr=601&avr=QVZHIEFudGktVmlydXMgRnJlZSBFZGl0aW9uIDIwMTI=&tbtp=def&tbinst=1&w64=1&cntry=IT&osp=hp0:-534094650;hp1:-534094650;hp2:927461885;dsp0:-886302982;dsp1:0;dsp2:-425396809;&dnt=2.0,3.0,3.5,4.0&hp=1&dsp=1&tb=1&hpx=0&dspx=0&tbx=0&ao0=0&dtct=-1145341807&excd=0&rbts=0&rbtt=0.
19:26:37 (Setup)-Setup end.
Aiuto!!!!
Chill-Out
15-08-2012, 21:09
Controlla in FF - Componenti aggiuntivi - Plugin
gabrybaldo
15-08-2012, 21:32
non ho trovato niente di strano.
se modifico about:config dopo ricompaiono le voci con claro search e una voce modificata keyword.url
non riesco ad eliminarlo il maledetto!
gabrybaldo
15-08-2012, 22:57
;37946989']Per favore, potrei mettere il tag QUOTE al tuo log? č impossibile leggere la discussione.
Per il resto: hai disinstallato Babylon dai programmi?.
babilon non c'era, ma c'era claro search che ho disintallato appena mi sono accorto dell hijack
dando il comando %appdata% ed andando dentro firefox ho trovato la cartella babylon contenente il file log che ho allegato.
da explorer e crome non ho avuto probemi ad eliminare claro search, ma se continua a riapparire su firefox da qualche parte deve essere
p.s. spero di aver quotato bene
gabrybaldo
25-08-2012, 12:25
;37947090']Direi di no.
non riesco ad eliminarlo da Firefox.
qualche altra idea?
nota ho eseguito regedit ed eliminato tutte le voci relative a claro e babylon.
ciao
gabriele
Anche io stesso problema con claro search!!
Eliminato con revo unin, eliminata anche babylon, eliminato la stringa di "about config e sostituita con google search (ma l'unico cambiamento me l'ha dato che la prima pagina viene google, ma se apro altre pagine mi viene iclaro search)...
provato con regedit, cc cleaner, malwarebyte ma niente:mc:
Help us plz:cry: :cry:
Anche io stesso problema con claro search!!
Eliminato con revo unin, eliminata anche babylon, eliminato la stringa di "about config e sostituita con google search (ma l'unico cambiamento me l'ha dato che la prima pagina viene google, ma se apro altre pagine mi viene iclaro search)...
provato con regedit, cc cleaner, malwarebyte ma niente:mc:
Help us plz:cry: :cry:
Dovrei aver risolto, praticamente digita nella barra indirizzi: "about:config" e nella barra cerca digita: "browser.newtab.url" e modifica mettendo ad es. google. Se non andasse lo stesso digita nella barra cerca di abou:config la parola claro e sostituisci tutto con google...
Ora a me va!!! Ciao
vBulletin® v3.6.4, Copyright ©2000-2025, Jelsoft Enterprises Ltd.