Toggle sidebar Toggle sidebar

Non riesco a installare nessun antivirus

I

Intu-89

Nuovo Utente
4
0
Salve come altri prima di me non riesco a installare nessun antivirus.
Leggendo ho fatto una scansione del pc con HijackThis il report è questo:
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 19:48:07, on 12/11/2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.16299.0015)

Boot mode: Normal
Running processes:
C:\Users\Sampdoria PC\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Users\Sampdoria PC\AppData\Roaming\uTorrent\VirusGuard\BitTorrentAntivirus.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Users\Sampdoria PC\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?Lin...803&GUID=5BFC3328-0313-44EC-9710-98CD79C52884
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Sampdoria PC\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Advanced SystemCare 11] "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Sampdoria PC\AppData\Roaming\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [Spybot-S&D Cleaning] "C:\Users\Sampdoria PC\Downloads\Programs\SpybotPortable\App\Spybot\SDCleaner.exe" /autoclean
O8 - Extra context menu item: Download with Xilisoft iPod Magic Platinum - C:\Program Files (x86)\Xilisoft\iPod Magic Platinum\upod_link.HTM
O8 - Extra context menu item: Scarica con IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Scarica tutti i link con IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.webcompanion.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{30487e0a-56a8-4dad-97b2-906cc6ebf809}: NameServer = 82.163.142.8,95.211.158.136
O18 - Protocol: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
O23 - Service: Advanced SystemCare Service 11 (AdvancedSystemCareService11) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ashampoo Backup Pro (ashbackuppb) - Unknown owner - c:\Program Files\Ashampoo\Ashampoo Backup Pro 11\bin\backupService-abpb.exe
O23 - Service: Servizio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\119748.inf_amd64_8e3972f5c88264c0\IntelCpHeciSvc.exe
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\119748.inf_amd64_8e3972f5c88264c0\IntelCpHDCPSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @oem3.inf,%ServiceDisplayName%;ESIF Upper Framework Service (esifsvc) - Unknown owner - C:\WINDOWS\system32\Intel\DPTF\esif_uf.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Servizio Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\119748.inf_amd64_8e3972f5c88264c0\igfxCUIService.exe
O23 - Service: IMF Service (IMFservice) - Unknown owner - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe (file missing)
O23 - Service: IObit Uninstaller Service (IObitUnSvr) - IObit - C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NitroUpdateService - Nitro Software, Inc. - C:\Program Files\Nitro\Pro 11\Nitro_UpdateService.exe
O23 - Service: Printer Control - Unknown owner - C:\WINDOWS\system32\PrintCtrl.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wondershare Driver Install Service (WsDrvInst) - Wondershare - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\Transfer\DriverInstall.exe
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)
--
End of file - 10755 bytes


Qualcuno può aiutarmi?
Dalla scansione si riesce a capire il virus dove si trova o qualunque cosa sia
 

Allegati

  • hijackthisbnl.txt
    10.5 KB · Visualizzazioni: 129
danilo79

danilo79

Utente Èlite
1,814
549
Ciao
Hijackthis è obsoleto e non pou sviluppato...

Esegui queste scansioni:

Scarica tdsskiller daquiwww.bleepingcomputer.com/download/tdsskiller/
Segui questa guida per il programmahttp://www.why-tech.it/come-rimuovere-defi...t-dal-pc-1.html
Posta il log report

Poi scarica Malwarebyte Antirootkit da quihttps://it.malwarebytes.com/antirootkit/
Segui la guida fornita nel sito nella stessapagina del download
Posta il log generato

Infine ,esegui una scansione con roguekiller...
Scaricalo da qui...
http://www.adlice.com/download/roguekiller/
Segui questa guida per usare il programma
http://it.ccm.net/faq/3204-come-usare
Cancella solo le voci di colore rosso...
Posta il.report

Ciao
 
I

Intu-89

Nuovo Utente
4
0
Questo è il rapporto di RogueKiller:

RogueKiller V12.11.23.0 (x64) [Nov 6 2017] (Gratuito) di Adlice Software
posta : http://www.adlice.com/contact/
Commenti : https://forum.adlice.com
Sito Web : http://www.adlice.com/download/roguekiller/
Discussione : http://www.adlice.com
Sistema Operativo : Windows 10 (10.0.16299) 64 bits version
Iniziato in : Modalità Normale
Utente : Sampdoria PC [Amministratore]
Iniziato da : C:\Users\Sampdoria PC\Desktop\RogueKiller_portable64.exe
Modalità : Cancella -- Data : 11/12/2017 23:40:05 (Durata : 00:48:56)
¤¤¤ Processi : 1 ¤¤¤
[Root.Komodia] (SVC) Lace514 -- \SystemRoot\System32\drivers\Lace_wpf_x64.sys[7] -> Fermato
¤¤¤ Registro : 44 ¤¤¤
[PUP.DllFiles] (X64) HKEY_LOCAL_MACHINE\Software\dll-files.com -> Non selezionato
[PUP.TextToTalk] (X64) HKEY_LOCAL_MACHINE\Software\Texttotalk -> Non selezionato
[PUP.UCBrowser|PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\Software\UCBrowser -> Non selezionato
[PUP.HPDefender] (X86) HKEY_LOCAL_MACHINE\Software\HPMammoth -> Non selezionato
[PUP.OnlineIO] (X86) HKEY_LOCAL_MACHINE\Software\Microleaves -> Non selezionato
[PUP.UCBrowser|PUP.Gen1] (X86) HKEY_LOCAL_MACHINE\Software\UCBrowser -> Non selezionato
[PUP.Gen1] (X86) HKEY_LOCAL_MACHINE\Software\UCBrowserPID -> Non selezionato
[PUP.ByteFence|PUP.Gen1] (X64) HKEY_USERS\.DEFAULT\Software\ByteFence -> Non selezionato
[PUP.ByteFence|PUP.Gen1] (X86) HKEY_USERS\.DEFAULT\Software\ByteFence -> Non selezionato
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-3682657124-3050358537-2994852668-1001\Software\csastats -> Non selezionato
[Adw.FastDataX] (X64) HKEY_USERS\S-1-5-21-3682657124-3050358537-2994852668-1001\Software\FastDataX -> Cancellato
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-3682657124-3050358537-2994852668-1001\Software\IM -> Non selezionato
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-3682657124-3050358537-2994852668-1001\Software\ProductSetup -> Non selezionato
[PUP.HPDefender] (X64) HKEY_USERS\S-1-5-21-3682657124-3050358537-2994852668-1001\Software\TablacusApp -> Non selezionato
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-3682657124-3050358537-2994852668-1001\Software\UCBrowserPID -> Non selezionato
[Root.Wajam] (X64) HKEY_USERS\S-1-5-21-3682657124-3050358537-2994852668-1001\Software\WajIEnhance -> Cancellato
[Adw.Sokuxuan] (X64) HKEY_USERS\S-1-5-21-3682657124-3050358537-2994852668-1001\Software\YeaDesktop -> Cancellato
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-3682657124-3050358537-2994852668-1001\Software\csastats -> Non selezionato
[Adw.FastDataX] (X86) HKEY_USERS\S-1-5-21-3682657124-3050358537-2994852668-1001\Software\FastDataX -> Cancellato
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-3682657124-3050358537-2994852668-1001\Software\IM -> Non selezionato
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-3682657124-3050358537-2994852668-1001\Software\ProductSetup -> Non selezionato
[PUP.HPDefender] (X86) HKEY_USERS\S-1-5-21-3682657124-3050358537-2994852668-1001\Software\TablacusApp -> Non selezionato
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-3682657124-3050358537-2994852668-1001\Software\UCBrowserPID -> Non selezionato
[Root.Wajam] (X86) HKEY_USERS\S-1-5-21-3682657124-3050358537-2994852668-1001\Software\WajIEnhance -> Cancellato
[Adw.Sokuxuan] (X86) HKEY_USERS\S-1-5-21-3682657124-3050358537-2994852668-1001\Software\YeaDesktop -> Cancellato
[PUP.ByteFence|PUP.Gen1] (X64) HKEY_USERS\S-1-5-18\Software\ByteFence -> Non selezionato
[PUP.ByteFence|PUP.Gen1] (X86) HKEY_USERS\S-1-5-18\Software\ByteFence -> Non selezionato
[PUP.HPDefender] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\HPMammoth -> Non selezionato
[Root.Komodia] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Lace514 (\SystemRoot\System32\drivers\Lace_wpf_x64.sys) -> Cancellato
[PUP.DllFiles] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {09FAB2B2-C091-44A9-86DA-E3E8AFB8FDC0} : v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Public|LPort=4000|App=C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe|Name=DLL-Files.com FIXER|Desc=Allow outbound network traffic from DLL-Files Fixer|EmbedCtxt=DLL-Files.com FIXER| [x] -> Non selezionato
[PUP.DllFiles] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {4D50F440-336B-4A95-8E99-C081F49F24FB} : v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Public|LPort=4000|App=C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe|Name=DLL-Files.com FIXER|Desc=Allow outbound network traffic from DLL-Files Fixer|EmbedCtxt=DLL-Files.com FIXER| [x] -> Non selezionato
[PUP.DllFiles] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {5DC9DA96-9188-4740-AF8C-607E3B21620B} : v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Public|LPort=4000|App=C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe|Name=DLL-Files.com FIXER|Desc=Allow outbound network traffic from DLL-Files Fixer|EmbedCtxt=DLL-Files.com FIXER| [x] -> Non selezionato
[PUP.DllFiles] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {7566C7A1-7D8A-429A-9C1E-17880CD22E8A} : v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Public|LPort=4000|App=C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe|Name=DLL-Files.com FIXER|Desc=Allow outbound network traffic from DLL-Files Fixer|EmbedCtxt=DLL-Files.com FIXER| [x] -> Non selezionato
[PUP.DllFiles] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {462B2B3D-949A-4D37-821E-FD3757F18504} : v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Public|LPort=4000|App=C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe|Name=DLL-Files.com FIXER|Desc=Allow outbound network traffic from DLL-Files Fixer|EmbedCtxt=DLL-Files.com FIXER| [x] -> Non selezionato
[PUP.DllFiles] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {ABA20B52-5C1E-4DA4-A80C-6F22C0063349} : v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Public|LPort=4000|App=C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe|Name=DLL-Files.com FIXER|Desc=Allow outbound network traffic from DLL-Files Fixer|EmbedCtxt=DLL-Files.com FIXER| [x] -> Non selezionato
[PUP.DllFiles] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {513AD5B2-B171-4364-B573-B412967196FD} : v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Public|LPort=4000|App=C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe|Name=DLL-Files.com FIXER|Desc=Allow outbound network traffic from DLL-Files Fixer|EmbedCtxt=DLL-Files.com FIXER| [x] -> Non selezionato
[PUP.DllFiles] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {36127FD0-3125-49F0-99D6-43FDDB0FF5AC} : v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Public|LPort=4000|App=C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe|Name=DLL-Files.com FIXER|Desc=Allow outbound network traffic from DLL-Files Fixer|EmbedCtxt=DLL-Files.com FIXER| [x] -> Non selezionato
[PUP.DllFiles] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {F2CF832E-74A7-4972-B05E-0038E18F88C5} : v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Public|LPort=4000|App=C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe|Name=DLL-Files.com FIXER|Desc=Allow outbound network traffic from DLL-Files Fixer|EmbedCtxt=DLL-Files.com FIXER| [x] -> Non selezionato
[PUP.DllFiles] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {257F43EA-7F93-4B4C-AAF9-E6420850D4F3} : v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Public|LPort=4000|App=C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe|Name=DLL-Files.com FIXER|Desc=Allow outbound network traffic from DLL-Files Fixer|EmbedCtxt=DLL-Files.com FIXER| [x] -> Non selezionato
[PUP.DllFiles] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {A960E84E-F39D-4F37-BB2E-A7203222D3A2} : v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Public|LPort=4000|App=C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe|Name=DLL-Files.com FIXER|Desc=Allow outbound network traffic from DLL-Files Fixer|EmbedCtxt=DLL-Files.com FIXER| [x] -> Non selezionato
[PUP.DllFiles] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {230DAF8C-B7CF-4E45-B579-20C4B1576F60} : v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Public|LPort=4000|App=C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe|Name=DLL-Files.com FIXER|Desc=Allow outbound network traffic from DLL-Files Fixer|EmbedCtxt=DLL-Files.com FIXER| [x] -> Non selezionato
[PUP.DllFiles] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {AB422DC7-CE8C-468E-83E3-549663F04909} : v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Public|LPort=4000|App=C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe|Name=DLL-Files.com FIXER|Desc=Allow outbound network traffic from DLL-Files Fixer|EmbedCtxt=DLL-Files.com FIXER| [x] -> Non selezionato
[PUP.DllFiles] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {CB648401-31C9-487F-AFAE-E7CF81EA9F2C} : v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Public|LPort=4000|App=C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe|Name=DLL-Files.com FIXER|Desc=Allow outbound network traffic from DLL-Files Fixer|EmbedCtxt=DLL-Files.com FIXER| [x] -> Non selezionato
[Adw.Eszjuxuan] (X64) HKEY_USERS\S-1-5-21-3682657124-3050358537-2994852668-1001\Control Panel\Desktop | SCRNSAVE.EXE : C:\ProgramData\DreamScreen\DreamCompress.scr [-] -> Rimpiazzato (C:\WINDOWS\system32\logon.scr)
¤¤¤ Attività : 3 ¤¤¤
[PUP.OtherSearch] \r6ndgYO5JL -- C:\Program Files (x86)\DwJ0TV0uIR\updengine.exe -> Non selezionato
[VT.Trojan.Agent] \wincore -- C:\WINDOWS\Windows\ProgramData\wincore.exe (-update) -> Cancellato
[Hj.Name] \{5DC18CEC-A5D6-48E3-AF2E-0B0465691F15} -- C:\WINDOWS\Windows\ProgramData\svchost.exe (-update) -> Cancellato
¤¤¤ Archivi : 19 ¤¤¤
[Adw.Eszjuxuan][Cartella] C:\ProgramData\DreamScreen -> Cancellato
[Adw.Eszjuxuan][Archivio] C:\ProgramData\DreamScreen\DreamCompress.scr -> Cancellato
[PUP.OnlineIO|PUP.Gen0][Cartella] C:\ProgramData\Microleaves -> Rimosso al riavvio [91]
[PUP.OnlineIO|PUP.Gen0][Cartella] C:\ProgramData\Microleaves\Online Application -> ERROR [5]
[Hj.Shortcut][Archivio] C:\Users\Sampdoria PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [LNK@] C:\PROGRA~2\Google\Chrome\APPLIC~1\chrome.exe http://pop.yeawindows.com/ -> Scorciatoia ripulita
[Root.Komodia][Archivio] C:\Windows\System32\drivers\Lace_wpf_x64.sys -> Cancellato
[Adw.EnjoyWifi][Archivio] C:\Windows\System32\drivers\wfcre.sys -> Cancellato
[Adw.Eszjuxuan][Cartella] C:\Users\Sampdoria PC\AppData\Roaming\DreamScreen -> Cancellato
[Adw.Eszjuxuan][Archivio] C:\Users\Sampdoria PC\AppData\Roaming\DreamScreen\run_cmd.txt -> Cancellato
[PUP.OnlineIO|PUP.Gen0][Cartella] C:\Users\Sampdoria PC\AppData\Roaming\Microleaves -> Cancellato
[PUP.OnlineIO|PUP.Gen0][Archivio] C:\Users\Sampdoria PC\AppData\Roaming\Microleaves\Online Application 2.7.0\install\CFCBAA1\Basic Installer with memory detection.msi -> Cancellato
[PUP.OnlineIO|PUP.Gen0][Cartella] C:\Users\Sampdoria PC\AppData\Roaming\Microleaves\Online Application 2.7.0\install\CFCBAA1 -> Cancellato
[PUP.OnlineIO|PUP.Gen0][Cartella] C:\Users\Sampdoria PC\AppData\Roaming\Microleaves\Online Application 2.7.0\install -> Cancellato
[PUP.OnlineIO|PUP.Gen0][Cartella] C:\Users\Sampdoria PC\AppData\Roaming\Microleaves\Online Application 2.7.0 -> Cancellato
[PUP.HPDefender][Cartella] C:\Users\Sampdoria PC\AppData\Roaming\TablacusApp2 -> Cancellato
[PUP.HPDefender][Archivio] C:\Users\Sampdoria PC\AppData\Roaming\TablacusApp2\TablacusApp.exe -> Cancellato
[PUP.HPDefender][Archivio] C:\Users\Sampdoria PC\AppData\Roaming\TablacusApp2\TablacusApp2\readme.txt -> Cancellato
[PUP.HPDefender][Archivio] C:\Users\Sampdoria PC\AppData\Roaming\TablacusApp2\TablacusApp2\Tablacus.exe -> Cancellato
[PUP.HPDefender][Archivio] C:\Users\Sampdoria PC\AppData\Roaming\TablacusApp2\TablacusApp2\TablacusApp.exe -> Cancellato
[PUP.HPDefender][Cartella] C:\Users\Sampdoria PC\AppData\Roaming\TablacusApp2\TablacusApp2 -> Cancellato
[PUP.HPDefender][Archivio] C:\Users\Sampdoria PC\AppData\Roaming\TablacusApp2\uninstaller.exe -> Cancellato
[PUP.uTorrentAds][Archivio] C:\Users\Sampdoria PC\AppData\Roaming\uTorrent\updates\3.5.0_43804\utorrentie.exe -> Cancellato
[PUP.Gen1][Cartella] C:\Users\Sampdoria PC\AppData\Roaming\vnlgp -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Sampdoria PC\AppData\Roaming\vnlgp\vnlgp\kernel\aes_helper.cl -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Sampdoria PC\AppData\Roaming\vnlgp\vnlgp\kernel\blake.cl -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Sampdoria PC\AppData\Roaming\vnlgp\vnlgp\kernel\blake256.cl -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Sampdoria PC\AppData\Roaming\vnlgp\vnlgp\kernel\bmw.cl -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Sampdoria PC\AppData\Roaming\vnlgp\vnlgp\kernel\bmw256.cl -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Sampdoria PC\AppData\Roaming\vnlgp\vnlgp\kernel\cubehash.cl -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Sampdoria PC\AppData\Roaming\vnlgp\vnlgp\kernel\darkcoin-mod.cl -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Sampdoria PC\AppData\Roaming\vnlgp\vnlgp\kernel\decred.cl -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Sampdoria PC\AppData\Roaming\vnlgp\vnlgp\kernel\echo.cl -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Sampdoria PC\AppData\Roaming\vnlgp\vnlgp\kernel\fugue.cl -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Sampdoria PC\AppData\Roaming\vnlgp\vnlgp\kernel\groestl.cl -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Sampdoria PC\AppData\Roaming\vnlgp\vnlgp\kernel\groestl256.cl -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Sampdoria PC\AppData\Roaming\vnlgp\vnlgp\kernel\jh.cl -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Sampdoria PC\AppData\Roaming\vnlgp\vnlgp\kernel\keccak.cl -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Sampdoria PC\AppData\Roaming\vnlgp\vnlgp\kernel\keccak1600.cl -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Sampdoria PC\AppData\Roaming\vnlgp\vnlgp\kernel\luffa.cl -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Sampdoria PC\AppData\Roaming\vnlgp\vnlgp\kernel\lyra2.cl -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Sampdoria PC\AppData\Roaming\vnlgp\vnlgp\kernel\lyra2re.cl -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Sampdoria PC\AppData\Roaming\vnlgp\vnlgp\kernel\lyra2rev2.cl -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Sampdoria PC\AppData\Roaming\vnlgp\vnlgp\kernel\lyra2v2.cl -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Sampdoria PC\AppData\Roaming\vnlgp\vnlgp\kernel\neoscrypt.cl -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Sampdoria PC\AppData\Roaming\vnlgp\vnlgp\kernel\shabal.cl -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Sampdoria PC\AppData\Roaming\vnlgp\vnlgp\kernel\shavite.cl -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Sampdoria PC\AppData\Roaming\vnlgp\vnlgp\kernel\simd.cl -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Sampdoria PC\AppData\Roaming\vnlgp\vnlgp\kernel\skein.cl -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Sampdoria PC\AppData\Roaming\vnlgp\vnlgp\kernel\skein256.cl -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Sampdoria PC\AppData\Roaming\vnlgp\vnlgp\kernel\vanilla.cl -> Cancellato
[PUP.Gen1][Cartella] C:\Users\Sampdoria PC\AppData\Roaming\vnlgp\vnlgp\kernel -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Sampdoria PC\AppData\Roaming\vnlgp\vnlgp\msvcr120.dll -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Sampdoria PC\AppData\Roaming\vnlgp\vnlgp\start.cmd -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Sampdoria PC\AppData\Roaming\vnlgp\vnlgp\vanillaIcelandgw256l4tc22976.bin -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Sampdoria PC\AppData\Roaming\vnlgp\vnlgp\vnlgp.conf -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Sampdoria PC\AppData\Roaming\vnlgp\vnlgp\vnlgp.exe -> Cancellato
[PUP.Gen1][Cartella] C:\Users\Sampdoria PC\AppData\Roaming\vnlgp\vnlgp -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Sampdoria PC\AppData\Roaming\vnlgp\vnlgp-uninst.exe -> Cancellato
[Adw.AdService][Cartella] C:\Users\Sampdoria PC\AppData\Local\AdService -> Rimosso al riavvio [91]
[Adw.AdService][Archivio] C:\Users\Sampdoria PC\AppData\Local\AdService\AdService.dll -> Rimosso al riavvio [5]
[PUP.OnlineIO][Cartella] C:\Users\Sampdoria PC\AppData\Local\AdvinstAnalytics -> Cancellato
[PUP.OnlineIO][Archivio] C:\Users\Sampdoria PC\AppData\Local\AdvinstAnalytics\57bec79515c1ec525f8858bf\2.7.0\tracking.ini -> Cancellato
[PUP.OnlineIO][Cartella] C:\Users\Sampdoria PC\AppData\Local\AdvinstAnalytics\57bec79515c1ec525f8858bf\2.7.0 -> Cancellato
[PUP.OnlineIO][Cartella] C:\Users\Sampdoria PC\AppData\Local\AdvinstAnalytics\57bec79515c1ec525f8858bf -> Cancellato
[BitMiner.Gen0][Cartella] C:\Users\Sampdoria PC\AppData\Local\PCBooster -> Cancellato
[BitMiner.Gen0][Archivio] C:\Users\Sampdoria PC\AppData\Local\PCBooster\booster.exe -> Cancellato
[Adw.Eszjuxuan][Cartella] C:\ProgramData\DreamScreen -> ERROR [3]
[PUP.OnlineIO|PUP.Gen0][Cartella] C:\ProgramData\Microleaves -> Rimosso al riavvio [91]
[PUP.OnlineIO|PUP.Gen0][Cartella] C:\ProgramData\Microleaves\Online Application\updates -> ERROR [5]
[PUP.OnlineIO|PUP.Gen0][Cartella] C:\ProgramData\Microleaves\Online Application -> Rimosso al riavvio [91]
[PUP.Amonetize][Archivio] C:\Program Files\Bonjour\YRGUIESXLF\ALURQEBMMT.exe -> Cancellato
[PUP.Amonetize][Archivio] C:\Program Files\Bonjour\YRGUIESXLF\NSDJURCTRE.exe -> Cancellato
[Pwd.Stealer][Archivio] C:\Program Files (x86)\Google\Chrome\Application\winhttp.dll -> Cancellato
[PUP.HPDefender][Cartella] C:\Program Files (x86)\HPMammoth -> Cancellato
[PUP.HPDefender][Archivio] C:\Program Files (x86)\HPMammoth\Resources\Icons\Browsers\1.ico -> Cancellato
[PUP.HPDefender][Archivio] C:\Program Files (x86)\HPMammoth\Resources\Icons\Browsers\2.ico -> Cancellato
[PUP.HPDefender][Archivio] C:\Program Files (x86)\HPMammoth\Resources\Icons\Browsers\3.ico -> Cancellato
[PUP.HPDefender][Archivio] C:\Program Files (x86)\HPMammoth\Resources\Icons\Browsers\4.ico -> Cancellato
[PUP.HPDefender][Archivio] C:\Program Files (x86)\HPMammoth\Resources\Icons\Browsers\5.ico -> Cancellato
[PUP.HPDefender][Cartella] C:\Program Files (x86)\HPMammoth\Resources\Icons\Browsers -> Cancellato
[PUP.HPDefender][Cartella] C:\Program Files (x86)\HPMammoth\Resources\Icons -> Cancellato
[PUP.HPDefender][Cartella] C:\Program Files (x86)\HPMammoth\Resources -> Cancellato
[PUP.HPDefender][Archivio] C:\Program Files (x86)\HPMammoth\uninstaller.exe -> Cancellato
¤¤¤ WMI : 0 ¤¤¤
¤¤¤ Archivio Hosts : 0 [Too big!] ¤¤¤
¤¤¤ Antirootkit : 0 (Driver: Caricato) ¤¤¤
¤¤¤ Web Browser : 0 ¤¤¤
¤¤¤ Controllo MBR : ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] 9da1d8e75ce36063df1dc7eeb84529d5
[BSP] 79dafbe1cb90ae542af13df34d363186 : Empty MBR Code
Partition table:
0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 450 MB
1 - [MAN-MOUNT] EFI system partition | Offset (sectors): 923648 | Size: 100 MB
2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 1128448 | Size: 16 MB
3 - Basic data partition | Offset (sectors): 1161216 | Size: 352030 MB
4 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 722120704 | Size: 868 MB
5 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 723900416 | Size: 952 MB
6 - Basic data partition | Offset (sectors): 725852160 | Size: 599449 MB
User = LL1 ... OK
User = LL2 ... OK
+++++ PhysicalDrive1: +++++
--- User ---
[MBR] 83b42057fb3fd1d945874c9bf1406a5b
[BSP] df4f83c1f72e36823a12b0dfc7617313 : Empty MBR Code
Partition table:
0 - [XXXXXX] FAT32 (0xb) [VISIBLE] Offset (sectors): 8192 | Size: 3777 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Richiesta non supportata. )
 
danilo79

danilo79

Utente Èlite
1,814
549
Che errore ti danno??
Hai provato ad eseguirli dopo la scansione di roguekiller??

Se ancora niente...
Cancella i due programmi...
Scarica ed esegui Rkill questo è il link download https://www.bleepingcomputer.com/download/rkill/
Avvialo e attendi che finisca (non riavviare mai il pc)..
Se non si avvia anche questo ,prova tutti i vari file( .com .scr etc) in fondo alla pagina del dowload di rkill , fino a che non trovi quello chesi avvia...
Adesso scarica malwarebyte antirootkit, rinominalo in esempio: mbar1.10.3.1001.com , cioe aggingi l estensione .com....
Prova se si avvia...

Poi scarica frst da qui https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/
scarica la versione adatta al tuo sistema operativo 32 o 64 bit
posiziona l eseguibile sul desktop
tasto dx sopra eseguibile--apri come amministratore
una volta aperto clicca su scan
postare log frst.txt e addition.txt

Ciao
 
Ultima modifica:
I

Intu-89

Nuovo Utente
4
0
Allora il report di Rkill è questo:
Rkill 2.9.1 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2017 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html
Program started at: 11/13/2017 08:43:05 AM in x64 mode.
Windows Version: Windows 10 Home
Checking for Windows services to stop:
* No malware services found to stop.
Checking for processes to terminate:
* C:\Users\Sampdoria PC\Desktop\mbar1.10.3.1001.com.exe (PID: 1748) [UP-HEUR]
* C:\Users\Sampdoria PC\Desktop\FRST64.exe (PID: 5712) [UP-HEUR]
2 proccesses terminated!
Checking Registry for malware related settings:
* No issues found in the Registry.
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous checks:
* Windows Defender Disabled
[HKLM\SOFTWARE\Policies\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001
Searching for Missing Digital Signatures:
* No issues found.
Checking HOSTS File:
* Cannot edit the HOSTS file.
* Permissions Fixed. Administrators can now edit the HOSTS file.
* HOSTS file entries found:
127.0.0.1 wemsofts.com
127.0.0.1 bongadoom.com
127.0.0.1 wepcmainsystem.com
127.0.0.1 internalcampaigntargets.com
127.0.0.1 bongadoom.com
127.0.0.1 getthefilenow.com
127.0.0.1 bigpicturepop.com
127.0.0.1 wizzcaster.com
127.0.0.1 bestoffersfortoday.com
127.0.0.1 wepcmainsystem.com
127.0.0.1 agent.wizztrakys.com
127.0.0.1 csdimonetize.com
127.0.0.1 dl.azalee.site
127.0.0.1 titiaredh.com
127.0.0.1 wepcdisplaysystem.com
127.0.0.1 wepcanalyticsystem.com
127.0.0.1 healthydownload.com
127.0.0.1 leading2download.com
127.0.0.1 dwl0.wizzlabs.com
127.0.0.1 dwl1.wizzlabs.com
20 out of 15960 HOSTS entries shown.
Please review HOSTS file for further entries.
Program finished at: 11/13/2017 08:43:31 AM
Execution time: 0 hours(s), 0 minute(s), and 25 seconds(s)
* No issues found.
Checking HOSTS File:
* Cannot edit the HOSTS file.
* Permissions Fixed. Administrators can now edit the HOSTS file.
* HOSTS file entries found:
127.0.0.1 wemsofts.com
127.0.0.1 bongadoom.com
127.0.0.1 wepcmainsystem.com
127.0.0.1 internalcampaigntargets.com
127.0.0.1 bongadoom.com
127.0.0.1 getthefilenow.com
127.0.0.1 bigpicturepop.com
127.0.0.1 wizzcaster.com
127.0.0.1 bestoffersfortoday.com
127.0.0.1 wepcmainsystem.com
127.0.0.1 agent.wizztrakys.com
127.0.0.1 csdimonetize.com
127.0.0.1 dl.azalee.site
127.0.0.1 titiaredh.com
127.0.0.1 wepcdisplaysystem.com
127.0.0.1 wepcanalyticsystem.com
127.0.0.1 healthydownload.com
127.0.0.1 leading2download.com
127.0.0.1 dwl0.wizzlabs.com
127.0.0.1 dwl1.wizzlabs.com
20 out of 15960 HOSTS entries shown.
Please review HOSTS file for further entries.
Program finished at: 11/13/2017 08:44:08 AM
Execution time: 0 hours(s), 0 minute(s), and 15 seconds(s)

Ora dopo averlo rinominato con l'estensioe .com sono riuscito a installare malwarebyte antirootkit poi ti faccio sapere che trova
 
Devi accedere o registrarti per rispondere qui.

Entra

Hai dimenticato la password?
oppure Accedi utilizzando
Discord Ufficiale Entra ora!