PROBLEMA Segurazo HELP !

Pubblicità
R

RaffyBija

Utente Attivo
Messaggi
190
Reazioni
23
Punteggio
44
Salve a tutti community chiedo in primis perdonatemi se avrò sbagliato sezione.
Proprio oggi improvvisamente mi si apre questo programma totalmente dal nulla che apparentemente si pone come un antivirus dal nome di SEGURAZO. Ho provato a disinstallarlo da l’unistaller ufficiale ma niente. Ho scaricato un tool di nome GeekUninstaller che mi ha permesso di effettuare una rimozione forzata, ma poi mi sono reso conto che l’unica cosa che ha rimosso è la presenza nell’elenco dei programmi. Ho provato a terminare il processo ma niente. Ho provato a chiudere il processo tramite prompt dei comandi ma nulla mi dà Accesso Negato.
In poche parole questo programma si è insidiato all’interno del mio SSD e non c’è modo di rimuoverlo.
Chiedo a voi per favore se avete una soluzione per eliminarlo definitivamente, e vorrei usare la formattazione come ultima spiaggia.
 
danilo79 ha detto:
Vai cosi per vedere se hai altri ospiti indesiderati https://forum.tomshw.it/threads/procedura-scansioni-preliminari.736474/
Poi vai di ccleaner.....
Clicca per espandere...
Ma mica devo utilizzare tutti i tool?
--- i due messaggi sono stati uniti ---
Nel Dubbio lascio il log della quarantena di Malwarebytes sicuramente tutte le cartelle di segurazo vanno eliminate, ma non so se deve essere ripristinato qualcosa
Malwarebytes
www.malwarebytes.com

-Dettagli log-
Data scansione: 06/09/19
Ora scansione: 09:25
File di log: 7587296a-d077-11e9-a298-4ccc6ab44169.json

-Informazioni software-
Versione: 3.8.3.2965
Versione componenti: 1.0.613
Aggiorna versione pacchetto: 1.0.12351
Licenza: Free

-Informazioni sistema-
SO: Windows 10 (Build 18362.295)
CPU: x64
File system: NTFS
Utente: RAFFY-PC\Raffy

-Riepilogo scansione-
Tipo di scansione: Ricerca elementi nocivi
Scansione avviata da: Manuale
Risultati: Completata
Elementi analizzati: 288852
Minacce rilevate: 95
Minacce messe in quarantena: 95
Tempo impiegato: 4 min, 46 sec

-Opzioni di scansione-
Memoria: Attivata
Esecuzioni automatiche: Attivata
File system: Attivata
Archivi compressi: Attivata
Rootkit: Attivata
Analisi euristica: Attivata
PUP: Rilevare
PUM: Rilevare

-Dettagli scansione-
Processo: 0
(Nessun elemento nocivo rilevato)

Modulo: 0
(Nessun elemento nocivo rilevato)

Chiave di registro: 10
PUP.Optional.SearchManager, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\NAHHMPBCKPGDIDFNMFKFGIFLPJIJILCE, In quarantena, [2084], [440037],1.0.12351
PUP.Optional.SearchManager, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\NAHHMPBCKPGDIDFNMFKFGIFLPJIJILCE, In quarantena, [2084], [440037],1.0.12351
PUP.Optional.SearchManager, HKU\S-1-5-21-1913349620-2412657265-2819121052-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\nahhmpbckpgdidfnmfkfgiflpjijilce, In quarantena, [2084], [440037],1.0.12351
PUP.Optional.SearchManager, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\PILPLLOABDEDFMIALNFCHJOMJMPJCOEJ, In quarantena, [2084], [183362],1.0.12351
PUP.Optional.SearchManager, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\PILPLLOABDEDFMIALNFCHJOMJMPJCOEJ, In quarantena, [2084], [183362],1.0.12351
PUP.Optional.SearchManager, HKU\S-1-5-21-1913349620-2412657265-2819121052-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pilplloabdedfmialnfchjomjmpjcoej, In quarantena, [2084], [183362],1.0.12351
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, In quarantena, [239], [254682],1.0.12351
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, In quarantena, [239], [254682],1.0.12351
PUP.Optional.WinYahoo, HKU\S-1-5-21-1913349620-2412657265-2819121052-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, In quarantena, [239], [254682],1.0.12351
PUP.Optional.Segurazo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SegurazoIC, In quarantena, [1523], [715288],1.0.12351

Valore di registro: 3
PUP.Optional.WinYahoo, HKU\S-1-5-21-1913349620-2412657265-2819121052-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, In quarantena, [239], [254682],1.0.12351
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, In quarantena, [239], [254683],1.0.12351
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, In quarantena, [239], [254683],1.0.12351

Dati di registro: 2
PUP.Optional.WinYahoo, HKU\S-1-5-21-1913349620-2412657265-2819121052-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Sostituito, [239], [707485],1.0.12351
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Sostituito, [239], [707490],1.0.12351

Flusso di dati: 0
(Nessun elemento nocivo rilevato)

Cartella: 8
PUP.Optional.Segurazo, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\SEGURAZO, In quarantena, [1523], [709092],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\amd64, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x64, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x86, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\PROGRAMDATA\SEGURAZO, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HowToRemove, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\USERS\RAFFY\APPDATA\LOCAL\{3E1F0843-1AB7-64FB-772F-41135347BD8B}, In quarantena, [808], [542290],1.0.12351

File: 72
PUP.Optional.SearchModule, C:\USERS\RAFFY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\chrome-extension_nahhmpbckpgdidfnmfkfgiflpjijilce_0.localstorage, In quarantena, [279], [453492],1.0.12351
PUP.Optional.SearchManager, C:\USERS\RAFFY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\chrome-extension_pilplloabdedfmialnfchjomjmpjcoej_0.localstorage, In quarantena, [2084], [453138],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Segurazo\Segurazo Antivirus.lnk, In quarantena, [1523], [709092],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\amd64\KernelTraceControl.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\amd64\msdia140.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x64\7z64.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x64\ext_x64.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x64\lz4_x64.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x64\rsEngineFW_x64.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x64\rsEnginePM_x64.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x64\rsLggrServer_x64.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x64\System.Data.SQLite.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x86\7z86.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x86\ext_x86.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x86\KernelTraceControl.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x86\lz4_x86.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x86\msdia140.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x86\rsEngineFW_x86.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x86\rsEnginePM_x86.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x86\rsLggrServer_x86.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x86\System.Data.SQLite.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\SegurazoService.exe.config, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\Microsoft.Diagnostics.Tracing.TraceEvent.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\Microsoft.Win32.TaskScheduler.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\rsEngine.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\rsEngineHelper.exe, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\rsEngineHelper.exe.config, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\rsEngineSDK.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\SegurazoClient.exe, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\SegurazoClient.exe.config, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\SegurazoEngine.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\SegurazoService.exe, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\SegurazoShell64_v10149.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\SegurazoShell86_v10149.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\SegurazoTools.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\SegurazoUninstaller.exe, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\SegurazoUninstaller.exe.config, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\System.Threading.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b.dat, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\USERS\RAFFY\APPDATA\LOCAL\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HOWTOREMOVE\HOWTOREMOVE.HTML, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HowToRemove\chromium-min.jpg, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HowToRemove\control panel-min-min.JPG, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HowToRemove\down.png, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HowToRemove\ff menu.JPG, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HowToRemove\ff search engine-min.png, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HowToRemove\hp-min ff.png, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HowToRemove\hp-min ie.png, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HowToRemove\search engine.gif, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HowToRemove\setup pages.gif, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HowToRemove\sp-min.png, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HowToRemove\start-min.jpg, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HowToRemove\up.png, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\caselorit, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\ninacina, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\uninst.exe, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\uninstp.dat, In quarantena, [808], [542290],1.0.12351
PUP.Optional.Segurazo, C:\$RECYCLE.BIN\S-1-5-21-1913349620-2412657265-2819121052-1000\$RTI0V65\SEGURAZOTOOLS.DLL, In quarantena, [1523], [709102],1.0.12351
PUP.Optional.Segurazo, C:\$RECYCLE.BIN\S-1-5-21-1913349620-2412657265-2819121052-1000\$RTI0V65\SEGURAZOKD.SYS, In quarantena, [1523], [709102],1.0.12351
PUP.Optional.Segurazo, C:\$RECYCLE.BIN\S-1-5-21-1913349620-2412657265-2819121052-1000\$RTI0V65\SEGURAZOSHELL86_V10149.DLL, In quarantena, [1523], [709102],1.0.12351
PUP.Optional.Segurazo, C:\$RECYCLE.BIN\S-1-5-21-1913349620-2412657265-2819121052-1000\$RTI0V65\SEGURAZOIC.EXE, In quarantena, [1523], [714543],1.0.12351
PUP.Optional.Segurazo, C:\$RECYCLE.BIN\S-1-5-21-1913349620-2412657265-2819121052-1000\$RTI0V65\SEGURAZOSERVICE.EXE, In quarantena, [1523], [709102],1.0.12351
PUP.Optional.Segurazo, C:\$RECYCLE.BIN\S-1-5-21-1913349620-2412657265-2819121052-1000\$RTI0V65\SEGURAZOSHELL64_V10149.DLL, In quarantena, [1523], [709102],1.0.12351
PUP.Optional.Segurazo, C:\$RECYCLE.BIN\S-1-5-21-1913349620-2412657265-2819121052-1000\$RTI0V65\SEGURAZOENGINE.DLL, In quarantena, [1523], [714174],1.0.12351
PUP.Optional.Segurazo, C:\$RECYCLE.BIN\S-1-5-21-1913349620-2412657265-2819121052-1000\$RTI0V65\SEGURAZOCLIENT.EXE, In quarantena, [1523], [709102],1.0.12351
PUP.Optional.Segurazo, C:\USERS\RAFFY\APPDATA\LOCAL\TEMP\TMPSEC6853244\SEGSETUP_1.0.15.2.EXE, In quarantena, [1523], [709102],1.0.12351
PUP.Optional.WinZipDriverUpdater, C:\USERS\RAFFY\APPDATA\LOCAL\TEMP\NS63ECAE00\2E9045FA_STP\WZDU50.29.2.2.EXE, In quarantena, [1696], [484645],1.0.12351
PUP.Optional.HTTPBreaker, C:\USERS\RAFFY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sostituito, [418], [455245],1.0.12351
PUP.Optional.SweetPage, C:\USERS\RAFFY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sostituito, [407], [455284],1.0.12351
PUP.Optional.Conduit, C:\USERS\RAFFY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sostituito, [204], [454832],1.0.12351
PUP.Optional.SweetPage, C:\USERS\RAFFY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sostituito, [407], [455284],1.0.12351
PUP.Optional.Conduit, C:\USERS\RAFFY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sostituito, [204], [454832],1.0.12351
PUP.Optional.HTTPBreaker, C:\USERS\RAFFY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sostituito, [418], [455245],1.0.12351

Settore fisico: 0
(Nessun elemento nocivo rilevato)

WMI: 0
(Nessun elemento nocivo rilevato)


(end)
 
Ultima modifica:
RaffyBija ha detto:
Ma mica devo utilizzare tutti i tool?
--- i due messaggi sono stati uniti ---
Nel Dubbio lascio il log della quarantena di Malwarebytes sicuramente tutte le cartelle di segurazo vanno eliminate, ma non so se deve essere ripristinato qualcosa
Malwarebytes
www.malwarebytes.com

-Dettagli log-
Data scansione: 06/09/19
Ora scansione: 09:25
File di log: 7587296a-d077-11e9-a298-4ccc6ab44169.json

-Informazioni software-
Versione: 3.8.3.2965
Versione componenti: 1.0.613
Aggiorna versione pacchetto: 1.0.12351
Licenza: Free

-Informazioni sistema-
SO: Windows 10 (Build 18362.295)
CPU: x64
File system: NTFS
Utente: RAFFY-PC\Raffy

-Riepilogo scansione-
Tipo di scansione: Ricerca elementi nocivi
Scansione avviata da: Manuale
Risultati: Completata
Elementi analizzati: 288852
Minacce rilevate: 95
Minacce messe in quarantena: 95
Tempo impiegato: 4 min, 46 sec

-Opzioni di scansione-
Memoria: Attivata
Esecuzioni automatiche: Attivata
File system: Attivata
Archivi compressi: Attivata
Rootkit: Attivata
Analisi euristica: Attivata
PUP: Rilevare
PUM: Rilevare

-Dettagli scansione-
Processo: 0
(Nessun elemento nocivo rilevato)

Modulo: 0
(Nessun elemento nocivo rilevato)

Chiave di registro: 10
PUP.Optional.SearchManager, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\NAHHMPBCKPGDIDFNMFKFGIFLPJIJILCE, In quarantena, [2084], [440037],1.0.12351
PUP.Optional.SearchManager, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\NAHHMPBCKPGDIDFNMFKFGIFLPJIJILCE, In quarantena, [2084], [440037],1.0.12351
PUP.Optional.SearchManager, HKU\S-1-5-21-1913349620-2412657265-2819121052-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\nahhmpbckpgdidfnmfkfgiflpjijilce, In quarantena, [2084], [440037],1.0.12351
PUP.Optional.SearchManager, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\PILPLLOABDEDFMIALNFCHJOMJMPJCOEJ, In quarantena, [2084], [183362],1.0.12351
PUP.Optional.SearchManager, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\PILPLLOABDEDFMIALNFCHJOMJMPJCOEJ, In quarantena, [2084], [183362],1.0.12351
PUP.Optional.SearchManager, HKU\S-1-5-21-1913349620-2412657265-2819121052-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pilplloabdedfmialnfchjomjmpjcoej, In quarantena, [2084], [183362],1.0.12351
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, In quarantena, [239], [254682],1.0.12351
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, In quarantena, [239], [254682],1.0.12351
PUP.Optional.WinYahoo, HKU\S-1-5-21-1913349620-2412657265-2819121052-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, In quarantena, [239], [254682],1.0.12351
PUP.Optional.Segurazo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SegurazoIC, In quarantena, [1523], [715288],1.0.12351

Valore di registro: 3
PUP.Optional.WinYahoo, HKU\S-1-5-21-1913349620-2412657265-2819121052-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, In quarantena, [239], [254682],1.0.12351
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, In quarantena, [239], [254683],1.0.12351
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, In quarantena, [239], [254683],1.0.12351

Dati di registro: 2
PUP.Optional.WinYahoo, HKU\S-1-5-21-1913349620-2412657265-2819121052-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Sostituito, [239], [707485],1.0.12351
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Sostituito, [239], [707490],1.0.12351

Flusso di dati: 0
(Nessun elemento nocivo rilevato)

Cartella: 8
PUP.Optional.Segurazo, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\SEGURAZO, In quarantena, [1523], [709092],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\amd64, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x64, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x86, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\PROGRAMDATA\SEGURAZO, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HowToRemove, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\USERS\RAFFY\APPDATA\LOCAL\{3E1F0843-1AB7-64FB-772F-41135347BD8B}, In quarantena, [808], [542290],1.0.12351

File: 72
PUP.Optional.SearchModule, C:\USERS\RAFFY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\chrome-extension_nahhmpbckpgdidfnmfkfgiflpjijilce_0.localstorage, In quarantena, [279], [453492],1.0.12351
PUP.Optional.SearchManager, C:\USERS\RAFFY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\chrome-extension_pilplloabdedfmialnfchjomjmpjcoej_0.localstorage, In quarantena, [2084], [453138],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Segurazo\Segurazo Antivirus.lnk, In quarantena, [1523], [709092],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\amd64\KernelTraceControl.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\amd64\msdia140.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x64\7z64.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x64\ext_x64.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x64\lz4_x64.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x64\rsEngineFW_x64.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x64\rsEnginePM_x64.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x64\rsLggrServer_x64.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x64\System.Data.SQLite.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x86\7z86.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x86\ext_x86.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x86\KernelTraceControl.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x86\lz4_x86.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x86\msdia140.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x86\rsEngineFW_x86.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x86\rsEnginePM_x86.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x86\rsLggrServer_x86.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x86\System.Data.SQLite.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\SegurazoService.exe.config, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\Microsoft.Diagnostics.Tracing.TraceEvent.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\Microsoft.Win32.TaskScheduler.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\rsEngine.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\rsEngineHelper.exe, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\rsEngineHelper.exe.config, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\rsEngineSDK.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\SegurazoClient.exe, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\SegurazoClient.exe.config, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\SegurazoEngine.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\SegurazoService.exe, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\SegurazoShell64_v10149.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\SegurazoShell86_v10149.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\SegurazoTools.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\SegurazoUninstaller.exe, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\SegurazoUninstaller.exe.config, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\System.Threading.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b.dat, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\USERS\RAFFY\APPDATA\LOCAL\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HOWTOREMOVE\HOWTOREMOVE.HTML, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HowToRemove\chromium-min.jpg, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HowToRemove\control panel-min-min.JPG, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HowToRemove\down.png, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HowToRemove\ff menu.JPG, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HowToRemove\ff search engine-min.png, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HowToRemove\hp-min ff.png, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HowToRemove\hp-min ie.png, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HowToRemove\search engine.gif, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HowToRemove\setup pages.gif, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HowToRemove\sp-min.png, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HowToRemove\start-min.jpg, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HowToRemove\up.png, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\caselorit, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\ninacina, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\uninst.exe, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\uninstp.dat, In quarantena, [808], [542290],1.0.12351
PUP.Optional.Segurazo, C:\$RECYCLE.BIN\S-1-5-21-1913349620-2412657265-2819121052-1000\$RTI0V65\SEGURAZOTOOLS.DLL, In quarantena, [1523], [709102],1.0.12351
PUP.Optional.Segurazo, C:\$RECYCLE.BIN\S-1-5-21-1913349620-2412657265-2819121052-1000\$RTI0V65\SEGURAZOKD.SYS, In quarantena, [1523], [709102],1.0.12351
PUP.Optional.Segurazo, C:\$RECYCLE.BIN\S-1-5-21-1913349620-2412657265-2819121052-1000\$RTI0V65\SEGURAZOSHELL86_V10149.DLL, In quarantena, [1523], [709102],1.0.12351
PUP.Optional.Segurazo, C:\$RECYCLE.BIN\S-1-5-21-1913349620-2412657265-2819121052-1000\$RTI0V65\SEGURAZOIC.EXE, In quarantena, [1523], [714543],1.0.12351
PUP.Optional.Segurazo, C:\$RECYCLE.BIN\S-1-5-21-1913349620-2412657265-2819121052-1000\$RTI0V65\SEGURAZOSERVICE.EXE, In quarantena, [1523], [709102],1.0.12351
PUP.Optional.Segurazo, C:\$RECYCLE.BIN\S-1-5-21-1913349620-2412657265-2819121052-1000\$RTI0V65\SEGURAZOSHELL64_V10149.DLL, In quarantena, [1523], [709102],1.0.12351
PUP.Optional.Segurazo, C:\$RECYCLE.BIN\S-1-5-21-1913349620-2412657265-2819121052-1000\$RTI0V65\SEGURAZOENGINE.DLL, In quarantena, [1523], [714174],1.0.12351
PUP.Optional.Segurazo, C:\$RECYCLE.BIN\S-1-5-21-1913349620-2412657265-2819121052-1000\$RTI0V65\SEGURAZOCLIENT.EXE, In quarantena, [1523], [709102],1.0.12351
PUP.Optional.Segurazo, C:\USERS\RAFFY\APPDATA\LOCAL\TEMP\TMPSEC6853244\SEGSETUP_1.0.15.2.EXE, In quarantena, [1523], [709102],1.0.12351
PUP.Optional.WinZipDriverUpdater, C:\USERS\RAFFY\APPDATA\LOCAL\TEMP\NS63ECAE00\2E9045FA_STP\WZDU50.29.2.2.EXE, In quarantena, [1696], [484645],1.0.12351
PUP.Optional.HTTPBreaker, C:\USERS\RAFFY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sostituito, [418], [455245],1.0.12351
PUP.Optional.SweetPage, C:\USERS\RAFFY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sostituito, [407], [455284],1.0.12351
PUP.Optional.Conduit, C:\USERS\RAFFY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sostituito, [204], [454832],1.0.12351
PUP.Optional.SweetPage, C:\USERS\RAFFY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sostituito, [407], [455284],1.0.12351
PUP.Optional.Conduit, C:\USERS\RAFFY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sostituito, [204], [454832],1.0.12351
PUP.Optional.HTTPBreaker, C:\USERS\RAFFY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sostituito, [418], [455245],1.0.12351

Settore fisico: 0
(Nessun elemento nocivo rilevato)

WMI: 0
(Nessun elemento nocivo rilevato)


(end)
Clicca per espandere...
No devi usare solo i primi tre....
Elimina tutto cio che ha trovato malwarebyte...
 
un altro consiglio per disintallare segurazo...fare un avvio pulito e poi disinstallarlo dalla sua cartella :ok:
 
ciao...sono stato infettato da questo segurazo, ho installato Malwarebytes (che credo lo abbia neutralizzato) poi con RogueKiller lo ha individuato ma non riesce a rimuoverlo...come posso rimuoverlo manualmente?
 
Ultima modifica:
Pubblicità
Pubblicità
Indietro
Top