Toggle sidebar Toggle sidebar

PROBLEMA Segurazo HELP !

R

RaffyBija

Utente Attivo
190
23
CPU
Ryzen 5 2600
Dissipatore
Artic freezer 7 pro
Scheda Madre
ASrock B450M PRO4-F
RAM
G-Skill Aegis 16GB 3000Mhz
GPU
Sapphire Radeon rx 580 nitro +
PSU
BeQuiet system power 9 500W
Case
Master case MB510L
Salve a tutti community chiedo in primis perdonatemi se avrò sbagliato sezione.
Proprio oggi improvvisamente mi si apre questo programma totalmente dal nulla che apparentemente si pone come un antivirus dal nome di SEGURAZO. Ho provato a disinstallarlo da l’unistaller ufficiale ma niente. Ho scaricato un tool di nome GeekUninstaller che mi ha permesso di effettuare una rimozione forzata, ma poi mi sono reso conto che l’unica cosa che ha rimosso è la presenza nell’elenco dei programmi. Ho provato a terminare il processo ma niente. Ho provato a chiudere il processo tramite prompt dei comandi ma nulla mi dà Accesso Negato.
In poche parole questo programma si è insidiato all’interno del mio SSD e non c’è modo di rimuoverlo.
Chiedo a voi per favore se avete una soluzione per eliminarlo definitivamente, e vorrei usare la formattazione come ultima spiaggia.
 
R

RaffyBija

Utente Attivo
190
23
CPU
Ryzen 5 2600
Dissipatore
Artic freezer 7 pro
Scheda Madre
ASrock B450M PRO4-F
RAM
G-Skill Aegis 16GB 3000Mhz
GPU
Sapphire Radeon rx 580 nitro +
PSU
BeQuiet system power 9 500W
Case
Master case MB510L
R

RaffyBija

Utente Attivo
190
23
CPU
Ryzen 5 2600
Dissipatore
Artic freezer 7 pro
Scheda Madre
ASrock B450M PRO4-F
RAM
G-Skill Aegis 16GB 3000Mhz
GPU
Sapphire Radeon rx 580 nitro +
PSU
BeQuiet system power 9 500W
Case
Master case MB510L
danilo79 ha detto:
Vai cosi per vedere se hai altri ospiti indesiderati https://forum.tomshw.it/threads/procedura-scansioni-preliminari.736474/
Poi vai di ccleaner.....
Clicca per espandere...
Ma mica devo utilizzare tutti i tool?
Post unito automaticamente:

Nel Dubbio lascio il log della quarantena di Malwarebytes sicuramente tutte le cartelle di segurazo vanno eliminate, ma non so se deve essere ripristinato qualcosa
Malwarebytes
www.malwarebytes.com

-Dettagli log-
Data scansione: 06/09/19
Ora scansione: 09:25
File di log: 7587296a-d077-11e9-a298-4ccc6ab44169.json

-Informazioni software-
Versione: 3.8.3.2965
Versione componenti: 1.0.613
Aggiorna versione pacchetto: 1.0.12351
Licenza: Free

-Informazioni sistema-
SO: Windows 10 (Build 18362.295)
CPU: x64
File system: NTFS
Utente: RAFFY-PC\Raffy

-Riepilogo scansione-
Tipo di scansione: Ricerca elementi nocivi
Scansione avviata da: Manuale
Risultati: Completata
Elementi analizzati: 288852
Minacce rilevate: 95
Minacce messe in quarantena: 95
Tempo impiegato: 4 min, 46 sec

-Opzioni di scansione-
Memoria: Attivata
Esecuzioni automatiche: Attivata
File system: Attivata
Archivi compressi: Attivata
Rootkit: Attivata
Analisi euristica: Attivata
PUP: Rilevare
PUM: Rilevare

-Dettagli scansione-
Processo: 0
(Nessun elemento nocivo rilevato)

Modulo: 0
(Nessun elemento nocivo rilevato)

Chiave di registro: 10
PUP.Optional.SearchManager, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\NAHHMPBCKPGDIDFNMFKFGIFLPJIJILCE, In quarantena, [2084], [440037],1.0.12351
PUP.Optional.SearchManager, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\NAHHMPBCKPGDIDFNMFKFGIFLPJIJILCE, In quarantena, [2084], [440037],1.0.12351
PUP.Optional.SearchManager, HKU\S-1-5-21-1913349620-2412657265-2819121052-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\nahhmpbckpgdidfnmfkfgiflpjijilce, In quarantena, [2084], [440037],1.0.12351
PUP.Optional.SearchManager, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\PILPLLOABDEDFMIALNFCHJOMJMPJCOEJ, In quarantena, [2084], [183362],1.0.12351
PUP.Optional.SearchManager, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\PILPLLOABDEDFMIALNFCHJOMJMPJCOEJ, In quarantena, [2084], [183362],1.0.12351
PUP.Optional.SearchManager, HKU\S-1-5-21-1913349620-2412657265-2819121052-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pilplloabdedfmialnfchjomjmpjcoej, In quarantena, [2084], [183362],1.0.12351
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, In quarantena, [239], [254682],1.0.12351
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, In quarantena, [239], [254682],1.0.12351
PUP.Optional.WinYahoo, HKU\S-1-5-21-1913349620-2412657265-2819121052-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, In quarantena, [239], [254682],1.0.12351
PUP.Optional.Segurazo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SegurazoIC, In quarantena, [1523], [715288],1.0.12351

Valore di registro: 3
PUP.Optional.WinYahoo, HKU\S-1-5-21-1913349620-2412657265-2819121052-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, In quarantena, [239], [254682],1.0.12351
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, In quarantena, [239], [254683],1.0.12351
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, In quarantena, [239], [254683],1.0.12351

Dati di registro: 2
PUP.Optional.WinYahoo, HKU\S-1-5-21-1913349620-2412657265-2819121052-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Sostituito, [239], [707485],1.0.12351
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Sostituito, [239], [707490],1.0.12351

Flusso di dati: 0
(Nessun elemento nocivo rilevato)

Cartella: 8
PUP.Optional.Segurazo, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\SEGURAZO, In quarantena, [1523], [709092],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\amd64, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x64, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x86, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\PROGRAMDATA\SEGURAZO, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HowToRemove, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\USERS\RAFFY\APPDATA\LOCAL\{3E1F0843-1AB7-64FB-772F-41135347BD8B}, In quarantena, [808], [542290],1.0.12351

File: 72
PUP.Optional.SearchModule, C:\USERS\RAFFY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\chrome-extension_nahhmpbckpgdidfnmfkfgiflpjijilce_0.localstorage, In quarantena, [279], [453492],1.0.12351
PUP.Optional.SearchManager, C:\USERS\RAFFY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\chrome-extension_pilplloabdedfmialnfchjomjmpjcoej_0.localstorage, In quarantena, [2084], [453138],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Segurazo\Segurazo Antivirus.lnk, In quarantena, [1523], [709092],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\amd64\KernelTraceControl.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\amd64\msdia140.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x64\7z64.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x64\ext_x64.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x64\lz4_x64.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x64\rsEngineFW_x64.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x64\rsEnginePM_x64.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x64\rsLggrServer_x64.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x64\System.Data.SQLite.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x86\7z86.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x86\ext_x86.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x86\KernelTraceControl.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x86\lz4_x86.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x86\msdia140.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x86\rsEngineFW_x86.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x86\rsEnginePM_x86.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x86\rsLggrServer_x86.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x86\System.Data.SQLite.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\SegurazoService.exe.config, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\Microsoft.Diagnostics.Tracing.TraceEvent.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\Microsoft.Win32.TaskScheduler.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\rsEngine.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\rsEngineHelper.exe, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\rsEngineHelper.exe.config, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\rsEngineSDK.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\SegurazoClient.exe, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\SegurazoClient.exe.config, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\SegurazoEngine.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\SegurazoService.exe, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\SegurazoShell64_v10149.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\SegurazoShell86_v10149.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\SegurazoTools.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\SegurazoUninstaller.exe, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\SegurazoUninstaller.exe.config, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\System.Threading.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b.dat, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\USERS\RAFFY\APPDATA\LOCAL\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HOWTOREMOVE\HOWTOREMOVE.HTML, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HowToRemove\chromium-min.jpg, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HowToRemove\control panel-min-min.JPG, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HowToRemove\down.png, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HowToRemove\ff menu.JPG, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HowToRemove\ff search engine-min.png, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HowToRemove\hp-min ff.png, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HowToRemove\hp-min ie.png, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HowToRemove\search engine.gif, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HowToRemove\setup pages.gif, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HowToRemove\sp-min.png, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HowToRemove\start-min.jpg, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HowToRemove\up.png, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\caselorit, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\ninacina, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\uninst.exe, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\uninstp.dat, In quarantena, [808], [542290],1.0.12351
PUP.Optional.Segurazo, C:\$RECYCLE.BIN\S-1-5-21-1913349620-2412657265-2819121052-1000\$RTI0V65\SEGURAZOTOOLS.DLL, In quarantena, [1523], [709102],1.0.12351
PUP.Optional.Segurazo, C:\$RECYCLE.BIN\S-1-5-21-1913349620-2412657265-2819121052-1000\$RTI0V65\SEGURAZOKD.SYS, In quarantena, [1523], [709102],1.0.12351
PUP.Optional.Segurazo, C:\$RECYCLE.BIN\S-1-5-21-1913349620-2412657265-2819121052-1000\$RTI0V65\SEGURAZOSHELL86_V10149.DLL, In quarantena, [1523], [709102],1.0.12351
PUP.Optional.Segurazo, C:\$RECYCLE.BIN\S-1-5-21-1913349620-2412657265-2819121052-1000\$RTI0V65\SEGURAZOIC.EXE, In quarantena, [1523], [714543],1.0.12351
PUP.Optional.Segurazo, C:\$RECYCLE.BIN\S-1-5-21-1913349620-2412657265-2819121052-1000\$RTI0V65\SEGURAZOSERVICE.EXE, In quarantena, [1523], [709102],1.0.12351
PUP.Optional.Segurazo, C:\$RECYCLE.BIN\S-1-5-21-1913349620-2412657265-2819121052-1000\$RTI0V65\SEGURAZOSHELL64_V10149.DLL, In quarantena, [1523], [709102],1.0.12351
PUP.Optional.Segurazo, C:\$RECYCLE.BIN\S-1-5-21-1913349620-2412657265-2819121052-1000\$RTI0V65\SEGURAZOENGINE.DLL, In quarantena, [1523], [714174],1.0.12351
PUP.Optional.Segurazo, C:\$RECYCLE.BIN\S-1-5-21-1913349620-2412657265-2819121052-1000\$RTI0V65\SEGURAZOCLIENT.EXE, In quarantena, [1523], [709102],1.0.12351
PUP.Optional.Segurazo, C:\USERS\RAFFY\APPDATA\LOCAL\TEMP\TMPSEC6853244\SEGSETUP_1.0.15.2.EXE, In quarantena, [1523], [709102],1.0.12351
PUP.Optional.WinZipDriverUpdater, C:\USERS\RAFFY\APPDATA\LOCAL\TEMP\NS63ECAE00\2E9045FA_STP\WZDU50.29.2.2.EXE, In quarantena, [1696], [484645],1.0.12351
PUP.Optional.HTTPBreaker, C:\USERS\RAFFY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sostituito, [418], [455245],1.0.12351
PUP.Optional.SweetPage, C:\USERS\RAFFY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sostituito, [407], [455284],1.0.12351
PUP.Optional.Conduit, C:\USERS\RAFFY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sostituito, [204], [454832],1.0.12351
PUP.Optional.SweetPage, C:\USERS\RAFFY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sostituito, [407], [455284],1.0.12351
PUP.Optional.Conduit, C:\USERS\RAFFY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sostituito, [204], [454832],1.0.12351
PUP.Optional.HTTPBreaker, C:\USERS\RAFFY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sostituito, [418], [455245],1.0.12351

Settore fisico: 0
(Nessun elemento nocivo rilevato)

WMI: 0
(Nessun elemento nocivo rilevato)


(end)
 
Ultima modifica:
danilo79

danilo79

Utente Èlite
1,814
549
RaffyBija ha detto:
Ma mica devo utilizzare tutti i tool?
Post unito automaticamente:

Nel Dubbio lascio il log della quarantena di Malwarebytes sicuramente tutte le cartelle di segurazo vanno eliminate, ma non so se deve essere ripristinato qualcosa
Malwarebytes
www.malwarebytes.com

-Dettagli log-
Data scansione: 06/09/19
Ora scansione: 09:25
File di log: 7587296a-d077-11e9-a298-4ccc6ab44169.json

-Informazioni software-
Versione: 3.8.3.2965
Versione componenti: 1.0.613
Aggiorna versione pacchetto: 1.0.12351
Licenza: Free

-Informazioni sistema-
SO: Windows 10 (Build 18362.295)
CPU: x64
File system: NTFS
Utente: RAFFY-PC\Raffy

-Riepilogo scansione-
Tipo di scansione: Ricerca elementi nocivi
Scansione avviata da: Manuale
Risultati: Completata
Elementi analizzati: 288852
Minacce rilevate: 95
Minacce messe in quarantena: 95
Tempo impiegato: 4 min, 46 sec

-Opzioni di scansione-
Memoria: Attivata
Esecuzioni automatiche: Attivata
File system: Attivata
Archivi compressi: Attivata
Rootkit: Attivata
Analisi euristica: Attivata
PUP: Rilevare
PUM: Rilevare

-Dettagli scansione-
Processo: 0
(Nessun elemento nocivo rilevato)

Modulo: 0
(Nessun elemento nocivo rilevato)

Chiave di registro: 10
PUP.Optional.SearchManager, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\NAHHMPBCKPGDIDFNMFKFGIFLPJIJILCE, In quarantena, [2084], [440037],1.0.12351
PUP.Optional.SearchManager, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\NAHHMPBCKPGDIDFNMFKFGIFLPJIJILCE, In quarantena, [2084], [440037],1.0.12351
PUP.Optional.SearchManager, HKU\S-1-5-21-1913349620-2412657265-2819121052-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\nahhmpbckpgdidfnmfkfgiflpjijilce, In quarantena, [2084], [440037],1.0.12351
PUP.Optional.SearchManager, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\PILPLLOABDEDFMIALNFCHJOMJMPJCOEJ, In quarantena, [2084], [183362],1.0.12351
PUP.Optional.SearchManager, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\PILPLLOABDEDFMIALNFCHJOMJMPJCOEJ, In quarantena, [2084], [183362],1.0.12351
PUP.Optional.SearchManager, HKU\S-1-5-21-1913349620-2412657265-2819121052-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pilplloabdedfmialnfchjomjmpjcoej, In quarantena, [2084], [183362],1.0.12351
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, In quarantena, [239], [254682],1.0.12351
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, In quarantena, [239], [254682],1.0.12351
PUP.Optional.WinYahoo, HKU\S-1-5-21-1913349620-2412657265-2819121052-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, In quarantena, [239], [254682],1.0.12351
PUP.Optional.Segurazo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SegurazoIC, In quarantena, [1523], [715288],1.0.12351

Valore di registro: 3
PUP.Optional.WinYahoo, HKU\S-1-5-21-1913349620-2412657265-2819121052-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, In quarantena, [239], [254682],1.0.12351
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, In quarantena, [239], [254683],1.0.12351
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, In quarantena, [239], [254683],1.0.12351

Dati di registro: 2
PUP.Optional.WinYahoo, HKU\S-1-5-21-1913349620-2412657265-2819121052-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Sostituito, [239], [707485],1.0.12351
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Sostituito, [239], [707490],1.0.12351

Flusso di dati: 0
(Nessun elemento nocivo rilevato)

Cartella: 8
PUP.Optional.Segurazo, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\SEGURAZO, In quarantena, [1523], [709092],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\amd64, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x64, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x86, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\PROGRAMDATA\SEGURAZO, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HowToRemove, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\USERS\RAFFY\APPDATA\LOCAL\{3E1F0843-1AB7-64FB-772F-41135347BD8B}, In quarantena, [808], [542290],1.0.12351

File: 72
PUP.Optional.SearchModule, C:\USERS\RAFFY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\chrome-extension_nahhmpbckpgdidfnmfkfgiflpjijilce_0.localstorage, In quarantena, [279], [453492],1.0.12351
PUP.Optional.SearchManager, C:\USERS\RAFFY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\chrome-extension_pilplloabdedfmialnfchjomjmpjcoej_0.localstorage, In quarantena, [2084], [453138],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Segurazo\Segurazo Antivirus.lnk, In quarantena, [1523], [709092],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\amd64\KernelTraceControl.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\amd64\msdia140.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x64\7z64.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x64\ext_x64.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x64\lz4_x64.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x64\rsEngineFW_x64.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x64\rsEnginePM_x64.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x64\rsLggrServer_x64.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x64\System.Data.SQLite.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x86\7z86.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x86\ext_x86.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x86\KernelTraceControl.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x86\lz4_x86.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x86\msdia140.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x86\rsEngineFW_x86.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x86\rsEnginePM_x86.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x86\rsLggrServer_x86.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\x86\System.Data.SQLite.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\SegurazoService.exe.config, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\Microsoft.Diagnostics.Tracing.TraceEvent.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\Microsoft.Win32.TaskScheduler.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\rsEngine.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\rsEngineHelper.exe, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\rsEngineHelper.exe.config, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\rsEngineSDK.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\SegurazoClient.exe, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\SegurazoClient.exe.config, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\SegurazoEngine.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\SegurazoService.exe, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\SegurazoShell64_v10149.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\SegurazoShell86_v10149.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\SegurazoTools.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\SegurazoUninstaller.exe, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\SegurazoUninstaller.exe.config, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b\System.Threading.dll, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.Segurazo, C:\ProgramData\Segurazo\b.dat, In quarantena, [1523], [709093],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\USERS\RAFFY\APPDATA\LOCAL\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HOWTOREMOVE\HOWTOREMOVE.HTML, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HowToRemove\chromium-min.jpg, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HowToRemove\control panel-min-min.JPG, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HowToRemove\down.png, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HowToRemove\ff menu.JPG, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HowToRemove\ff search engine-min.png, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HowToRemove\hp-min ff.png, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HowToRemove\hp-min ie.png, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HowToRemove\search engine.gif, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HowToRemove\setup pages.gif, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HowToRemove\sp-min.png, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HowToRemove\start-min.jpg, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\HowToRemove\up.png, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\caselorit, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\ninacina, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\uninst.exe, In quarantena, [808], [542290],1.0.12351
PUP.Optional.WinYahoo.TskLnk, C:\Users\Raffy\AppData\Local\{3E1F0843-1AB7-64FB-772F-41135347BD8B}\uninstp.dat, In quarantena, [808], [542290],1.0.12351
PUP.Optional.Segurazo, C:\$RECYCLE.BIN\S-1-5-21-1913349620-2412657265-2819121052-1000\$RTI0V65\SEGURAZOTOOLS.DLL, In quarantena, [1523], [709102],1.0.12351
PUP.Optional.Segurazo, C:\$RECYCLE.BIN\S-1-5-21-1913349620-2412657265-2819121052-1000\$RTI0V65\SEGURAZOKD.SYS, In quarantena, [1523], [709102],1.0.12351
PUP.Optional.Segurazo, C:\$RECYCLE.BIN\S-1-5-21-1913349620-2412657265-2819121052-1000\$RTI0V65\SEGURAZOSHELL86_V10149.DLL, In quarantena, [1523], [709102],1.0.12351
PUP.Optional.Segurazo, C:\$RECYCLE.BIN\S-1-5-21-1913349620-2412657265-2819121052-1000\$RTI0V65\SEGURAZOIC.EXE, In quarantena, [1523], [714543],1.0.12351
PUP.Optional.Segurazo, C:\$RECYCLE.BIN\S-1-5-21-1913349620-2412657265-2819121052-1000\$RTI0V65\SEGURAZOSERVICE.EXE, In quarantena, [1523], [709102],1.0.12351
PUP.Optional.Segurazo, C:\$RECYCLE.BIN\S-1-5-21-1913349620-2412657265-2819121052-1000\$RTI0V65\SEGURAZOSHELL64_V10149.DLL, In quarantena, [1523], [709102],1.0.12351
PUP.Optional.Segurazo, C:\$RECYCLE.BIN\S-1-5-21-1913349620-2412657265-2819121052-1000\$RTI0V65\SEGURAZOENGINE.DLL, In quarantena, [1523], [714174],1.0.12351
PUP.Optional.Segurazo, C:\$RECYCLE.BIN\S-1-5-21-1913349620-2412657265-2819121052-1000\$RTI0V65\SEGURAZOCLIENT.EXE, In quarantena, [1523], [709102],1.0.12351
PUP.Optional.Segurazo, C:\USERS\RAFFY\APPDATA\LOCAL\TEMP\TMPSEC6853244\SEGSETUP_1.0.15.2.EXE, In quarantena, [1523], [709102],1.0.12351
PUP.Optional.WinZipDriverUpdater, C:\USERS\RAFFY\APPDATA\LOCAL\TEMP\NS63ECAE00\2E9045FA_STP\WZDU50.29.2.2.EXE, In quarantena, [1696], [484645],1.0.12351
PUP.Optional.HTTPBreaker, C:\USERS\RAFFY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sostituito, [418], [455245],1.0.12351
PUP.Optional.SweetPage, C:\USERS\RAFFY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sostituito, [407], [455284],1.0.12351
PUP.Optional.Conduit, C:\USERS\RAFFY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sostituito, [204], [454832],1.0.12351
PUP.Optional.SweetPage, C:\USERS\RAFFY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sostituito, [407], [455284],1.0.12351
PUP.Optional.Conduit, C:\USERS\RAFFY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sostituito, [204], [454832],1.0.12351
PUP.Optional.HTTPBreaker, C:\USERS\RAFFY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sostituito, [418], [455245],1.0.12351

Settore fisico: 0
(Nessun elemento nocivo rilevato)

WMI: 0
(Nessun elemento nocivo rilevato)


(end)
Clicca per espandere...
No devi usare solo i primi tre....
Elimina tutto cio che ha trovato malwarebyte...
 
ince

ince

Utente Attivo
1,368
744
un altro consiglio per disintallare segurazo...fare un avvio pulito e poi disinstallarlo dalla sua cartella :ok:
 
Aladar73

Aladar73

Utente Attivo
207
11
CPU
Intel Core i5-3570 3.40GHz con Cooler Master Hyper T4
Scheda Madre
ASRock Z77 Pro3
HDD
SSD Samsung 840 EVO MZ-7E500B - 500 GB
RAM
CORSAIR Vengeange DDR3 4x8 Gb
GPU
GIGABYTE GeForce GTX770 - 4 GB
Monitor
BenQ GL2706PQ
PSU
Seasonic P-460FL ATX Modulare da 460W Fanless
Case
Cooler Master Silencio 650
OS
Windows 10 64bit
ciao...sono stato infettato da questo segurazo, ho installato Malwarebytes (che credo lo abbia neutralizzato) poi con RogueKiller lo ha individuato ma non riesce a rimuoverlo...come posso rimuoverlo manualmente?
 
Ultima modifica:
Aladar73

Aladar73

Utente Attivo
207
11
CPU
Intel Core i5-3570 3.40GHz con Cooler Master Hyper T4
Scheda Madre
ASRock Z77 Pro3
HDD
SSD Samsung 840 EVO MZ-7E500B - 500 GB
RAM
CORSAIR Vengeange DDR3 4x8 Gb
GPU
GIGABYTE GeForce GTX770 - 4 GB
Monitor
BenQ GL2706PQ
PSU
Seasonic P-460FL ATX Modulare da 460W Fanless
Case
Cooler Master Silencio 650
OS
Windows 10 64bit
ince ha detto:
se cerchi come fare un avvio pulito dopo lo puoi disinstallare senza problemi
Clicca per espandere...
nel frattempo vedo che Malwarebytes mi ha messo in quarantena segurazo
 
Aladar73

Aladar73

Utente Attivo
207
11
CPU
Intel Core i5-3570 3.40GHz con Cooler Master Hyper T4
Scheda Madre
ASRock Z77 Pro3
HDD
SSD Samsung 840 EVO MZ-7E500B - 500 GB
RAM
CORSAIR Vengeange DDR3 4x8 Gb
GPU
GIGABYTE GeForce GTX770 - 4 GB
Monitor
BenQ GL2706PQ
PSU
Seasonic P-460FL ATX Modulare da 460W Fanless
Case
Cooler Master Silencio 650
OS
Windows 10 64bit
mi si sta aprendo la pagina a meta (come quando si analizza elemento) è qalche altro virus?
 
Devi accedere o registrarti per rispondere qui.

Entra

Hai dimenticato la password?
oppure Accedi utilizzando
Discord Ufficiale Entra ora!