Pagine web si aprono da sole
Chiuso
gino
-
30 lug 2016 alle 15:33
Noureddine Bouzidi Posti 22674 Data di registrazione giovedì 19 marzo 2009 Stato Moderatore Ultimo intervento giovedì 7 gennaio 2021 - 23 ago 2016 alle 17:32
Noureddine Bouzidi Posti 22674 Data di registrazione giovedì 19 marzo 2009 Stato Moderatore Ultimo intervento giovedì 7 gennaio 2021 - 23 ago 2016 alle 17:32
7 risposte
Noureddine Bouzidi
Posti
22674
Data di registrazione
giovedì 19 marzo 2009
Stato
Moderatore
Ultimo intervento
giovedì 7 gennaio 2021
15.404
3 ago 2016 alle 19:37
3 ago 2016 alle 19:37
ciao,
SOPRATTUTTO NON INSTALLARE SPYHUNTER => ecco perché
SOPRATTUTTO NON INSTALLARE SPYHUNTER => ecco perché
/!\Crea una nuova risposta per ogni report/!\
=AdwCleaner=
- Scarica e salva sul desktop AdwCleaner di Xplode
- Chiudi tutti i programmi e browser internet aperti
- Fai doppio clic su "AdwCleaner.exe" per eseguirlo
- Fai clic sul pulsante "Scan" e attendi la fine del processo
- Fai clic sul pulsante "Clean" e segui le istruzioni
- Il programma chiuderà tutti i programmi aperti, quindi salva i tuoi dati e lavori in corso prima di continuare
- Se viene chiesto di avviare il PC, accetta
- Un report verrà aperto automaticamente, Copia/incolla il contenuto del file nella tua risposta
- Puoi trovare il file log in "C:\AdwCleaner\AdwCleaner[Sn].txt" (nel quale "n" è un numero).
=ZHPCleaner=
- Scarica ZHPCleaner
- Chiudi tutti i browser e programmi aperti
- Avvia il programma e accetta la licenza
- Fai clic su Scanner finita la scansione fai clic su Riparazione e mandaci il report generato
=Malwarebytes=
- Scarica Malwarebytes ed installalo
- Disattiva l'antivirus (durante la scansione)
- Avvia il programma
- Aspetta che finisca l'aggiornamento del database; se non si fa in automatico, clicca su "Aggiornamento"
- Clicca su "Opzione"
- Cambia la lingua in italiano
- Clicca su "Rilevamento e protezione" (a sinistra), in "Protezione da 'non-malware'" seleziona "Gestisci rilevamenti come malware" in entrambe le voci Rilevamenti "PUP" e "PUM"
- Clicca su "Scansione"
- Seleziona la voce "Ricerca elementi nocivi"
- Una volta finita clicca su "Applica azioni"
- Se viene chiesto di riavviare "Accetta"
- Apri il programma e clicca su "Cronologia" poi "Log applicazione"
- Seleziona l'ultimo log quindi "Vedi"
- Clicca su "Copia negli appunti" (non succede niente ma il report verrà copiato)
- Fai incolla nella tua risposta
Grazie dell'aiuto. Ecco il report di AdwCleaner
# AdwCleaner v5.201 - Logfile created 07/08/2016 at 19:48:20
# Updated 30/06/2016 by ToolsLib
# Database : 2016-08-07.1 [Server]
# Operating system : Windows 8.1 (X64)
# Username : Francesco - LENOVO-PC
# Running from : C:\Users\Francesco\Downloads\adwcleaner_5.201.exe
# Option : Clean
# Support : https://toolslib.net/forum
[-] Folder Deleted : C:\ProgramData\apn
[-] Folder Deleted : C:\ProgramData\Quoteexs
[-] Folder Deleted : C:\ProgramData\15472911727485116159
[-] Folder Deleted : C:\ProgramData\a755da99-68c7-47d2-8e1e-cc341d3d0f92
[-] Folder Deleted : C:\ProgramData\d6bad33cb5b9deff
[#] Folder Deleted : C:\ProgramData\Application Data\apn
[#] Folder Deleted : C:\ProgramData\Application Data\Quoteexs
[#] Folder Deleted : C:\ProgramData\Application Data\15472911727485116159
[#] Folder Deleted : C:\ProgramData\Application Data\a755da99-68c7-47d2-8e1e-cc341d3d0f92
[#] Folder Deleted : C:\ProgramData\Application Data\d6bad33cb5b9deff
[-] Folder Deleted : C:\Program Files (x86)\LenovoBrowserGuard
[-] Folder Deleted : C:\Program Files (x86)\Maxiget
[-] Folder Deleted : C:\Program Files (x86)\predm
[-] Folder Deleted : C:\Program Files (x86)\Common Files\a755da99-68c7-47d2-8e1e-cc341d3d0f92
[-] Folder Deleted : C:\Users\Francesco\AppData\Local\Hola
[-] Folder Deleted : C:\Users\Francesco\AppData\Local\LenovoBrowserGuard
[-] Folder Deleted : C:\Users\Francesco\AppData\Local\Maxiget
[-] Folder Deleted : C:\Users\Francesco\AppData\Roaming\Hola
[-] Folder Deleted : C:\Users\Francesco\AppData\Roaming\Maxiget
[-] Folder Deleted : C:\Users\Francesco\AppData\Roaming\Store
[-] Folder Deleted : C:\Users\Francesco\AppData\Roaming\tencent
[#] Folder Deleted : C:\Users\Francesco\AppData\Roaming\store
[#] Folder Deleted : C:\Users\Francesco\AppData\Roaming\Tencent
[-] Folder Deleted : C:\Program Files\Hola
[-] File Deleted : C:\END
[-] File Deleted : C:\Users\Francesco\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ogminpmldncgcmokldnmmapddoccmhfl_0.localstorage
[-] File Deleted : C:\Users\Francesco\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ogminpmldncgcmokldnmmapddoccmhfl_0.localstorage-journal
[-] File Deleted : C:\Users\Francesco\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_foxi69.tlscdn.com_0.localstorage-journal
[-] File Deleted : C:\Users\Francesco\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.coupontime00.coupontime.co_0.localstorage-journal
[-] File Deleted : C:\Users\Francesco\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.startgo123.com_0.localstorage-journal
[-] Shortcut Disinfected : C:\Users\Francesco\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[-] Task Deleted : crash_service
[-] Task Deleted : 700c531e-65be-4dc3-89de-8862cd85b51d-1-6
[-] Task Deleted : 700c531e-65be-4dc3-89de-8862cd85b51d-1-7
[-] Task Deleted : 700c531e-65be-4dc3-89de-8862cd85b51d-11
[-] Task Deleted : 700c531e-65be-4dc3-89de-8862cd85b51d-1-6
[-] Task Deleted : 700c531e-65be-4dc3-89de-8862cd85b51d-1-7
[-] Task Deleted : 700c531e-65be-4dc3-89de-8862cd85b51d-11
[-] Task Deleted : {A7A75655-9E77-44AF-9493-421865FF9971}
[-] Key Deleted : HKCU\Software\MozillaPlugins\@hola.org/FlashPlayer
[-] Key Deleted : HKCU\Software\MozillaPlugins\@hola.org/vlc
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [AndroidServer.exe]
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Quoteex.exe
[-] Key Deleted : HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SILENTPROCESSEXIT\Quoteex.exe
[-] Key Deleted : HKLM\SOFTWARE\1c3b46be-a2a8-4fcd-b29c-b420beca16da
[-] Key Deleted : HKLM\SOFTWARE\c18d0f2b-c59b-2aca-c176-76ff924fe183
[-] Key Deleted : HKCU\Software\Classes\pokki
[-] Key Deleted : HKLM\SOFTWARE\Classes\OCComSDK.ComSDK
[-] Key Deleted : HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F97FDF1-DA2B-4579-AD3E-E46641F9DBAB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A220BAB5-C335-48BA-8A01-309FDA37446F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0416BDB0-AFB0-4464-952D-1EAB5047B8E6}
[-] Key Deleted : HKCU\Software\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKCU\Software\APN PIP
[-] Key Deleted : HKCU\Software\ForumerIT
[-] Key Deleted : HKCU\Software\IM
[-] Key Deleted : HKCU\Software\InstalledBrowserExtensions
[-] Key Deleted : HKCU\Software\Kromtech
[-] Key Deleted : HKCU\Software\MaxiGet
[-] Key Deleted : HKCU\Software\OB
[-] Key Deleted : HKCU\Software\Softonic
[-] Key Deleted : HKCU\Software\Store
[-] Key Deleted : HKCU\Software\WEBAPP
[-] Key Deleted : HKCU\Software\WTools
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKLM\SOFTWARE\Clara
[-] Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Key Deleted : HKLM\SOFTWARE\LenovoBrowserGuard
[-] Key Deleted : HKLM\SOFTWARE\Solvusoft
[-] Key Deleted : HKLM\SOFTWARE\SpeedBit
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D01A33E2-0A34-4659-82AA-8A90C51C0D21}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{9D9BEFAE-9499-F52B-6CC4-94818CCC2AB5}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D01A33E2-0A34-4659-82AA-8A90C51C0D21}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\LenovoBrowserGuard
[-] Key Deleted : [x64] HKLM\SOFTWARE\Hola
[-] Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Key Deleted : [x64] HKLM\SOFTWARE\MaxiGet
[-] Key Deleted : HKU\.DEFAULT\Software\Hola
[-] Key Deleted : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Installer
[-] Key Deleted : HKU\S-1-5-21-2961635379-1552717557-3161034885-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKU\S-1-5-21-2961635379-1552717557-3161034885-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Installer
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\93BAD29AC2E44034A96BCB446EB8552E
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\93BAD29AC2E44034A96BCB446EB8552E
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{72FED905-E779-4F1B-A0DF-1CFC9DCADF5A}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{7A83B801-D6A4-4CE2-A691-2956D76E5CFF}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C6F21BA2-76BF-44DF-A872-5A042CABE06A}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\bubbledock.it
[-] Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [3D BubbleSound]
[-] Value Deleted : HKU\S-1-5-21-2961635379-1552717557-3161034885-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [bobrowser]
[-] Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [BService]
[-] Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [BService64]
[-] Value Deleted : HKU\S-1-5-21-2961635379-1552717557-3161034885-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [CrashService]
[-] Value Deleted : HKU\S-1-5-21-2961635379-1552717557-3161034885-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Selection Tools]
[-] Value Deleted : HKU\S-1-5-21-2961635379-1552717557-3161034885-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [SoftonicAssistant]
[-] Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Sound+]
[-] Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [Wd]
[-] Value Deleted : HKU\S-1-5-21-2961635379-1552717557-3161034885-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [WindApp]
[-] [C:\Users\Francesco\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : pinhfkamckbogjgmbmdkdebbbpnmlaef
:: "Tracing" keys deleted
:: Winsock settings cleared
C:\AdwCleaner\AdwCleaner[C1].txt - [9273 bytes] - [07/08/2016 19:48:20]
C:\AdwCleaner\AdwCleaner[S1].txt - [10952 bytes] - [07/08/2016 19:45:04]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [9420 bytes] ##########
# AdwCleaner v5.201 - Logfile created 07/08/2016 at 19:48:20
# Updated 30/06/2016 by ToolsLib
# Database : 2016-08-07.1 [Server]
# Operating system : Windows 8.1 (X64)
# Username : Francesco - LENOVO-PC
# Running from : C:\Users\Francesco\Downloads\adwcleaner_5.201.exe
# Option : Clean
# Support : https://toolslib.net/forum
- [ Services ] *****
- [ Folders ] *****
[-] Folder Deleted : C:\ProgramData\apn
[-] Folder Deleted : C:\ProgramData\Quoteexs
[-] Folder Deleted : C:\ProgramData\15472911727485116159
[-] Folder Deleted : C:\ProgramData\a755da99-68c7-47d2-8e1e-cc341d3d0f92
[-] Folder Deleted : C:\ProgramData\d6bad33cb5b9deff
[#] Folder Deleted : C:\ProgramData\Application Data\apn
[#] Folder Deleted : C:\ProgramData\Application Data\Quoteexs
[#] Folder Deleted : C:\ProgramData\Application Data\15472911727485116159
[#] Folder Deleted : C:\ProgramData\Application Data\a755da99-68c7-47d2-8e1e-cc341d3d0f92
[#] Folder Deleted : C:\ProgramData\Application Data\d6bad33cb5b9deff
[-] Folder Deleted : C:\Program Files (x86)\LenovoBrowserGuard
[-] Folder Deleted : C:\Program Files (x86)\Maxiget
[-] Folder Deleted : C:\Program Files (x86)\predm
[-] Folder Deleted : C:\Program Files (x86)\Common Files\a755da99-68c7-47d2-8e1e-cc341d3d0f92
[-] Folder Deleted : C:\Users\Francesco\AppData\Local\Hola
[-] Folder Deleted : C:\Users\Francesco\AppData\Local\LenovoBrowserGuard
[-] Folder Deleted : C:\Users\Francesco\AppData\Local\Maxiget
[-] Folder Deleted : C:\Users\Francesco\AppData\Roaming\Hola
[-] Folder Deleted : C:\Users\Francesco\AppData\Roaming\Maxiget
[-] Folder Deleted : C:\Users\Francesco\AppData\Roaming\Store
[-] Folder Deleted : C:\Users\Francesco\AppData\Roaming\tencent
[#] Folder Deleted : C:\Users\Francesco\AppData\Roaming\store
[#] Folder Deleted : C:\Users\Francesco\AppData\Roaming\Tencent
[-] Folder Deleted : C:\Program Files\Hola
- [ Files ] *****
[-] File Deleted : C:\END
[-] File Deleted : C:\Users\Francesco\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ogminpmldncgcmokldnmmapddoccmhfl_0.localstorage
[-] File Deleted : C:\Users\Francesco\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ogminpmldncgcmokldnmmapddoccmhfl_0.localstorage-journal
[-] File Deleted : C:\Users\Francesco\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_foxi69.tlscdn.com_0.localstorage-journal
[-] File Deleted : C:\Users\Francesco\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.coupontime00.coupontime.co_0.localstorage-journal
[-] File Deleted : C:\Users\Francesco\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.startgo123.com_0.localstorage-journal
- [ DLLs ] *****
- [ WMI ] *****
- [ Shortcuts ] *****
[-] Shortcut Disinfected : C:\Users\Francesco\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
- [ Scheduled tasks ] *****
[-] Task Deleted : crash_service
[-] Task Deleted : 700c531e-65be-4dc3-89de-8862cd85b51d-1-6
[-] Task Deleted : 700c531e-65be-4dc3-89de-8862cd85b51d-1-7
[-] Task Deleted : 700c531e-65be-4dc3-89de-8862cd85b51d-11
[-] Task Deleted : 700c531e-65be-4dc3-89de-8862cd85b51d-1-6
[-] Task Deleted : 700c531e-65be-4dc3-89de-8862cd85b51d-1-7
[-] Task Deleted : 700c531e-65be-4dc3-89de-8862cd85b51d-11
[-] Task Deleted : {A7A75655-9E77-44AF-9493-421865FF9971}
- [ Registry ] *****
[-] Key Deleted : HKCU\Software\MozillaPlugins\@hola.org/FlashPlayer
[-] Key Deleted : HKCU\Software\MozillaPlugins\@hola.org/vlc
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [AndroidServer.exe]
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Quoteex.exe
[-] Key Deleted : HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SILENTPROCESSEXIT\Quoteex.exe
[-] Key Deleted : HKLM\SOFTWARE\1c3b46be-a2a8-4fcd-b29c-b420beca16da
[-] Key Deleted : HKLM\SOFTWARE\c18d0f2b-c59b-2aca-c176-76ff924fe183
[-] Key Deleted : HKCU\Software\Classes\pokki
[-] Key Deleted : HKLM\SOFTWARE\Classes\OCComSDK.ComSDK
[-] Key Deleted : HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F97FDF1-DA2B-4579-AD3E-E46641F9DBAB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A220BAB5-C335-48BA-8A01-309FDA37446F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0416BDB0-AFB0-4464-952D-1EAB5047B8E6}
[-] Key Deleted : HKCU\Software\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKCU\Software\APN PIP
[-] Key Deleted : HKCU\Software\ForumerIT
[-] Key Deleted : HKCU\Software\IM
[-] Key Deleted : HKCU\Software\InstalledBrowserExtensions
[-] Key Deleted : HKCU\Software\Kromtech
[-] Key Deleted : HKCU\Software\MaxiGet
[-] Key Deleted : HKCU\Software\OB
[-] Key Deleted : HKCU\Software\Softonic
[-] Key Deleted : HKCU\Software\Store
[-] Key Deleted : HKCU\Software\WEBAPP
[-] Key Deleted : HKCU\Software\WTools
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKLM\SOFTWARE\Clara
[-] Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Key Deleted : HKLM\SOFTWARE\LenovoBrowserGuard
[-] Key Deleted : HKLM\SOFTWARE\Solvusoft
[-] Key Deleted : HKLM\SOFTWARE\SpeedBit
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D01A33E2-0A34-4659-82AA-8A90C51C0D21}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{9D9BEFAE-9499-F52B-6CC4-94818CCC2AB5}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D01A33E2-0A34-4659-82AA-8A90C51C0D21}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\LenovoBrowserGuard
[-] Key Deleted : [x64] HKLM\SOFTWARE\Hola
[-] Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Key Deleted : [x64] HKLM\SOFTWARE\MaxiGet
[-] Key Deleted : HKU\.DEFAULT\Software\Hola
[-] Key Deleted : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Installer
[-] Key Deleted : HKU\S-1-5-21-2961635379-1552717557-3161034885-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKU\S-1-5-21-2961635379-1552717557-3161034885-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Installer
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\93BAD29AC2E44034A96BCB446EB8552E
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\93BAD29AC2E44034A96BCB446EB8552E
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{72FED905-E779-4F1B-A0DF-1CFC9DCADF5A}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{7A83B801-D6A4-4CE2-A691-2956D76E5CFF}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C6F21BA2-76BF-44DF-A872-5A042CABE06A}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\bubbledock.it
[-] Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [3D BubbleSound]
[-] Value Deleted : HKU\S-1-5-21-2961635379-1552717557-3161034885-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [bobrowser]
[-] Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [BService]
[-] Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [BService64]
[-] Value Deleted : HKU\S-1-5-21-2961635379-1552717557-3161034885-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [CrashService]
[-] Value Deleted : HKU\S-1-5-21-2961635379-1552717557-3161034885-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Selection Tools]
[-] Value Deleted : HKU\S-1-5-21-2961635379-1552717557-3161034885-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [SoftonicAssistant]
[-] Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Sound+]
[-] Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [Wd]
[-] Value Deleted : HKU\S-1-5-21-2961635379-1552717557-3161034885-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [WindApp]
- [ Web browsers ] *****
[-] [C:\Users\Francesco\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : pinhfkamckbogjgmbmdkdebbbpnmlaef
:: "Tracing" keys deleted
:: Winsock settings cleared
C:\AdwCleaner\AdwCleaner[C1].txt - [9273 bytes] - [07/08/2016 19:48:20]
C:\AdwCleaner\AdwCleaner[S1].txt - [10952 bytes] - [07/08/2016 19:45:04]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [9420 bytes] ##########
~ ZHPCleaner v2016.8.6.99 by Nicolas Coolman (2016/08/06)
~ Run by Francesco (Administrator) (07/08/2016 20:09:38)
~ Site : https://www.nicolascoolman.com
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Repair
~ Report : C:\Users\Francesco\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Francesco\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 8.1, 64-bit (Build 9600)
---\\ Services (0)
~ No malicious or unnecessary items found.
---\\ Browser internet (0)
~ No malicious or unnecessary items found.
---\\ Hosts file (2)
REPLACED: 54.235.90.58 hjjjegfhiceggepdokloeepnhlfnedkk
Number of found redirections 1/24
---\\ Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found.
---\\ Explorer ( File, Folder) (66)
MOVED file: C:\windows\Prefetch\QUOTEEX.EXE-FED90AD6.pf =>PUP.Optional.Graftor
MOVED file: C:\windows\Prefetch\SELECTION TOOLS UNINSTALL.EXE-0A608A8C.pf =>.Superfluous.Nosibay
MOVED file: C:\windows\Prefetch\SELECTION TOOLS UNINSTALL.EXE-270F0151.pf =>.Superfluous.Nosibay
MOVED file: C:\windows\Prefetch\SOFTONICASSISTANT.EXE-F53A7D1C.pf =>.Superfluous.Softonic
MOVED file: C:\Users\Francesco\Downloads\ReimageRepair.exe [Reimage® - Reimage Downloader] =>.Superfluous.ReimageRepair
MOVED file: C:\Users\Francesco\Downloads\yet_another_cleaner_ava.exe [Elex do Brasil Participações Ltda - standard installer] =>.Superfluous.Elex
MOVED file: C:\Users\Francesco\AppData\Local\Microsoft\Windows\INetCache\IE\Y6UMSM2W\yet_another_cleaner_cnt[1].exe =>.Superfluous.YetAnotherCleaner
MOVED file: C:\Users\Francesco\AppData\Local\Microsoft\Windows\INetCache\IE\WFPV9R0A\downloader.63088[1].exe [Nosibay - ] =>PUP.Optional.CrossRider
MOVED file: C:\Users\Francesco\AppData\Local\Microsoft\Windows\INetCache\IE\WFPV9R0A\OperaChecker25-6[1].exe [OperaChecker - OperaChecker] =>.Superfluous.OperaChecker
MOVED file: C:\Users\Francesco\AppData\Local\Microsoft\Windows\INetCache\IE\W8U2AV5H\64999.Selection_Tools.ALT001[1].exe [Nosibay - Selection Tools Installer] =>.Superfluous.Nosibay
MOVED file: C:\Users\Francesco\AppData\Local\Microsoft\Windows\INetCache\IE\UB011P2R\ConvertAdSetup[1].exe =>PUP.Optional.Pirrit
MOVED file: C:\Users\Francesco\AppData\Local\Microsoft\Windows\INetCache\IE\UB011P2R\yet_another_cleaner_cnt[1].exe [Elex do Brasil Participações Ltda - Setup] =>.Superfluous.Elex
MOVED file: C:\Users\Francesco\AppData\Local\Microsoft\Windows\INetCache\IE\U6884NS2\downloader.64470[2].exe [Nosibay - ] =>.Superfluous.Nosibay
MOVED folder: C:\Program Files (x86)\d668c6e4-c695-496b-a69b-5f9cdb00d3e5 =>PUP.Optional.CrossRider
MOVED folder: C:\Users\Francesco\AppData\Local\CrashRpt =>.Superfluous.CrashReports
MOVED folder: C:\windows\SysWOW64\config\systemprofile\AppData\Local\CrashRpt =>.Superfluous.CrashReports
MOVED folder: C:\Users\Francesco\AppData\Local\Google\Chrome\User Data\Default\File System\008 =>PUP.Optional.DomaIQ
MOVED folder: C:\windows\Installer\MSI1468.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI1582.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI1768.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI18E0.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI1E94.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI1F88.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI41AE.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI41F2.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI477.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI5728.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI59D8.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI5A77.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI5B7F.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI5BC.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI5EFB.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI6323.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI6B9E.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI74E8.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI7893.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI79EC.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI7DB5.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI7F8B.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI812.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI821C.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI853E.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI87C0.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI88E.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI8919.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI8A71.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI8CD4.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI8F17.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI930A.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI95D8.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI9878.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI99E1.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI9B68.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI9F51.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSIAB3.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSIC5E8.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSIC6C4.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSIDECE.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSIE509.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSIE77B.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSIE912.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSIED7C.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSIF4FC.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSIF7CC.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSIFD2E.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSIFF81.tmp- =>Empty
---\\ Registry ( Key, Value, Data) (16)
DELETED key*: HKCU\Software\Cinem Plus 2.4cV26.05-nv [] =>PUP.Optional.CrossRider
DELETED key*: HKCU\Software\Cinem Plus 2.4cV26.05-nv-ie [] =>PUP.Optional.CrossRider
DELETED key*: HKEY_USERS\S-1-5-21-2961635379-1552717557-3161034885-1001\SOFTWARE\Cinem Plus 2.4cV26.05 [] =>PUP.Optional.CrossRider
DELETED key: HKEY_USERS\S-1-5-21-2961635379-1552717557-3161034885-1001\SOFTWARE\Cinem Plus 2.4cV26.05-nv [] =>PUP.Optional.CrossRider
DELETED key: HKEY_USERS\S-1-5-21-2961635379-1552717557-3161034885-1001\SOFTWARE\Cinem Plus 2.4cV26.05-nv-ie [] =>PUP.Optional.CrossRider
DELETED key*: HKEY_USERS\S-1-5-21-2961635379-1552717557-3161034885-1001\SOFTWARE\Tencent [] =>.Superfluous.Tencent
DELETED key*: HKEY_USERS\.DEFAULT\Software\Cinem Plus 2.4cV26.05-nv [] =>PUP.Optional.CrossRider
DELETED key*: HKEY_USERS\.DEFAULT\Software\Cinem Plus 2.4cV26.05-nv-ie [] =>PUP.Optional.CrossRider
DELETED key: HKCU\Software\Cinem Plus 2.4cV26.05 [] =>PUP.Optional.CrossRider
DELETED key: HKCU\Software\Tencent [] =>.Superfluous.Tencent
DELETED key*: HKLM\SOFTWARE\Wow6432Node\Policies\Google\Update [] =>PUM.Security.Hijack
DELETED key*: [X64] HKLM\SOFTWARE\Classes\P8fc53375_f60d_4a85_a0ed_1601b5d29f60_.P8fc53375_f60d_4a85_a0ed_1601b5d29f60_ [youtubeadblocker] =>PUP.Optional.Multiplug
DELETED key*: [X64] HKLM\SOFTWARE\Classes\P8fc53375_f60d_4a85_a0ed_1601b5d29f60_.P8fc53375_f60d_4a85_a0ed_1601b5d29f60_.9 [youtubeadblocker] =>PUP.Optional.Multiplug
DELETED key*: [X64] HKLM\SOFTWARE\Classes\CLSID\{aac96836-a6cf-41ed-86b6-3258730fb5f4} [SaolePlus] =>PUP.Optional.SalePlus
DELETED key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\QuoteexU [] =>PUP.Optional.Graftor
DELETED key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\App Paths\QuoteexU [] =>PUP.Optional.Graftor
---\\ Summary of the elements found (15)
https://www.anti-malware.top/2016/05/02/pup-optional-graftor/ =>PUP.Optional.Graftor
https://www.anti-malware.top/2016/05/03/superfluous-nosibay/ =>.Superfluous.Nosibay
https://www.nicolascoolman.com/fr/logiciels-superflus =>.Superfluous.Softonic
https://www.nicolascoolman.com/fr/superfluous-reimagerepair =>.Superfluous.ReimageRepair
https://www.anti-malware.top/2016/05/18/superfluous-elex/ =>.Superfluous.Elex
https://www.nicolascoolman.com/fr/logiciels-superflus =>.Superfluous.YetAnotherCleaner
https://www.anti-malware.top/2016/04/30/pup-optional-crossrider/ =>PUP.Optional.CrossRider
https://www.nicolascoolman.com/fr/logiciels-superflus =>.Superfluous.OperaChecker
https://www.nicolascoolman.com/fr/pup-pirritsuggestor/ =>PUP.Optional.Pirrit
https://www.nicolascoolman.com/fr/logiciels-superflus =>.Superfluous.CrashReports
https://www.nicolascoolman.com/fr/adware-domaiq/ =>PUP.Optional.DomaIQ
https://www.nicolascoolman.com/fr/adware-tencentaddressbar/ =>.Superfluous.Tencent
https://www.nicolascoolman.com/fr/repaquetage-et_infections/ =>PUM.Security.Hijack
https://www.anti-malware.top/2016/04/28/pup-optional-multiplug/ =>PUP.Optional.Multiplug
https://www.nicolascoolman.com/fr/repaquetage-et_infections/ =>PUP.Optional.SalePlus
---\\ Other deletions. (10)
~ Registry Keys Tracing deleted (10)
~ Remove the old reports ZHPCleaner. (0)
---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Mozilla Firefox)
~ Browser not found (Opera Software)
---\\ Statistics
~ Items scanned : 273
~ Items found : 1
~ Items cancelled : 0
~ Items repaired : 82
~ End of clean in 00h00mn25s
~====================
ZHPCleaner-[R]-07082016-20_10_03.txt
ZHPCleaner-[S]-07082016-20_07_55.txt
~ Run by Francesco (Administrator) (07/08/2016 20:09:38)
~ Site : https://www.nicolascoolman.com
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Repair
~ Report : C:\Users\Francesco\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Francesco\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 8.1, 64-bit (Build 9600)
---\\ Services (0)
~ No malicious or unnecessary items found.
---\\ Browser internet (0)
~ No malicious or unnecessary items found.
---\\ Hosts file (2)
REPLACED: 54.235.90.58 hjjjegfhiceggepdokloeepnhlfnedkk
Number of found redirections 1/24
---\\ Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found.
---\\ Explorer ( File, Folder) (66)
MOVED file: C:\windows\Prefetch\QUOTEEX.EXE-FED90AD6.pf =>PUP.Optional.Graftor
MOVED file: C:\windows\Prefetch\SELECTION TOOLS UNINSTALL.EXE-0A608A8C.pf =>.Superfluous.Nosibay
MOVED file: C:\windows\Prefetch\SELECTION TOOLS UNINSTALL.EXE-270F0151.pf =>.Superfluous.Nosibay
MOVED file: C:\windows\Prefetch\SOFTONICASSISTANT.EXE-F53A7D1C.pf =>.Superfluous.Softonic
MOVED file: C:\Users\Francesco\Downloads\ReimageRepair.exe [Reimage® - Reimage Downloader] =>.Superfluous.ReimageRepair
MOVED file: C:\Users\Francesco\Downloads\yet_another_cleaner_ava.exe [Elex do Brasil Participações Ltda - standard installer] =>.Superfluous.Elex
MOVED file: C:\Users\Francesco\AppData\Local\Microsoft\Windows\INetCache\IE\Y6UMSM2W\yet_another_cleaner_cnt[1].exe =>.Superfluous.YetAnotherCleaner
MOVED file: C:\Users\Francesco\AppData\Local\Microsoft\Windows\INetCache\IE\WFPV9R0A\downloader.63088[1].exe [Nosibay - ] =>PUP.Optional.CrossRider
MOVED file: C:\Users\Francesco\AppData\Local\Microsoft\Windows\INetCache\IE\WFPV9R0A\OperaChecker25-6[1].exe [OperaChecker - OperaChecker] =>.Superfluous.OperaChecker
MOVED file: C:\Users\Francesco\AppData\Local\Microsoft\Windows\INetCache\IE\W8U2AV5H\64999.Selection_Tools.ALT001[1].exe [Nosibay - Selection Tools Installer] =>.Superfluous.Nosibay
MOVED file: C:\Users\Francesco\AppData\Local\Microsoft\Windows\INetCache\IE\UB011P2R\ConvertAdSetup[1].exe =>PUP.Optional.Pirrit
MOVED file: C:\Users\Francesco\AppData\Local\Microsoft\Windows\INetCache\IE\UB011P2R\yet_another_cleaner_cnt[1].exe [Elex do Brasil Participações Ltda - Setup] =>.Superfluous.Elex
MOVED file: C:\Users\Francesco\AppData\Local\Microsoft\Windows\INetCache\IE\U6884NS2\downloader.64470[2].exe [Nosibay - ] =>.Superfluous.Nosibay
MOVED folder: C:\Program Files (x86)\d668c6e4-c695-496b-a69b-5f9cdb00d3e5 =>PUP.Optional.CrossRider
MOVED folder: C:\Users\Francesco\AppData\Local\CrashRpt =>.Superfluous.CrashReports
MOVED folder: C:\windows\SysWOW64\config\systemprofile\AppData\Local\CrashRpt =>.Superfluous.CrashReports
MOVED folder: C:\Users\Francesco\AppData\Local\Google\Chrome\User Data\Default\File System\008 =>PUP.Optional.DomaIQ
MOVED folder: C:\windows\Installer\MSI1468.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI1582.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI1768.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI18E0.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI1E94.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI1F88.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI41AE.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI41F2.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI477.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI5728.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI59D8.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI5A77.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI5B7F.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI5BC.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI5EFB.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI6323.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI6B9E.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI74E8.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI7893.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI79EC.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI7DB5.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI7F8B.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI812.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI821C.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI853E.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI87C0.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI88E.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI8919.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI8A71.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI8CD4.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI8F17.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI930A.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI95D8.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI9878.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI99E1.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI9B68.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSI9F51.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSIAB3.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSIC5E8.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSIC6C4.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSIDECE.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSIE509.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSIE77B.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSIE912.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSIED7C.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSIF4FC.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSIF7CC.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSIFD2E.tmp- =>Empty
MOVED folder: C:\windows\Installer\MSIFF81.tmp- =>Empty
---\\ Registry ( Key, Value, Data) (16)
DELETED key*: HKCU\Software\Cinem Plus 2.4cV26.05-nv [] =>PUP.Optional.CrossRider
DELETED key*: HKCU\Software\Cinem Plus 2.4cV26.05-nv-ie [] =>PUP.Optional.CrossRider
DELETED key*: HKEY_USERS\S-1-5-21-2961635379-1552717557-3161034885-1001\SOFTWARE\Cinem Plus 2.4cV26.05 [] =>PUP.Optional.CrossRider
DELETED key: HKEY_USERS\S-1-5-21-2961635379-1552717557-3161034885-1001\SOFTWARE\Cinem Plus 2.4cV26.05-nv [] =>PUP.Optional.CrossRider
DELETED key: HKEY_USERS\S-1-5-21-2961635379-1552717557-3161034885-1001\SOFTWARE\Cinem Plus 2.4cV26.05-nv-ie [] =>PUP.Optional.CrossRider
DELETED key*: HKEY_USERS\S-1-5-21-2961635379-1552717557-3161034885-1001\SOFTWARE\Tencent [] =>.Superfluous.Tencent
DELETED key*: HKEY_USERS\.DEFAULT\Software\Cinem Plus 2.4cV26.05-nv [] =>PUP.Optional.CrossRider
DELETED key*: HKEY_USERS\.DEFAULT\Software\Cinem Plus 2.4cV26.05-nv-ie [] =>PUP.Optional.CrossRider
DELETED key: HKCU\Software\Cinem Plus 2.4cV26.05 [] =>PUP.Optional.CrossRider
DELETED key: HKCU\Software\Tencent [] =>.Superfluous.Tencent
DELETED key*: HKLM\SOFTWARE\Wow6432Node\Policies\Google\Update [] =>PUM.Security.Hijack
DELETED key*: [X64] HKLM\SOFTWARE\Classes\P8fc53375_f60d_4a85_a0ed_1601b5d29f60_.P8fc53375_f60d_4a85_a0ed_1601b5d29f60_ [youtubeadblocker] =>PUP.Optional.Multiplug
DELETED key*: [X64] HKLM\SOFTWARE\Classes\P8fc53375_f60d_4a85_a0ed_1601b5d29f60_.P8fc53375_f60d_4a85_a0ed_1601b5d29f60_.9 [youtubeadblocker] =>PUP.Optional.Multiplug
DELETED key*: [X64] HKLM\SOFTWARE\Classes\CLSID\{aac96836-a6cf-41ed-86b6-3258730fb5f4} [SaolePlus] =>PUP.Optional.SalePlus
DELETED key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\QuoteexU [] =>PUP.Optional.Graftor
DELETED key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\App Paths\QuoteexU [] =>PUP.Optional.Graftor
---\\ Summary of the elements found (15)
https://www.anti-malware.top/2016/05/02/pup-optional-graftor/ =>PUP.Optional.Graftor
https://www.anti-malware.top/2016/05/03/superfluous-nosibay/ =>.Superfluous.Nosibay
https://www.nicolascoolman.com/fr/logiciels-superflus =>.Superfluous.Softonic
https://www.nicolascoolman.com/fr/superfluous-reimagerepair =>.Superfluous.ReimageRepair
https://www.anti-malware.top/2016/05/18/superfluous-elex/ =>.Superfluous.Elex
https://www.nicolascoolman.com/fr/logiciels-superflus =>.Superfluous.YetAnotherCleaner
https://www.anti-malware.top/2016/04/30/pup-optional-crossrider/ =>PUP.Optional.CrossRider
https://www.nicolascoolman.com/fr/logiciels-superflus =>.Superfluous.OperaChecker
https://www.nicolascoolman.com/fr/pup-pirritsuggestor/ =>PUP.Optional.Pirrit
https://www.nicolascoolman.com/fr/logiciels-superflus =>.Superfluous.CrashReports
https://www.nicolascoolman.com/fr/adware-domaiq/ =>PUP.Optional.DomaIQ
https://www.nicolascoolman.com/fr/adware-tencentaddressbar/ =>.Superfluous.Tencent
https://www.nicolascoolman.com/fr/repaquetage-et_infections/ =>PUM.Security.Hijack
https://www.anti-malware.top/2016/04/28/pup-optional-multiplug/ =>PUP.Optional.Multiplug
https://www.nicolascoolman.com/fr/repaquetage-et_infections/ =>PUP.Optional.SalePlus
---\\ Other deletions. (10)
~ Registry Keys Tracing deleted (10)
~ Remove the old reports ZHPCleaner. (0)
---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Mozilla Firefox)
~ Browser not found (Opera Software)
---\\ Statistics
~ Items scanned : 273
~ Items found : 1
~ Items cancelled : 0
~ Items repaired : 82
~ End of clean in 00h00mn25s
~====================
ZHPCleaner-[R]-07082016-20_10_03.txt
ZHPCleaner-[S]-07082016-20_07_55.txt
Malwarebytes Anti-Malware
www.malwarebytes.org
Data scansione: 07/08/2016
Ora scansione: 20:17
File di log:
Amministratore: Sì
Versione: 2.2.1.1043
Database malware: v2016.08.07.03
Database rootkit: v2016.05.27.01
Licenza: Periodo di prova
Protezione da malware: Attivata
Protezione da siti web nocivi: Attivata
Auto-protezione: Disattivata
SO: Windows 8.1
CPU: x64
File system: NTFS
Utente: Francesco
Tipo di scansione: Ricerca elementi nocivi
Risultati: Completata
Elementi analizzati: 311353
Tempo impiegato: 24 min, 39 sec
Memoria: Attivata
Esecuzioni automatiche: Attivata
File system: Attivata
Archivi compressi: Attivata
Rootkit: Disattivata
Euristiche: Attivata
PUP: Attivata
PUM: Attivata
Processi: 0
(Nessun elemento nocivo rilevato)
Moduli: 0
(Nessun elemento nocivo rilevato)
Chiavi di registro: 12
Trojan.ProxyHijacker, HKLM\SOFTWARE\CLASSES\Office 365 Crack.DynamicNS, In quarantena, [6ad5e4645248a195c8c8138328da758b],
Trojan.ProxyHijacker, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Office 365 Crack.DynamicNS, In quarantena, [7cc390b8227860d6365a3c5ad42ebc44],
Trojan.ProxyHijacker, HKLM\SOFTWARE\CLASSES\WOW6432NODE\Office 365 Crack.DynamicNS, In quarantena, [7cc390b8227860d6365a3c5ad42ebc44],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{5058DF79-EC0D-4F18-B38A-80EF6CE9323F}, Elimina al riavvio, [ca7564e48f0b89ad589b30c3877c817f],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{5963CF18-EAD1-40F1-A56B-8673FD9C9205}, Elimina al riavvio, [9ba41b2d881258deb83b5c97bf4434cc],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{60D184A4-AFC2-4626-8984-2CF141C01CD4}, Elimina al riavvio, [b48bb5935842cf67ed0637bc58ab6b95],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{628FD23D-0351-4D33-9494-4613516AA2EC}, Elimina al riavvio, [241b99af8713fb3b995a2bc8e81b53ad],
PUP.Optional.Bench, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{79234E69-54BE-4633-A333-930549ADF8C7}, Elimina al riavvio, [e9560444ecae0c2ac374896e649fa060],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{7F961BA4-B8C3-4EBB-98E5-065A20AC9FA6}, Elimina al riavvio, [39067bcd0892b482f2019a5900035ba5],
PUP.Optional.Bench, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B179BB40-56E2-4167-8F07-E89937E667F3}, Elimina al riavvio, [37082028b1e97abc14e07754a95943bd],
PUP.Optional.BoBrowser, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D01C8E1B-0B4E-4254-84B5-160FDD560923}, Elimina al riavvio, [0e31fb4d495187af1adc2da00ff3768a],
PUP.Optional.SoftwareUpdater, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\SrvUpd4terExe, In quarantena, [67d8ba8e35651d19e6248f3516ed9b65],
Valori di registro: 9
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{5058DF79-EC0D-4F18-B38A-80EF6CE9323F}|Path, \700c531e-65be-4dc3-89de-8862cd85b51d-5, Elimina al riavvio, [ca7564e48f0b89ad589b30c3877c817f]
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{5963CF18-EAD1-40F1-A56B-8673FD9C9205}|Path, \700c531e-65be-4dc3-89de-8862cd85b51d-6, Elimina al riavvio, [9ba41b2d881258deb83b5c97bf4434cc]
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{60D184A4-AFC2-4626-8984-2CF141C01CD4}|Path, \700c531e-65be-4dc3-89de-8862cd85b51d-7, Elimina al riavvio, [b48bb5935842cf67ed0637bc58ab6b95]
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{628FD23D-0351-4D33-9494-4613516AA2EC}|Path, \700c531e-65be-4dc3-89de-8862cd85b51d-3, Elimina al riavvio, [241b99af8713fb3b995a2bc8e81b53ad]
PUP.Optional.Bench, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{79234E69-54BE-4633-A333-930549ADF8C7}|Path, \bench-S-1-5-21-2961635379-1552717557-3161034885-1001, Elimina al riavvio, [e9560444ecae0c2ac374896e649fa060]
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{7F961BA4-B8C3-4EBB-98E5-065A20AC9FA6}|Path, \700c531e-65be-4dc3-89de-8862cd85b51d-5_user, Elimina al riavvio, [39067bcd0892b482f2019a5900035ba5]
PUP.Optional.Bench, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B179BB40-56E2-4167-8F07-E89937E667F3}|Path, \bench-sys, Elimina al riavvio, [37082028b1e97abc14e07754a95943bd]
PUP.Optional.BoBrowser, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D01C8E1B-0B4E-4254-84B5-160FDD560923}|Path, \Run_Bobby_Browser, Elimina al riavvio, [0e31fb4d495187af1adc2da00ff3768a]
PUP.Optional.MBot, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|mbot_it_435, In quarantena, [76c92f19bcde76c060224762956e6e92],
Dati di registro: 0
(Nessun elemento nocivo rilevato)
Cartelle: 0
(Nessun elemento nocivo rilevato)
File: 12
PUP.Optional.Nosibay, C:\Users\Francesco\AppData\Roaming\ZHP\Quarantine\64999.Selection_Tools.ALT001[1].exe, In quarantena, [e15ec682bae0c0761474781933d143bd],
PUP.Optional.ConvertAd, C:\Users\Francesco\AppData\Roaming\ZHP\Quarantine\ConvertAdSetup[1].exe, In quarantena, [f34c92b68c0eb18526a206a98b7645bb],
PUP.Optional.Nosibay, C:\Users\Francesco\AppData\Roaming\ZHP\Quarantine\downloader.63088[1].exe, In quarantena, [89b6e2667b1f6fc7ef994f4247bda957],
PUP.Optional.Nosibay, C:\Users\Francesco\AppData\Roaming\ZHP\Quarantine\downloader.64470[2].exe, In quarantena, [9ca350f81c7e84b291f7e2af5da7817f],
FraudTool.YAC, C:\Users\Francesco\AppData\Roaming\ZHP\Quarantine\yet_another_cleaner_ava.exe, In quarantena, [1827ee5a84161422e07e74afec1538c8],
FraudTool.YAC, C:\Users\Francesco\AppData\Roaming\ZHP\Quarantine\yet_another_cleaner_cnt[1].exe, In quarantena, [58e71c2cc1d9033393cb8d9643bec040],
PUP.Optional.CrossRider, C:\Users\Francesco\AppData\Roaming\ZHP\Quarantine\d668c6e4-c695-496b-a69b-5f9cdb00d3e5\56c1bd2c-11a6-4254-9e94-79357885f251.dll, In quarantena, [d06fc7818e0c55e176d01a0e768b32ce],
CrackTool.Agent, C:\Program Files (x86)\AVS4YOU\avs4you.all.products.activator.2011.(v1.1a)-FIXED-mpt.exe, In quarantena, [b58a70d845552b0b2abdfdac00003dc3],
CrackTool.Agent, C:\Users\Francesco\Downloads\AVS all products ACTIVATOR.rar, In quarantena, [d76884c41486989ed80fddcc40c009f7],
PUP.Optional.BrowserWarden, C:\Users\Francesco\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hjjjegfhiceggepdokloeepnhlfnedkk_0.localstorage, In quarantena, [e758e1677a20b482f7798911ec1747b9],
PUP.Optional.Linkury.Gen, C:\Users\Francesco\AppData\Roaming\Stringdex.tst, In quarantena, [f847f652e3b786b0343037c6cc378878],
PUP.Optional.Linkury.Gen, C:\Users\Francesco\AppData\Roaming\ZenStrong.tst, In quarantena, [231c2b1d36641e18164e2dd050b37a86],
Settori fisici: 0
(Nessun elemento nocivo rilevato)
(end)
www.malwarebytes.org
Data scansione: 07/08/2016
Ora scansione: 20:17
File di log:
Amministratore: Sì
Versione: 2.2.1.1043
Database malware: v2016.08.07.03
Database rootkit: v2016.05.27.01
Licenza: Periodo di prova
Protezione da malware: Attivata
Protezione da siti web nocivi: Attivata
Auto-protezione: Disattivata
SO: Windows 8.1
CPU: x64
File system: NTFS
Utente: Francesco
Tipo di scansione: Ricerca elementi nocivi
Risultati: Completata
Elementi analizzati: 311353
Tempo impiegato: 24 min, 39 sec
Memoria: Attivata
Esecuzioni automatiche: Attivata
File system: Attivata
Archivi compressi: Attivata
Rootkit: Disattivata
Euristiche: Attivata
PUP: Attivata
PUM: Attivata
Processi: 0
(Nessun elemento nocivo rilevato)
Moduli: 0
(Nessun elemento nocivo rilevato)
Chiavi di registro: 12
Trojan.ProxyHijacker, HKLM\SOFTWARE\CLASSES\Office 365 Crack.DynamicNS, In quarantena, [6ad5e4645248a195c8c8138328da758b],
Trojan.ProxyHijacker, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Office 365 Crack.DynamicNS, In quarantena, [7cc390b8227860d6365a3c5ad42ebc44],
Trojan.ProxyHijacker, HKLM\SOFTWARE\CLASSES\WOW6432NODE\Office 365 Crack.DynamicNS, In quarantena, [7cc390b8227860d6365a3c5ad42ebc44],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{5058DF79-EC0D-4F18-B38A-80EF6CE9323F}, Elimina al riavvio, [ca7564e48f0b89ad589b30c3877c817f],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{5963CF18-EAD1-40F1-A56B-8673FD9C9205}, Elimina al riavvio, [9ba41b2d881258deb83b5c97bf4434cc],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{60D184A4-AFC2-4626-8984-2CF141C01CD4}, Elimina al riavvio, [b48bb5935842cf67ed0637bc58ab6b95],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{628FD23D-0351-4D33-9494-4613516AA2EC}, Elimina al riavvio, [241b99af8713fb3b995a2bc8e81b53ad],
PUP.Optional.Bench, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{79234E69-54BE-4633-A333-930549ADF8C7}, Elimina al riavvio, [e9560444ecae0c2ac374896e649fa060],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{7F961BA4-B8C3-4EBB-98E5-065A20AC9FA6}, Elimina al riavvio, [39067bcd0892b482f2019a5900035ba5],
PUP.Optional.Bench, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B179BB40-56E2-4167-8F07-E89937E667F3}, Elimina al riavvio, [37082028b1e97abc14e07754a95943bd],
PUP.Optional.BoBrowser, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D01C8E1B-0B4E-4254-84B5-160FDD560923}, Elimina al riavvio, [0e31fb4d495187af1adc2da00ff3768a],
PUP.Optional.SoftwareUpdater, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\SrvUpd4terExe, In quarantena, [67d8ba8e35651d19e6248f3516ed9b65],
Valori di registro: 9
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{5058DF79-EC0D-4F18-B38A-80EF6CE9323F}|Path, \700c531e-65be-4dc3-89de-8862cd85b51d-5, Elimina al riavvio, [ca7564e48f0b89ad589b30c3877c817f]
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{5963CF18-EAD1-40F1-A56B-8673FD9C9205}|Path, \700c531e-65be-4dc3-89de-8862cd85b51d-6, Elimina al riavvio, [9ba41b2d881258deb83b5c97bf4434cc]
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{60D184A4-AFC2-4626-8984-2CF141C01CD4}|Path, \700c531e-65be-4dc3-89de-8862cd85b51d-7, Elimina al riavvio, [b48bb5935842cf67ed0637bc58ab6b95]
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{628FD23D-0351-4D33-9494-4613516AA2EC}|Path, \700c531e-65be-4dc3-89de-8862cd85b51d-3, Elimina al riavvio, [241b99af8713fb3b995a2bc8e81b53ad]
PUP.Optional.Bench, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{79234E69-54BE-4633-A333-930549ADF8C7}|Path, \bench-S-1-5-21-2961635379-1552717557-3161034885-1001, Elimina al riavvio, [e9560444ecae0c2ac374896e649fa060]
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{7F961BA4-B8C3-4EBB-98E5-065A20AC9FA6}|Path, \700c531e-65be-4dc3-89de-8862cd85b51d-5_user, Elimina al riavvio, [39067bcd0892b482f2019a5900035ba5]
PUP.Optional.Bench, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B179BB40-56E2-4167-8F07-E89937E667F3}|Path, \bench-sys, Elimina al riavvio, [37082028b1e97abc14e07754a95943bd]
PUP.Optional.BoBrowser, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D01C8E1B-0B4E-4254-84B5-160FDD560923}|Path, \Run_Bobby_Browser, Elimina al riavvio, [0e31fb4d495187af1adc2da00ff3768a]
PUP.Optional.MBot, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|mbot_it_435, In quarantena, [76c92f19bcde76c060224762956e6e92],
Dati di registro: 0
(Nessun elemento nocivo rilevato)
Cartelle: 0
(Nessun elemento nocivo rilevato)
File: 12
PUP.Optional.Nosibay, C:\Users\Francesco\AppData\Roaming\ZHP\Quarantine\64999.Selection_Tools.ALT001[1].exe, In quarantena, [e15ec682bae0c0761474781933d143bd],
PUP.Optional.ConvertAd, C:\Users\Francesco\AppData\Roaming\ZHP\Quarantine\ConvertAdSetup[1].exe, In quarantena, [f34c92b68c0eb18526a206a98b7645bb],
PUP.Optional.Nosibay, C:\Users\Francesco\AppData\Roaming\ZHP\Quarantine\downloader.63088[1].exe, In quarantena, [89b6e2667b1f6fc7ef994f4247bda957],
PUP.Optional.Nosibay, C:\Users\Francesco\AppData\Roaming\ZHP\Quarantine\downloader.64470[2].exe, In quarantena, [9ca350f81c7e84b291f7e2af5da7817f],
FraudTool.YAC, C:\Users\Francesco\AppData\Roaming\ZHP\Quarantine\yet_another_cleaner_ava.exe, In quarantena, [1827ee5a84161422e07e74afec1538c8],
FraudTool.YAC, C:\Users\Francesco\AppData\Roaming\ZHP\Quarantine\yet_another_cleaner_cnt[1].exe, In quarantena, [58e71c2cc1d9033393cb8d9643bec040],
PUP.Optional.CrossRider, C:\Users\Francesco\AppData\Roaming\ZHP\Quarantine\d668c6e4-c695-496b-a69b-5f9cdb00d3e5\56c1bd2c-11a6-4254-9e94-79357885f251.dll, In quarantena, [d06fc7818e0c55e176d01a0e768b32ce],
CrackTool.Agent, C:\Program Files (x86)\AVS4YOU\avs4you.all.products.activator.2011.(v1.1a)-FIXED-mpt.exe, In quarantena, [b58a70d845552b0b2abdfdac00003dc3],
CrackTool.Agent, C:\Users\Francesco\Downloads\AVS all products ACTIVATOR.rar, In quarantena, [d76884c41486989ed80fddcc40c009f7],
PUP.Optional.BrowserWarden, C:\Users\Francesco\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hjjjegfhiceggepdokloeepnhlfnedkk_0.localstorage, In quarantena, [e758e1677a20b482f7798911ec1747b9],
PUP.Optional.Linkury.Gen, C:\Users\Francesco\AppData\Roaming\Stringdex.tst, In quarantena, [f847f652e3b786b0343037c6cc378878],
PUP.Optional.Linkury.Gen, C:\Users\Francesco\AppData\Roaming\ZenStrong.tst, In quarantena, [231c2b1d36641e18164e2dd050b37a86],
Settori fisici: 0
(Nessun elemento nocivo rilevato)
(end)
Noureddine Bouzidi
Posti
22674
Data di registrazione
giovedì 19 marzo 2009
Stato
Moderatore
Ultimo intervento
giovedì 7 gennaio 2021
15.404
8 ago 2016 alle 12:28
8 ago 2016 alle 12:28
si aprono ancora delle pagine?
hai disinstallato spyhunter?
hai disinstallato spyhunter?
Problema risolto.
Grazie mille!
Grazie mille!
Noureddine Bouzidi
Posti
22674
Data di registrazione
giovedì 19 marzo 2009
Stato
Moderatore
Ultimo intervento
giovedì 7 gennaio 2021
15.404
16 ago 2016 alle 20:06
16 ago 2016 alle 20:06
figurati!
Ciao. Il problema sembrava risolto, ma si è ripresentato...
Noureddine Bouzidi
Posti
22674
Data di registrazione
giovedì 19 marzo 2009
Stato
Moderatore
Ultimo intervento
giovedì 7 gennaio 2021
15.404
23 ago 2016 alle 17:32
23 ago 2016 alle 17:32
fai di nuovo le scansioni e soprattutto fare attenzione quando installi programmi per non installare adware