Allora, di malwarebytes non sono riuscito a postare i risultati, però non mi ha trovato nulla, poi:
adw cleaner:
# -------------------------------
# Malwarebytes AdwCleaner 7.2.3.0
# -------------------------------
# Build: 08-30-2018
# Database: 2018-09-06.1 (Cloud)
# Support:
https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-09-2018
# Duration: 00:00:00
# OS: Windows 10 Pro
# Cleaned: 1
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Smart PC Solutions
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
Post unito automaticamente: 9 Settembre 2018
rogue killer:
RogueKiller V12.12.34.0 (x64) [Sep 3 2018] (Gratuito) di Adlice Software
posta :
http://www.adlice.com/contact/
Commenti :
https://forum.adlice.com
Sito Web :
http://www.adlice.com/download/roguekiller/
Discussione :
http://www.adlice.com
Sistema Operativo : Windows 10 (10.0.16299) 64 bits version
Iniziato in : Modalità Normale
Utente : Mattia [Amministratore]
Iniziato da : C:\Users\Mattia\Desktop\RogueKiller_portable64.exe
Modalità : Cancella -- Data : 09/09/2018 14:17:26 (Durata : 00:26:35)
¤¤¤ Processi : 2 ¤¤¤
[PUP.HackTool] Service_KMS.exe(3360) -- C:\Program Files\KMSpico\Service_KMS.exe[-] -> Trovato
[PUP.HackTool] (SVC) Service KMSELDI -- C:\Program Files\KMSpico\Service_KMS.exe[-] -> Trovato
¤¤¤ Registro : 8 ¤¤¤
[PUP.HackTool] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Service KMSELDI (C:\Program Files\KMSpico\Service_KMS.exe) -> Non selezionato
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-21-3456293263-1302599893-2182156650-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8080;https=127.0.0.1:8080 -> Non selezionato
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-21-3456293263-1302599893-2182156650-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8080;https=127.0.0.1:8080 -> Non selezionato
[PUM.Proxy] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NlaSvc\Parameters\Internet\ManualProxies | (default) : -> Non selezionato
[PUP.HackTool] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {E1BE25CE-B2BA-4436-88D9-47811C82EF47} : v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\KMSpico\Service_KMS.exe|Name=KMS Emulator: Service_KMS.exe| [-] -> Non selezionato
[PUP.HackTool] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {F4327ADC-B5BC-4EC3-8C4C-CBA5183C7CF3} : v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files\KMSpico\Service_KMS.exe|Name=KMS Emulator: Service_KMS.exe| [-] -> Non selezionato
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-3456293263-1302599893-2182156650-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_TrackProgs : 0 -> Non selezionato
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-3456293263-1302599893-2182156650-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_TrackProgs : 0 -> Non selezionato
¤¤¤ Attività : 0 ¤¤¤
¤¤¤ Archivi : 14 ¤¤¤
[PUP.uTorrentAds][Archivio] C:\Users\Mattia\AppData\Roaming\uTorrent\updates\3.4.8_42576\utorrentie.exe -> Cancellato
[PUP.uTorrentAds][Archivio] C:\Users\Mattia\AppData\Roaming\uTorrent\updates\3.4.9_42923\utorrentie.exe -> Cancellato
[PUP.uTorrentAds][Archivio] C:\Users\Mattia\AppData\Roaming\uTorrent\updates\3.4.9_43085\utorrentie.exe -> Cancellato
[PUP.uTorrentAds][Archivio] C:\Users\Mattia\AppData\Roaming\uTorrent\updates\3.4.9_43295\utorrentie.exe -> Cancellato
[PUP.uTorrentAds][Archivio] C:\Users\Mattia\AppData\Roaming\uTorrent\updates\3.4.9_43388\utorrentie.exe -> Cancellato
[PUP.uTorrentAds][Archivio] C:\Users\Mattia\AppData\Roaming\uTorrent\updates\3.5.0_43804\utorrentie.exe -> Cancellato
[PUP.uTorrentAds][Archivio] C:\Users\Mattia\AppData\Roaming\uTorrent\updates\3.5.0_43916\utorrentie.exe -> Cancellato
[PUP.uTorrentAds][Archivio] C:\Users\Mattia\AppData\Roaming\uTorrent\updates\3.5.0_44090\utorrentie.exe -> Cancellato
[PUP.uTorrentAds][Archivio] C:\Users\Mattia\AppData\Roaming\uTorrent\updates\3.5.0_44294\utorrentie.exe -> Cancellato
[PUP.uTorrentAds][Archivio] C:\Users\Mattia\AppData\Roaming\uTorrent\updates\3.5.1_44332\utorrentie.exe -> Cancellato
[PUP.uTorrentAds][Archivio] C:\Users\Mattia\AppData\Roaming\uTorrent\updates\3.5.3_44396\utorrentie.exe -> Cancellato
[PUP.uTorrentAds][Archivio] C:\Users\Mattia\AppData\Roaming\uTorrent\updates\3.5.3_44494\utorrentie.exe -> Cancellato
[PUP.HackTool][Cartella] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico -> Non selezionato
[PUP.HackTool][Cartella] C:\Program Files\KMSpico -> Non selezionato
¤¤¤ WMI : 0 ¤¤¤
¤¤¤ Archivio Hosts : 0 ¤¤¤
¤¤¤ Antirootkit : 0 (Driver: Caricato) ¤¤¤
¤¤¤ Web Browser : 0 ¤¤¤
¤¤¤ Controllo MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD10EZRZ-00HTKB0 +++++
--- User ---
[MBR] 6b6b814851958807e57439aad8cedc6b
[BSP] 6477699f8b68ebcafffc5e1198b847eb : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 500 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1026048 | Size: 953366 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
Error reading LL1 MBR! ([5] Accesso negato. )
Error reading LL2 MBR! ([5] Accesso negato. )
+++++ PhysicalDrive1: Crucial_CT250MX200SSD1 +++++
--- User ---
[MBR] 9b0328399babf4b2988ebfab2cb427ab
[BSP] 0986d6e5248b3a4e6f05d398a98cbec8 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 238022 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 487471104 | Size: 450 MB
Error reading LL1 MBR! ([5] Accesso negato. )
Error reading LL2 MBR! ([5] Accesso negato. )