Benvenuto Ospite

Cerca | Topic Attivi | Utenti | | Log In | Registra

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » ora che ho i due files di OTL cosa faccio? problemi di virus

2 pages: [1] 2

ora che ho i due files di OTL cosa faccio? problemi di virus

Opzioni

Topic Precedente · Topic Sucessivo

miknik

Inviato: Thursday, January 24, 2013 11:03:04 AM

Rank: Member

Iscritto dal : 1/24/2013
Posts: 12

Ciao Sono sono un nuovo utente chiedo un aiuto in quanto ho problemi con il mio pc (sistema operativo Vista 32 bit).
Da un po' di giorni la navigazione su web è molto rallentata e allora ho pensato avrò beccato un virus.
Come antivirus utilizzo Avast, la scansione completa non rileva nulla, ma poi mi hanno suggerito di controllare i file temporanei e nella cartella Temp ho trovato un sacco di roba mai vista, in sostanza anche se non visualizzo nulla appena mi connetto il pc naviga su pagine non autorizzate e scarica una marea di robaccia, il tutto ritengo sia nato da un aggiornamento di flash, è possibile? almeno mi pare che da allora sia iniziato il problema.

Allora ho agito come segue:
Ho scaricato adwcleaner: ho eliminato i risulati
poi ho scaricato Malwarebytes, risultato nulla
ma continuo ad avere lo stesso problema.

Chiedo il vostro prezioso aiuto, cosa devo fare? a presto Michele.

Sponsor

Inviato: Thursday, January 24, 2013 11:03:04 AM

shapiro

Inviato: Thursday, January 24, 2013 11:35:52 AM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164

ciao facciamo una prima analisi poi vediamo se e' il caso di proseguire con un tool di rimozione diretta

Scarica OTL e salvalo sul desktop

Metti la spunta su SCAN ALL USERS.

Sotto output, metti la spunta su minimal output

Clicca sulla freccettina di File Age e seleziona 60 Days

Metti la spunta a LOP Check e Purity Check.

Clicca su RUN SCAN

Lascia fare la scansione senza interferire.

Al termine della scansione trovi 2 log sul desktop. OTL.txt ed Extras.txt, salvali e caricali su Wikisend,

miknik

Inviato: Thursday, January 24, 2013 5:43:09 PM

Rank: Member

Iscritto dal : 1/24/2013
Posts: 12

CIAO GRAZIE PER LA RISPOSTA QUESTI SONO I DUE TXT, ANCORA GRAZIE, M.

http://wikisend.com/download/742724/Extras.Txt
http://wikisend.com/download/519518/OTL.Txt

miknik

Inviato: Saturday, January 26, 2013 9:29:26 AM

Rank: Member

Iscritto dal : 1/24/2013
Posts: 12

Ciao continuo ad avere gli stessi problemi, come posso procedere? grazie per la disponibilità, m.

miknik

Inviato: Saturday, January 26, 2013 3:50:19 PM

Rank: Member

Iscritto dal : 1/24/2013
Posts: 12

Ciao, ora che ho i due files di OTL, cosa faccio? grazie m.

solfami

Inviato: Saturday, January 26, 2013 4:57:33 PM

Rank: AiutAmico

Iscritto dal : 11/14/2003
Posts: 2,268

Salve
Se hai tanti file nei Temp vuol dire che non fai mai le pulizie.
http://www.aiutamici.com/software?ID=11223
Per portarti un po' avanti :cerca la cartella Prefech, aprila e svuotala.
Hai provato con un ripristino di configurazione a prima del "casino"?
Probabilmente ti chiederanno un log di questo
http://www.aiutamici.com/software?ID=11175

Gli autorizzati a risponderti sono in giro per saldi.
Saluti
Ops ! Bene è appena tornato Shapiro.

miknik

Inviato: Saturday, January 26, 2013 6:57:35 PM

Rank: Member

Iscritto dal : 1/24/2013
Posts: 12

forse è meglio che apetto istruzioni dai superespertoni, io sono totalmente imbranato non vorrei fare casini. Comunque ho fatto pulizie ma i problemi permangono, ion non lo vedo, ma è come se qualcuno navigasse per me in un browser parallelo, non è che mi si aprono pagine ma il computer si rallenta e poi nel temporanei trovo una marea di roba mai vista, grazie e speriamo in un intervento urgente!!!
m

shapiro

Inviato: Saturday, January 26, 2013 8:05:04 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164

adesso segui questa procedura

apri otl e copia questo codice nel box bianco del programma

Code:

:OTL
SRV - (CLTNetCnService) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (catchme) -- C:\Users\MICHEL~1\AppData\Local\Temp\catchme.sys File not found
DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found
O3 - HKU\S-1-5-21-2729452270-3402089170-694906330-1004\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-2729452270-3402089170-694906330-1004\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKU\S-1-5-21-2729452270-3402089170-694906330-1004..\Run: [2jxYu7FE82] C:\PROGRA~2\2jxYu7FE82.exe File not found
O4 - HKU\S-1-5-21-2729452270-3402089170-694906330-1004..\Run: [4fDELb5Ppd0zj5z] C:\PROGRA~2\4fDELb5Ppd0zj5z.exe File not found
O4 - HKU\S-1-5-21-2729452270-3402089170-694906330-1004..\Run: [4yeuBFYzfvKX6] C:\PROGRA~2\4yeuBFYzfvKX6.exe File not found
O4 - HKU\S-1-5-21-2729452270-3402089170-694906330-1004..\Run: [6YO9SeUe2] C:\PROGRA~2\6YO9SeUe2.exe File not found
O4 - HKU\S-1-5-21-2729452270-3402089170-694906330-1004..\Run: [AMVvHIhuSZVxYJbm] C:\PROGRA~2\AMVvHIhuSZVxYJbm.exe File not found
O4 - HKU\S-1-5-21-2729452270-3402089170-694906330-1004..\Run: [C93dDoEJEF] C:\PROGRA~2\C93dDoEJEF.exe File not found
O4 - HKU\S-1-5-21-2729452270-3402089170-694906330-1004..\Run: [cbDhmECJaGFjIqs] C:\PROGRA~2\cbDhmECJaGFjIqs.exe File not found
O4 - HKU\S-1-5-21-2729452270-3402089170-694906330-1004..\Run: [nHRh0qsI] C:\PROGRA~2\nHRh0qsI.exe File not found
O4 - HKU\S-1-5-21-2729452270-3402089170-694906330-1004..\Run: [NSUFloatingUI] "C:\Program Files\Sony\Network Utility\LANUtil.exe" File not found
O4 - HKU\S-1-5-21-2729452270-3402089170-694906330-1004..\Run: [OXsPWV1rp0FES] C:\PROGRA~2\OXsPWV1rp0FES.exe File not found
O4 - HKU\S-1-5-21-2729452270-3402089170-694906330-1004..\Run: [PAnqesw3diePO] C:\PROGRA~2\PAnqesw3diePO.exe File not found
O4 - HKU\S-1-5-21-2729452270-3402089170-694906330-1004..\Run: [qAvpuShh] C:\PROGRA~2\qAvpuShh.exe File not found
O4 - HKU\S-1-5-21-2729452270-3402089170-694906330-1004..\Run: [wrCXikqiKpX] C:\PROGRA~2\wrCXikqiKpX.exe File not found
O4 - HKU\S-1-5-21-2729452270-3402089170-694906330-1004..\Run: [YaezSsq74Iru1] C:\PROGRA~2\YaezSsq74Iru1.exe File not found
[2013/01/22 16.33.34 | 000,000,000 | --SD | C] -- C:\ComboFix
[2013/01/22 16.30.08 | 000,000,000 | ---D | C] -- C:\Qoobox

:Files
C:\ProgramData\~Jvk2AN2HVlECPir
C:\ProgramData\~Jvk2AN2HVlECPi
C:\ProgramData\Jvk2AN2HVlECPi
C:\Users\Michele Nicolosi\AppData\Roaming\Amgeeky
C:\Users\Michele Nicolosi\AppData\Roaming\Meon
C:\Users\Michele Nicolosi\AppData\Roaming\Qieb
C:\Users\Michele Nicolosi\AppData\Roaming\Sawoz
ipconfig /flushdns /c

:commands
[purity]
[Reboot]

clicca su run fix e allega il log che rilascia

fai anche una scansione con combofix

METTILO SUL DESKTOP
(non installare la recovery console)
Lascia lavorare il programma senza interferire
Allega il rapporto C:\ComboFix.txt nella tua risposta.

miknik

Inviato: Sunday, January 27, 2013 11:16:34 AM

Rank: Member

Iscritto dal : 1/24/2013
Posts: 12

Ciao ti riporto in calce il log di OTL.
Invece combofix non va, ho fatto in questo modo: ho scaricato su desktop, disabilitato avast e avviato il programma 11 ore ma nulla da fare.
Stamattina ho ancora lo stesso problema che ti ho già descritto.
che faccio? Grazie ancora, M.

Code:

========== OTL ==========
Error: No service named CLTNetCnService was found to stop!
Service\Driver key CLTNetCnService not found.
File C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon File not found not found.
Error: No service named NwlnkFwd was found to stop!
Service\Driver key NwlnkFwd not found.
File system32\DRIVERS\nwlnkfwd.sys File not found not found.
Error: No service named NwlnkFlt was found to stop!
Service\Driver key NwlnkFlt not found.
File system32\DRIVERS\nwlnkflt.sys File not found not found.
Error: No service named IpInIp was found to stop!
Service\Driver key IpInIp not found.
File system32\DRIVERS\ipinip.sys File not found not found.
Error: No service named catchme was found to stop!
Service\Driver key catchme not found.
File C:\Users\MICHEL~1\AppData\Local\Temp\catchme.sys File not found not found.
Error: No service named blbdrive was found to stop!
Service\Driver key blbdrive not found.
File C:\Windows\system32\drivers\blbdrive.sys File not found not found.
Registry value HKEY_USERS\S-1-5-21-2729452270-3402089170-694906330-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_USERS\S-1-5-21-2729452270-3402089170-694906330-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry value HKEY_USERS\S-1-5-21-2729452270-3402089170-694906330-1004\Software\Microsoft\Windows\CurrentVersion\Run\\2jxYu7FE82 not found.
Registry value HKEY_USERS\S-1-5-21-2729452270-3402089170-694906330-1004\Software\Microsoft\Windows\CurrentVersion\Run\\4fDELb5Ppd0zj5z not found.
Registry value HKEY_USERS\S-1-5-21-2729452270-3402089170-694906330-1004\Software\Microsoft\Windows\CurrentVersion\Run\\4yeuBFYzfvKX6 not found.
Registry value HKEY_USERS\S-1-5-21-2729452270-3402089170-694906330-1004\Software\Microsoft\Windows\CurrentVersion\Run\\6YO9SeUe2 not found.
Registry value HKEY_USERS\S-1-5-21-2729452270-3402089170-694906330-1004\Software\Microsoft\Windows\CurrentVersion\Run\\AMVvHIhuSZVxYJbm not found.
Registry value HKEY_USERS\S-1-5-21-2729452270-3402089170-694906330-1004\Software\Microsoft\Windows\CurrentVersion\Run\\C93dDoEJEF not found.
Registry value HKEY_USERS\S-1-5-21-2729452270-3402089170-694906330-1004\Software\Microsoft\Windows\CurrentVersion\Run\\cbDhmECJaGFjIqs not found.
Registry value HKEY_USERS\S-1-5-21-2729452270-3402089170-694906330-1004\Software\Microsoft\Windows\CurrentVersion\Run\\nHRh0qsI not found.
Registry value HKEY_USERS\S-1-5-21-2729452270-3402089170-694906330-1004\Software\Microsoft\Windows\CurrentVersion\Run\\NSUFloatingUI not found.
Registry value HKEY_USERS\S-1-5-21-2729452270-3402089170-694906330-1004\Software\Microsoft\Windows\CurrentVersion\Run\\OXsPWV1rp0FES not found.
Registry value HKEY_USERS\S-1-5-21-2729452270-3402089170-694906330-1004\Software\Microsoft\Windows\CurrentVersion\Run\\PAnqesw3diePO not found.
Registry value HKEY_USERS\S-1-5-21-2729452270-3402089170-694906330-1004\Software\Microsoft\Windows\CurrentVersion\Run\\qAvpuShh not found.
Registry value HKEY_USERS\S-1-5-21-2729452270-3402089170-694906330-1004\Software\Microsoft\Windows\CurrentVersion\Run\\wrCXikqiKpX not found.
Registry value HKEY_USERS\S-1-5-21-2729452270-3402089170-694906330-1004\Software\Microsoft\Windows\CurrentVersion\Run\\YaezSsq74Iru1 not found.
Folder C:\ComboFix\ not found.
Folder C:\Qoobox\ not found.
========== FILES ==========
File\Folder C:\ProgramData\~Jvk2AN2HVlECPir not found.
File\Folder C:\ProgramData\~Jvk2AN2HVlECPi not found.
File\Folder C:\ProgramData\Jvk2AN2HVlECPi not found.
File\Folder C:\Users\Michele Nicolosi\AppData\Roaming\Amgeeky not found.
File\Folder C:\Users\Michele Nicolosi\AppData\Roaming\Meon not found.
File\Folder C:\Users\Michele Nicolosi\AppData\Roaming\Qieb not found.
File\Folder C:\Users\Michele Nicolosi\AppData\Roaming\Sawoz not found.
[color=#A23BEC]< ipconfig /flushdns /c >[/color]
Configurazione IP di Windows
Cache del resolver DNS svuotata.
C:\Users\Michele Nicolosi\Desktop\cmd.bat deleted successfully.
C:\Users\Michele Nicolosi\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

OTL by OldTimer - Version 3.2.69.0 log created on 01262013_222921

shapiro

Inviato: Sunday, January 27, 2013 11:31:24 AM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164

apri otl clicca su cleanup dopo il riavvio scaricalo di nuovo ed esegui nuovamente la procedura che ti ho postato, quella che hai fatto e' fallita

scarica nuovamente combofix avvialo col tasto destro e come amministratore

segui attentamente i passaggi descritti, hai delle brutte infezioni

miknik

Inviato: Sunday, January 27, 2013 2:31:23 PM

Rank: Member

Iscritto dal : 1/24/2013
Posts: 12

Ciao ho eseguito con attenzione la procedura, ma ancora una volta combofix dopo al crezione dl punto di ripristino si è piantato (da circa 2 ore...) che faccio? interrompo e ti invio in log di otl o aspetto?

grazie, m

shapiro

Inviato: Sunday, January 27, 2013 3:15:58 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164

ferma combofix e allega il log di otl poi fai questa scansione

Scarica e installa malwarebytes
Aggiornalo: clicca sulla scheda "aggiornamenti" => "controlla aggiornamenti"
Esegui una "scansione completa" (seleziona l'opzione)
A scansione completa, fai clic su OK => Mostra i Risultati.
Assicurarti che tutto sia selezionato e clicca clic su Rimuovi selezionati.
Se ti chiede di riavviare, riavvia per completare il processo di pulizia.
Posta il rapporto .

miknik

Inviato: Sunday, January 27, 2013 4:19:32 PM

Rank: Member

Iscritto dal : 1/24/2013
Posts: 12

ciao questo è il log di OTL, la scansione di malwarebytes è in corso, credo ci vorranno un paio d'ore, m

Code:

========== OTL ==========
Error: No service named CLTNetCnService was found to stop!
Service\Driver key CLTNetCnService not found.
File C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon File not found not found.
Error: No service named NwlnkFwd was found to stop!
Service\Driver key NwlnkFwd not found.
File system32\DRIVERS\nwlnkfwd.sys File not found not found.
Error: No service named NwlnkFlt was found to stop!
Service\Driver key NwlnkFlt not found.
File system32\DRIVERS\nwlnkflt.sys File not found not found.
Error: No service named IpInIp was found to stop!
Service\Driver key IpInIp not found.
File system32\DRIVERS\ipinip.sys File not found not found.
Error: No service named catchme was found to stop!
Service\Driver key catchme not found.
File C:\Users\MICHEL~1\AppData\Local\Temp\catchme.sys File not found not found.
Error: No service named blbdrive was found to stop!
Service\Driver key blbdrive not found.
File C:\Windows\system32\drivers\blbdrive.sys File not found not found.
Registry value HKEY_USERS\S-1-5-21-2729452270-3402089170-694906330-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_USERS\S-1-5-21-2729452270-3402089170-694906330-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry value HKEY_USERS\S-1-5-21-2729452270-3402089170-694906330-1004\Software\Microsoft\Windows\CurrentVersion\Run\\2jxYu7FE82 not found.
Registry value HKEY_USERS\S-1-5-21-2729452270-3402089170-694906330-1004\Software\Microsoft\Windows\CurrentVersion\Run\\4fDELb5Ppd0zj5z not found.
Registry value HKEY_USERS\S-1-5-21-2729452270-3402089170-694906330-1004\Software\Microsoft\Windows\CurrentVersion\Run\\4yeuBFYzfvKX6 not found.
Registry value HKEY_USERS\S-1-5-21-2729452270-3402089170-694906330-1004\Software\Microsoft\Windows\CurrentVersion\Run\\6YO9SeUe2 not found.
Registry value HKEY_USERS\S-1-5-21-2729452270-3402089170-694906330-1004\Software\Microsoft\Windows\CurrentVersion\Run\\AMVvHIhuSZVxYJbm not found.
Registry value HKEY_USERS\S-1-5-21-2729452270-3402089170-694906330-1004\Software\Microsoft\Windows\CurrentVersion\Run\\C93dDoEJEF not found.
Registry value HKEY_USERS\S-1-5-21-2729452270-3402089170-694906330-1004\Software\Microsoft\Windows\CurrentVersion\Run\\cbDhmECJaGFjIqs not found.
Registry value HKEY_USERS\S-1-5-21-2729452270-3402089170-694906330-1004\Software\Microsoft\Windows\CurrentVersion\Run\\nHRh0qsI not found.
Registry value HKEY_USERS\S-1-5-21-2729452270-3402089170-694906330-1004\Software\Microsoft\Windows\CurrentVersion\Run\\NSUFloatingUI not found.
Registry value HKEY_USERS\S-1-5-21-2729452270-3402089170-694906330-1004\Software\Microsoft\Windows\CurrentVersion\Run\\OXsPWV1rp0FES not found.
Registry value HKEY_USERS\S-1-5-21-2729452270-3402089170-694906330-1004\Software\Microsoft\Windows\CurrentVersion\Run\\PAnqesw3diePO not found.
Registry value HKEY_USERS\S-1-5-21-2729452270-3402089170-694906330-1004\Software\Microsoft\Windows\CurrentVersion\Run\\qAvpuShh not found.
Registry value HKEY_USERS\S-1-5-21-2729452270-3402089170-694906330-1004\Software\Microsoft\Windows\CurrentVersion\Run\\wrCXikqiKpX not found.
Registry value HKEY_USERS\S-1-5-21-2729452270-3402089170-694906330-1004\Software\Microsoft\Windows\CurrentVersion\Run\\YaezSsq74Iru1 not found.
Folder C:\ComboFix\ not found.
Folder C:\Qoobox\ not found.
========== FILES ==========
File\Folder C:\ProgramData\~Jvk2AN2HVlECPir not found.
File\Folder C:\ProgramData\~Jvk2AN2HVlECPi not found.
File\Folder C:\ProgramData\Jvk2AN2HVlECPi not found.
File\Folder C:\Users\Michele Nicolosi\AppData\Roaming\Amgeeky not found.
File\Folder C:\Users\Michele Nicolosi\AppData\Roaming\Meon not found.
File\Folder C:\Users\Michele Nicolosi\AppData\Roaming\Qieb not found.
File\Folder C:\Users\Michele Nicolosi\AppData\Roaming\Sawoz not found.
[color=#A23BEC]< ipconfig /flushdns /c >[/color]
Configurazione IP di Windows
Cache del resolver DNS svuotata.
C:\Users\Michele Nicolosi\Desktop\cmd.bat deleted successfully.
C:\Users\Michele Nicolosi\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

OTL by OldTimer - Version 3.2.69.0 log created on 01272013_130938

miknik

Inviato: Sunday, January 27, 2013 11:16:01 PM

Rank: Member

Iscritto dal : 1/24/2013
Posts: 12

dopo 7h e 19' ecco il log di malwarebytes, non ha rilevato nulla.

Code:

Malwarebytes Anti-Malware (Prova) 1.70.0.1100
www.malwarebytes.org

Versione database: v2013.01.27.05

Windows Vista Service Pack 1 x86 NTFS
Internet Explorer 8.0.6001.19088
Michele Nicolosi :: PC-RICERCA [amministratore]

Protezione: Disattivata

27/01/2013 15.51.08
mbam-log-2013-01-27 (15-51-08).txt

Tipo di scansione: Scansione completa (C:\|D:\|E:\|F:\|)
Opzioni di scansione attive: Memoria | Esecuzione automatica | Registro | File di sistema | Euristica/Extra | Euristica/Shuriken | PUP | PUM
Opzioni di scansione disattivate: P2P
Elementi esaminati: 488988
Tempo impiegato: 7 ore, 19 minuti, 19 secondi

Processi rilevati in memoria: 0
(non sono stati rilevati elementi nocivi)

Moduli di memoria rilevati: 0
(non sono stati rilevati elementi nocivi)

Chiavi di registro rilevate: 0
(non sono stati rilevati elementi nocivi)

Valori di registro rilevati: 0
(non sono stati rilevati elementi nocivi)

Voci rilevate nei dati di registro: 0
(non sono stati rilevati elementi nocivi)

Cartelle rilevate: 0
(non sono stati rilevati elementi nocivi)

File rilevati: 0
(non sono stati rilevati elementi nocivi)

(fine)

shapiro

Inviato: Monday, January 28, 2013 1:04:50 AM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164

fai una nuova scansione con otl e fammi sapere come va il pc

miknik

Inviato: Monday, January 28, 2013 5:08:31 PM

Rank: Member

Iscritto dal : 1/24/2013
Posts: 12

Ciao anche oggi gli stessi problemi, ti riporto i log di otl, grazie, M

Code:

OTL Extras logfile created on: 28/01/2013 15.16.04 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Michele Nicolosi\Desktop
Windows Vista Business Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

1,99 Gb Total Physical Memory | 1,17 Gb Available Physical Memory | 59,02% Memory free
4,21 Gb Paging File | 3,28 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 85,62 Gb Total Space | 35,81 Gb Free Space | 41,82% Space Free | Partition Type: NTFS

Computer Name: PC-RICERCA | User Name: Michele Nicolosi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]

[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2729452270-3402089170-694906330-1004\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-2729452270-3402089170-694906330-1004]
"EnableNotifications" = 0
"EnableNotificationsRef" = 2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-2729452270-3402089170-694906330-1005]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]

[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{039C0385-BF33-4BDC-B030-AB2B3ED19941}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{3236147E-31BB-46E7-9C90-2CA461AFECF3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5B2D5094-73B6-4C9F-A360-F7B3EB4FC0F1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{63B0A484-E424-4596-A39B-F5433766C581}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{89DC2FCA-86B1-45FE-80DC-2DD63EDF33FF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{ABA05882-2C54-48C4-8F6C-E3546C530F6D}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{B95B44CB-81FA-4C98-9B1A-124027D6E6E7}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{DDC0CF54-382A-47D2-B86B-455F1638C391}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{30443077-0A0B-41C6-8BC8-F4B45F67CB62}" = protocol=6 | dir=in | app=c:\program files\google\google talk\googletalk.exe |
"{714644DA-7648-4716-A51F-0688B0738F5F}" = protocol=17 | dir=in | app=c:\program files\google\google talk\googletalk.exe |
"{91DCF6A3-32D2-4E0D-9921-A9AB52234571}" = dir=in | app=c:\program files\hp\hp deskjet 3070 b611 series\bin\hpnetworkcommunicator.exe |
"{A4701DE4-A6A9-4AB8-BFEB-FCAB27043CFE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B8A26BC6-F5CE-4960-B699-08085F7139A2}" = dir=in | app=c:\program files\hp\hp deskjet 3070 b611 series\bin\devicesetup.exe |
"TCP Query User{4BC05749-C70C-4874-918A-3484FC83E74D}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{7B1FC29E-0454-40CD-9B92-F835E28ACB53}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{7C21B7D9-6A65-4FB7-9786-FA189C99D3EE}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe |
"UDP Query User{35D22064-8A7B-4E3B-A833-7AB976ADE498}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{C2CFD40C-7597-4D5B-ADEF-870C4EEFC3DD}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe |
"UDP Query User{FE536A21-0BC6-4801-8EC4-9D24FC65DA90}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.1.0.2200
"{07159635-9DFE-4105-BFC0-2817DB540C68}" = Roxio Activation Module
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Toolbar
"{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}" = VAIO Launcher
"{1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}" = Microsoft Default Manager
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Strumento di caricamento di Windows Live
"{2063C2E8-3812-4BBD-9998-6610F80C1DD4}" = VAIO Media AC3 Decoder 1.0
"{206FD69B-F9FE-4164-81BD-D52552BC9C23}" = GearDrvs
"{21211B78-AC98-4D00-8B69-1B06707660ED}" = VAIO Media
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 11
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{32714140-CBC5-3FAF-BFC2-3A7376C3EECF}" = Microsoft .NET Framework 4 Client Profile ITA Language Pack
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F07C18C-6FD4-4746-A282-30D70571867C}" = Peripheral Device & Storage Media Restriction Setting Utility
"{500162A0-4DD5-460A-BAFD-895AAE48C532}" = VAIO Media Content Collection 6.0
"{55CA4086-0D2C-30E3-A7B5-C76BA737CECE}" = Microsoft .NET Framework 3.5 Language Pack SP1 - ita
"{560F6B2E-F0DF-44E5-8190-A4A161F0E205}" = VAIO Media 6.0
"{56345504-DE57-4528-A18B-A567D1E52928}" = ArcSoft Magic-i Visual Effects
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{5855C127-1F20-404D-B7FB-1FD84D7EAB5E}" = VAIO Media Redistribution 6.0
"{623B8278-8CAD-45C1-B844-58B687C07805}" = Bing Bar Platform
"{62D5B0B1-9E1D-4d66-A593-D68F3FED7709}" = Microsoft Works
"{6391CAF3-0AED-4D3F-B904-C6209EC0C88D}" = DVD-MovieAlbumSE 4.2
"{63A6E9A9-A190-46D4-9430-2DB28654AFD8}" = Norton 360
"{6970AAC9-A97B-4F89-A887-2F0636791E10}" = VAIO Status Monitor
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6D2576EC-A0E9-418A-A09A-409933A3B6F4}" = VAIO Camera Capture Utility
"{6D7BDA00-A4DA-49F9-BAE4-7FB71FAA4737}" = Windows Live Essentials
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{785EB1D4-ECEC-4195-99B4-73C47E187721}" = VAIO Media Integrated Server 6.1
"{79944FBA-45F7-4BBC-A999-10AA31D02653}" = Studio per il miglioramento del prodotto HP Deskjet 3070 B611 series
"{802889F8-6AF5-45A5-9764-CA5B999E50FC}" = VAIO Power Management
"{85DF2EED-08BC-46FB-90DA-28B0D0A8E8A8}" = HP Update
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110410-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0410-0000-0000000FF1CE}" = Pacchetto di compatibilità per Office System 2007
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{928B06E4-DDAA-476A-926A-641620326327}" = Microsoft Search Enhancement Pack
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9F20CE56-3828-432D-A3C5-3EC6A2ED93C6}" = HP Deskjet 3070 B611 series ?
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{AC76BA86-7AD7-1040-7B44-AA1000000001}" = Adobe Reader X (10.1.5) - Italiano
"{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}" = VAIO Media Registration Tool 6.0
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B7FB0C86-41A4-4402-9A33-912C462042A0}" = Roxio Easy Media Creator Home
"{BA06B694-0CFE-4A3E-81A7-9CED25B74E2B}" = Microsoft SQL Server Native Client
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{D6E6FA4A-5445-4850-8365-CF216C1CBB7A}" = Symantec Real Time Storage Protection Component
"{D8180615-29F2-4E4F-A14E-0BC060B67939}" = VAIO Media Registration Tool
"{DCEFDFAB-9543-4F03-ADAE-F6729C2B9966}" = Microsoft SQL Server VSS Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E31A24A7-CF73-42B7-8FA1-26644296C9E3}" = Windows Live Mail
"{E6707034-D7A4-49B1-94D0-F5AACE46F06C}" = Instant Mode
"{EE7DB529-5E8B-46BC-887E-A1968B26A227}" = Chiavetta Internet Olicard 100
"{F00EB0CA-ACB9-4A12-8E4B-6577C4318129}" = Software di base della periferica HP Deskjet 3070 B611 series
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0
"{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" =
"7-Zip" = 7-Zip 4.65
"Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0
"Alice MOBILE E1692" = Alice MOBILE E1692
"Atlante Mondiale 2.0" = Atlante Mondiale Microsoft Encarta
"avast" = avast! Internet Security
"Canon SELPHY CP740" = Canon SELPHY CP740
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"dt icon module" =
"gtfirstboot Setting Request" =
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP Photo Creations" = HP Photo Creations
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versione 1.70.0.1100
"MarketingTools" = Vaio Marketing Tools
"MFU Module" =
"Microsoft .NET Framework 3.5 Language Pack SP1 - ita" = Microsoft .NET Framework 3.5 - Language Pack SP1 (italiano)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile ITA Language Pack" = Microsoft .NET Framework 4 Client Profile - Language Pack (ITA)
"MusiqueDeinstKey" = Disinstallazione del CD-ROM musica
"OpenMG HotFix4.7-07-13-22-01" = OpenMG Limited Patch 4.7-07-15-19-01
"TIM - Huawei E220 Connection Manager" = TIM - Huawei E220 Connection Manager
"VAIO Help and Support" =
"VAIO_My Club VAIO" = My Club VAIO
"VAIO_Photoshop" =
"VAIO_Standard" =
"WinLiveSuite_Wave3" = Windows Live Essentials

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 01/04/2011 18.25.48 | Computer Name = PC-RICERCA | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 04/04/2011 11.53.09 | Computer Name = PC-RICERCA | Source = VzCdbSvc | ID = 7
Description = Impossibile caricare il modulo di plug-in. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Codice
errore = 0x80042019)

Error - 06/04/2011 1.23.18 | Computer Name = PC-RICERCA | Source = VzCdbSvc | ID = 7
Description = Impossibile caricare il modulo di plug-in. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Codice
errore = 0x80042019)

Error - 06/04/2011 1.32.05 | Computer Name = PC-RICERCA | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 06/04/2011 1.32.12 | Computer Name = PC-RICERCA | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 06/04/2011 12.11.10 | Computer Name = PC-RICERCA | Source = Application Hang | ID = 1002
Description = Il programma iexplore.exe versione 8.0.6001.19019 non interagisce
più con Windows ed è stato chiuso. Per vedere se sono disponibili ulteriori informazioni
sul problema, verificare la cronologia del problema in Segnalazioni di problemi
e soluzioni nel Pannello di controllo. ID processo: 132c Ora di avvio: 01cbf473060655f0
Ora
di chiusura: 15

Error - 06/04/2011 12.43.44 | Computer Name = PC-RICERCA | Source = VzCdbSvc | ID = 7
Description = Impossibile caricare il modulo di plug-in. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Codice
errore = 0x80042019)

Error - 06/04/2011 15.18.18 | Computer Name = PC-RICERCA | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 06/04/2011 15.18.19 | Computer Name = PC-RICERCA | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 07/04/2011 2.27.50 | Computer Name = PC-RICERCA | Source = VzCdbSvc | ID = 7
Description = Impossibile caricare il modulo di plug-in. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Codice
errore = 0x80042019)

[ System Events ]
Error - 27/01/2013 10.50.48 | Computer Name = PC-RICERCA | Source = Ntfs | ID = 262199
Description = La struttura del file system del disco è danneggiata e inutilizzabile.
Eseguire
l'utilità chkdsk sul volume .

Error - 27/01/2013 18.17.39 | Computer Name = PC-RICERCA | Source = DCOM | ID = 10010
Description =

Error - 28/01/2013 9.32.07 | Computer Name = PC-RICERCA | Source = Ntfs | ID = 262199
Description = La struttura del file system del disco è danneggiata e inutilizzabile.
Eseguire
l'utilità chkdsk sul volume .

Error - 28/01/2013 9.32.23 | Computer Name = PC-RICERCA | Source = HTTP | ID = 15016
Description =

Error - 28/01/2013 9.32.55 | Computer Name = PC-RICERCA | Source = Ntfs | ID = 262199
Description = La struttura del file system del disco è danneggiata e inutilizzabile.
Eseguire
l'utilità chkdsk sul volume .

Error - 28/01/2013 9.33.32 | Computer Name = PC-RICERCA | Source = Service Control Manager | ID = 7000
Description =

Error - 28/01/2013 9.33.32 | Computer Name = PC-RICERCA | Source = Service Control Manager | ID = 7034
Description =

Error - 28/01/2013 9.33.46 | Computer Name = PC-RICERCA | Source = Ntfs | ID = 262199
Description = La struttura del file system del disco è danneggiata e inutilizzabile.
Eseguire
l'utilità chkdsk sul volume .

Error - 28/01/2013 9.53.07 | Computer Name = PC-RICERCA | Source = Ntfs | ID = 262199
Description = La struttura del file system del disco è danneggiata e inutilizzabile.
Eseguire
l'utilità chkdsk sul volume .

Error - 28/01/2013 9.54.16 | Computer Name = PC-RICERCA | Source = Ntfs | ID = 262199
Description = La struttura del file system del disco è danneggiata e inutilizzabile.
Eseguire
l'utilità chkdsk sul volume .

< End of report >

Code:

OTL logfile created on: 28/01/2013 15.16.04 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Michele Nicolosi\Desktop
Windows Vista Business Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

1,99 Gb Total Physical Memory | 1,17 Gb Available Physical Memory | 59,02% Memory free
4,21 Gb Paging File | 3,28 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 85,62 Gb Total Space | 35,81 Gb Free Space | 41,82% Space Free | Partition Type: NTFS

Computer Name: PC-RICERCA | User Name: Michele Nicolosi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - C:\Users\Michele Nicolosi\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programmi\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Programmi\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Programmi\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Programmi\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Programmi\AVAST Software\Avast\afwServ.exe (AVAST Software)
PRC - C:\Programmi\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Programmi\Chiavetta Internet Olicard 100\TimMonitor.exe ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programmi\Sony\VAIO Power Management\OPT Drive Power Saving.exe (Sony Corporation)
PRC - C:\Programmi\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
PRC - C:\Programmi\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe (ArcSoft, Inc.)
PRC - C:\Programmi\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
PRC - C:\Programmi\Apoint\ApntEx.exe (Alps Electric Co., Ltd.)
PRC - C:\Programmi\Apoint\ApMsgFwd.exe (Alps Electric Co., Ltd.)
PRC - C:\Programmi\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
PRC - C:\Programmi\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)
PRC - C:\Programmi\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
PRC - C:\Programmi\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Programmi\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation)
PRC - C:\Programmi\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
PRC - C:\Programmi\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)

[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - C:\Programmi\Chiavetta Internet Olicard 100\TimMonitor.exe ()
MOD - C:\Windows\System32\igfxTMM.dll ()

[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - (AdobeARMservice) -- C:\Programmi\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Programmi\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Programmi\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (avast! Antivirus) -- C:\Programmi\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (avast! Firewall) -- C:\Programmi\AVAST Software\Avast\afwServ.exe (AVAST Software)
SRV - (SeaPort) -- C:\Programmi\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Programmi\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (WinDefend) -- C:\Programmi\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Programmi\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (uCamMonitor) -- C:\Programmi\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe (ArcSoft, Inc.)
SRV - (VzFw) -- C:\Programmi\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)
SRV - (VzCdbSvc) -- C:\Programmi\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
SRV - (VAIO Event Service) -- C:\Programmi\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Programmi\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)
SRV - (Vcsw) -- C:\Programmi\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-AppServer) -- C:\Programmi\Sony\VAIO Media Integrated Server\VMISrv.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-Mobile-Gateway) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-UCLS-UPnP) -- C:\Programmi\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-UPnP) -- C:\Programmi\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-UCLS-HTTP) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-HTTP) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe (Sony Corporation)
SRV - (SQLWriter) -- C:\Programmi\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
SRV - (VAIOMediaPlatform-UCLS-AppServer) -- C:\Programmi\Sony\VAIO Media Integrated Server\UCLS.exe (Sony Corporation)
SRV - (IviRegMgr) -- C:\Programmi\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
SRV - (MSCSPTISRV) -- C:\Programmi\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation)
SRV - (SPTISRV) -- C:\Programmi\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation)
SRV - (PACSPTISVR) -- C:\Programmi\Common Files\Sony Shared\AVLib\PACSPTISVR.exe ()
SRV - (ose) -- C:\Programmi\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - (catchme) -- C:\Users\MICHEL~1\AppData\Local\Temp\catchme.sys File not found
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswNdis2) -- C:\Windows\System32\drivers\aswNdis2.sys (AVAST Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (AswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswFW) -- C:\Windows\System32\drivers\aswFW.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (aswKbd) -- C:\Windows\System32\drivers\aswKbd.sys (AVAST Software)
DRV - (aswNdis) -- C:\Windows\System32\drivers\aswNdis.sys (ALWIL Software)
DRV - (eeCtrl) -- C:\Programmi\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (pmx3gnet) -- C:\Windows\System32\drivers\pmx3gnet.sys (Olivetti)
DRV - (pmx3gmdm) -- C:\Windows\System32\drivers\pmx3gmdm.sys (Olivetti)
DRV - (ewusbnet) -- C:\Windows\System32\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV - (hwusbfake) -- C:\Windows\System32\drivers\ewusbfake.sys (Huawei Technologies Co., Ltd.)
DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (NAVEX15) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20080427.009\NAVEX15.SYS (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20080427.009\NAVENG.SYS (Symantec Corporation)
DRV - (SRTSPL) -- C:\Windows\System32\drivers\srtspl.sys (Symantec Corporation)
DRV - (SRTSP) -- C:\Windows\System32\drivers\srtsp.sys (Symantec Corporation)
DRV - (SRTSPX) -- C:\Windows\System32\drivers\srtspx.sys (Symantec Corporation)
DRV - (risdptsk) -- C:\Windows\System32\drivers\risdptsk.sys (REDC)
DRV - (ArcSoftKsUFilter) -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.)
DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (shpf) -- C:\Windows\System32\drivers\shpf.sys (Sony Corporation)
DRV - (NETw4v32) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation)
DRV - (DMICall) -- C:\Windows\System32\drivers\DMICall.sys (Sony Corporation)
DRV - (SFEP) -- C:\Windows\System32\drivers\SFEP.sys (Sony Corporation)
DRV - (SPI) -- C:\Windows\System32\drivers\SonyPI.sys (Sony Corporation)
DRV - (R5U870FLx86) -- C:\Windows\System32\drivers\R5U870FLx86.sys (Ricoh)
DRV - (R5U870FUx86) -- C:\Windows\System32\drivers\R5U870FUx86.sys (Ricoh)
DRV - (WimFltr) -- C:\Windows\System32\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (regi) -- C:\Windows\System32\drivers\regi.sys (InterVideo)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (TPM) -- C:\Windows\System32\drivers\tpm.sys (Microsoft Corporation)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{08B28BA1-EA54-41A6-8E82-F3642F7B7738}: "URL" = http://www.google.it/search?hl=it&q={searchTerms}&meta=

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2729452270-3402089170-694906330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com
IE - HKU\S-1-5-21-2729452270-3402089170-694906330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://partnerpage.google.com/eu.s [Binary data over 200 bytes]
IE - HKU\S-1-5-21-2729452270-3402089170-694906330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-2729452270-3402089170-694906330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-2729452270-3402089170-694906330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
IE - HKU\S-1-5-21-2729452270-3402089170-694906330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2729452270-3402089170-694906330-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2729452270-3402089170-694906330-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-2729452270-3402089170-694906330-1004\..\SearchScopes\{08B28BA1-EA54-41A6-8E82-F3642F7B7738}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADRA_it
IE - HKU\S-1-5-21-2729452270-3402089170-694906330-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-2729452270-3402089170-694906330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "www.google.it"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/12/10 23.42.05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2012/12/26 16.56.23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2012/12/26 16.56.44 | 000,000,000 | ---D | M]

[2012/11/01 07.15.10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michele Nicolosi\AppData\Roaming\mozilla\Extensions

O1 HOSTS File: ([2006/09/18 22.41.30 | 000,000,761 | -H-- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Supporto di collegamento per Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programmi\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Programmi\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (@C:\Program Files\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Programmi\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [AML] C:\Program Files\Sony\VAIO Launcher\AML.exe (Sony)
O4 - HKLM..\Run: [Apoint] C:\Programmi\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [TimMonitor] C:\Program Files\Chiavetta Internet Olicard 100\TimMonitor.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2729452270-3402089170-694906330-1004..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe File not found
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-2729452270-3402089170-694906330-1004\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-2729452270-3402089170-694906330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&sporta in Microsoft Excel - C:\Programmi\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Invia immagine alla periferica &Bluetooth... - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Invia pagina alla periferica &Bluetooth... - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programmi\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2729452270-3402089170-694906330-1004\..Trusted Domains: ebay.co.uk ([www] http in Siti attendibili)
O15 - HKU\S-1-5-21-2729452270-3402089170-694906330-1004\..Trusted Domains: ebay.fr ([www] * in Siti attendibili)
O15 - HKU\S-1-5-21-2729452270-3402089170-694906330-1004\..Trusted Domains: ebay.it ([www] * in Siti attendibili)
O15 - HKU\S-1-5-21-2729452270-3402089170-694906330-1004\..Trusted Domains: google.it ([www] * in Siti attendibili)
O15 - HKU\S-1-5-21-2729452270-3402089170-694906330-1004\..Trusted Domains: ilmeteo.it ([www] * in Siti attendibili)
O15 - HKU\S-1-5-21-2729452270-3402089170-694906330-1004\..Trusted Domains: intesanpaolo.com ([www] * in Siti attendibili)
O15 - HKU\S-1-5-21-2729452270-3402089170-694906330-1004\..Trusted Domains: miur.it ([www] * in Siti attendibili)
O15 - HKU\S-1-5-21-2729452270-3402089170-694906330-1004\..Trusted Domains: tiscali.it ([www] * in Siti attendibili)
O15 - HKU\S-1-5-21-2729452270-3402089170-694906330-1004\..Trusted Domains: unimib.it ([www] * in Siti attendibili)
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bitdefender.com/qsax/qsax.cab (Bitdefender QuickScan Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{21DC8D6A-6279-4F96-99A8-0BCA4E9496C7}: DhcpNameServer = 193.70.152.25 193.70.192.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{37B2980E-4C7D-44A3-A289-3EC7D4EE26DD}: NameServer = 149.132.2.3
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{520D82A6-C608-42EA-BB71-CD5C2C1E53EB}: DhcpNameServer = 213.230.130.222 217.200.200.42
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AE38E0A0-544E-4B31-83F2-9F6343B33416}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programmi\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programmi\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programmi\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programmi\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programmi\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22.43.36 | 000,000,024 | -H-- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{1f1563e8-9e18-11de-8273-001e3d3def78}\Shell\AutoRun\command - "" = Brondi.exe
O33 - MountPoints2\{24bbde97-8c0a-11e0-b6da-ca47c88c261d}\Shell - "" = AutoRun
O33 - MountPoints2\{24bbde97-8c0a-11e0-b6da-ca47c88c261d}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{24bbdea2-8c0a-11e0-b6da-fdcb485ec238}\Shell - "" = AutoRun
O33 - MountPoints2\{24bbdea2-8c0a-11e0-b6da-fdcb485ec238}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{24bbdeb0-8c0a-11e0-b6da-aaa70d77c552}\Shell - "" = AutoRun
O33 - MountPoints2\{24bbdeb0-8c0a-11e0-b6da-aaa70d77c552}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{5017966c-79d6-11df-9234-001e3d3def78}\Shell - "" = AutoRun
O33 - MountPoints2\{5017966c-79d6-11df-9234-001e3d3def78}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{5017966e-79d6-11df-9234-001e3d3def78}\Shell - "" = AutoRun
O33 - MountPoints2\{5017966e-79d6-11df-9234-001e3d3def78}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{5332aa3f-c5bf-11e1-8249-907231138cf3}\Shell - "" = AutoRun
O33 - MountPoints2\{5332aa3f-c5bf-11e1-8249-907231138cf3}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{c6814f06-92e4-11e0-9a66-89727ead3e31}\Shell - "" = AutoRun
O33 - MountPoints2\{c6814f06-92e4-11e0-9a66-89727ead3e31}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{d748ce0e-a78b-11e0-a7d5-e7bd932a59b1}\Shell - "" = AutoRun
O33 - MountPoints2\{d748ce0e-a78b-11e0-a7d5-e7bd932a59b1}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{ef725547-7910-11df-841a-001e3d3def78}\Shell - "" = AutoRun
O33 - MountPoints2\{ef725547-7910-11df-841a-001e3d3def78}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{ef725593-7910-11df-841a-001e3d3def78}\Shell - "" = AutoRun
O33 - MountPoints2\{ef725593-7910-11df-841a-001e3d3def78}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-2729452270-3402089170-694906330-1004\...exe [@ = exefile] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

[color=#E56717]========== Files/Folders - Created Within 360 Days ==========[/color]

[2013/01/27 15.32.20 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/01/27 13.16.49 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/01/27 13.16.48 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/01/27 13.16.48 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/01/27 13.15.34 | 000,000,000 | --SD | C] -- C:\ComboFix
[2013/01/27 13.14.15 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/01/27 13.11.39 | 005,027,618 | R--- | C] (Swearware) -- C:\Users\Michele Nicolosi\Desktop\ComboFix.exe
[2013/01/27 12.46.24 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/01/27 12.13.52 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Michele Nicolosi\Desktop\OTL.exe
[2013/01/24 17.18.23 | 000,000,000 | ---D | C] -- C:\Users\Michele Nicolosi\Desktop\miknik1
[2013/01/23 13.42.53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/01/23 13.42.43 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013/01/23 13.42.42 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/01/22 23.18.44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Internet Security
[2013/01/22 23.18.32 | 000,106,560 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFW.sys
[2013/01/22 23.15.03 | 000,199,320 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswNdis2.sys
[2013/01/22 23.14.59 | 000,020,624 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswKbd.sys
[2013/01/22 23.14.10 | 000,012,112 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswNdis.sys
[2013/01/22 16.28.25 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/01/22 16.28.06 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2013/01/22 11.03.09 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2013/01/17 22.57.06 | 000,000,000 | ---D | C] -- C:\Users\Michele Nicolosi\AppData\Roaming\Malwarebytes
[2013/01/17 22.56.48 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/01/08 23.13.05 | 000,000,000 | ---D | C] -- C:\Users\Michele Nicolosi\AppData\Roaming\QuickScan
[2013/01/02 15.54.54 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
[2012/12/26 16.57.33 | 000,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard
[2012/12/26 16.56.09 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Toolbar
[2012/12/26 16.55.43 | 000,000,000 | ---D | C] -- C:\Program Files\Bing Bar Installer
[2012/12/26 16.55.03 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Photo Creations
[2012/12/26 16.55.03 | 000,000,000 | ---D | C] -- C:\Program Files\HP Photo Creations
[2012/12/26 16.54.13 | 000,000,000 | ---D | C] -- C:\Users\Michele Nicolosi\AppData\Roaming\HpUpdate
[2012/12/26 16.53.03 | 000,544,616 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\System32\HPDiscoPMa211.dll
[2012/12/26 16.52.59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2012/12/26 16.49.23 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2012/12/26 16.49.16 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2012/12/26 16.48.17 | 000,000,000 | ---D | C] -- C:\Users\Michele Nicolosi\AppData\Local\HP
[2012/12/10 23.43.07 | 000,021,256 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012/12/10 23.43.06 | 000,361,032 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012/12/10 23.42.58 | 000,035,928 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2012/12/10 23.42.55 | 000,054,232 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012/12/10 23.42.51 | 000,738,504 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2012/12/10 23.42.48 | 000,058,680 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012/12/10 23.41.44 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/12/10 23.41.42 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2012/11/27 22.20.53 | 010,217,672 | ---- | C] (Adobe Systems Incorporated) -- C:\Users\Michele Nicolosi\Desktop\Adobe Flash Player.exe
[2012/11/24 21.19.51 | 000,697,272 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/11/24 21.19.51 | 000,073,656 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/11/03 15.17.40 | 000,000,000 | ---D | C] -- C:\Users\Michele Nicolosi\AppData\Local\Macromedia
[2012/11/02 23.55.47 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2012/11/01 07.14.44 | 000,000,000 | ---D | C] -- C:\Users\Michele Nicolosi\AppData\Roaming\Mozilla
[2012/11/01 07.14.21 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/11/01 07.14.11 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012/10/11 22.57.08 | 000,000,000 | ---D | C] -- C:\Users\Michele Nicolosi\AppData\Local\Deployment
[2012/06/05 20.09.38 | 000,000,000 | ---D | C] -- C:\Users\Michele Nicolosi\AppData\Roaming\Coza
[2012/02/23 00.04.10 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012/02/23 00.04.10 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/02/21 14.04.14 | 000,000,000 | ---D | C] -- C:\Users\Michele Nicolosi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gruppo di programmi (1)
[2012/02/21 12.03.13 | 000,000,000 | ---D | C] -- C:\Users\Michele Nicolosi\AppData\Local\MigWiz
[2012/02/21 10.08.52 | 000,000,000 | ---D | C] -- C:\f2885acb31a7b14b6c0926
[2012/02/21 00.32.56 | 000,000,000 | ---D | C] -- C:\Users\Michele Nicolosi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Check
[2012/02/16 22.04.52 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012/02/16 22.04.37 | 000,000,000 | -H-D | C] -- C:\Program Files\Microsoft Silverlight
[2012/02/14 20.26.54 | 000,000,000 | ---D | C] -- C:\Users\Michele Nicolosi\AppData\Local\PackageAware
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 360 Days ==========[/color]

[2013/01/28 15.23.16 | 000,000,978 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/01/28 15.01.01 | 000,000,278 | ---- | M] () -- C:\Windows\tasks\HP Photo Creations Messager.job
[2013/01/28 14.54.45 | 000,001,823 | ---- | M] () -- C:\Users\Michele Nicolosi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitora avvisi inchiostro - HP Deskjet 3070 B611 series (Rete).lnk
[2013/01/28 14.32.22 | 000,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/28 14.32.22 | 000,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/28 14.32.13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/01/28 14.32.07 | 2137,100,288 | -HS- | M] () -- C:\hiberfil.sys
[2013/01/27 23.18.20 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2013/01/27 13.11.38 | 005,027,618 | R--- | M] (Swearware) -- C:\Users\Michele Nicolosi\Desktop\ComboFix.exe
[2013/01/27 12.14.02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Michele Nicolosi\Desktop\OTL.exe
[2013/01/27 12.06.26 | 000,406,408 | -H-- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/01/24 17.18.47 | 000,018,745 | ---- | M] () -- C:\Users\Michele Nicolosi\Desktop\miknik1.zip
[2013/01/23 13.42.53 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/01/22 23.18.45 | 000,001,829 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2013/01/22 12.39.46 | 000,574,315 | ---- | M] () -- C:\Users\Michele Nicolosi\Desktop\adwcleaner.exe
[2013/01/16 23.30.30 | 306,973,106 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/12/26 16.55.29 | 000,001,788 | ---- | M] () -- C:\Users\Public\Desktop\HP Photo Creations.lnk
[2012/12/26 16.53.00 | 000,002,139 | ---- | M] () -- C:\Users\Public\Desktop\HP Deskjet 3070 B611 series.lnk
[2012/12/26 16.53.00 | 000,001,809 | ---- | M] () -- C:\Users\Public\Desktop\HP ePrintCenter - HP Deskjet 3070 B611 series.lnk
[2012/12/26 16.53.00 | 000,001,097 | ---- | M] () -- C:\Users\Public\Desktop\Acquisto materiali di consumo - HP Deskjet 3070 B611 series.lnk
[2012/12/26 16.49.01 | 000,000,057 | ---- | M] () -- C:\ProgramData\Ament.ini
[2012/12/17 18.47.43 | 000,021,885 | ---- | M] () -- C:\Users\Michele Nicolosi\Desktop\_1217121205_001.pdf
[2012/12/14 16.49.28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/12/10 23.30.52 | 000,002,150 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/12/10 23.24.08 | 000,000,430 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2012/12/03 23.13.44 | 000,031,478 | ---- | M] () -- C:\Users\Michele Nicolosi\Desktop\ricevuta 4-2012.rtf
[2012/12/03 23.01.43 | 000,032,039 | ---- | M] () -- C:\Users\Michele Nicolosi\Desktop\ricevuta 3-2012.rtf
[2012/11/27 22.22.54 | 010,217,672 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\Michele Nicolosi\Desktop\Adobe Flash Player.exe
[2012/11/24 21.19.51 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/11/24 21.19.51 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/10/30 23.51.58 | 000,738,504 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2012/10/30 23.51.58 | 000,361,032 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012/10/30 23.51.58 | 000,199,320 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswNdis2.sys
[2012/10/30 23.51.58 | 000,054,232 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012/10/30 23.51.58 | 000,035,928 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2012/10/30 23.51.57 | 000,058,680 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012/10/30 23.51.56 | 000,106,560 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFW.sys
[2012/10/30 23.51.56 | 000,021,256 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012/10/30 23.51.56 | 000,020,624 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswKbd.sys
[2012/10/30 23.51.07 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/10/30 23.50.59 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2012/10/08 09.17.46 | 000,004,461 | ---- | M] () -- C:\Users\Michele Nicolosi\Desktop\michele.nicolosi@unimib.it.p12
[2012/09/21 10.26.08 | 000,012,112 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswNdis.sys
[2012/05/31 11.25.14 | 000,237,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2012/05/28 20.22.19 | 000,000,680 | ---- | M] () -- C:\Users\Michele Nicolosi\AppData\Local\d3d9caps.dat
[2012/02/27 21.00.37 | 000,379,047 | ---- | M] () -- C:\Users\Michele Nicolosi\Desktop\SchedaTecnicaProgetto.mht
[2012/02/22 07.15.13 | 000,000,293 | ---- | M] () -- C:\Users\Michele Nicolosi\Desktop\Disco locale (C) - collegamento.lnk
[2012/02/21 13.55.55 | 000,001,768 | ---- | M] () -- C:\Users\Michele Nicolosi\pcufficio.RDP
[2012/02/21 13.49.32 | 000,001,768 | ---- | M] () -- C:\Users\Michele Nicolosi\Desktop\pcufficio.RDP
[2012/02/21 13.47.29 | 000,001,768 | ---- | M] () -- C:\Users\Michele Nicolosi\Documents\pcufficio.RDP
[2012/02/21 11.33.32 | 000,196,608 | -H-- | M] () -- C:\Windows\System32\Ikeext.etl
[2012/02/13 23.19.55 | 000,671,944 | -H-- | M] () -- C:\Windows\System32\perfh010.dat
[2012/02/13 23.19.55 | 000,595,996 | -H-- | M] () -- C:\Windows\System32\perfh009.dat
[2012/02/13 23.19.55 | 000,123,464 | -H-- | M] () -- C:\Windows\System32\perfc010.dat
[2012/02/13 23.19.55 | 000,104,070 | -H-- | M] () -- C:\Windows\System32\perfc009.dat
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2013/01/27 13.16.49 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/01/27 13.16.48 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/01/27 13.16.48 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/01/27 13.16.48 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/01/27 13.16.48 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/01/24 17.18.47 | 000,018,745 | ---- | C] () -- C:\Users\Michele Nicolosi\Desktop\miknik1.zip
[2013/01/23 13.42.53 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/01/22 23.18.45 | 000,001,829 | ---- | C] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2013/01/22 12.39.44 | 000,574,315 | ---- | C] () -- C:\Users\Michele Nicolosi\Desktop\adwcleaner.exe
[2012/12/26 17.01.19 | 000,001,823 | ---- | C] () -- C:\Users\Michele Nicolosi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitora avvisi inchiostro - HP Deskjet 3070 B611 series (Rete).lnk
[2012/12/26 16.56.52 | 000,001,241 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Default Manager.lnk
[2012/12/26 16.55.29 | 000,001,788 | ---- | C] () -- C:\Users\Public\Desktop\HP Photo Creations.lnk
[2012/12/26 16.55.20 | 000,000,278 | ---- | C] () -- C:\Windows\tasks\HP Photo Creations Messager.job
[2012/12/26 16.53.00 | 000,002,139 | ---- | C] () -- C:\Users\Public\Desktop\HP Deskjet 3070 B611 series.lnk
[2012/12/26 16.53.00 | 000,001,809 | ---- | C] () -- C:\Users\Public\Desktop\HP ePrintCenter - HP Deskjet 3070 B611 series.lnk
[2012/12/26 16.53.00 | 000,001,097 | ---- | C] () -- C:\Users\Public\Desktop\Acquisto materiali di consumo - HP Deskjet 3070 B611 series.lnk
[2012/12/26 16.49.01 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2012/12/17 18.47.51 | 000,021,885 | ---- | C] () -- C:\Users\Michele Nicolosi\Desktop\_1217121205_001.pdf
[2012/12/10 23.06.48 | 000,002,150 | ---- | C] () -- C:\Windows\epplauncher.mif
[2012/12/03 23.02.18 | 000,031,478 | ---- | C] () -- C:\Users\Michele Nicolosi\Desktop\ricevuta 4-2012.rtf
[2012/12/03 23.01.43 | 000,032,039 | ---- | C] () -- C:\Users\Michele Nicolosi\Desktop\ricevuta 3-2012.rtf
[2012/11/24 21.19.53 | 000,000,978 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/04/14 08.53.20 | 000,002,425 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/03/13 22.30.20 | 000,000,430 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2012/02/27 21.00.36 | 000,379,047 | ---- | C] () -- C:\Users\Michele Nicolosi\Desktop\SchedaTecnicaProgetto.mht
[2012/02/22 07.15.13 | 000,000,293 | ---- | C] () -- C:\Users\Michele Nicolosi\Desktop\Disco locale (C) - collegamento.lnk
[2012/02/21 13.55.54 | 000,001,768 | ---- | C] () -- C:\Users\Michele Nicolosi\pcufficio.RDP
[2012/02/21 13.46.16 | 000,001,768 | ---- | C] () -- C:\Users\Michele Nicolosi\Documents\pcufficio.RDP
[2012/02/21 13.36.37 | 000,000,680 | ---- | C] () -- C:\Users\Michele Nicolosi\AppData\Local\d3d9caps.dat
[2011/11/15 11.47.45 | 000,000,767 | ---- | C] () -- C:\Users\Michele Nicolosi\AppData\Local\recently-used.xbel
[2011/10/15 20.51.49 | 000,000,127 | -H-- | C] () -- C:\Windows\System32\MRT.INI
[2011/06/08 22.49.42 | 001,929,576 | ---- | C] () -- C:\Windows\System32\HPScanTRDrv_DJ3070_B611.dll
[2011/05/17 14.30.43 | 000,004,096 | ---- | C] () -- C:\Users\Michele Nicolosi\AppData\Local\keyfile3.drm
[2009/09/11 12.50.26 | 000,006,144 | ---- | C] () -- C:\Users\Michele Nicolosi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2006/11/02 13.54.18 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011/01/21 16.46.32 | 011,582,464 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/03/03 05.36.24 | 000,615,424 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/01/19 08.36.49 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== LOP Check ==========[/color]

[2008/07/13 21.07.53 | 000,000,000 | -H-D | M] -- C:\Users\Giampaolo\AppData\Roaming\InterVideo
[2008/03/14 09.43.58 | 000,000,000 | -H-D | M] -- C:\Users\Giampaolo\AppData\Roaming\Template
[2010/05/17 07.13.46 | 000,000,000 | -H-D | M] -- C:\Users\Laura xxxxxx\AppData\Roaming\InterVideo
[2012/09/21 20.34.46 | 000,000,000 | ---D | M] -- C:\Users\Michele Nicolosi\AppData\Roaming\Coza
[2010/04/10 09.10.18 | 000,000,000 | ---D | M] -- C:\Users\Michele Nicolosi\AppData\Roaming\InterVideo
[2013/01/08 23.13.26 | 000,000,000 | ---D | M] -- C:\Users\Michele Nicolosi\AppData\Roaming\QuickScan
[2010/06/17 08.46.47 | 000,000,000 | ---D | M] -- C:\Users\Michele Nicolosi\AppData\Roaming\Uniblue

[color=#E56717]========== Purity Check ==========[/color]

< End of report >

maopapof

Inviato: Monday, January 28, 2013 6:30:23 PM

Rank: AiutAmico

Iscritto dal : 10/31/2004
Posts: 7,185

ciao

Eseguire
l'utilità chkdsk sul volume ....................... quindi fai scandisk con 2 spunte sulle caselle ...grazie e poi

quale è la tua velocità in net ?

fai una foto e mostracela ...., http://www.speedtest.net/index.php

miknik

Inviato: Monday, January 28, 2013 7:07:28 PM

Rank: Member

Iscritto dal : 1/24/2013
Posts: 12

vediamo se ho fatto giusto: comando esegui chkdsk, mi dice accesso negato,
la velocità:
PING 814ms
Dowload 4,47
Upload 0.29

grazie, m

r16

Inviato: Monday, January 28, 2013 7:15:55 PM

Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016

Ciao.
Forse è meglio se aggiorni il S.O al SP2 per Vista:
http://www.microsoft.com/it-it/download/details.aspx?id=15278
Una volta installato e riavviato il pc, rifai la scansione con OTL.
Per postare il log segui queste indicazioni:

Collegati ad internet e vai alla pagina WikiSend:
http://www.wikisend.com/
Clicca sul bottone "Sfoglia"
Seleziona il file appena salvato
Clicca su Upload file
Dopo qualche secondo, vieni spostato su una nuova pagina con il link in diversi formati:
Download Link / Forum Link
Seleziona Forum Link, copialo e incollalo in un nuovo messaggio per il forum.
Poi segui le indicazioni di Shapiro.

Utenti presenti in questo topic

2 pages: [1] 2

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » ora che ho i due files di OTL cosa faccio? problemi di virus

Salta al Forum

Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS :

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.

Invia topic via Email

RSS Feed

Watch this topic

Stampa topic

Normale

Threaded