Punto informatico Network
Login Esegui login | Non sei registrato? Iscriviti ora (è gratuito!)
Username: Password:
  • Annuncio Pubblicitario

computer impazzito

Un virus si è intromesso nel tuo computer? Vuoi navigare in tutta sicurezza? Sono sicure le transazione online? Come impedire a malintenzionati di intromettersi nel tuo pc? Come proteggere i tuoi dati? Qui trovi le risposte a queste ed altre domande

Rispondi al messaggio

Re: computer impazzito

Messaggioda lenz10 » dom set 23, 2012 9:26 pm

Salve, dovrei aver fatto tutto. però il computer e sempre lento, e per di più all'avvio mi appare in un attimo una schermata che

OTL logfile created on: 23/09/2012 22.16.23 - Run 5
OTL by OldTimer - Version 3.2.64.0 Folder = C:\Documents and Settings\XP\Desktop\programmi
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 2,39 Gb Available Physical Memory | 79,67% Memory free
4,84 Gb Paging File | 4,34 Gb Available in Paging File | 89,67% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi
Drive C: | 698,63 Gb Total Space | 547,45 Gb Free Space | 78,36% Space Free | Partition Type: NTFS

Computer Name: UTENTE | User Name: XP | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\XP\Desktop\programmi\OTL(1).exe (OldTimer Tools)
PRC - C:\Programmi\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programmi\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programmi\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programmi\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programmi\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programmi\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)


========== Modules (No Company Name) ==========

MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll ()
MOD - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_278.dll ()
MOD - C:\Programmi\Mozilla Firefox\mozjs.dll ()
MOD - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\PDFShell.ITA ()
MOD - C:\Programmi\Avira\AntiVir Desktop\sqlite3.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll ()
MOD - C:\Programmi\NVIDIA Corporation\nView\nvShell.dll ()
MOD - C:\Programmi\Vtune\TBPanelExt.dll ()
MOD - C:\Programmi\WinRAR\RarExt.dll ()


========== Services (SafeList) ==========

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Programmi\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (SkypeUpdate) -- C:\Programmi\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AntiVirSchedulerService) -- C:\Programmi\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Programmi\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (nvUpdatusService) -- C:\Programmi\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (McComponentHostService) -- C:\Programmi\McAfee Security Scan\3.0.207\McCHSvc.exe (McAfee, Inc.)
SRV - (npggsvc) -- C:\WINDOWS\system32\GameMon.des (INCA Internet Co., Ltd.)
SRV - (ose) -- C:\Programmi\File comuni\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (catchme) -- C:\ComboFix\catchme.sys File not found
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (avkmgr) -- C:\WINDOWS\system32\drivers\avkmgr.sys (Avira GmbH)
DRV - (PnkBstrK) -- C:\WINDOWS\system32\drivers\PnkBstrK.sys ()
DRV - (cpuz134) -- C:\WINDOWS\system32\drivers\cpuz134_x32.sys (Windows (R) Win 7 DDK provider)
DRV - (SCREAMINGBDRIVER) -- C:\WINDOWS\system32\drivers\ScreamingBAudio.sys (Screaming Bee LLC)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (hamachi) -- C:\WINDOWS\system32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (fssfltr) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys (Microsoft Corporation)
DRV - (tmcomm) -- C:\WINDOWS\system32\drivers\tmcomm.sys (Trend Micro Inc.)
DRV - (USBModem) -- C:\WINDOWS\system32\drivers\lgusbmodem.sys (LG Electronics Inc.)
DRV - (UsbDiag) -- C:\WINDOWS\system32\drivers\lgusbdiag.sys (LG Electronics Inc.)
DRV - (usbbus) -- C:\WINDOWS\system32\drivers\lgusbbus.sys (LG Electronics Inc.)
DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia)
DRV - (nm) -- C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation)
DRV - (MPE) -- C:\WINDOWS\system32\drivers\MPE.sys (Microsoft Corporation)
DRV - (RTLWUSB) -- C:\WINDOWS\system32\drivers\wg111v2.sys (NETGEAR Inc.)
DRV - (USBSER34) -- C:\WINDOWS\system32\drivers\USBSER34.SYS (WCH)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (TBPanel) -- C:\WINDOWS\System32\drivers\TBPanel.sys (Windows (R) 2000 DDK provider)
DRV - (Cardex) -- C:\WINDOWS\system32\drivers\TBPanel.sys (Windows (R) 2000 DDK provider)
DRV - (AtcL001) -- C:\WINDOWS\system32\drivers\atl01_xp.sys (Attansic Technology corporation.)
DRV - (PAC7311) -- C:\WINDOWS\system32\drivers\PA707UCM.SYS (PixArt Imaging Inc.)
DRV - (3xHybrid) -- C:\WINDOWS\system32\drivers\3xHybrid.sys (ASUSTeK Computer Inc.)
DRV - (MTsensor) -- C:\WINDOWS\system32\drivers\ASACPI.sys ()


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}: "URL" = http://search.imgag.com/?appid=kwtb&com ... 2ab7%7d&q={searchTerms}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/sear ... rome_us&p={searchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-602162358-152049171-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-602162358-152049171-839522115-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-602162358-152049171-839522115-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?FORM=IEFM1&q={searchTerms}
IE - HKU\S-1-5-21-602162358-152049171-839522115-1004\..\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}: "URL" = http://search.imgag.com/?appid=kwtb&com ... 2ab7%7d&q={searchTerms}
IE - HKU\S-1-5-21-602162358-152049171-839522115-1004\..\SearchScopes\{66EC6837-272F-4D7C-84D9-5249C4173085}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\S-1-5-21-602162358-152049171-839522115-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GPEA_it
IE - HKU\S-1-5-21-602162358-152049171-839522115-1004\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/sear ... rome_us&p={searchTerms}
IE - HKU\S-1-5-21-602162358-152049171-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-602162358-152049171-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

IE - HKU\S-1-5-21-602162358-152049171-839522115-1010\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

========== FireFox ==========

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_278.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programmi\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Programmi\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programmi\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programmi\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Programmi\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Programmi\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Programmi\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\Documents and Settings\All Users\Dati applicazioni\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\Documents and Settings\All Users\Dati applicazioni\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@nielsen/FirefoxTracker: C:\Programmi\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\npfirefoxtracker.dll File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Programmi\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\Documents and Settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\Documents and Settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@rsj.de/prodown: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programmi\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programmi\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programmi\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\XP\Impostazioni locali\Dati applicazioni\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\XP\Impostazioni locali\Dati applicazioni\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\toolbar@kiwee.com: C:\Programmi\Kiwee Toolbar\2.8.167\firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\netsight@nielsen.com: C:\Programmi\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\netsight@nielsen.xpi
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\Documents and Settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/09/14 21.48.24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Programmi\Mozilla Firefox\components [2012/09/15 22.52.05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Programmi\Mozilla Firefox\plugins [2012/09/14 21.48.40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Programmi\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2012/09/22 21.35.07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\XP\Dati applicazioni\Mozilla\Extensions
[2012/09/21 21.00.35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\XP\Dati applicazioni\Mozilla\Firefox\Profiles\d7jp5i3j.default\extensions
[2012/09/06 03.26.03 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Programmi\mozilla firefox\components\browsercomps.dll
[2010/07/17 05.00.04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programmi\mozilla firefox\plugins\npdeployJava1.dll
[2012/09/14 21.48.01 | 000,129,176 | ---- | M] (RealPlayer) -- C:\Programmi\mozilla firefox\plugins\nprpplugin.dll
[2012/09/06 06.44.22 | 000,001,393 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\amazon-it.xml
[2012/09/06 06.44.22 | 000,002,465 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\bing.xml
[2012/09/06 06.44.22 | 000,000,744 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\eBay-it.xml
[2012/09/06 06.44.23 | 000,000,817 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\hoepli.xml
[2012/09/06 06.44.23 | 000,001,182 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\wikipedia-it.xml
[2012/09/06 06.44.23 | 000,000,953 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\yahoo-it.xml

========== Chrome ==========

CHR - homepage: http://home.sweetim.com/?st=6&barid={8763788C-0B48-11DE-B3D5-001E8C782AB7}
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://home.sweetim.com/?st=6&barid={8763788C-0B48-11DE-B3D5-001E8C782AB7}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\XP\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\XP\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\21.0.1180.89\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\XP\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Babylon Chrome Plugin (Enabled) = C:\Documents and Settings\XP\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.4_0\BabylonChromePI.dll
CHR - plugin: Interest Recognizer for Freetvradio (Enabled) = C:\Documents and Settings\XP\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\oohnlejpdjjmpndgdpcicjiajhmgeoma\3.4.1545.153_0\freetvradio_air_chrome.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Programmi\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.210.7 (Enabled) = C:\Programmi\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U21 (Enabled) = C:\Programmi\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Programmi\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Programmi\Microsoft\Office Live\npOLW.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Programmi\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Programmi\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealJukebox nostro Plugin (Enabled) = C:\Programmi\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Microsoft\u00C2\u00AE DRM (Enabled) = C:\Programmi\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00C2\u00AE DRM (Enabled) = C:\Programmi\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Programmi\Windows Media Player\npdsplay.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\Documents and Settings\All Users\Dati applicazioni\NexonEU\NGM\npNxGameeu.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\Documents and Settings\All Users\Dati applicazioni\NexonUS\NGM\npNxGameUS.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Documents and Settings\XP\Impostazioni locali\Dati applicazioni\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\XP\Impostazioni locali\Dati applicazioni\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Programmi\DivX\DivX Player\npDivxPlayerPlugin.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Programmi\DivX\DivX Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Programmi\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: IAHGames (Enabled) = C:\Programmi\IAHgames\Playfast\npiahpd.dll
CHR - plugin: Windows Live\u00C2\u00AE Photo Gallery (Enabled) = C:\Programmi\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Programmi\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

O1 HOSTS File: ([2012/09/20 20.28.44 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Guida per l'accesso a Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O4 - HKLM..\Run: [avgnt] C:\Programmi\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] c:\Programmi\File comuni\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [DWQueuedReporting] c:\Programmi\File comuni\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-602162358-152049171-839522115-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-602162358-152049171-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-602162358-152049171-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-602162358-152049171-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-602162358-152049171-839522115-1010\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-602162358-152049171-839522115-1010\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/ms ... b56986.cab (Checkers Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/IT-IT/a-U ... E_UNO1.cab (UnoCtrl Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windows ... 2539706328 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/Me ... b56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C8E294BD-E037-4726-B64A-3CD53EB37C22}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programmi\File comuni\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programmi\File comuni\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programmi\File comuni\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programmi\File comuni\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programmi\File comuni\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 () - http://static.ak.fbcdn.net/rsrc.php/v1/ ... l244wt.png
O24 - Desktop Components:1 (Pagina iniziale corrente) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\XP\Dati applicazioni\Mozilla\Firefox\Sfondo del desktop.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\XP\Dati applicazioni\Mozilla\Firefox\Sfondo del desktop.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/01/21 12.04.12 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 60 Days ==========

[2012/09/23 21.59.22 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\XP\Recent
[2012/09/21 20.40.02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Desktop\nuovi 2
[2012/09/20 21.21.35 | 002,212,440 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\XP\Desktop\tdsskiller(3).exe
[2012/09/20 20.51.13 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/09/20 20.44.28 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/09/20 20.21.31 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/09/20 20.21.28 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012/09/20 20.10.52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Desktop\nuovi
[2012/09/19 19.13.08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Desktop\programmi
[2012/09/19 18.10.17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Desktop\olt
[2012/09/19 18.07.15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Desktop\2 scans. tdsskiller
[2012/09/19 18.00.16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Desktop\rapporto combofix
[2012/09/19 17.54.07 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012/09/19 17.36.51 | 000,000,000 | ---D | C] -- C:\Nuova cartella
[2012/09/19 17.19.11 | 004,754,465 | R--- | C] (Swearware) -- C:\Documents and Settings\XP\Desktop\ComboFix.exe
[2012/09/19 16.56.25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Desktop\tdsskiler
[2012/09/18 11.42.38 | 000,000,000 | R--D | C] -- C:\Programmi\Skype
[2012/09/18 11.42.38 | 000,000,000 | ---D | C] -- C:\Programmi\File comuni\Skype
[2012/09/18 11.42.38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Skype
[2012/09/17 20.53.53 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/09/17 20.53.53 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/09/17 20.53.53 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/09/17 20.53.17 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/09/17 20.53.06 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2012/09/15 22.52.05 | 000,000,000 | ---D | C] -- C:\Programmi\Mozilla Maintenance Service
[2012/09/14 22.18.22 | 000,521,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2012/09/14 21.48.27 | 000,000,000 | ---D | C] -- C:\Programmi\File comuni\xing shared
[2012/09/14 17.38.00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Dati applicazioni\Avira
[2012/09/14 17.32.43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Avira
[2012/09/14 17.32.32 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2012/09/14 17.32.30 | 000,137,928 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2012/09/14 17.32.30 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avkmgr.sys
[2012/09/14 17.32.29 | 000,000,000 | ---D | C] -- C:\Programmi\Avira
[2012/09/14 17.32.29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Avira
[2012/09/14 17.16.02 | 000,000,000 | --SD | C] -- C:\Documents and Settings\XP\Documenti\Passwords Database
[2012/09/14 17.05.40 | 000,038,656 | R--- | C] (Attansic Technology corporation.) -- C:\WINDOWS\System32\drivers\atl01_xp.sys
[2012/09/14 17.02.41 | 000,012,256 | ---- | C] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\System32\drivers\TBPanel.sys
[2012/09/14 17.02.41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Vtune
[2012/09/14 17.02.40 | 000,000,000 | ---D | C] -- C:\Programmi\Vtune
[2012/09/13 23.59.32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Impostazioni locali\Dati applicazioni\PCHealth
[2012/09/13 21.59.43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\CCleaner
[2012/09/13 21.59.42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Desktop\cleaner
[2012/09/13 12.05.24 | 010,524,080 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\XP\Desktop\mbam-setup-1.65.0.1400.exe
[2012/09/13 12.05.09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Dati applicazioni\Malwarebytes
[2012/09/13 12.04.58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Malwarebytes
[2012/09/12 22.26.10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Dati applicazioni\Origin
[2012/09/12 22.26.09 | 000,000,000 | ---D | C] -- C:\Programmi\Origin Games
[2012/09/12 22.26.07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Impostazioni locali\Dati applicazioni\Origin
[2012/09/12 22.22.50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Origin
[2012/09/12 22.22.44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Origin
[2012/09/12 22.22.30 | 000,000,000 | ---D | C] -- C:\Programmi\Origin
[2012/09/12 20.22.35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Desktop\copia computer
[2012/09/12 20.21.26 | 000,000,000 | ---D | C] -- C:\Programmi\Trend Micro
[2012/09/12 20.21.26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Menu Avvio\Programmi\HiJackThis
[2012/09/10 21.18.23 | 000,000,000 | R--D | C] -- C:\Backup
[2012/09/10 21.17.50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data
[2012/09/10 21.16.53 | 000,039,352 | ---- | C] (Infowatch) -- C:\WINDOWS\System32\drivers\CSVirtualDiskDrv.sys
[2012/09/10 21.16.52 | 000,088,632 | ---- | C] (Infowatch) -- C:\WINDOWS\System32\drivers\CSCrySec.sys
[2012/09/10 21.16.09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Lab
[2012/09/09 19.05.23 | 000,000,000 | ---D | C] -- C:\Programmi\Mozilla Firefox
[2012/09/04 09.36.07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Desktop\colore porta finestre
[2012/09/03 18.40.14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Desktop\foto angela
[2012/08/19 21.55.54 | 000,000,000 | --SD | C] -- C:\Documents and Settings\XP\Desktop\roberto
[2012/08/19 21.14.08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Impostazioni locali\Dati applicazioni\Nero
[2012/08/17 20.05.23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Desktop\tunis
[2012/07/27 16.45.45 | 000,000,000 | ---D | C] -- C:\D

========== Files - Modified Within 60 Days ==========

[2012/09/23 22.06.28 | 000,001,126 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/09/23 22.06.27 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-18.job
[2012/09/23 22.06.27 | 000,000,264 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-602162358-152049171-839522115-1004.job
[2012/09/23 22.06.25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/09/23 22.04.00 | 000,001,130 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/09/23 22.03.01 | 000,270,192 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/09/23 21.49.49 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012/09/23 21.49.00 | 000,001,230 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-602162358-152049171-839522115-1004UA.job
[2012/09/23 21.45.27 | 000,000,558 | ---- | M] () -- C:\WINDOWS\DFC.INI
[2012/09/23 21.29.16 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-602162358-152049171-839522115-1004.job
[2012/09/23 08.27.15 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/09/22 22.30.45 | 000,533,484 | ---- | M] () -- C:\WINDOWS\System32\perfh010.dat
[2012/09/22 22.30.45 | 000,485,042 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/09/22 22.30.45 | 000,095,326 | ---- | M] () -- C:\WINDOWS\System32\perfc010.dat
[2012/09/22 22.30.45 | 000,081,056 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/09/22 21.23.50 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/09/21 16.49.00 | 000,001,178 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-602162358-152049171-839522115-1004Core.job
[2012/09/20 21.27.58 | 000,696,240 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012/09/20 21.27.58 | 000,073,136 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/09/20 21.21.42 | 002,212,440 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\XP\Desktop\tdsskiller(3).exe
[2012/09/20 20.28.44 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/09/20 20.15.01 | 004,754,465 | R--- | M] (Swearware) -- C:\Documents and Settings\XP\Desktop\ComboFix.exe
[2012/09/19 18.43.00 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012/09/16 12.12.54 | 000,000,122 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\Tag già presente.url
[2012/09/15 22.52.07 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012/09/15 21.12.05 | 000,000,824 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.new
[2012/09/14 21.48.36 | 000,000,773 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2012/09/14 21.48.16 | 000,198,864 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll
[2012/09/14 21.47.59 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll
[2012/09/14 21.47.59 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll
[2012/09/14 21.47.56 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll
[2012/09/14 21.35.01 | 000,198,656 | ---- | M] () -- C:\Documents and Settings\XP\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/09/14 19.41.46 | 000,002,419 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\HiJackThis.lnk
[2012/09/14 17.32.43 | 000,001,671 | ---- | M] () -- C:\Documents and Settings\XP\Documenti\Avira Control Center.lnk
[2012/09/14 17.04.33 | 000,015,121 | ---- | M] () -- C:\WINDOWS\Ascd_tmp.ini
[2012/09/13 21.59.43 | 000,000,695 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2012/09/13 21.56.31 | 000,000,229 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\Search the Web.url
[2012/09/13 12.04.02 | 010,524,080 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\XP\Desktop\mbam-setup-1.65.0.1400.exe
[2012/09/12 22.22.44 | 000,000,626 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Origin.lnk
[2012/09/12 10.13.44 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\XP\Documenti\HiJackThis.msi
[2012/09/10 21.19.03 | 000,017,408 | ---- | M] () -- C:\Documents and Settings\XP\Impostazioni locali\Dati applicazioni\WebpageIcons.db
[2012/09/10 21.13.30 | 000,001,912 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2012/09/04 21.46.31 | 000,002,327 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\Google Chrome.lnk

========== Files Created - No Company Name ==========

[2012/09/23 22.03.01 | 000,270,192 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/09/19 17.54.11 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2012/09/19 17.54.09 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2012/09/17 20.53.53 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/09/17 20.53.53 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/09/17 20.53.53 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/09/17 20.53.53 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/09/17 20.53.53 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/09/16 13.50.57 | 000,921,654 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\IMG_0036.bmp
[2012/09/16 12.12.54 | 000,000,122 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\Tag già presente.url
[2012/09/15 22.52.07 | 000,000,702 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Mozilla Firefox.lnk
[2012/09/15 22.52.07 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012/09/14 22.16.37 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/09/14 22.16.37 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012/09/14 21.48.36 | 000,000,773 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2012/09/14 21.11.30 | 000,002,327 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\Google Chrome.lnk
[2012/09/14 17.32.43 | 000,001,671 | ---- | C] () -- C:\Documents and Settings\XP\Documenti\Avira Control Center.lnk
[2012/09/14 17.12.51 | 000,000,558 | ---- | C] () -- C:\WINDOWS\DFC.INI
[2012/09/14 17.04.32 | 000,015,121 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2012/09/13 21.59.43 | 000,000,695 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2012/09/13 21.56.31 | 000,000,229 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\Search the Web.url
[2012/09/12 22.22.44 | 000,000,626 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Origin.lnk
[2012/09/12 20.21.26 | 000,002,419 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\HiJackThis.lnk
[2012/09/12 20.20.56 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\XP\Documenti\HiJackThis.msi
[2012/09/10 21.19.02 | 000,017,408 | ---- | C] () -- C:\Documents and Settings\XP\Impostazioni locali\Dati applicazioni\WebpageIcons.db
[2012/06/23 20.01.13 | 000,270,094 | ---- | C] () -- C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\WPFFontCache_v0400-S-1-5-21-602162358-152049171-839522115-1004-0.dat
[2012/06/23 16.11.23 | 000,270,094 | ---- | C] () -- C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\WPFFontCache_v0400-System.dat
[2012/06/17 18.02.21 | 000,000,153 | ---- | C] () -- C:\WINDOWS\ACROREAD.INI
[2011/08/29 14.28.02 | 000,001,017 | ---- | C] () -- C:\WINDOWS\FOE2.ini
[2011/07/22 19.52.08 | 000,000,058 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2011/05/21 07.01.00 | 002,130,002 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2010/10/12 12.44.34 | 000,285,712 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010/10/12 12.44.31 | 000,285,712 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010/10/12 12.44.31 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010/10/03 17.58.54 | 000,138,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010/10/03 17.58.53 | 000,139,152 | ---- | C] () -- C:\Documents and Settings\XP\Dati applicazioni\PnkBstrK.sys
[2010/10/03 17.58.34 | 000,214,592 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2010/10/03 17.58.34 | 000,075,064 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2010/10/03 17.58.32 | 000,794,408 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe
[2010/04/25 13.39.59 | 000,000,298 | ---- | C] () -- C:\Documents and Settings\XP\UnifiedToolbarCleanup.bat
[2009/01/23 21.23.27 | 000,198,656 | ---- | C] () -- C:\Documents and Settings\XP\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/21 21.51.52 | 000,000,131 | ---- | C] () -- C:\Documents and Settings\XP\Impostazioni locali\Dati applicazioni\fusioncache.dat

========== ZeroAccess Check ==========

[2009/01/21 21.13.29 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

========== LOP Check ==========

[2012/06/18 19.17.55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Common Files
[2012/09/13 23.31.13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Electronic Arts
[2009/03/11 17.03.09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\IM
[2009/03/11 17.02.16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\IncrediMail
[2010/02/17 21.10.48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\IObit
[2010/06/29 21.20.56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Nexon
[2010/06/10 11.19.44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\NexonEU
[2009/10/25 21.00.22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\NexonUS
[2012/09/12 22.27.46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Origin
[2009/08/17 17.19.01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Pinnacle
[2009/08/17 17.21.22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Pinnacle VideoSpin
[2009/02/25 18.13.47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\ScanSoft
[2010/08/08 17.35.08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Screaming Bee
[2010/04/28 15.47.57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Sony
[2010/09/01 09.41.38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Tencent
[2009/05/20 21.13.16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\TomTom
[2010/01/10 23.08.25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\TuneUp Software
[2009/07/12 23.51.00 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dati applicazioni\{55A29068-F2CE-456C-9148-C869879E2357}
[2010/01/10 23.08.17 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dati applicazioni\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2010/01/12 21.28.56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dati applicazioni\TuneUp Software
[2011/09/19 20.37.02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dati applicazioni\ts3overlay
[2012/04/05 22.38.06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dati applicazioni\BitTorrent
[2009/03/11 18.36.08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dati applicazioni\FunkyEmoticons
[2011/08/19 21.29.42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dati applicazioni\GetRightToGo
[2010/02/17 11.16.51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dati applicazioni\IObit
[2009/03/07 22.10.08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dati applicazioni\live-player
[2011/07/23 13.53.48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dati applicazioni\Need for Speed World
[2012/06/30 19.02.36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dati applicazioni\ooVoo Details
[2012/09/12 22.27.02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dati applicazioni\Origin
[2009/02/01 18.58.10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dati applicazioni\PC-FAX TX
[2011/05/06 20.10.56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dati applicazioni\PointBlank
[2010/01/06 15.53.23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dati applicazioni\PPMate
[2010/07/20 15.08.17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dati applicazioni\Publish Providers
[2010/07/20 22.53.57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dati applicazioni\ScanSoft
[2010/08/08 17.29.52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dati applicazioni\Screaming Bee
[2010/07/20 15.08.15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dati applicazioni\Sony
[2010/04/28 15.35.37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dati applicazioni\Sony Setup
[2012/07/17 21.38.48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dati applicazioni\TeamViewer
[2010/09/01 09.41.38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dati applicazioni\Tencent
[2009/05/20 21.13.00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dati applicazioni\TomTom
[2011/05/23 21.08.20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dati applicazioni\TS3Client
[2011/08/31 21.23.48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dati applicazioni\ts3overlay
[2009/07/12 17.23.16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dati applicazioni\TuneUp Software
[2012/04/05 21.11.02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dati applicazioni\uTorrent
[2009/08/16 17.14.34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dati applicazioni\WeGame
[2012/07/23 12.36.17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dati applicazioni\YourFileDownloader

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2010/06/29 21.20.56 | 000,000,000 | ---D | M](C:\Documents and Settings\XP\Documenti\?? ???) -- C:\Documents and Settings\XP\Documenti\넥슨 플러그
[2010/06/29 21.20.56 | 000,000,000 | ---D | C](C:\Documents and Settings\XP\Documenti\?? ???) -- C:\Documents and Settings\XP\Documenti\넥슨 플러그

< End of report >
sembra simile a quella che appare quando si formatta il computer, cioè con la prima riga che dice:selezionare il sistema operativo da avviare. forse ho fatto qualche fesseria. a presto.
Avatar utente
lenz10
Neo Iscritto
Neo Iscritto
 
Messaggi: 22
Iscritto il: mer set 12, 2012 11:32 am
Top

Re: computer impazzito

Messaggioda stevens » dom set 23, 2012 9:40 pm

non tccare nulla finisci con incasinarlo quel pc

per pura curiosita'.....ma cosa c'e' in questa cartella [:D]

C:\Documents and Settings\XP\Documenti\넥슨 플러그
Avatar utente
stevens
Bronze Member
Bronze Member
 
Messaggi: 678
Iscritto il: mer feb 18, 2009 1:39 pm
Top

Re: computer impazzito

Messaggioda stevens » lun set 24, 2012 10:36 am

bisogna stare attenti quando si installa qualche software soprattutto quelli che ''promettono'' come live-player e che invece installano malware a non finire...rimuovi anche tutto cio' che riguarda Nexon Game Controller sembrerebbe uno spyware che controlla mentre giochi (non l'ho messo nelle eliminazioni)

apri OTL e copia questo script



:OTL
SRV - (npggsvc) -- C:\WINDOWS\system32\GameMon.des (INCA Internet Co., Ltd.)
DRV - (catchme) -- C:\ComboFix\catchme.sys File not found
IE - HKLM\..\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}: "URL" = http://search.imgag.com/?appid=kwtb&com ... 2ab7%7d&q={searchTerms}
IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/sear ... rome_us&p={searchTerms}
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-602162358-152049171-839522115-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-602162358-152049171-839522115-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?FORM=IEFM1&q={searchTerms}
IE - HKU\S-1-5-21-602162358-152049171-839522115-1004\..\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}: "URL" = http://search.imgag.com/?appid=kwtb&com ... 2ab7%7d&q={searchTerms}
IE - HKU\S-1-5-21-602162358-152049171-839522115-1004\..\SearchScopes\{66EC6837-272F-4D7C-84D9-5249C4173085}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\S-1-5-21-602162358-152049171-839522115-1004\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/sear ... rome_us&p={searchTerms}
IE - HKU\S-1-5-21-602162358-152049171-839522115-1010\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@nielsen/FirefoxTracker: C:\Programmi\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\npfirefoxtracker.dll File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Programmi\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\toolbar@kiwee.com: C:\Programmi\Kiwee Toolbar\2.8.167\firefox
[2012/09/22 21.35.07 | 000,000,000 | ---D | M] (No name found) --
CHR - homepage: http://home.sweetim.com/?st=6&barid={8763788C-0B48-11DE-B3D5-001E8C782AB7}
CHR - homepage: http://home.sweetim.com/?st=6&barid={8763788C-0B48-11DE-B3D5-001E8C782AB7}
CHR - plugin: Babylon Chrome Plugin (Enabled) = C:\Documents and Settings\XP\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.4_0\BabylonChromePI.dll
[2012/09/20 20.21.28 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012/09/19 16.56.25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Desktop\tdsskiler
[2012/09/17 20.53.17 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/09/17 20.53.06 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2012/09/20 21.21.42 | 002,212,440 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\XP\Desktop\tdsskiller(3).exe
[2012/09/20 20.15.01 | 004,754,465 | R--- | M] (Swearware) -- C:\Documents and Settings\XP\Desktop\ComboFix.exe
[2012/09/17 20.53.53 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/09/17 20.53.53 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/09/17 20.53.53 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/09/17 20.53.53 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/09/17 20.53.53 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/03/07 22.10.08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dati applicazioni\live-player

:Files
ipconfig /flushdns /c

:commands
[Reboot]

clicca su run fix e posta il log che rilascia
Avatar utente
stevens
Bronze Member
Bronze Member
 
Messaggi: 678
Iscritto il: mer feb 18, 2009 1:39 pm
Top
Top

Re: computer impazzito

Messaggioda lenz10 » lun set 24, 2012 8:42 pm

Salve, per quanto riguarda le cartelle C:\Documents and Settings\XP\Documenti\, c'è un po' di tutto giochi, progammi vari e molti file che non so cosa siano.questo "Nexon Game Controller" dove lo trovo?. Ecco la scansione di OLT:========== OTL ==========
Service npggsvc stopped successfully!
Service npggsvc deleted successfully!
C:\WINDOWS\system32\GameMon.des moved successfully.
Service catchme stopped successfully!
Service catchme deleted successfully!
File C:\ComboFix\catchme.sys File not found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-21-602162358-152049171-839522115-1004\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-602162358-152049171-839522115-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-602162358-152049171-839522115-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}\ not found.
Registry key HKEY_USERS\S-1-5-21-602162358-152049171-839522115-1004\Software\Microsoft\Internet Explorer\SearchScopes\{66EC6837-272F-4D7C-84D9-5249C4173085}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{66EC6837-272F-4D7C-84D9-5249C4173085}\ not found.
Registry key HKEY_USERS\S-1-5-21-602162358-152049171-839522115-1004\Software\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
HKEY_USERS\S-1-5-21-602162358-152049171-839522115-1010\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@nielsen/FirefoxTracker\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\toolbar@kiwee.com deleted successfully.
File C:\Programmi\Kiwee Toolbar\2.8.167\firefox not found.
Folder 12/09/22 21.35.07 | 000,000,000 | ---D | M] (No name found) --\ not found.
Use Chrome's Settings page to change the HomePage.
Use Chrome's Settings page to change the HomePage.
File C:\Documents and Settings\XP\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.4_0\BabylonChromePI.dll not found.
C:\ComboFix folder moved successfully.
C:\Documents and Settings\XP\Desktop\tdsskiler folder moved successfully.
C:\Qoobox\Quarantine\Registry_backups folder moved successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\URTTemp folder moved successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\dllcache folder moved successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32 folder moved successfully.
C:\Qoobox\Quarantine\C\WINDOWS folder moved successfully.
C:\Qoobox\Quarantine\C\Programmi\QUAD Utilities folder moved successfully.
C:\Qoobox\Quarantine\C\Programmi folder moved successfully.
C:\Qoobox\Quarantine\C\Documents and Settings\XP\WINDOWS folder moved successfully.
C:\Qoobox\Quarantine\C\Documents and Settings\XP\Impostazioni locali\Dati applicazioni\ServUpdater\settings folder moved successfully.
C:\Qoobox\Quarantine\C\Documents and Settings\XP\Impostazioni locali\Dati applicazioni\ServUpdater folder moved successfully.
C:\Qoobox\Quarantine\C\Documents and Settings\XP\Impostazioni locali\Dati applicazioni folder moved successfully.
C:\Qoobox\Quarantine\C\Documents and Settings\XP\Impostazioni locali folder moved successfully.
C:\Qoobox\Quarantine\C\Documents and Settings\XP\Documenti\Downloads folder moved successfully.
C:\Qoobox\Quarantine\C\Documents and Settings\XP\Documenti folder moved successfully.
C:\Qoobox\Quarantine\C\Documents and Settings\XP folder moved successfully.
C:\Qoobox\Quarantine\C\Documents and Settings\All Users\Dati applicazioni\TEMP folder moved successfully.
C:\Qoobox\Quarantine\C\Documents and Settings\All Users\Dati applicazioni folder moved successfully.
C:\Qoobox\Quarantine\C\Documents and Settings\All Users folder moved successfully.
C:\Qoobox\Quarantine\C\Documents and Settings folder moved successfully.
C:\Qoobox\Quarantine\C\CFLog folder moved successfully.
C:\Qoobox\Quarantine\C folder moved successfully.
C:\Qoobox\Quarantine folder moved successfully.
Folder move failed. C:\Qoobox\BackEnv scheduled to be moved on reboot.
C:\Qoobox folder moved successfully.
C:\WINDOWS\erdnt\subs\Users\00000008 folder moved successfully.
C:\WINDOWS\erdnt\subs\Users\00000007 folder moved successfully.
C:\WINDOWS\erdnt\subs\Users\00000006 folder moved successfully.
C:\WINDOWS\erdnt\subs\Users\00000005 folder moved successfully.
C:\WINDOWS\erdnt\subs\Users\00000004 folder moved successfully.
C:\WINDOWS\erdnt\subs\Users\00000003 folder moved successfully.
C:\WINDOWS\erdnt\subs\Users\00000002 folder moved successfully.
C:\WINDOWS\erdnt\subs\Users\00000001 folder moved successfully.
C:\WINDOWS\erdnt\subs\Users folder moved successfully.
C:\WINDOWS\erdnt\subs folder moved successfully.
C:\WINDOWS\erdnt\Hiv-backup\Users\00000008 folder moved successfully.
C:\WINDOWS\erdnt\Hiv-backup\Users\00000007 folder moved successfully.
C:\WINDOWS\erdnt\Hiv-backup\Users\00000006 folder moved successfully.
C:\WINDOWS\erdnt\Hiv-backup\Users\00000005 folder moved successfully.
C:\WINDOWS\erdnt\Hiv-backup\Users\00000004 folder moved successfully.
C:\WINDOWS\erdnt\Hiv-backup\Users\00000003 folder moved successfully.
C:\WINDOWS\erdnt\Hiv-backup\Users\00000002 folder moved successfully.
C:\WINDOWS\erdnt\Hiv-backup\Users\00000001 folder moved successfully.
C:\WINDOWS\erdnt\Hiv-backup\Users folder moved successfully.
C:\WINDOWS\erdnt\Hiv-backup folder moved successfully.
C:\WINDOWS\erdnt\cache folder moved successfully.
C:\WINDOWS\erdnt folder moved successfully.
C:\Documents and Settings\XP\Desktop\tdsskiller(3).exe moved successfully.
C:\Documents and Settings\XP\Desktop\ComboFix.exe moved successfully.
C:\WINDOWS\PEV.exe moved successfully.
C:\WINDOWS\MBR.exe moved successfully.
C:\WINDOWS\sed.exe moved successfully.
C:\WINDOWS\grep.exe moved successfully.
C:\WINDOWS\zip.exe moved successfully.
C:\Documents and Settings\XP\Dati applicazioni\live-player folder moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Configurazione IP di Windows
Svuotata la cache del resolver DNS.
C:\Documents and Settings\XP\Desktop\programmi\cmd.bat deleted successfully.
C:\Documents and Settings\XP\Desktop\programmi\cmd.txt deleted successfully.
========== COMMANDS ==========

OTL by OldTimer - Version 3.2.64.0 log created on 09242012_212046

Files\Folders moved on Reboot...
File\Folder C:\Qoobox\BackEnv not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
grazie a presto
Avatar utente
lenz10
Neo Iscritto
Neo Iscritto
 
Messaggi: 22
Iscritto il: mer set 12, 2012 11:32 am
Top

Re: computer impazzito

Messaggioda stevens » lun set 24, 2012 8:51 pm

quelle cartelle non so cosa contengono sono sul tuo pc potrebbe esserci qualcosa di interessante, controllale e riferisci

per Nexon Game Controller = > leggi
ma adesso il pc e' migliorato no
Avatar utente
stevens
Bronze Member
Bronze Member
 
Messaggi: 678
Iscritto il: mer feb 18, 2009 1:39 pm
Top

Re: computer impazzito

Messaggioda lenz10 » mar set 25, 2012 6:15 pm

salve, il computer e migliorato, all'avvio è più veloce rispetto a prima, a parte quella famosa schermata che appare all'inizio che per il momento comuque non crea alcun prlema, si può ignorare. gazie di tutto a presto
Avatar utente
lenz10
Neo Iscritto
Neo Iscritto
 
Messaggi: 22
Iscritto il: mer set 12, 2012 11:32 am
Top

Re: computer impazzito

Messaggioda stevens » mar set 25, 2012 6:37 pm

puoi postare uno screen della schermata che ti appare?
Avatar utente
stevens
Bronze Member
Bronze Member
 
Messaggi: 678
Iscritto il: mer feb 18, 2009 1:39 pm
Top

Re: computer impazzito

Messaggioda lenz10 » mer set 26, 2012 11:17 am

salve, ho copiato il link e ho trovato l'mmagine, sarebbe la seconda,ciao
http://www.mad4games.it/forum/showthread.php?t=25817
Avatar utente
lenz10
Neo Iscritto
Neo Iscritto
 
Messaggi: 22
Iscritto il: mer set 12, 2012 11:32 am
Top
Precedente
Rispondi al messaggio

Torna a Sicurezza

Chi c’è in linea

Visitano il forum: Nessuno e 64 ospiti

Powered by phpBB © 2002, 2005, 2007, 2008 phpBB Group
Traduzione Italiana phpBB.it

megalab.it: testata telematica quotidiana registrata al Tribunale di Cosenza n. 22/09 del 13.08.2009, editore Master New Media S.r.l.; © Copyright 2008 Master New Media S.r.l. a socio unico - P.I. 02947530784. GRUPPO EDIZIONI MASTER Spa Tutti i diritti sono riservati. Per la pubblicità: Master Advertising