ora apri OTL che ti ho fatto scaricare prima e copia sotto "Custom Scans\Fixes" questo testo in verde
clicca su RUN FIX:OTL
PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
PRC - C:\Users\Public\Documents\AppData\PoApp\PService.e xe (PService)
SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (SoftwareUpd) -- C:\Users\Francesca\AppData\Local\SoftwareUpdater\S oftwareUpdService.exe (SoftwareUpdService)
SRV - (PowerOffer Service) -- C:\Users\Francesca\AppData\Local\PosService\Pos.ex e (PowerOfferService)
SRV - (ServUpdater) -- C:\Users\Francesca\AppData\Local\ServUpdater\Servi ceUpd.exe (ServiceUpd)
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2101}: "URL" = http://dts.search-results.com/sr?src...id=101&sr=0&q={searchTerms}
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
IE - HKU\S-1-5-21-1365858849-3938420901-3356344918-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/martview/{C1F2F98F-BF32-4525-B551-A8FEF849F678}
IE - HKU\S-1-5-21-1365858849-3938420901-3356344918-1001\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2101}: "URL" = http://dts.search-results.com/sr?src...id=101&sr=0&q={searchTerms}
FF - user.js - File not found
[2012/05/20 23:42:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Francesca\AppData\Roaming\mozilla\Extensi ons
[2012/05/22 15:31:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Francesca\AppData\Roaming\mozilla\Firefox \Profiles\g8kndn31.default\extensions
[2012/10/23 22:43:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Francesca\AppData\Roaming\mozilla\Firefox \Profiles\v150s3sr.default\extensions
[2012/10/17 00:39:03 | 000,005,411 | ---- | M] () (No name found) -- C:\Users\Francesca\AppData\Roaming\mozilla\firefox \profiles\v150s3sr.default\extensions\507de3ac8bda 4@507de3ac8bddd.com.xpi
[2012/10/20 18:15:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [PosService] C:\Users\Public\Documents\AppData\PoApp\PLauncher. exe (PLauncher)
O4 - HKU\S-1-5-21-1365858849-3938420901-3356344918-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O8:64bit: - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~2\MICROS~4\OFFICE11\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: I&nvia a OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~2\MICROS~4\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: I&nvia a OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\datamn gr.dll) - C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\datamng r.dll (MusicLab, LLC)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\IEBHO. dll) - C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\IEBHO.d ll (MusicLab, LLC)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[2012/05/10 22:40:01 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/05/10 22:40:01 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/05/10 22:40:01 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/05/10 22:40:01 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/05/10 22:40:01 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/05/29 01:21:51 | 000,000,000 | ---D | M] -- C:\Users\Francesca\AppData\Roaming\EmoticoonsToolb ar
@Alternate Data Stream - 142 bytes -> C:\ProgramData\Temp:5925E400
@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:0B4227B4
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:C46995DA
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:5D458568
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:798A3728
:files
C:\Windows\hpoins46.dat.temp
C:\Windows\hpomdl46.dat.temp
C:\Windows\hpomdl46.dat
C:\Windows\hpoins46.dat
ipconfig /flushdns /c
:commands
[purity]
[Reboot]
attendi.......
posta il log che rilascia, poi riesegui OTL come prima
allega i due log
una cosa: questa cartella se non la conosci, eliminala
C:\79bf70c31cbceab4c4b0
Rispondi quotando