slimmy_sx1

Utenti

Visualizza profilo Vedi la sua attività

Numero contenuti
20
Iscritto
January 14, 2007
Ultima visita
February 9, 2009

Su slimmy_sx1

Livello
Iniziato

Contact Methods

Website URL
http://

Profile Information

Interessi
..i'm intrested in Music, specially Punkrock music...and yeah,i play in a band called greY Fox

Problema Browser E Pc Lenti

slimmy_sx1 ha aggiunto un topic in HiJackThis - Posta qui i Log

ciao ragazzi, come da titolo, il mio problema sta nella lentezza del pc, soprattutto nel caricamento di buffer di siti come youtube ecc ecc vi allego il lod di hijackthis e quello di kaspersky Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19.24.15, on 20/01/2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\DigitalPersona\Bin\DpAgent.exe C:\Program Files\Synaptics\SynTP\SynTPStart.exe C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Hp\QuickPlay\QPService.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Google\Gmail Notifier\gnotify.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Windows\System32\rundll32.exe C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe C:\Program Files\Windows Sidebar\sidebar.exe c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Skype\Phone\Skype.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Users\alessandro\AppData\Local\Google\Update\GoogleUpdate.exe C:\Users\alessandro\Desktop\Nuova cartella\DAEMON Tools Lite\daemon.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Windows\ehome\ehmsas.exe C:\Windows\System32\rundll32.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\System32\mobsync.exe C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\NOTEPAD.EXE c:\users\alessandro\Downloads\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://smart-antivirus2009-buy.com/buy.php?aff=1005 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll O4 - HKLM\..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe O4 - HKLM\..\Run: [sMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe" O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0" O4 - HKLM\..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\dpagent.exe O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [EnSrv] C:\ProgramData\EnSrv\dyraxaju.exe O4 - HKCU\..\Run: [AhLTHKynih] C:\ProgramData\ahyjavof\uzqpedwp.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [lphcvu3j0eccu] C:\Windows\system32\lphcvu3j0eccu.exe O4 - HKCU\..\Run: [Run] "C:\Users\alessandro\AppData\Roaming\Adobe\Manager.exe" O4 - HKCU\..\Run: [smart Antivirus-2009.exe] C:\Program Files\Smart Antivirus 2009\Smart Antivirus-2009.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\alessandro\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Users\alessandro\Desktop\Nuova cartella\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIZIO LOCALE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVIZIO LOCALE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIZIO DI RETE') O4 - Global Startup: BTTray.lnk = ? O8 - Extra context menu item: &AOL Toolbar Cerca - c:\program files\aol\aol toolbar 5.0\resources\it-it\local\search.html O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Invia immagine alla periferica &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Invia pagina alla periferica &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O13 - Gopher Prefix: O17 - HKLM\System\CCS\Services\Tcpip\..\{13AC26AF-2449-4065-ACB2-D144F1338F23}: NameServer = 85.37.17.41 85.38.28.83 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Utilità di pianificazione di LiveUpdate automatico (Automatic LiveUpdate Scheduler) - Symantec Corporation - c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe O23 - Service: Biometric Authentication Service (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) - http://libusb-win32.sourceforge.net - C:\Windows\system32\libusbd-nt.exe O23 - Service: LiveUpdate - Symantec Corporation - c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE O23 - Service: LiveUpdate Notice - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe -- End of file - 13102 bytes e qui segue kaspersky : Saturday, January 17, 2009 Operating System: Microsoft Windows Vista Home Premium Edition, 32-bit Service Pack 1 (build 6001) Kaspersky Online Scanner 7 version: 7.0.25.0 Program database last update: Friday, January 16, 2009 11:13:24 Records in database: 1630661 Scan settings Scan using the following database extended Scan archives yes Scan mail databases yes Scan area My Computer C:\ D:\ E:\ F:\ Scan statistics Files scanned 183259 Threat name 7 Infected objects 21 Suspicious objects 0 Duration of the scan 03:16:38 File name Threat name Threats count C:\Program Files\Common Files\msruntime1.exeInfected: Net-Worm.Win32.Kolab.arz1 C:\Program Files\Common Files\msruntime10.exeInfected: Net-Worm.Win32.Kolab.arz1 C:\Program Files\Common Files\msruntime11.exeInfected: Net-Worm.Win32.Kolab.arz1 C:\Program Files\Common Files\msruntime2.exeInfected: Net-Worm.Win32.Kolab.arz1 C:\Program Files\Common Files\msruntime3.exeInfected: Net-Worm.Win32.Kolab.arz1 C:\Program Files\Common Files\msruntime4.exeInfected: Net-Worm.Win32.Kolab.arz1 C:\Program Files\Common Files\msruntime5.exeInfected: Net-Worm.Win32.Kolab.arz1 C:\Program Files\Common Files\msruntime6.exeInfected: Net-Worm.Win32.Kolab.arz1 C:\Program Files\Common Files\msruntime7.exeInfected: Net-Worm.Win32.Kolab.arz1 C:\Program Files\Common Files\msruntime8.exeInfected: Net-Worm.Win32.Kolab.arz1 C:\Program Files\Common Files\msruntime9.exeInfected: Net-Worm.Win32.Kolab.arz1 C:\Program Files\FriendBlasterPro\friendblasterpro-patch.exeInfected: Net-Worm.Win32.Kolab.arz1 C:\Users\alessandro\AppData\Local\Mozilla\Firefox\Profiles\3tnp1tfc.default\Cache\58CAD072d01Infected: Worm.Win32.AutoTDSS.bcw1 C:\Users\alessandro\AppData\Local\Mozilla\Firefox\Profiles\3tnp1tfc.default\Cache\EFAB1432d01Infected: Worm.Win32.AutoTDSS.bcw1 C:\Users\alessandro\Desktop\La3pack\Nuova cartella\Nuova cartella.rarInfected: Net-Worm.Win32.Kolab.arz1 C:\Users\alessandro\Documents\File ricevuti\.-FriendBlasterPro.vers 10.2.0 ( Latest Official Version )- !.zipInfected: Trojan.Win32.Small.xta1 C:\Users\alessandro\Documents\File ricevuti\Garlic 0.0.1 - win32.rarInfected: not-a-virus:PSWTool.Win32.MailPassView.aa1 C:\Users\alessandro\Documents\File ricevuti\Garlic 0.0.1 - win32.rarInfected: not-a-virus:PSWTool.Win32.FirePass.bf1 C:\Users\alessandro\Downloads\FriendBlasterPro_v.10_1_5.zipInfected: Net-Worm.Win32.Kolab.arz1 C:\Users\alessandro\Downloads\FriendBlasterPro_v.10_1_5.zipInfected: Trojan.Win32.Monder.gen1 C:\Users\alessandro\Downloads\Guitar Pro 5.2 [ With Complete RSE Packs ] CrackQueen\setup.exeInfected: Trojan.Win32.Buzus.ryd1 The selected area was scanned. grazie mille del vostro tempo!
- January 20, 2009
- 1 risposta
5 Trojan Rilevati Con Kaspersky

slimmy_sx1 ha aggiunto un topic in Altri problemi legati alla Sicurezza

Ciao ragazzi, vi ringrazio sin da ora per l'aiuto che mi sarà dato, siete i migliori vi posto il log in formato html dello scan di kaspersky online, che mi da la seguente presenza di trojan. i problemi sono pop up incontrollati e lentezza del pc ecco il log : KASPERSKY ONLINE SCANNER 7 REPORT Friday, September 12, 2008 Operating System: Microsoft Windows XP Home Edition Service Pack 3 (build 2600) Kaspersky Online Scanner 7 version: 7.0.25.0 Program database last update: Friday, September 12, 2008 11:58:26 Records in database: 1216568 Scan settings Scan using the following database extended Scan archives yes Scan mail databases yes Scan area My Computer C:\ D:\ E:\ Scan statistics Files scanned 139111 Threat name 2 Infected objects 6 Suspicious objects 0 Duration of the scan 02:23:08 File name Threat name Threats count C:\WINDOWS\system32\vinkfx.exeInfected: Trojan.Win32.Obfuscated.aqn1 C:\WINDOWS\system32\duytqtn.exeInfected: Trojan.Win32.Obfuscated.aqn1 C:\WINDOWS\system32\aczvdil.exeInfected: Trojan.Win32.Obfuscated.aqn1 C:\WINDOWS\system32\tweyzb.exeInfected: Trojan.Win32.Obfuscated.aqn1 C:\WINDOWS\system32\fehfvpqrg.exeInfected: Trojan.Win32.Obfuscated.aqn1 C:\Programmi\MessengerSkinner\MessengerSkinner.exeInfected: not-a-virus:AdWare.Win32.NaviPromo.ec1 The selected area was scanned.
- September 12, 2008
- 1 risposta
Vista - Rilevato Trojan, Non Riesco A Levarlo

slimmy_sx1 ha risposto a slimmy_sx1 nel forum HiJackThis - Posta qui i Log

ecco il log! Logfile of The Avenger Version 2.0, © by Swandog46 http://swandog46.geekstogo.com Platform: Windows Vista ******************* Script file opened successfully. Script file read successfully. Backups directory opened successfully at C:\Avenger ******************* Beginning to process script file: Rootkit scan active. No rootkits found! File "C:\ProgramData\EnSrv\dyraxaju.exe" deleted successfully. File "C:\ProgramData\ahyjavof\uzqpedwp.exe" deleted successfully. Folder "C:\WINDOWS\temp" deleted successfully. Folder "C:\WINDOWS\Tasks" deleted successfully. Error: could not open folder "C:\Users\All Users\setwebapl" Deletion of folder "C:\Users\All Users\setwebapl" failed! Status: 0xc0000715 Error: could not open folder "C:\Users\All Users\ahyjavof" Deletion of folder "C:\Users\All Users\ahyjavof" failed! Status: 0xc0000715 Folder "C:\ProgramData\setwebapl" deleted successfully. Folder "C:\ProgramData\ahyjavof" deleted successfully. Folder "C:\ProgramData\EnSrv" deleted successfully. Registry value "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs" replaced with dummy successfully. Completed script processing. ******************* Finished! Terminate.
- September 4, 2008
- 8 risposte
Vista - Rilevato Trojan, Non Riesco A Levarlo

slimmy_sx1 ha risposto a slimmy_sx1 nel forum HiJackThis - Posta qui i Log

ho dei problemi a fare lo scan con kasperky, arrivato quasi alla fine va in crash internet explorer, rivela un file infetto ,ho provato due volte. domani potrei provare a istallare firefox, in ogni caso se ti va puoi già darmi il procedimento per sistemare i problemi
- September 4, 2008
- 8 risposte
Vista - Rilevato Trojan, Non Riesco A Levarlo

slimmy_sx1 ha risposto a slimmy_sx1 nel forum HiJackThis - Posta qui i Log

si, tutto tranne kasperky che è ancora su che lavora, ecco i log Malwarebytes' Anti-Malware 1.26 Versione del database: 1103 Windows 6.0.6000 04/09/2008 16.56.59 mbam-log-2008-09-04 (16-56-59).txt Tipo di scansione: Scansione completa (C:\|D:\|) Elementi scansionati: 181221 Tempo trascorso: 1 hour(s), 13 minute(s), 45 second(s) Processi delle memoria infetti: 0 Moduli della memoria infetti: 0 Chiavi di registro infette: 0 Valori di registro infetti: 2 Elementi dato del registro infetti: 0 Cartelle infette: 0 File infetti: 0 Processi delle memoria infetti: (Nessun elemento malevolo rilevato) Moduli della memoria infetti: (Nessun elemento malevolo rilevato) Chiavi di registro infette: (Nessun elemento malevolo rilevato) Valori di registro infetti: HKEY_CURRENT_USER\Control Panel\Desktop\originalwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Control Panel\Desktop\convertedwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully. Elementi dato del registro infetti: (Nessun elemento malevolo rilevato) Cartelle infette: (Nessun elemento malevolo rilevato) File infetti: (Nessun elemento malevolo rilevato) l'unica cosa che non ho fatto è riparare il registro con ccleaner,ma il resto l'ho fatto,devo fare pure quello?
- September 4, 2008
- 8 risposte
Vista - Rilevato Trojan, Non Riesco A Levarlo

slimmy_sx1 ha risposto a slimmy_sx1 nel forum HiJackThis - Posta qui i Log

ho fatto tutte le precodure elencate, ecco il report: ComboFix 08-09-03.03 - alessandro 2008-09-04 15.20.41.1 - NTFSx86 Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1040.18.1903 [GMT 2:00] Eseguito da: C:\Users\alessandro\Desktop\ComboFix.exe . ((((((((((((((((((((((((((((((((((((( Altre eliminazioni ))))))))))))))))))))))))))))))))))))))))))))))))))) . C:\ProgramData\Microsoft\Network\Downloader\qmgr0.dat C:\ProgramData\Microsoft\Network\Downloader\qmgr1.dat C:\Users\alessandro\AppData\Roaming\Adobe\crc.dat C:\Windows\system32\KBL.LOG ----- BITS: Sites possivelmente infetados ----- htxtp://hqsextube08.com ((((((((((((((((((((((((( Files Creati Da 2008-08-04 al 2008-09-04 ))))))))))))))))))))))))))))))))))) . 2008-09-04 03:27 . 2008-09-04 03:29 <DIR> d-------- C:\Users\All Users\Lavasoft 2008-09-04 03:27 . 2008-09-04 03:29 <DIR> d-------- C:\ProgramData\Lavasoft 2008-09-04 03:27 . 2008-09-04 03:27 <DIR> d-------- C:\Program Files\Lavasoft 2008-09-04 03:26 . 2008-09-04 03:26 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard 2008-09-04 03:23 . 2008-09-04 03:54 <DIR> d-------- C:\Users\All Users\Spybot - Search & Destroy 2008-09-04 03:23 . 2008-09-04 03:54 <DIR> d-------- C:\ProgramData\Spybot - Search & Destroy 2008-09-04 03:23 . 2008-09-04 03:23 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy 2008-09-04 03:08 . 2008-09-04 03:12 <DIR> d-------- C:\Users\All Users\setwebapl 2008-09-04 03:08 . 2008-09-04 03:08 <DIR> d-------- C:\Users\All Users\EnSrv 2008-09-04 03:08 . 2008-09-04 03:08 <DIR> d-------- C:\Users\All Users\ahyjavof 2008-09-04 03:08 . 2008-09-04 03:12 <DIR> d-------- C:\ProgramData\setwebapl 2008-09-04 03:08 . 2008-09-04 03:08 <DIR> d-------- C:\ProgramData\EnSrv 2008-09-04 03:08 . 2008-09-04 03:08 <DIR> d-------- C:\ProgramData\ahyjavof 2008-09-03 16:45 . 2008-09-03 16:45 <DIR> d-------- C:\Program Files\EA GAMES 2008-09-03 16:45 . 2004-08-18 10:34 442,368 -ra------ C:\Windows\System32\vp6vfw.dll 2008-08-30 23:42 . 2008-08-30 23:42 268,800 --a------ C:\Windows\System32\es.dll 2008-08-30 22:40 . 2008-08-30 22:40 <DIR> d-------- C:\Users\All Users\eMule AdunanzA 2008-08-30 22:40 . 2008-08-30 22:40 <DIR> d-------- C:\ProgramData\eMule AdunanzA 2008-08-29 18:07 . 2008-08-31 15:04 <DIR> d-------- C:\Users\Public\CyberLink 2008-08-29 18:06 . 2008-08-29 18:06 <DIR> d-------- C:\Users\alessandro\AppData\Roaming\dvdcss 2008-08-29 17:23 . 2008-08-29 17:23 <DIR> d-------- C:\Users\All Users\HP 2008-08-29 17:23 . 2008-08-29 17:23 <DIR> d-------- C:\Users\alessandro\AppData\Roaming\HP 2008-08-29 17:23 . 2008-08-31 15:04 <DIR> d-------- C:\Users\alessandro\AppData\Roaming\CyberLink 2008-08-29 17:23 . 2008-08-29 17:23 <DIR> d-------- C:\ProgramData\HP 2008-08-29 16:08 . 2008-08-29 16:08 <DIR> d-------- C:\Users\alessandro\AppData\Roaming\Apple Computer 2008-08-29 16:08 . 2008-08-29 16:08 <DIR> d-------- C:\Program Files\iTunes 2008-08-29 16:08 . 2008-08-29 16:08 <DIR> d-------- C:\Program Files\iPod 2008-08-29 16:07 . 2008-08-29 16:07 <DIR> d-------- C:\Program Files\Bonjour 2008-08-29 16:06 . 2008-08-29 16:08 <DIR> d-------- C:\Users\All Users\Apple Computer 2008-08-29 16:06 . 2008-08-29 16:08 <DIR> d-------- C:\ProgramData\Apple Computer 2008-08-29 16:06 . 2008-08-29 16:07 <DIR> d-------- C:\Program Files\QuickTime 2008-08-29 16:06 . 2008-08-29 16:06 <DIR> d-------- C:\Program Files\Apple Software Update 2008-08-29 16:05 . 2008-08-29 16:05 <DIR> d-------- C:\Users\All Users\Apple 2008-08-29 16:05 . 2008-08-29 16:05 <DIR> d-------- C:\ProgramData\Apple 2008-08-29 16:05 . 2008-08-29 16:05 <DIR> d-------- C:\Program Files\Common Files\Apple 2008-08-29 12:34 . 2008-08-29 12:35 <DIR> d-------- C:\Program Files\emule 2008-08-29 12:33 . 2008-08-29 12:33 <DIR> d-------- C:\Users\All Users\eMule 2008-08-29 12:33 . 2008-08-29 12:33 <DIR> d-------- C:\ProgramData\eMule 2008-08-29 00:19 . 2008-08-29 00:19 <DIR> d-------- C:\Users\alessandro\AppData\Roaming\vlc 2008-08-29 00:16 . 2008-08-29 00:16 <DIR> d-------- C:\Program Files\VideoLAN 2008-08-28 22:43 . 2008-08-28 22:43 361,984 --a------ C:\Windows\System32\IPSECSVC.DLL 2008-08-28 22:43 . 2008-08-28 22:43 272,896 --a------ C:\Windows\System32\polstore.dll 2008-08-28 22:43 . 2008-08-28 22:43 61,440 --a------ C:\Windows\System32\winipsec.dll 2008-08-28 22:43 . 2008-08-28 22:43 28,672 --a------ C:\Windows\System32\FwRemoteSvr.dll 2008-08-28 22:41 . 2008-08-28 22:41 194,560 --a------ C:\Windows\System32\WebClnt.dll 2008-08-28 22:41 . 2008-08-28 22:41 110,080 --a------ C:\Windows\System32\drivers\mrxdav.sys 2008-08-28 22:38 . 2008-08-28 22:38 1,060,920 --a------ C:\Windows\System32\drivers\ntfs.sys 2008-08-28 22:38 . 2008-08-28 22:38 41,984 --a------ C:\Windows\System32\drivers\monitor.sys 2008-08-28 22:37 . 2008-08-28 22:37 2,048 --a------ C:\Windows\System32\tzres.dll 2008-08-28 22:36 . 2008-08-28 22:36 8,147,968 --a------ C:\Windows\System32\wmploc.DLL 2008-08-28 22:36 . 2008-08-28 22:36 356,864 --a------ C:\Windows\System32\MediaMetadataHandler.dll 2008-08-28 22:36 . 2008-08-28 22:36 7,680 --a------ C:\Windows\System32\spwmp.dll 2008-08-28 22:36 . 2008-08-28 22:36 4,096 --a------ C:\Windows\System32\msdxm.ocx 2008-08-28 22:36 . 2008-08-28 22:36 4,096 --a------ C:\Windows\System32\dxmasf.dll 2008-08-28 22:35 . 2008-08-28 22:35 3,504,696 --a------ C:\Windows\System32\ntkrnlpa.exe 2008-08-28 22:35 . 2008-08-28 22:35 3,470,392 --a------ C:\Windows\System32\ntoskrnl.exe 2008-08-28 22:35 . 2008-08-28 22:35 211,000 --a------ C:\Windows\System32\drivers\volsnap.sys 2008-08-28 22:35 . 2008-08-28 22:35 154,624 --a------ C:\Windows\System32\drivers\nwifi.sys 2008-08-28 22:35 . 2008-08-28 22:35 109,624 --a------ C:\Windows\System32\drivers\ataport.sys 2008-08-28 22:35 . 2008-08-28 22:35 45,112 --a------ C:\Windows\System32\drivers\pciidex.sys 2008-08-28 22:35 . 2008-08-28 22:35 21,560 --a------ C:\Windows\System32\drivers\atapi.sys 2008-08-28 22:35 . 2008-08-28 22:35 17,464 --a------ C:\Windows\System32\drivers\intelide.sys 2008-08-28 22:33 . 2008-08-28 22:33 9,845,248 --a------ C:\Windows\System32\NlsData000a.dll 2008-08-28 22:30 . 2008-08-28 22:30 1,585,664 --a------ C:\Windows\System32\setupapi.dll 2008-08-28 22:29 . 2008-08-28 22:29 2,027,008 --a------ C:\Windows\System32\win32k.sys 2008-08-28 22:29 . 2008-08-28 22:29 296,448 --a------ C:\Windows\System32\gdi32.dll 2008-08-28 22:29 . 2008-08-28 22:29 223,232 --a------ C:\Windows\System32\WMASF.DLL 2008-08-28 22:29 . 2008-08-28 22:29 113,664 --a------ C:\Windows\System32\drivers\rmcast.sys 2008-08-28 22:29 . 2008-08-28 22:29 14,848 --a------ C:\Windows\System32\wshrm.dll 2008-08-28 22:29 . 2008-08-28 22:29 11,776 --a------ C:\Windows\System32\sbunattend.exe 2008-08-28 22:29 . 2008-08-28 22:29 9,728 --a------ C:\Windows\System32\LAPRXY.DLL 2008-08-28 22:29 . 2008-08-28 22:29 2,048 --a------ C:\Windows\System32\asferror.dll 2008-08-28 22:27 . 2008-09-04 08:02 <DIR> d-------- C:\Users\alessandro\AppData\Roaming\skypePM 2008-08-28 22:27 . 2008-08-28 22:27 <DIR> d-------- C:\Program Files\MSXML 4.0 2008-08-28 22:27 . 2008-08-28 22:27 56 --ah----- C:\Users\All Users\ezsidmv.dat 2008-08-28 22:27 . 2008-08-28 22:27 56 --ah----- C:\ProgramData\ezsidmv.dat 2008-08-28 22:25 . 2008-09-04 15:17 <DIR> d-------- C:\Users\alessandro\AppData\Roaming\Skype 2008-08-28 22:25 . 2008-08-28 22:25 <DIR> d-------- C:\Program Files\Skype 2008-08-28 22:25 . 2008-08-28 22:25 <DIR> d-------- C:\Program Files\Common Files\Skype 2008-08-28 22:24 . 2008-08-28 22:25 <DIR> d-------- C:\Users\All Users\Skype 2008-08-28 22:24 . 2008-08-28 22:25 <DIR> d-------- C:\ProgramData\Skype 2008-08-28 22:10 . 2008-08-28 22:10 <DIR> dr------- C:\Windows\System32\config\systemprofile\Music 2008-08-28 22:07 . 2008-08-28 22:07 1,811,656 --a------ C:\Windows\System32\wuaueng.dll 2008-08-28 22:07 . 2008-08-28 22:07 1,524,736 --a------ C:\Windows\System32\wucltux.dll 2008-08-28 22:07 . 2008-08-28 22:07 563,912 --a------ C:\Windows\System32\wuapi.dll 2008-08-28 22:07 . 2008-08-28 22:07 163,904 --a------ C:\Windows\System32\wuwebv.dll 2008-08-28 22:07 . 2008-08-28 22:07 83,456 --a------ C:\Windows\System32\wudriver.dll 2008-08-28 22:07 . 2008-08-28 22:07 53,448 --a------ C:\Windows\System32\wuauclt.exe 2008-08-28 22:07 . 2008-08-28 22:07 45,768 --a------ C:\Windows\System32\wups2.dll 2008-08-28 22:07 . 2008-08-28 22:07 36,552 --a------ C:\Windows\System32\wups.dll 2008-08-28 22:07 . 2008-08-28 22:07 31,232 --a------ C:\Windows\System32\wuapp.exe 2008-08-28 21:55 . 2008-08-28 21:55 <DIR> d-------- C:\Program Files\Google 2008-08-28 21:27 . 2008-08-28 21:27 <DIR> d-------- C:\Program Files\uTorrent 2008-08-28 21:26 . 2008-09-04 03:59 <DIR> d-------- C:\Users\alessandro\AppData\Roaming\uTorrent 2008-08-28 20:17 . 2008-09-03 17:18 27,810 --a------ C:\Users\alessandro\AppData\Roaming\nvModes.dat 2008-08-28 17:01 . 2008-08-28 17:01 <DIR> d-------- C:\Users\alessandro\Bluetooth Software 2008-08-28 17:01 . 2008-08-28 17:01 <DIR> d-------- C:\Users\alessandro\AppData\Roaming\Symantec 2008-08-28 17:00 . 2008-08-28 17:00 <DIR> dr------- C:\Users\alessandro\Searches 2008-08-28 17:00 . 2008-08-28 17:48 <DIR> dr------- C:\Users\alessandro\Contacts 2008-08-28 17:00 . 2008-08-28 17:00 <DIR> d-------- C:\Users\alessandro\AppData\Roaming\DigitalPersona 2008-08-28 17:00 . 2008-08-28 17:00 81 --a------ C:\Windows\System32\LOG 2008-08-28 17:00 . 2008-08-28 17:00 44 --a------ C:\Windows\system\hpsysdrv.dat 2008-08-28 16:48 . 2008-08-28 17:01 <DIR> d-------- C:\Users\alessandro\AppData\Roaming\Hewlett-Packard 2008-08-28 16:47 . 2008-08-28 16:47 <DIR> d-------- C:\Users\All Users\Electronic Arts 2008-08-28 16:47 . 2008-08-28 16:47 <DIR> d-------- C:\ProgramData\Electronic Arts 2008-08-28 16:42 . 2008-08-28 16:47 <DIR> d-------- C:\Program Files\Electronic Arts 2008-08-28 16:40 . 2008-08-28 16:40 <DIR> d-------- C:\Users\alessandro\AppData\Roaming\Macrovision 2008-08-28 16:40 . 2008-08-28 16:40 <DIR> d-------- C:\Users\alessandro\AppData\Roaming\InstallShield 2008-08-28 16:40 . 2008-08-28 16:40 <DIR> d-------- C:\Program Files\Broadcom 2008-08-28 16:39 . 2008-08-29 17:59 <DIR> dr------- C:\Users\alessandro\Videos 2008-08-28 16:39 . 2008-08-28 17:00 <DIR> dr------- C:\Users\alessandro\Saved Games 2008-08-28 16:39 . 2008-08-29 16:35 <DIR> dr------- C:\Users\alessandro\Pictures 2008-08-28 16:39 . 2008-09-03 15:41 <DIR> dr------- C:\Users\alessandro\Music 2008-08-28 16:39 . 2008-08-28 17:00 <DIR> dr------- C:\Users\alessandro\Links 2008-08-28 16:39 . 2008-09-04 15:15 <DIR> dr------- C:\Users\alessandro\Downloads 2008-08-28 16:39 . 2008-09-03 17:13 <DIR> dr------- C:\Users\alessandro\Documents 2008-08-28 16:39 . 2006-11-02 14:37 <DIR> d-------- C:\Users\alessandro\AppData\Roaming\Media Center Programs 2008-08-28 16:39 . 2008-08-28 16:39 <DIR> d--h----- C:\Users\alessandro\AppData 2008-08-28 16:39 . 2008-08-29 16:05 <DIR> d-------- C:\Users\alessandro 2008-08-28 16:39 . 2008-08-28 16:39 0 -rahs---- C:\Windows\System32\drivers\103C_HP_cNB_Pavilion dv6700 Notebook PC_Y5335KV_0U_QCNF8135450_E459053-063_4A_I30D2_SQuanta_V79.29_F.52_T080324_WV3-0_L410_M3070_J250_7Intel_8676_92.10_#071127_N10EC8136;14E44315_(FE555EA#ABZ)_XMO BILE_CN10_Z.MRK 2008-08-28 16:34 . 2008-08-28 16:34 <DIR> dr------- C:\Windows\System32\config\systemprofile\Contacts . (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-09-04 10:23 --------- d-----w C:\Program Files\Norton Internet Security 2008-09-04 10:23 --------- d-----w C:\Program Files\Common Files\Symantec Shared 2008-09-04 10:18 805 ----a-w C:\Windows\system32\drivers\SYMEVENT.INF 2008-09-04 10:18 123,952 ----a-w C:\Windows\system32\drivers\SYMEVENT.SYS 2008-09-04 10:18 10,671 ----a-w C:\Windows\system32\drivers\SYMEVENT.CAT 2008-09-04 10:18 --------- d-----w C:\ProgramData\Symantec 2008-09-04 10:18 --------- d-----w C:\Program Files\Symantec 2008-08-31 14:49 --------- d-----w C:\ProgramData\Microsoft Help 2008-08-29 15:28 --------- d-----w C:\ProgramData\WildTangent 2008-08-29 15:23 --------- d-----w C:\ProgramData\CyberLink 2008-08-29 09:35 174 --sha-w C:\Program Files\desktop.ini 2008-08-29 00:16 --------- d-----w C:\Program Files\Windows Sidebar 2008-08-29 00:16 --------- d-----w C:\Program Files\Windows Mail 2008-08-28 21:52 --------- d-----w C:\Program Files\Common Files\Adobe 2008-08-28 20:42 28,344 ----a-w C:\Windows\system32\drivers\battc.sys 2008-08-28 20:42 258,232 ----a-w C:\Windows\system32\drivers\acpi.sys 2008-08-28 20:42 20,920 ----a-w C:\Windows\system32\drivers\compbatt.sys 2008-08-28 20:42 2,923,520 ----a-w C:\Windows\explorer.exe 2008-08-28 20:42 14,208 ----a-w C:\Windows\system32\drivers\CmBatt.sys 2008-08-28 20:42 11,264 ----a-w C:\Windows\system32\drivers\wmiacpi.sys 2008-08-28 20:34 803,328 ----a-w C:\Windows\system32\drivers\tcpip.sys 2008-08-28 20:34 216,632 ----a-w C:\Windows\system32\drivers\netio.sys 2008-08-28 20:31 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll 2008-08-28 20:30 54,784 ----a-w C:\Windows\system32\drivers\i8042prt.sys 2008-08-28 20:30 495,160 ----a-w C:\Windows\system32\drivers\Wdf01000.sys 2008-08-28 20:30 35,384 ----a-w C:\Windows\system32\drivers\WdfLdr.sys 2008-08-28 20:30 35,384 ----a-w C:\Windows\system32\drivers\kbdclass.sys 2008-08-28 20:30 34,360 ----a-w C:\Windows\system32\drivers\mouclass.sys 2008-08-28 20:30 29,184 ----a-w C:\Windows\system32\drivers\BTHUSB.SYS 2008-08-28 20:30 220,160 ----a-w C:\Windows\system32\drivers\bthport.sys 2008-08-28 20:30 19,968 ----a-w C:\Windows\system32\drivers\sermouse.sys 2008-08-28 20:30 19,456 ----a-w C:\Windows\system32\drivers\bthenum.sys 2008-08-28 20:30 15,872 ----a-w C:\Windows\system32\drivers\mouhid.sys 2008-08-28 20:30 15,872 ----a-w C:\Windows\system32\drivers\kbdhid.sys 2008-08-28 20:28 84,992 ----a-w C:\Windows\system32\drivers\srvnet.sys 2008-08-28 20:28 58,368 ----a-w C:\Windows\system32\drivers\mrxsmb20.sys 2008-08-28 20:28 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll 2008-08-28 20:28 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll 2008-08-28 20:28 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll 2008-08-28 20:28 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll 2008-08-28 20:28 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll 2008-08-28 20:28 130,048 ----a-w C:\Windows\system32\drivers\srv2.sys 2008-08-28 20:28 101,888 ----a-w C:\Windows\system32\drivers\mrxsmb.sys 2008-08-28 15:01 --------- d-----w C:\ProgramData\NVIDIA 2008-08-28 15:01 --------- d-----w C:\ProgramData\Hewlett-Packard 2008-08-28 14:47 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-08-28 14:34 --------- d-sh--w C:\ProgramData\Preferiti 2008-08-28 14:34 --------- d-sh--w C:\ProgramData\Modelli 2008-08-28 14:34 --------- d-sh--w C:\ProgramData\Menu Avvio 2008-08-28 14:34 --------- d-sh--w C:\ProgramData\Documenti 2008-08-28 14:34 --------- d-sh--w C:\ProgramData\Dati applicazioni 2008-08-28 14:34 --------- d-sh--w C:\Program Files\File comuni 2008-07-30 15:42 23,888 ----a-w C:\Windows\system32\drivers\COH_Mon.sys 2008-07-30 15:28 706 ----a-w C:\Windows\system32\drivers\COH_Mon.inf 2008-07-30 15:28 10,537 ----a-w C:\Windows\system32\drivers\coh_mon.cat . ((((((((((((((((((((((((((((((((((((( Punti Reg Caricati )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* i valori vuoti & legittimi/default non sono visualizzati. REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-08-28 1232896] "HPAdvisor"="C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2007-10-01 1783136] "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 5674352] "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-08-12 21741864] "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 125440] "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728] "EnSrv"="C:\ProgramData\EnSrv\dyraxaju.exe" [2008-09-04 86016] "AhLTHKynih"="C:\ProgramData\ahyjavof\uzqpedwp.exe" [2008-09-04 69632] "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-07-07 2156368] "WindowsWelcomeCenter"="oobefldr.dll" [2006-11-02 C:\Windows\System32\oobefldr.dll] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-09-19 86016] "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-09-19 8497696] "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-09-19 81920] "SynTPStart"="C:\Program Files\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 102400] "SMSERIAL"="C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe" [2007-01-17 634880] "IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-07-25 174616] "QPService"="C:\Program Files\HP\QuickPlay\QPService.exe" [2007-09-30 181544] "QlbCtrl"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-09-19 202032] "OnScreenDisplay"="C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-09-04 554320] "UCam_Menu"="C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-08-16 218408] "DpAgent"="C:\Program Files\DigitalPersona\Bin\dpagent.exe" [2007-09-20 671744] "ccApp"="c:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2008-02-14 51048] "HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-17 49152] "hpWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-09-13 480560] "WAWifiMessage"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-08 311296] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 132496] "{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="C:\Program Files\Google\Gmail Notifier\gnotify.exe" [2005-07-15 479232] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] "AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-22 116040] "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-05-27 413696] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-07-30 289064] "RtHDVCpl"="RtHDVCpl.exe" [2007-08-17 C:\Windows\RtHDVCpl.exe] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-09-05 727592] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.l3codecp"= l3codecp.acm [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UacDisableNotify"=dword:00000001 "InternetSettingsDisableNotify"=dword:00000001 "AutoUpdateDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{50FE1639-2277-423A-9FFB-A9E65BB7474C}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{AFAAC25D-2240-47B4-BABB-B3C1AE76B327}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{5DBB0C4D-969D-459E-A788-A31354634EC3}"= C:\Program Files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector "{DD521377-4A4F-4CED-AEA5-6A924730F285}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone) "{A55037CB-7E41-49F1-892E-E8A01B9A4155}"= C:\Program Files\HP\QuickPlay\QP.exe:Quick Play "{6F1F7067-D70A-4F45-A101-1DED5168D060}"= C:\Program Files\HP\QuickPlay\QPService.exe:Quick Play Resident Program "{CC61B5FD-875C-4C1D-8E54-B8E0A5710EA8}"= UDP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent (TCP-In) "{8A982465-4BD9-42CE-B028-C92A15C946D2}"= TCP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent (UDP-In) "{781FD4CA-D891-4E02-8EC6-5DDC941C3111}"= C:\Program Files\Skype\Phone\Skype.exe:Skype "{FA530000-CC04-49FE-B475-3D8BFE507BED}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour "{253DB3E2-6AD4-407A-85B7-2A6A2D4266B5}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour "{145E576F-79E9-45A9-B508-A9992E265A70}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes "{FB705423-9D74-45EF-BC0B-B77766FD10B3}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes "TCP Query User{26C2FE5B-089B-48F4-834A-6C71A70E3DA2}C:\\program files\\utorrent\\utorrent.exe"= UDP:C:\program files\utorrent\utorrent.exe:µTorrent "UDP Query User{E3ADDB22-486E-49F6-A41D-BF5AAE8EC6F8}C:\\program files\\utorrent\\utorrent.exe"= TCP:C:\program files\utorrent\utorrent.exe:µTorrent [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System] "DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic| [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile] "EnableFirewall"= 0 (0x0) R1 IDSvix86;Symantec Intrusion Prevention Driver;C:\PROGRA~2\Symantec\DEFINI~1\SymcData\ipsdefs\20080902.004\IDSvix86.sys [2008-08-08 261680] R2 {22D78859-9CE9-4B77-BF18-AC83E81A9263};{22D78859-9CE9-4B77-BF18-AC83E81A9263};C:\Program Files\HP\QuickPlay\000.fcl [2007-09-30 19:34 39408] R2 LiveUpdate Notice;LiveUpdate Notice;c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-02-14 149864] R2 QPCapSvc;QuickPlay Background Capture Service (QBCS);C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [2007-09-30 271760] R2 QPSched;QuickPlay Task Scheduler (QTS);C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [2007-09-30 112016] R3 btwaudio;Periferica audio Bluetooth;C:\Windows\system32\drivers\btwaudio.sys [2007-09-18 80424] R3 btwavdt;Bluetooth AVDT;C:\Windows\system32\drivers\btwavdt.sys [2007-09-18 80936] R3 btwrchid;btwrchid;C:\Windows\system32\DRIVERS\btwrchid.sys [2007-09-18 16168] R3 HpqRemHid;HP Remote Control HID Device;C:\Windows\system32\DRIVERS\HpqRemHid.sys [2007-07-11 7168] R3 SYMNDISV;SYMNDISV;C:\Windows\system32\Drivers\SYMNDISV.SYS [2008-06-13 41008] S3 COH_Mon;COH_Mon;C:\Windows\system32\Drivers\COH_Mon.sys [2008-07-30 23888] S3 GameConsoleService;GameConsoleService;C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe [2007-07-24 181800] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ *Newly Created Service* - COMHOST . Contenuto della cartella 'Scheduled Tasks' . - - - - ORFÇOS REMOVIDOS - - - - HKCU-Run-lphcvu3j0eccu - C:\Windows\system32\lphcvu3j0eccu.exe HKCU-Run-Run - C:\Users\alessandro\AppData\Roaming\Adobe\Manager.exe HKCU-Run-Smart Antivirus-2009.exe - C:\Program Files\Smart Antivirus 2009\Smart Antivirus-2009.exe HKCU-Run-Somefox - C:\Users\ALESSA~1\AppData\Local\Temp\519B.tmp.exe HKLM-Run-HP Health Check Scheduler - [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe . ------- Supplementary Scan ------- . R0 -: HKCU-Main,Start Page = hxxp://smart-antivirus2009-buy.com/buy.php?aff=1005 R0 -: HKLM-Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=it_it&c=81&bd=Pavilion&pf=laptop R1 -: HKCU-Internet Settings,ProxyOverride = *.local O8 -: &AOL Toolbar Cerca - c:\program files\aol\aol toolbar 5.0\resources\it-it\local\search.html O8 -: E&sporta in Microsoft Excel - C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 -: Invia immagine alla periferica &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 -: Invia pagina alla periferica &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-04 15:26:05 Windows 6.0.6000 NTFS scansione processi nascosti ... scansione entrate autostart nascoste ... Scansione files nascosti ... Scansione completata con successo Files nascosti: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\Windows\System32\audiodg.exe C:\Windows\System32\wlanext.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\Program Files\DigitalPersona\Bin\DpHostW.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe C:\Windows\System32\conime.exe C:\Windows\System32\rundll32.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Program Files\iPod\bin\iPodService.exe C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe C:\Windows\System32\wbem\WMIADAP.exe C:\Windows\servicing\TrustedInstaller.exe . ************************************************************************** . Ora fine scansione: 2008-09-04 15:35:51 - machine was rebooted ComboFix-quarantined-files.txt 2008-09-04 13:35:33 Pre-Run: 186,751,176,704 byte disponibili Post-Run: 186,712,313,856 byte disponibili 342 --- E O F --- 2008-09-01 01:00:34 questo invece è quello di hijackthis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17.16.14, on 04/09/2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16711) Boot mode: Normal Running processes: C:\Program Files\DigitalPersona\Bin\DpAgent.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\conime.exe C:\Program Files\Synaptics\SynTP\SynTPStart.exe C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Hp\QuickPlay\QPService.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\ProgramData\EnSrv\dyraxaju.exe C:\ProgramData\ahyjavof\uzqpedwp.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe C:\Windows\System32\rundll32.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Windows\system32\wuauclt.exe C:\Windows\Explorer.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE c:\program files\aol\aol toolbar 5.0\AolTbServer.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\alessandro\Downloads\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://smart-antivirus2009-buy.com/buy.php?aff=1005 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe O4 - HKLM\..\Run: [sMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe" O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0" O4 - HKLM\..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\dpagent.exe O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [EnSrv] C:\ProgramData\EnSrv\dyraxaju.exe O4 - HKCU\..\Run: [AhLTHKynih] C:\ProgramData\ahyjavof\uzqpedwp.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIZIO LOCALE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVIZIO LOCALE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIZIO DI RETE') O4 - Global Startup: BTTray.lnk = ? O8 - Extra context menu item: &AOL Toolbar Cerca - c:\program files\aol\aol toolbar 5.0\resources\it-it\local\search.html O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Invia immagine alla periferica &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Invia pagina alla periferica &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O13 - Gopher Prefix: O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Utilità di pianificazione di LiveUpdate automatico (Automatic LiveUpdate Scheduler) - Symantec Corporation - c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe O23 - Service: Biometric Authentication Service (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LiveUpdate - Symantec Corporation - c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE O23 - Service: LiveUpdate Notice - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe -- End of file - 12273 bytes i pop up che avvisano del troian sembrano ripresentarsi ancora
- September 4, 2008
- 8 risposte
Vista - Rilevato Trojan, Non Riesco A Levarlo

slimmy_sx1 ha aggiunto un topic in HiJackThis - Posta qui i Log

Salve ragazzi, vi ringrazio già per l'aiuto che date con questo forum. Vista mi ha rilevato ieri sera la presenza di due troyan cambiandomi lo sfondo del pc e avvisando che la sicurezza era stata violata. ho fatto una scansione con norton ma nulla d risolto, cosa posso fare? vi allego il log : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12.42.44, on 04/09/2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16711) Boot mode: Normal Running processes: C:\Program Files\DigitalPersona\Bin\DpAgent.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\System32\rundll32.exe C:\Program Files\Synaptics\SynTP\SynTPStart.exe C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Hp\QuickPlay\QPService.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe C:\Windows\System32\rundll32.exe C:\Program Files\Windows Defender\MSASCui.exe c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\Google\Gmail Notifier\gnotify.exe C:\Windows\system32\taskeng.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Skype\Phone\Skype.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\ProgramData\EnSrv\dyraxaju.exe C:\ProgramData\ahyjavof\uzqpedwp.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe C:\Windows\system32\Taskmgr.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Internet Explorer\ieuser.exe C:\Program Files\Internet Explorer\iexplore.exe c:\program files\aol\aol toolbar 5.0\AolTbServer.exe C:\Windows\system32\Macromed\Flash\FlashUtil9d.exe C:\Users\alessandro\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://smart-antivirus2009-buy.com/buy.php?aff=1005 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe O4 - HKLM\..\Run: [sMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe" O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0" O4 - HKLM\..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\dpagent.exe O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [Run] "C:\Users\alessandro\AppData\Roaming\Adobe\Manager.exe" O4 - HKCU\..\Run: [smart Antivirus-2009.exe] C:\Program Files\Smart Antivirus 2009\Smart Antivirus-2009.exe O4 - HKCU\..\Run: [somefox] C:\Users\ALESSA~1\AppData\Local\Temp\519B.tmp.exe O4 - HKCU\..\Run: [lphcvu3j0eccu] C:\Windows\system32\lphcvu3j0eccu.exe O4 - HKCU\..\Run: [EnSrv] C:\ProgramData\EnSrv\dyraxaju.exe O4 - HKCU\..\Run: [AhLTHKynih] C:\ProgramData\ahyjavof\uzqpedwp.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIZIO LOCALE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVIZIO LOCALE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIZIO DI RETE') O4 - Global Startup: BTTray.lnk = ? O8 - Extra context menu item: &AOL Toolbar Cerca - c:\program files\aol\aol toolbar 5.0\resources\it-it\local\search.html O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Invia immagine alla periferica &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Invia pagina alla periferica &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O13 - Gopher Prefix: O17 - HKLM\System\CCS\Services\Tcpip\..\{13AC26AF-2449-4065-ACB2-D144F1338F23}: NameServer = 85.37.17.41 85.38.28.83 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Utilità di pianificazione di LiveUpdate automatico (Automatic LiveUpdate Scheduler) - Symantec Corporation - c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe O23 - Service: Biometric Authentication Service (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LiveUpdate - Symantec Corporation - c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE O23 - Service: LiveUpdate Notice - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe -- End of file - 13548 bytes aggiungo che i nomi dei trojan rilevati sono : Trojan Zlob Activity Trojan-Spy.Win32.KeyLogger.aa Trojan-Downloander.Win32.Agent.bq
- September 4, 2008
- 8 risposte
Se Voi Doveste Scegliere Una Console

slimmy_sx1 ha risposto a leonard nel forum Sony PlayStation, Nintendo WII, Nintendo 3DS, Xbox 360

non c'è e non c'è mai stata consol migliore della playstation3 ,sono pronto ad affrontare qualsiasi tipo di argomento per provarlo
- June 21, 2007
- 44 risposte
Come Connettere Psp Ad Internet?

slimmy_sx1 ha risposto a djablo one nel forum Sony PlayStation, Nintendo WII, Nintendo 3DS, Xbox 360

io ho lo stesso problema. ho comperato una pennetta wifi che ha funzione di access point,router,station e bridge. solo che non capisco come mai quando connetto la playstation la play non reperisce l'indirizzo ip. se invece imposto un proxy riesco a connettermi ma la connessione salta dopo qualke secondo
- June 19, 2007
- 4 risposte
Sparito Ogni Sorta Di Elenco Dal Pc

slimmy_sx1 ha risposto a slimmy_sx1 nel forum HiJackThis - Posta qui i Log

è la stessa cosa che ho pensato io, ma facendo mente locale mi sono reso conto che non ho utilizzato nulla del genere..firefox si ostina o non salvarmi preferiti. c'è un modo per passare l'elenco delle password preferiti eccetera in un altro browser o magari sempre lo stesso?
- March 10, 2007
- 9 risposte
Sparito Ogni Sorta Di Elenco Dal Pc

slimmy_sx1 ha risposto a slimmy_sx1 nel forum HiJackThis - Posta qui i Log

bhe kuma da un lato sono contento di non avere mal ware, e vi ringrazio del vostro efficentissimo lavoro :) ...non mi resta altro che rimettere tutto pian pianino....però è proprio strana sta cosa..spero non mi accada mai con documenti importanti...ho dato un occhiata alla tua home, un sito veramente ben fatto
- March 9, 2007
- 9 risposte
Sparito Ogni Sorta Di Elenco Dal Pc

slimmy_sx1 ha risposto a slimmy_sx1 nel forum HiJackThis - Posta qui i Log

Removal tool loaded into memory Gromozon rootkit component not detected - searching for other components Scanning: C:\WINDOWS Scanning: C:\Programmi\File comuni Trojan.Gromozon does not exist - your system is clean. HO ANCHE FATTO controllare quel file, ma non è sospetto ho anche istallato il java seguendo le istruzioni, ma non è cambiato nulla.. riuscirò mai a recuperare la rubrica di i-tunes?
- March 9, 2007
- 9 risposte
Sparito Ogni Sorta Di Elenco Dal Pc

slimmy_sx1 ha risposto a slimmy_sx1 nel forum HiJackThis - Posta qui i Log

si scusa!! è che ero un po agitato ed ho scritto veloce...comunque ecco i vari log, mi è venuto fuori un errore mentre fixavo l'ultima delle cose che mi hai elencato ma cmq sembra essere sparita dal log. x quanto riguarda il java cm lo cancello?..mi sono limitato ad istallare la versione nuova. mi manca solo da fare la scansiomne on-line...purtroppo xo il problema è rimasto invariato ecco i log Logfile of HijackThis v1.99.1 Scan saved at 23.26.20, on 08/03/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\WINDOWS\System32\svchost.exe C:\VEXPLITE\viritsvc.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\Explorer.EXE C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\system32\RunDll32.exe C:\WINDOWS\system32\rundll32.exe C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe C:\Programmi\File comuni\Real\Update_OB\realsched.exe C:\WINDOWS\system32\wuauclt.exe C:\Programmi\Java\jre1.6.0\bin\jusched.exe C:\Programmi\iTunes\iTunesHelper.exe C:\Programmi\QuickTime\qttask.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\VEXPLITE\MONLITE.EXE C:\Programmi\iPod\bin\iPodService.exe C:\Programmi\MessengerPlus! 3\MsgPlus.exe C:\tools2\3FB3C13.exe C:\tools2\3FB3C13.exe C:\Programmi\MSN Messenger\msnmsgr.exe C:\Programmi\Ulead Systems2\Ulead Photo Express 4.0 SE\CalCheck.exe C:\WINDOWS\system32\taskmgr.exe C:\tools\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tgsoft.it/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://sib1.od2.com/common/Product/Product...no=OD2DI6107478 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: Malicious Scripts Scanner - {55EA1964-F5E4-4D6A-B9B2-125B37655FCB} - C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\Prevx\pxbho.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar O4 - HKLM\..\Run: [Zone Labs Client] C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [mRouterConfig for Siemens Data Suite SX1] C:\Programmi\Intuwave\Shared\mRouterRunTime\mRouterConfig.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0\bin\jusched.exe" O4 - HKLM\..\Run: [CloneCDTray] "C:\Programmi\CloneCD\CloneCDTray.exe" /s O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [PrevxOne] "C:\Programmi\Prevx1\PXConsole.exe" O4 - HKLM\..\Run: [VIRIT LITE MONITOR] C:\VEXPLITE\MONLITE.EXE O4 - HKLM\..\Run: [MessengerPlus3] "C:\Programmi\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Programmi\Yahoo!\Messenger\ypager.exe" -quiet O4 - HKCU\..\Run: [MessengerPlus3] "C:\Programmi\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [msnmsgr] "C:\Programmi\MSN Messenger\msnmsgr.exe" /background O4 - Global Startup: Controllo del Calendario di Ulead Photo Express.lnk = C:\Programmi\Ulead Systems2\Ulead Photo Express 4.0 SE\CalCheck.exe O4 - Global Startup: SDSScheduler.lnk = C:\Programmi\Siemens Data Suite SX1\SDS\SDSScheduler.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0\bin\npjpi160.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0\bin\npjpi160.dll O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Programmi\Yahoo!\Messenger\yhexbmes0521.dll O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Programmi\Yahoo!\Messenger\yhexbmes0521.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Programmi\Internet Explorer\Plugins\NPDocBox.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\ O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Programmi\iPod\bin\iPodService.exe O23 - Service: Prevx Agent (PREVXAgent) - Unknown owner - C:\Programmi\Prevx1\PXAgent.exe" -f (file missing) O23 - Service: Virit eXplorer Lite (viritsvclite) - TG Soft Sas www.tgsoft.it - C:\VEXPLITE\viritsvc.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe ------------------------------------------------------
- March 8, 2007
- 9 risposte
Sparito Ogni Sorta Di Elenco Dal Pc

slimmy_sx1 ha aggiunto un topic in HiJackThis - Posta qui i Log

ragazzi mi è successa una cosa al quanto strana. è cominciato tutto da firefox, è sparito l'elenco dei preferiti e tutte le altre impostazioni, quando provo a cancellare la cronologia nn me lo fa fare, e se provo ad aggiungere una pagina nei sengalibri nn me lo fa fare, si sn cancellate anche tutte la password eccetera, poi il secondo a subire questa cosa è stato emule, anche se avevo dei download incompleti non risulatano piu essere presenti nella chermata di download anche se su temp i file esistono ancora e nn sono completi!..e ultima cosa, e anche l'unica che mi ha dato più problemi di tutti, è che si è cancellato tutto su i-tunes,dalle playlist alla libreria, e molte di quei file nn posso piu ricaricarceli dentro.. io sn fermamente convinto che le cose sparite ci siano ancora da qulache parte,senno nn mi spiego il xke nn me ne faccia aggiungere di nuove... vi posto il log ragazzi, sn nelle vostre abilissime mani... :sigh: Logfile of HijackThis v1.99.1 Scan saved at 21.31.19, on 08/03/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\WINDOWS\System32\svchost.exe C:\VEXPLITE\viritsvc.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wuauclt.exe C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\system32\RunDll32.exe C:\WINDOWS\system32\rundll32.exe C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe C:\Programmi\File comuni\Real\Update_OB\realsched.exe C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe C:\Programmi\iTunes\iTunesHelper.exe C:\Programmi\QuickTime\qttask.exe C:\Programmi\iPod\bin\iPodService.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\VEXPLITE\MONLITE.EXE C:\Programmi\MessengerPlus! 3\MsgPlus.exe C:\WINDOWS\system32\taskmgr.exe C:\Programmi\Ulead Systems2\Ulead Photo Express 4.0 SE\CalCheck.exe C:\Programmi\MSN Messenger\msnmsgr.exe C:\Programmi\MSN Messenger\usnsvc.exe C:\Programmi\eMule\eMule0.47a\eMule\eMule\eMule.exe C:\Programmi\Mozilla Firefox\firefox.exe C:\tools\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tgsoft.it/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://sib1.od2.com/common/Product/Product...no=OD2DI6107478 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: Malicious Scripts Scanner - {55EA1964-F5E4-4D6A-B9B2-125B37655FCB} - C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\Prevx\pxbho.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar O4 - HKLM\..\Run: [Zone Labs Client] C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [mRouterConfig for Siemens Data Suite SX1] C:\Programmi\Intuwave\Shared\mRouterRunTime\mRouterConfig.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [CloneCDTray] "C:\Programmi\CloneCD\CloneCDTray.exe" /s O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [PrevxOne] "C:\Programmi\Prevx1\PXConsole.exe" O4 - HKLM\..\Run: [VIRIT LITE MONITOR] C:\VEXPLITE\MONLITE.EXE O4 - HKLM\..\Run: [MessengerPlus3] "C:\Programmi\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\RunOnce: [Execute] C:\WINDOWS\System32\Tools\DelFolders.exe O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Programmi\Yahoo!\Messenger\ypager.exe" -quiet O4 - HKCU\..\Run: [MessengerPlus3] "C:\Programmi\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [msnmsgr] "C:\Programmi\MSN Messenger\msnmsgr.exe" /background O4 - Startup: Reboot.exe O4 - Global Startup: Controllo del Calendario di Ulead Photo Express.lnk = C:\Programmi\Ulead Systems2\Ulead Photo Express 4.0 SE\CalCheck.exe O4 - Global Startup: SDSScheduler.lnk = C:\Programmi\Siemens Data Suite SX1\SDS\SDSScheduler.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\npjpi150_06.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\npjpi150_06.dll O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Programmi\Yahoo!\Messenger\yhexbmes0521.dll O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Programmi\Yahoo!\Messenger\yhexbmes0521.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Programmi\Internet Explorer\Plugins\NPDocBox.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{665341F8-0AC9-43C2-8545-BB90A3DFB023}: NameServer = 85.37.17.41 85.38.28.83 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - AppInit_DLLs: O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\ O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Programmi\iPod\bin\iPodService.exe O23 - Service: Prevx Agent (PREVXAgent) - Unknown owner - C:\Programmi\Prevx1\PXAgent.exe" -f (file missing) O23 - Service: Virit eXplorer Lite (viritsvclite) - TG Soft Sas www.tgsoft.it - C:\VEXPLITE\viritsvc.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
- March 8, 2007
- 9 risposte
Problemi Zone Alarm Vs Msn

slimmy_sx1 ha risposto a luigi1986 nel forum Firewall - Problemi e consigli d'uso

(B) ecco qui ragazzi! risolto tutto, veramente ultra efficenti!...posto il link dell altra conversazione nel caso servisse a qualcuno x dare un occhio, nn si sa che ness capiti nelle mie situazioni hihihihi, anche se credo sarà ben difficile ecco il link : http://forum.wininizio.it/index.php?showtopic=57453
- January 16, 2007
- 12 risposte

Accedi

slimmy_sx1

Numero contenuti

Iscritto

Ultima visita

Su slimmy_sx1

Contact Methods

Profile Information

Problema Browser E Pc Lenti

5 Trojan Rilevati Con Kaspersky

Vista - Rilevato Trojan, Non Riesco A Levarlo

Vista - Rilevato Trojan, Non Riesco A Levarlo

Vista - Rilevato Trojan, Non Riesco A Levarlo

Vista - Rilevato Trojan, Non Riesco A Levarlo

Vista - Rilevato Trojan, Non Riesco A Levarlo

Se Voi Doveste Scegliere Una Console

Come Connettere Psp Ad Internet?

Sparito Ogni Sorta Di Elenco Dal Pc

Sparito Ogni Sorta Di Elenco Dal Pc

Sparito Ogni Sorta Di Elenco Dal Pc

Sparito Ogni Sorta Di Elenco Dal Pc

Sparito Ogni Sorta Di Elenco Dal Pc

Problemi Zone Alarm Vs Msn

Sezioni principali

Attività