www.MegaLab.it

da **Sweetol** » mer set 17, 2008 4:46 pm

salve a tutti, pulizzia periodica del pc :) e quindi periodicamente torno a chiedere il vostro aiuto [cry]

che finora non mi avete mai negato, spero neanche stavolta [sh]

antivir mi ha segnalato qualche piccolo virus, sto procedendo alla scansione con kaspersky online e vi posto il log. devo usare qualche altro programma?

grazie mille del supporto<!

da **TheHacker66** » mer set 17, 2008 4:52 pm

Ciao, se postassi anche un log di HJT non sarebbe male...

[OT] Pulizia periodica = virus periodici?? [uhm]

[/OT]

da **Sweetol** » mer set 17, 2008 5:21 pm

ok, sarà fatto [:)]

ti sarebbe utile il log di gmer e avenger?

no no virus nuovi [std]

o almeno penso [8)]

da **TheHacker66** » mer set 17, 2008 5:23 pm

perché no.. iniziamo con uno alla volta però! [;)]

da **Sweetol** » gio set 18, 2008 12:45 pm

allora, kaspersky online nn ha dato nemmeno un warning, pulito pulito. poi ho effettuato una scansione con antivir ed ha trovato un trojan quelli in A0005445 tipo, nn so se ho reso l'idea, comunque antivir l'ha cancellato ed alla successiva scansione nn ha trovato nulla ma continua a dare questi warning (non so se è normale):

Master boot sector HD1
[INFO] No virus was found!
[WARNING] System error [21]: Periferica non pronta.

C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Programmi\ATK Hotkey\HControl.exe
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\atapi.sys
[WARNING] The file could not be opened!

dopo ho fatto la scansione con hijackthis, ecco il log:
http://www.megaupload.com/it/?d=PF3KR3LD

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13.24.53, on 18/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Programmi\Apache Software Foundation\Apache2.2\bin\httpd.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
C:\Programmi\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\StkCSrv.exe
C:\Programmi\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Programmi\Apache Software Foundation\Apache2.2\bin\httpd.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programmi\Motorola\SMSERIAL\sm56hlpr.exe
C:\Programmi\ATK Hotkey\Hcontrol.exe
C:\Programmi\ASUS\ATK Media\DMEDIA.EXE
C:\Programmi\ATKOSD2\ATKOSD2.exe
C:\Programmi\ASUS\Power4 Gear\BatteryLife.exe
C:\Programmi\ASUS\Splendid\ACMON.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\Programmi\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\ASUSTPE.exe
C:\WINDOWS\system32\ACEngSvr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Programmi\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe
C:\Programmi\SpeedFan\speedfan.exe
C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Programmi\ATK Hotkey\ATKOSD.exe
C:\Programmi\ATK Hotkey\WDC.exe
C:\Programmi\BitComet\BitComet.exe
C:\Programmi\Windows Live\Messenger\msnmsgr.exe
C:\Programmi\Windows Live\Messenger\usnsvc.exe
C:\Programmi\eMule0.49b\emule.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Programmi\BitComet\tools\BitCometBHO_1.2.6.26.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [avgnt] "C:\Programmi\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SMSERIAL] C:\Programmi\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [ATKHOTKEY] "C:\Programmi\ATK Hotkey\Hcontrol.exe"
O4 - HKLM\..\Run: [ATKMEDIA] C:\Programmi\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [ATKOSD2] "C:\Programmi\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [Power_Gear] C:\Programmi\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [ACMON] "C:\Programmi\ASUS\Splendid\ACMON.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Programmi\Winamp\winampa.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [ASUSTPE] C:\WINDOWS\system32\ASUSTPE.exe
O4 - HKCU\..\Run: [StartCCC] C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: SpeedFan.lnk = C:\Programmi\SpeedFan\speedfan.exe
O4 - Global Startup: Monitor Apache Servers.lnk = C:\Programmi\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Scarica tutti i video usando BitComet - res://C:\Programmi\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Scarica tutto usando BitComet - res://C:\Programmi\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Scarica usando &BitComet - res://C:\Programmi\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Programmi\BitComet\tools\BitCometBHO_1.2.6.26.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 9738735632
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://vitopazzo.spaces.live.com/PhotoU ... nPUpld.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D350B8D4-E56A-4703-95D6-AC1036BA2ACB}: NameServer = 193.70.152.15,193.70.152.25
O23 - Service: Servizio di configurazione Atheros (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Programmi\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apache2.2 - Apache Software Foundation - C:\Programmi\Apache Software Foundation\Apache2.2\bin\httpd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: MATLAB Server (matlabserver) - Unknown owner - C:\Programmi\MATLAB6p5\webserver\bin\win32\matlabserver.exe
O23 - Service: MySQL - Unknown owner - C:\Programmi\MySQL\MySQL.exe (file missing)
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\WINDOWS\System32\StkCSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Programmi\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

--
End of file - 7939 bytes

da **kap** » gio set 18, 2008 1:08 pm

Sweetol ha scritto:dopo ho fatto la scansione con hijackthis, ecco il log:
http://www.megaupload.com/it/?d=PF3KR3LD

La prossima volta posta il log utilizzando il tag apposito.... [grazie]

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13.24.53, on 18/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Programmi\Apache Software Foundation\Apache2.2\bin\httpd.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
C:\Programmi\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\StkCSrv.exe
C:\Programmi\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Programmi\Apache Software Foundation\Apache2.2\bin\httpd.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programmi\Motorola\SMSERIAL\sm56hlpr.exe
C:\Programmi\ATK Hotkey\Hcontrol.exe
C:\Programmi\ASUS\ATK Media\DMEDIA.EXE
C:\Programmi\ATKOSD2\ATKOSD2.exe
C:\Programmi\ASUS\Power4 Gear\BatteryLife.exe
C:\Programmi\ASUS\Splendid\ACMON.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\Programmi\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\ASUSTPE.exe
C:\WINDOWS\system32\ACEngSvr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Programmi\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe
C:\Programmi\SpeedFan\speedfan.exe
C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Programmi\ATK Hotkey\ATKOSD.exe
C:\Programmi\ATK Hotkey\WDC.exe
C:\Programmi\BitComet\BitComet.exe
C:\Programmi\Windows Live\Messenger\msnmsgr.exe
C:\Programmi\Windows Live\Messenger\usnsvc.exe
C:\Programmi\eMule0.49b\emule.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Programmi\BitComet\tools\BitCometBHO_1.2.6.26.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [avgnt] "C:\Programmi\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SMSERIAL] C:\Programmi\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [ATKHOTKEY] "C:\Programmi\ATK Hotkey\Hcontrol.exe"
O4 - HKLM\..\Run: [ATKMEDIA] C:\Programmi\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [ATKOSD2] "C:\Programmi\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [Power_Gear] C:\Programmi\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [ACMON] "C:\Programmi\ASUS\Splendid\ACMON.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Programmi\Winamp\winampa.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [ASUSTPE] C:\WINDOWS\system32\ASUSTPE.exe
O4 - HKCU\..\Run: [StartCCC] C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: SpeedFan.lnk = C:\Programmi\SpeedFan\speedfan.exe
O4 - Global Startup: Monitor Apache Servers.lnk = C:\Programmi\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Scarica tutti i video usando BitComet - res://C:\Programmi\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Scarica tutto usando BitComet - res://C:\Programmi\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Scarica usando &BitComet - res://C:\Programmi\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Programmi\BitComet\tools\BitCometBHO_1.2.6.26.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 9738735632
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://vitopazzo.spaces.live.com/PhotoU ... nPUpld.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D350B8D4-E56A-4703-95D6-AC1036BA2ACB}: NameServer = 193.70.152.15,193.70.152.25
O23 - Service: Servizio di configurazione Atheros (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Programmi\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apache2.2 - Apache Software Foundation - C:\Programmi\Apache Software Foundation\Apache2.2\bin\httpd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: MATLAB Server (matlabserver) - Unknown owner - C:\Programmi\MATLAB6p5\webserver\bin\win32\matlabserver.exe
O23 - Service: MySQL - Unknown owner - C:\Programmi\MySQL\MySQL.exe (file missing)
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\WINDOWS\System32\StkCSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Programmi\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

--
End of file - 7939 bytes

da **Sweetol** » gio set 18, 2008 1:26 pm

a fantastico, ero rimasto indietro [bleh]

essia

da **ste_95** » gio set 18, 2008 1:33 pm

Il log è pulito, affidati ad Avira, che dormi sonni tranquilli. [^]

da **Sweetol** » gio set 18, 2008 2:04 pm

oh fantastico [^]

vi serve il log di gmer e/o the avenger?

da **ste_95** » gio set 18, 2008 2:17 pm

Sweetol ha scritto:oh fantastico

vi serve il log di gmer e/o the avenger?

Ripeto che, a mio parere, sei pulito così come sei.

da **Sweetol** » gio set 18, 2008 4:13 pm

fantastico allora. tutto ok grazie [:)]

ne approfitto per darvi il log del portatile di mia madre che ha un bel po di casini (dovevo farlo qualche mese fa ma nn sono stato in casa)

vi posto log di antivir (kaspersky nn posso perché nn sono autorizzato a collegarlo via internet) e log di hijackthis...forse qui è il caso di fare una scansione completa perché era enntrato un virus di quello che passa per le chiavette e altra roba strana..vi terrò aggiornati

grazie ancora [:)]

da **TheHacker66** » gio set 18, 2008 6:05 pm

Sarebbe meglio se aprissi un nuovo thread. [^]

www.MegaLab.it

pulizia periodica

pulizia periodica

Re: pulizia periodica

Re: pulizia periodica

Re: pulizia periodica

Re: pulizia periodica

Re: pulizia periodica

Re: pulizia periodica

Re: pulizia periodica

Re: pulizia periodica

Re: pulizia periodica

Re: pulizia periodica

Re: pulizia periodica

Chi c’è in linea