Punto informatico Network
Login Esegui login | Non sei registrato? Iscriviti ora (è gratuito!)
Username: Password:
  • Annuncio Pubblicitario

Controlo Log

Un virus si è intromesso nel tuo computer? Vuoi navigare in tutta sicurezza? Sono sicure le transazione online? Come impedire a malintenzionati di intromettersi nel tuo pc? Come proteggere i tuoi dati? Qui trovi le risposte a queste ed altre domande

Rispondi al messaggio

Controlo Log

Messaggioda wolly76 » lun ott 05, 2009 9:03 am

Buongiorno,
Perfavore qualcuno può darmi un occhiata al log di hijack il pc si comporta in modo strano...
Cerco di spiegarmi, mentre sono su internet è come se il browser passi in secondo piano e per poter continuare a scrivere o a fare qualsiasi altra azione devo cliccare sulla pagina...

Logfile of HijackThis v1.99.1
Scan saved at 10.04.33, on 05/10/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Programmi\a-squared Free\a2service.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Programmi\Blues2002\BluesServiceHost.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\Microsoft Private Folder 1.0\PrfldSvc.exe
C:\WINDOWS\system32\slserv.exe
C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\UTSCSI.EXE
C:\WINDOWS\Explorer.EXE
C:\Programmi\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programmi\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\Programmi\Java\jre6\bin\jusched.exe
C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe
C:\Programmi\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\PeerGuardian2\pg2.exe
C:\Programmi\DAEMON Tools Lite\daemon.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\Programmi\Blues2002\Bminer.exe
C:\Programmi\Blues2002\Bluesrec1\BRec2000.exe
C:\Programmi\3M\PSNLite\PsnLite.exe
C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\PROGRA~1\3M\PSNLite\PSNGive.exe
C:\Programmi\FreePOPs\freepopsd.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Programmi\Malwarebytes' Anti-Malware\mbam.exe
C:\Documents and Settings\Administrator\Desktop\vIRUS\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.compaq.com/1Q00CDT/0410/bl8.asp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.napoli.aci.it/typo3/index.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.compaq.com/1Q00CDT/0410/bl8.asp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe
O4 - HKLM\..\Run: [SetRefresh] C:\Programmi\Compaq\SetRefresh\SetRefresh.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Programmi\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Programmi\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [MbWzdFPAP-EXL540] G:\PdtGuide.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Programmi\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programmi\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PeerGuardian] C:\Programmi\PeerGuardian2\pg2.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programmi\DAEMON Tools Lite\daemon.exe" -autorun
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
O4 - Global Startup: Avvio veloce di Adobe Acrobat.lnk = ?
O4 - Global Startup: Blue's Miner 2002.lnk = C:\Programmi\Blues2002\Bminer.exe
O4 - Global Startup: Blue's Recorder COM1.lnk = C:\Programmi\Blues2002\Bluesrec1\BRec2000.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Programmi\3M\PSNLite\PsnLite.exe
O8 - Extra context menu item: Aggiungi a PDF esistente - res://C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Converti destinazione link in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti destinazione link in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Converti i link selezionati in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Converti i link selezionati in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Converti in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti selezione in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti selezione in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Crea preferito portatile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partne ... nicode.cab
O16 - DPF: {7B133798-FAA8-4A7E-950D-BEB35D3363AF} (LinksysViewer Control) - http://88.45.124.189/LinksysViewer.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/A ... tPkMSN.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{80BDCF78-1AD9-4CD2-97C2-5FDC2712F9B7}: NameServer = 212.216.112.112,212.216.172.62
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - igfxsrvc.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Programmi\a-squared Free\a2service.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Programmi\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Blue's Service Host - TELCEN - C:\Programmi\Blues2002\BluesServiceHost.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Programmi\Java\jre6\bin\jqs.exe" -service -config "C:\Programmi\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Programmi\File comuni\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Private Folder Service (prfldsvc) - Unknown owner - C:\Programmi\Microsoft Private Folder 1.0\PrfldSvc.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: USBest Service Zero (UTSCSI) - USBest - C:\WINDOWS\system32\UTSCSI.EXE


Piccolo aggiornamento: Il difetto me lo fa con qualsiasi programma aperto, ad esempio con word mentre scrivo un documento mi ritrovo a battere i tasti a vuoto perché non scrive nulla e devo clicccare sulla pagina, è come se entrasse in funzione un altro programma ...boh
Grazie a chi mi aiuterà [^]
"Se le auto funzionassero come i software, si bloccherebbero due volte al giorno senza motivo e l'unica soluzione sarebbe reinstallare il motore"
Avatar utente
wolly76
Senior Member
Senior Member
 
Messaggi: 354
Iscritto il: gio gen 04, 2007 2:54 pm
Località: C:\WINDOWS
Top

Re: Controlo Log

Messaggioda TheHacker66 » lun ott 05, 2009 3:32 pm

Dal log non si nota nulla di strano, prova comunque ad effettuale una scansione con Combofix, per escludere ogni possibilità di software nocivo. Posta poi il log che trovi in C:\Combofix.txt
RICORDATE: GOOGLARE NON E' UN REATO! E NON LO E' NEANCHE CERCARE SUL FORUM PRIMA DI POSTARE!
Avatar utente
TheHacker66
Bronze Member
Bronze Member
 
Messaggi: 806
Iscritto il: dom nov 19, 2006 8:22 pm
Località: Milano
Top

Re: Controlo Log

Messaggioda wolly76 » mar ott 06, 2009 7:54 am

Eccolo, grazie dell'aiuto

ComboFix 09-10-04.01 - Administrator 06/10/2009 8.38.16.1.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.39.1040.18.503.186 [GMT 2:00]
Eseguito da: c:\documents and settings\Administrator\Desktop\downmozilla\ComboFix.exe
AV: Avira AntiVir PersonalEdition *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Administrator\Dati applicazioni\inst.exe
c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\gnvgohof.dat
c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\gnvgohof_nav.dat
c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\gnvgohof_navps.dat
c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\lkifgdb.dat
c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\lkifgdb_nav.dat
c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\lkifgdb_navps.dat
c:\recycler\S-1-5-21-2220740610-3187427591-2182390518-500
c:\recycler\S-1-5-21-2564879234-204939492-3887128164-1006
c:\windows\system32\osisepeg.ini
c:\windows\system32\protect.dll

.
((((((((((((((((((((((((( Files Creati Da 2009-09-06 al 2009-10-06 )))))))))))))))))))))))))))))))))))
.

30045-06-01 04:58 . 30045-06-01 04:58 3120 ----a-w- c:\windows\system32\BRecPro.dll
2009-09-25 10:32 . 2009-09-25 10:32 -------- d-----w- c:\programmi\Defraggler
2009-09-21 06:29 . 2009-09-21 06:29 -------- d-sh--w- c:\documents and settings\Administrator\IECompatCache
2009-09-16 15:35 . 2009-09-16 15:35 -------- d-sh--w- c:\documents and settings\citarella\PrivacIE
2009-09-16 15:32 . 2009-09-16 15:32 -------- d-sh--w- c:\documents and settings\citarella\IETldCache
2009-09-16 10:01 . 2009-10-05 13:57 -------- d-----w- c:\documents and settings\Administrator\Tracing
2009-09-16 09:58 . 2009-09-16 09:58 -------- d-----w- c:\programmi\Windows Live SkyDrive
2009-09-16 09:58 . 2009-09-16 09:58 -------- d-----w- c:\programmi\Windows Live
2009-09-16 09:55 . 2009-09-16 09:55 -------- d-----w- c:\programmi\File comuni\Windows Live

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-06 06:51 . 2006-05-17 13:19 -------- d-----w- c:\programmi\Blues2002
2009-10-06 06:50 . 2008-02-28 15:02 -------- d-----w- c:\programmi\PeerGuardian2
2009-10-05 10:34 . 2008-06-30 06:50 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\mIRC
2009-10-05 10:30 . 2008-06-30 06:50 -------- d-----w- c:\programmi\mIRC
2009-10-05 08:03 . 2009-02-25 09:34 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2009-10-01 08:12 . 2008-01-18 11:24 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Azureus
2009-09-16 10:00 . 2006-05-11 13:15 25736 -c--a-w- c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2009-09-16 09:59 . 2007-03-01 09:06 -------- d-----w- c:\programmi\Microsoft
2009-09-11 14:18 . 2008-02-27 11:14 -------- d-----w- c:\programmi\CCleaner
2009-09-11 06:11 . 2009-02-21 09:48 -------- d-----w- c:\programmi\Microsoft Silverlight
2009-09-10 12:54 . 2009-02-25 09:34 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-10 12:53 . 2009-02-25 09:34 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-09-03 14:16 . 2009-09-03 13:49 -------- d-----w- c:\programmi\Rhinoceros 4.0
2009-09-03 13:59 . 2009-09-03 13:51 -------- d-----w- c:\programmi\File comuni\McNeel Shared
2009-09-03 13:59 . 2009-09-03 13:50 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\McNeel
2009-09-01 12:03 . 2008-12-03 09:49 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Thinstall
2009-08-27 06:33 . 2006-05-11 20:20 -------- d-----w- c:\programmi\Java
2009-08-24 07:28 . 2009-08-24 07:28 -------- d-----w- c:\programmi\Live-Player
2009-08-24 07:28 . 2009-08-24 07:28 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\live-player
2009-08-07 14:09 . 2008-11-19 10:01 -------- d-----w- c:\programmi\MVM 2005 - Imperivm - Le Grandi Battaglie di Roma
2009-08-06 17:24 . 2004-08-19 02:00 327896 ----a-w- c:\windows\system32\wucltui.dll
2009-08-06 17:24 . 2004-08-19 02:00 209632 ----a-w- c:\windows\system32\wuweb.dll
2009-08-06 17:24 . 2005-05-26 02:16 44768 ----a-w- c:\windows\system32\wups2.dll
2009-08-06 17:24 . 2004-08-19 02:00 35552 ----a-w- c:\windows\system32\wups.dll
2009-08-06 17:24 . 2004-08-19 02:00 53472 ----a-w- c:\windows\system32\wuauclt.exe
2009-08-06 17:24 . 2004-08-19 02:00 96480 ----a-w- c:\windows\system32\cdm.dll
2009-08-06 17:23 . 2004-08-19 02:00 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-08-06 17:23 . 2009-02-23 07:09 274288 ----a-w- c:\windows\system32\mucltui.dll
2009-08-06 17:23 . 2009-02-23 07:09 215920 ----a-w- c:\windows\system32\muweb.dll
2009-08-06 17:23 . 2004-08-19 02:00 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-08-05 09:05 . 2004-08-19 02:00 205312 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-03 13:07 . 2009-08-03 13:07 403816 ----a-w- c:\windows\system32\OGACheckControl.dll
2009-08-03 13:07 . 2009-08-03 13:07 322928 ----a-w- c:\windows\system32\OGAAddin.dll
2009-08-03 13:07 . 2009-08-03 13:07 230768 ----a-w- c:\windows\system32\OGAEXEC.exe
2009-08-03 11:55 . 2004-08-27 10:25 447566 ----a-w- c:\windows\system32\perfh010.dat
2009-08-03 11:55 . 2004-08-27 10:25 73414 ----a-w- c:\windows\system32\perfc010.dat
2009-07-26 14:44 . 2009-07-26 14:44 48448 ----a-w- c:\windows\system32\sirenacm.dll
2009-07-25 03:23 . 2008-11-28 09:45 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-07-17 18:56 . 2004-08-19 02:00 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-13 00:18 . 2004-08-19 02:00 233472 ----a-w- c:\windows\system32\wmpdxm.dll
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\programmi\File comuni\Ahead\lib\NMBgMonitor.exe" [2005-09-03 94208]
"H/PC Connection Agent"="c:\programmi\Microsoft ActiveSync\wcescomm.exe" [2005-08-05 1200128]
"PeerGuardian"="c:\programmi\PeerGuardian2\pg2.exe" [2005-09-18 1421824]
"DAEMON Tools Lite"="c:\programmi\DAEMON Tools Lite\daemon.exe" [2008-08-08 490952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"srmclean"="c:\cpqs\Scom\srmclean.exe" [2001-07-24 36864]
"SetRefresh"="c:\programmi\Compaq\SetRefresh\SetRefresh.exe" [2003-11-06 524800]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"PinnacleDriverCheck"="c:\windows\system32\PSDrvCheck.exe" [2003-11-10 406016]
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 39792]
"QuickTime Task"="c:\programmi\QuickTime\qttask.exe" [2007-10-19 286720]
"avgnt"="c:\programmi\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-07-18 266497]
"Acrobat Assistant 8.0"="c:\programmi\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2006-10-22 620152]
"TkBellExe"="c:\programmi\File comuni\Real\Update_OB\realsched.exe" [2008-10-15 185872]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2009-07-25 149280]
"Malwarebytes Anti-Malware (reboot)"="c:\programmi\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-19 15360]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Adobe Reader Synchronizer.lnk - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe [2006-10-23 734872]
Avvio veloce di Adobe Acrobat.lnk - c:\windows\Installer\{AC76BA86-1040-7D00-7760-000000000003}\_SC_Acrobat.exe [2007-12-15 295606]
Blue's Miner 2002.lnk - c:\programmi\Blues2002\Bminer.exe [2006-5-17 262144]
Blue's Recorder COM1.lnk - c:\programmi\Blues2002\Bluesrec1\BRec2000.exe [2006-5-17 135168]
Microsoft Office.lnk - c:\programmi\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
Post-it© Software Notes Lite.lnk - c:\programmi\3M\PSNLite\PsnLite.exe [2004-10-15 2080768]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0autocheck c:\docume~1\ALLUSE~1\DATIAP~1\SPYWAR~1\sp_rsdel.exe \??\c:\docume~1\ALLUSE~1\DATIAP~1\SPYWAR~1\sp_rsdel.dat

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\programmi\Microsoft ActiveSync\rapimgr.exe"= c:\programmi\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\programmi\Microsoft ActiveSync\wcescomm.exe"= c:\programmi\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\programmi\Microsoft ActiveSync\WCESMgr.exe"= c:\programmi\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Programmi\\IPXSAEMANAGER401\\IPXSAEMANAGER401\\IPXSAEMANAGER401.exe"=
"c:\\Programmi\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\fxsclnt.exe"=
"c:\\Programmi\\Azureus\\Azureus.exe"=
"c:\\Programmi\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"=
"c:\\Programmi\\TVUPlayer\\TVUPlayer.exe"=
"c:\\Programmi\\uTorrent\\uTorrent.exe"=
"c:\\Programmi\\mIRC\\mirc.exe"=
"c:\\Documents and Settings\\Administrator\\temp\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\Programmi\\Avira\\AntiVir PersonalEdition Classic\\guardgui.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R2 Blue's Service Host;Blue's Service Host;c:\programmi\Blues2002\BluesServiceHost.exe [12/02/2008 17.48.33 131072]
R2 Prvflder;Prvflder;c:\windows\system32\drivers\prvflder.sys [21/04/2006 8.22.24 70912]
R3 WDMWANMP;NDIS WAN miniport;c:\windows\system32\drivers\wdmwanmp.sys [22/04/2001 17.41.42 25817]
S1 PinnacleMicroTV;Pinnacle Systems MicroTV Device;c:\windows\system32\drivers\MicroTV.sys [22/06/2006 8.27.19 114048]
S3 ISDN_u;ISDN USB CAPI;c:\windows\system32\drivers\ISDN_u.sys [07/03/2002 11.21.22 590080]
S3 Slnt7554;USB Soft Modem Driver;c:\windows\system32\drivers\slnt7554.sys [10/07/2006 14.19.14 129535]

--- Altri Servizi/Drivers In Memoria ---

*NewlyCreated* - PGFILTER

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contenuto della cartella 'Scheduled Tasks'

2009-10-03 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

2009-10-06 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAEXEC.exe [2009-08-03 13:07]

2006-05-11 c:\windows\Tasks\Symantec NetDetect.job
- c:\programmi\Symantec\LiveUpdate\NDETECT.EXE [2006-05-11 13:19]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it
mSearch Bar = hxxp://go.compaq.com/1Q00CDT/0410/bl8.asp
uInternet Connection Wizard,ShellNext = iexplore
IE: Aggiungi a PDF esistente - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Converti destinazione link in Adobe PDF - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Converti destinazione link in file PDF esistente - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Converti i link selezionati in Adobe PDF - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Converti i link selezionati in file PDF esistente - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Converti in Adobe PDF - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Converti selezione in Adobe PDF - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Converti selezione in file PDF esistente - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
TCP: {80BDCF78-1AD9-4CD2-97C2-5FDC2712F9B7} = 212.216.112.112,212.216.172.62
DPF: {7B133798-FAA8-4A7E-950D-BEB35D3363AF} - hxxp://88.45.124.189/LinksysViewer.cab
FF - ProfilePath - c:\documents and settings\Administrator\Dati applicazioni\Mozilla\Firefox\Profiles\cfm9xf8t.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.google.it
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\documents and settings\All Users\Dati applicazioni\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: c:\program files\Real\RealPlayer\Netscape6\nppl3260.dll
FF - plugin: c:\program files\Real\RealPlayer\Netscape6\nprjplug.dll
FF - plugin: c:\program files\Real\RealPlayer\Netscape6\nprpjplug.dll
FF - plugin: c:\programmi\Mozilla Firefox\plugins\npzylomgamesplayer.dll
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

HKLM-Run-MbWzdFPAP-EXL540 - G:\PdtGuide.exe
HKLM-Run-NWEReboot - (no file)
AddRemove-lkifgdb - c:\documents and settings\administrator\impostazioni locali\dati applicazioni\lkifgdb.exe
AddRemove-Peggle Deluxe - c:\programmi\Zylom Games\Peggle Deluxe\GameInstlr.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-06 08:49
Windows 5.1.2600 Service Pack 2 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_USERS\S-1-5-21-2564879234-204939492-3887128164-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d6,83,bb,e8,a4,05,70,4d,af,62,59,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d6,83,bb,e8,a4,05,70,4d,af,62,59,\

[HKEY_USERS\S-1-5-21-2564879234-204939492-3887128164-500\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-2564879234-204939492-3887128164-500\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\ActiveSync]
"Name"="ActiveSync"
"DisplayName"="Microsoft ActiveSync"
"Param1"="ActiveSync"
"Type"="wellknown"
"Order"=dword:00000001
"State"=dword:0000000b

[HKEY_USERS\S-1-5-21-2564879234-204939492-3887128164-500\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\IESettings]
"Name"="IESettings"
"Type"="IESettings"
"Order"=dword:00000004
"State"=dword:0000000b

[HKEY_USERS\S-1-5-21-2564879234-204939492-3887128164-500\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\MediaFiles]
"Name"="MediaFiles"
"Type"="MediaFiles"
"Order"=dword:00000003
"State"=dword:0000000b

[HKEY_USERS\S-1-5-21-2564879234-204939492-3887128164-500\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\NPW]
"Name"="NPW"
"Param1"="NPW"
"Type"="wellknown"
"Order"=dword:00000002
"State"=dword:0000000b

[HKEY_USERS\S-1-5-21-2564879234-204939492-3887128164-500\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\Outlook]
"Name"="Outlook"
"DisplayName"="Microsoft Outlook"
"Param1"="Outlook"
"Type"="wellknown"
"Order"=dword:00000000
"State"=dword:00000020

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"cd042efbbd7f7af1647644e76e06692b"=hex:c8,28,51,af,b0,29,a3,98,ba,ff,ee,41,60,
93,2e,9f,e2,63,26,f1,3f,c8,ff,68,13,a7,17,98,54,0d,ff,3b,e2,63,26,f1,3f,c8,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"bca643cdc5c2726b20d2ecedcc62c59b"=hex:71,3b,04,66,8b,46,0d,96,c2,5e,93,4e,56,
0d,50,07,6a,9c,d6,61,af,45,84,18,23,a6,04,73,f5,e0,c7,74,6a,9c,d6,61,af,45,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2c81e34222e8052573023a60d06dd016"=hex:7a,45,05,fd,91,e8,6f,31,cd,58,2e,c0,5a,
8b,c0,98,ff,7c,85,e0,43,d4,0e,fe,29,74,3b,03,16,83,96,5e,ff,7c,85,e0,43,d4,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2582ae41fb52324423be06337561aa48"=hex:3e,1e,9e,e0,57,5a,93,61,dd,e6,3b,e9,dc,
21,7b,98,86,8c,21,01,be,91,eb,e7,ee,e8,93,42,d3,f7,93,89,86,8c,21,01,be,91,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"caaeda5fd7a9ed7697d9686d4b818472"=hex:f5,1d,4d,73,a8,13,5c,05,e1,5f,21,4a,5a,
f7,36,3a,f5,1d,4d,73,a8,13,5c,05,bc,c3,96,7a,c2,9c,8c,bd,f5,1d,4d,73,a8,13,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:b0,18,ed,a7,3f,8d,37,a4,1f,45,c3,50,9b,
ee,6e,97,df,20,58,62,78,6b,cf,c8,dc,9c,39,c7,03,8d,79,0f,df,20,58,62,78,6b,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"4d370831d2c43cd13623e232fed27b7b"=hex:31,77,e1,ba,b1,f8,68,02,4a,4d,68,d5,a8,
fa,57,74,fb,a7,78,e6,12,2f,9a,ea,75,10,45,3a,a4,96,12,2c,fb,a7,78,e6,12,2f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1d68fe701cdea33e477eb204b76f993d"=hex:01,3a,48,fc,e8,04,4a,f1,10,44,d2,c7,fb,
65,fe,05,01,3a,48,fc,e8,04,4a,f1,4f,7c,55,07,89,80,55,d6,01,3a,48,fc,e8,04,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1fac81b91d8e3c5aa4b0a51804d844a3"=hex:f6,0f,4e,58,98,5b,89,c9,31,a9,a3,c3,7c,
03,38,bc,f6,0f,4e,58,98,5b,89,c9,eb,d6,d4,55,15,cb,d0,e1,f6,0f,4e,58,98,5b,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"f5f62a6129303efb32fbe080bb27835b"=hex:b1,cd,45,5a,a8,c4,f8,b9,14,52,42,fd,84,
80,15,84,3d,ce,ea,26,2d,45,aa,78,24,4e,9d,74,fe,be,1d,6b,3d,ce,ea,26,2d,45,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:e3,0e,66,d5,eb,bc,2f,6b,0b,66,aa,92,76,
9f,1c,3f,2a,b7,cc,b5,b9,7f,41,e7,75,81,b5,f5,94,96,86,a5,2a,b7,cc,b5,b9,7f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"8a8aec57dd6508a385616fbc86791ec2"=hex:05,73,21,dd,54,d8,4a,c5,6e,bf,f1,83,8a,
e9,64,0f,6c,43,2d,1e,aa,22,2f,9c,51,af,84,57,0b,f6,7a,5e,6c,43,2d,1e,aa,22,\
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'explorer.exe'(2640)
c:\windows\system32\WININET.dll
c:\programmi\Microsoft Private Folder 1.0\ShellExt.dll
c:\windows\system32\PFLib.dll
c:\programmi\Microsoft Office\Office10\msohev.dll
c:\windows\system32\webcheck.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\programmi\Avira\AntiVir PersonalEdition Classic\avguard.exe
c:\programmi\a-squared Free\a2service.exe
c:\programmi\Avira\AntiVir PersonalEdition Classic\sched.exe
c:\programmi\Java\jre6\bin\jqs.exe
c:\programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
c:\windows\system32\UTSCSI.EXE
c:\progra~1\MICROS~3\rapimgr.exe
c:\progra~1\3M\PSNLite\PSNGive.exe
c:\programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
.
**************************************************************************
.
Ora fine scansione: 2009-10-06 8.56.58 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2009-10-06 06:56

Pre-Run: 4.856.016.896 byte disponibili
Post-Run: 4.788.383.744 byte disponibili

318 --- E O F --- 2009-10-02 06:16
"Se le auto funzionassero come i software, si bloccherebbero due volte al giorno senza motivo e l'unica soluzione sarebbe reinstallare il motore"
Avatar utente
wolly76
Senior Member
Senior Member
 
Messaggi: 354
Iscritto il: gio gen 04, 2007 2:54 pm
Località: C:\WINDOWS
Top
Top

Re: Controlo Log

Messaggioda crazy.cat » mar ott 06, 2009 8:37 am

Alcune cose sono state rimosse come va adesso?
Quando i molti governano, pensano solo a contentar sé stessi, si ha allora la tirannia più balorda e più odiosa: la tirannia mascherata da libertà.
Avatar utente
crazy.cat
MLI Hero
MLI Hero
 
Messaggi: 30959
Iscritto il: lun gen 12, 2004 1:38 pm
Località: Mestre
Top

Re: Controlo Log

Messaggioda wolly76 » mar ott 06, 2009 9:04 am

Non mi fa + il difetto di prima per fortuna, ma che cosa ha rimosso???
erano malware?
"Se le auto funzionassero come i software, si bloccherebbero due volte al giorno senza motivo e l'unica soluzione sarebbe reinstallare il motore"
Avatar utente
wolly76
Senior Member
Senior Member
 
Messaggi: 354
Iscritto il: gio gen 04, 2007 2:54 pm
Località: C:\WINDOWS
Top

Re: Controlo Log

Messaggioda crazy.cat » mar ott 06, 2009 10:07 am

Queste sono le rimozioni:

c:\documents and settings\Administrator\Dati applicazioni\inst.exe
c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\gnvgohof.dat
c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\gnvgohof_nav.dat
c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\gnvgohof_navps.dat
c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\lkifgdb.dat
c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\lkifgdb_nav.dat
c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\lkifgdb_navps.dat
c:\recycler\S-1-5-21-2220740610-3187427591-2182390518-500
c:\recycler\S-1-5-21-2564879234-204939492-3887128164-1006
c:\windows\system32\osisepeg.ini
c:\windows\system32\protect.dll
Quando i molti governano, pensano solo a contentar sé stessi, si ha allora la tirannia più balorda e più odiosa: la tirannia mascherata da libertà.
Avatar utente
crazy.cat
MLI Hero
MLI Hero
 
Messaggi: 30959
Iscritto il: lun gen 12, 2004 1:38 pm
Località: Mestre
Top
Rispondi al messaggio

Torna a Sicurezza

Chi c’è in linea

Visitano il forum: Nessuno e 14 ospiti

cron
Powered by phpBB © 2002, 2005, 2007, 2008 phpBB Group
Traduzione Italiana phpBB.it

megalab.it: testata telematica quotidiana registrata al Tribunale di Cosenza n. 22/09 del 13.08.2009, editore Master New Media S.r.l.; © Copyright 2008 Master New Media S.r.l. a socio unico - P.I. 02947530784. GRUPPO EDIZIONI MASTER Spa Tutti i diritti sono riservati. Per la pubblicità: Master Advertising