Login Esegui login | Non sei registrato? Iscriviti ora (è gratuito!)
Username: Password:
  • Annuncio Pubblicitario

2 BROWSER IGNORANO I MIEI LINK!

Un virus si è intromesso nel tuo computer? Vuoi navigare in tutta sicurezza? Sono sicure le transazione online? Come impedire a malintenzionati di intromettersi nel tuo pc? Come proteggere i tuoi dati? Qui trovi le risposte a queste ed altre domande

2 BROWSER IGNORANO I MIEI LINK!

Messaggioda erick ortiz » ven ott 29, 2010 6:58 pm

eperti confido i n voi ... allora da giorni mi succede che entrando in internet con google crome oppure firefox, e cercando delle pagine al momento che carica mi esce una pagina con contenuto bianco , e avg mi segnale un malware.. allora ho agg avg ogni 2 sec e non mi trova nulla.... ho riavviato in modalita provisioria e fatto partire malwarebytes e altri strumenti che ho ma non hanno trovato nulla tutto agg... la cosa pero non mi succede se uso safari... ecco un log..
Codice: Seleziona tutto
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:43:14, on 29/10/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18975)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Users\Administrator\AppData\Roaming\download2\svcnost.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Users\Administrator\AppData\Roaming\download2\svcnost.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\Safari\Safari.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [download] "C:\Users\Administrator\AppData\Roaming\download2\svcnost.exe"
O4 - HKLM\..\Run: [SbUsb AudCtrl] RunDll32 sbusbdll.dll,RCMonitor
O4 - HKLM\..\Run: [Creative SB Monitoring Utility] RunDll32 sbavmon.dll,SBAVMonitor
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [Google Update] "C:\Users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [engel] C:\Users\Administrator\AppData\Roaming\updates\updates.exe
O4 - HKCU\..\Run: [download] "C:\Users\Administrator\AppData\Roaming\download2\svcnost.exe"
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVIZIO DI RETE')
O4 - Startup: mousedriver.exe
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = linksys
O17 - HKLM\Software\..\Telephony: DomainName = linksys
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = linksys
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service:  Servizio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: RealtekUSB - Realtek - C:\Program Files\REALTEK\RTL8187 Wireless LAN Utility\RtlService.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: System Repair Windows Update Monitor (System_Repair_UpdateMonitor) - Lenovo Group Limited - C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe

--
End of file - 5581 bytes
Avatar utente
erick ortiz
Aficionado
Aficionado
 
Messaggi: 25
Iscritto il: mar nov 03, 2009 7:24 pm

Re: 2 BROWSER IGNORANO I MIEI LINK!

Messaggioda crazy.cat » ven ott 29, 2010 7:02 pm

Analizza questi due eseguibili sul sito di www.virustotal.com e vedi se sono dei virus.
O4 - HKLM\..\Run: [download] "C:\Users\Administrator\AppData\Roaming\download2\svcnost.exe"
O4 - HKCU\..\Run: [engel] C:\Users\Administrator\AppData\Roaming\updates\updates.exe
O4 - HKCU\..\Run: [download] "C:\Users\Administrator\AppData\Roaming\download2\svcnost.exe"

Dove avg ti segnala il virus?

Forse è ora di cambiare avg...
Quando i molti governano, pensano solo a contentar sé stessi, si ha allora la tirannia più balorda e più odiosa: la tirannia mascherata da libertà.
Avatar utente
crazy.cat
MLI Hero
MLI Hero
 
Messaggi: 30959
Iscritto il: lun gen 12, 2004 1:38 pm
Località: Mestre

Re: 2 BROWSER IGNORANO I MIEI LINK!

Messaggioda erick ortiz » ven ott 29, 2010 7:18 pm

allora ho messo il primo di quelli che mi hai mostrato ma mi fa uscere questa cosa;
    MD5: 4b2e5c23ab51bc55af1d0ca3ddce5e0c
    Date first seen: 2010-10-18 18:42:02 (UTC)
    Date last seen: 2010-10-21 04:24:27 (UTC)
    Detection ratio: 16/39

avg lo uso perche e gratis.. comunque mi segnala il virus su qualsiasi sito non un in particolare esempiuo sul sito delle poste da firefox esce questo;
Immagine

da notare dove mi ha rinderizzato su porno top cosa centra con poste.it
Avatar utente
erick ortiz
Aficionado
Aficionado
 
Messaggi: 25
Iscritto il: mar nov 03, 2009 7:24 pm


Re: 2 BROWSER IGNORANO I MIEI LINK!

Messaggioda comodoforever » ven ott 29, 2010 7:20 pm

come si chiama il malware?
Avatar utente
comodoforever
Senior Member
Senior Member
 
Messaggi: 233
Iscritto il: mar apr 06, 2010 6:11 pm

Re: 2 BROWSER IGNORANO I MIEI LINK!

Messaggioda crazy.cat » ven ott 29, 2010 7:24 pm

Comincia ad eliminare i due file che ti ho indicato, magari con unlocker se hai problemi a cancellarli.
Poi parti con scansione con malwarebytes e combofix, posta il log di questo dopo a scansione.

Anche avast o avira sono gratis e sono molto meglio di avg.
Comunque vedremo quanti virus avg si è lasciato passare poi deciderai cosa fare.
Quando i molti governano, pensano solo a contentar sé stessi, si ha allora la tirannia più balorda e più odiosa: la tirannia mascherata da libertà.
Avatar utente
crazy.cat
MLI Hero
MLI Hero
 
Messaggi: 30959
Iscritto il: lun gen 12, 2004 1:38 pm
Località: Mestre

Re: 2 BROWSER IGNORANO I MIEI LINK!

Messaggioda comodoforever » ven ott 29, 2010 7:25 pm

Allora vi sono tantissimi antivirus free hai una vasta scelta..
Avatar utente
comodoforever
Senior Member
Senior Member
 
Messaggi: 233
Iscritto il: mar apr 06, 2010 6:11 pm

Re: 2 BROWSER IGNORANO I MIEI LINK!

Messaggioda erick ortiz » ven ott 29, 2010 8:01 pm

ringrazio tutti per le risposte allora ho cancellato con unloker i due file mentre con combofix appena e partito mi ha dato error e si e spento il pc , non e la prima volta che lo provo ma sul mio pc non funziona,lo salvato con un altro nome, mentre di seguito il log di malware bytes
ps: appena risolvo cambio subito antivirus!!ditemmi il mogliore free e il migliore a pagamento?grazie

ecco il log di malwarebytes :
    Malwarebytes' Anti-Malware 1.46
    www.malwarebytes.org

    Versione database: 4052

    Windows 6.0.6002 Service Pack 2
    Internet Explorer 8.0.6001.18975

    29/10/2010 20:57:20
    mbam-log-2010-10-29 (20-57-20).txt

    Tipo di scansione: Scansione veloce
    Elementi esaminati: 119783
    Tempo trascorso: 7 minuti, 27 secondi

    Processi infetti in memoria: 0
    Moduli di memoria infetti: 0
    Chiavi di registro infette: 0
    Valori di registro infetti: 0
    Voci infette nei dati di registro: 0
    Cartelle infette: 0
    File infetti: 0

    Processi infetti in memoria:
    (Non sono stati rilevati elementi nocivi)

    Moduli di memoria infetti:
    (Non sono stati rilevati elementi nocivi)

    Chiavi di registro infette:
    (Non sono stati rilevati elementi nocivi)

    Valori di registro infetti:
    (Non sono stati rilevati elementi nocivi)

    Voci infette nei dati di registro:
    (Non sono stati rilevati elementi nocivi)

    Cartelle infette:
    (Non sono stati rilevati elementi nocivi)

    File infetti:
    (Non sono stati rilevati elementi nocivi)
Avatar utente
erick ortiz
Aficionado
Aficionado
 
Messaggi: 25
Iscritto il: mar nov 03, 2009 7:24 pm

Re: 2 BROWSER IGNORANO I MIEI LINK!

Messaggioda comodoforever » ven ott 29, 2010 8:03 pm

Free avira avast ed Comodo a pagamento Avira premium, Kaspersky
Avatar utente
comodoforever
Senior Member
Senior Member
 
Messaggi: 233
Iscritto il: mar apr 06, 2010 6:11 pm

Re: 2 BROWSER IGNORANO I MIEI LINK!

Messaggioda erick ortiz » ven ott 29, 2010 9:01 pm

grazie, allora cosa faccio??? ho eliminato i 2 file che mi sono stati detti ora pero resta il problema... [cry]
Avatar utente
erick ortiz
Aficionado
Aficionado
 
Messaggi: 25
Iscritto il: mar nov 03, 2009 7:24 pm

Re: 2 BROWSER IGNORANO I MIEI LINK!

Messaggioda crazy.cat » sab ott 30, 2010 5:15 am

con malwarebytes bisogna fare la scansione completa non la veloce.
Però prova ad usare prima questo cd http://www.MegaLab.it/3591/avira-antivir-rescue-system
Quando i molti governano, pensano solo a contentar sé stessi, si ha allora la tirannia più balorda e più odiosa: la tirannia mascherata da libertà.
Avatar utente
crazy.cat
MLI Hero
MLI Hero
 
Messaggi: 30959
Iscritto il: lun gen 12, 2004 1:38 pm
Località: Mestre

Re: 2 BROWSER IGNORANO I MIEI LINK!

Messaggioda FDAC » sab ott 30, 2010 2:27 pm

Ciao.
Posta un log di Malwarebytes AGGIORNATO, scansione Completa, e uno di Hijackthis
Avatar utente
FDAC
Rompiballe
Rompiballe
 
Messaggi: 750
Iscritto il: dom set 05, 2010 1:00 pm

Re: 2 BROWSER IGNORANO I MIEI LINK!

Messaggioda erick ortiz » sab ott 30, 2010 9:04 pm

@FDAC: ciao guarda in alto che ho postato il log di hijack, per malwarebytes sto aspettando da 3 ore che finisca per postare il log che mi ha chiesto anche CRAZY.CAT. intanto se mi puoi aiutare dai un occhiata in alto. grazie per i messaggi! =)
Avatar utente
erick ortiz
Aficionado
Aficionado
 
Messaggi: 25
Iscritto il: mar nov 03, 2009 7:24 pm

Re: 2 BROWSER IGNORANO I MIEI LINK!

Messaggioda erick ortiz » sab ott 30, 2010 10:26 pm

ecco il log di hijack completo
    Malwarebytes' Anti-Malware 1.46
    www.malwarebytes.org

    Versione database: 4052

    Windows 6.0.6002 Service Pack 2
    Internet Explorer 8.0.6001.18975

    30/10/2010 23:30:05
    mbam-log-2010-10-30 (23-30-05).txt

    Tipo di scansione: Scansione completa (C:\|)
    Elementi esaminati: 526841
    Tempo trascorso: 4 ore, 17 minuti, 14 secondi

    Processi infetti in memoria: 0
    Moduli di memoria infetti: 0
    Chiavi di registro infette: 0
    Valori di registro infetti: 0
    Voci infette nei dati di registro: 0
    Cartelle infette: 0
    File infetti: 0

    Processi infetti in memoria:
    (Non sono stati rilevati elementi nocivi)

    Moduli di memoria infetti:
    (Non sono stati rilevati elementi nocivi)

    Chiavi di registro infette:
    (Non sono stati rilevati elementi nocivi)

    Valori di registro infetti:
    (Non sono stati rilevati elementi nocivi)

    Voci infette nei dati di registro:
    (Non sono stati rilevati elementi nocivi)

    Cartelle infette:
    (Non sono stati rilevati elementi nocivi)

    File infetti:
    (Non sono stati rilevati elementi nocivi)


per quanto riguarda avira rescue ho fatto tt la procedura ma dopo 8 ore di scansione ha trovato qualcosa come 6 0000 su record e 35 su warning... pero ho riavviato non so cosa ha fatto..se eliminato o no X CRAZY.CAT
Avatar utente
erick ortiz
Aficionado
Aficionado
 
Messaggi: 25
Iscritto il: mar nov 03, 2009 7:24 pm

Re: 2 BROWSER IGNORANO I MIEI LINK!

Messaggioda FDAC » dom ott 31, 2010 11:18 am

Allora, procedi come segue.
Scarica ComboFix da qui:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Quando lo salvi hai la possibilità di rinominare il file: rinomina l’exe in pippo.exe

● posiziona pippo.exe sul Desktop
● disconnettiti da Internet
● sconnetti, fisicamente, il modem dal computer
● accedi al sistema in modalità provvisoria con un account con privilegi di Amministratore
● lancia ComboFix e segui le istruzioni che verranno rilasciate per eseguire la scansione
● senza eseguire altre operazioni, lascia che il tool completi la scansione e la fase di creazione del log
● al termine della operazione, il sistema verrà riavviato automaticamente (in caso contrario, riavvialo tu)

Note - durante la scansione:
● verranno creati alcuni file sul desktop e poi eliminati
● spariranno, per un attimo, tutte le icone presenti sul Desktop
● potrebbe venire rilasciato un messaggio in relazione all' antivirus in uso: prosegui ignorando il messaggio
● il firewall, se attivo, potrebbe rilasciare un avviso che verranno rimossi alcuni driver (consenti pure)

Verrà creato un log in Disco Locale C: dal nome combofix.txt che dovrai inviare qui.

Conclusa la scansione:
● riavvia il sistema in modalità normale
● ricollega, fisicamente, il modem al computer
● connettiti a Internet e invia il file di testo

N.B. Se non riuscissi in alcun modo ad utilizzare Combofix, segui questi semplici passi:

start > esegui, nel box bianco copia e incolla questo comando, virgolette comprese:
"%userprofile%\desktop\pippo.exe" /killall
Premi OK, si dovrebbe avviare la scansione.

Al termine, posta il Log di Combofix insieme a quello Aggiornato di Hijackthis
Ciao.
Avatar utente
FDAC
Rompiballe
Rompiballe
 
Messaggi: 750
Iscritto il: dom set 05, 2010 1:00 pm

Re: 2 BROWSER IGNORANO I MIEI LINK!

Messaggioda erick ortiz » dom ott 31, 2010 6:26 pm

allora: scaricato combofix rinominato ho riavviato il pc ,modalita provisoria fatto partire combofix parte la scansione solo che verso la fine do avere fatto 50 complete stage mi fa che ho exploler.exe e infetto e che devo apettare il rstore solo che si blocca e quindi lo chiudo io. non trovo il file che mi hai detto combofix.txt comunque ecco l'altro log... guardando su firefox ce ancora il rendirizzamento..??

HijackThis
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 18:13:19, on 31/10/2010
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v8.00 (8.00.6001.18975)
    Boot mode: Safe mode

    Running processes:
    C:\Windows\explorer.exe
    C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe
    C:\Windows\system32\DllHost.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [download] "C:\Users\Administrator\AppData\Roaming\download2\svcnost.exe"
    O4 - HKLM\..\Run: [SbUsb AudCtrl] RunDll32 sbusbdll.dll,RCMonitor
    O4 - HKLM\..\Run: [Creative SB Monitoring Utility] RunDll32 sbavmon.dll,SBAVMonitor
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
    O4 - HKLM\..\RunOnce: [GrpConv] grpconv -o
    O4 - HKCU\..\Run: [Google Update] "C:\Users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
    O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
    O4 - HKCU\..\Run: [engel] C:\Users\Administrator\AppData\Roaming\updates\updates.exe
    O4 - HKCU\..\Run: [download] "C:\Users\Administrator\AppData\Roaming\download2\svcnost.exe"
    O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
    O4 - Startup: mousedriver.exe
    O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
    O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
    O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = linksys
    O17 - HKLM\Software\..\Telephony: DomainName = linksys
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = linksys
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Servizio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: CiSvc - Unknown owner - C:\Windows\system32\cisvc.exe (file missing)
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: RealtekUSB - Realtek - C:\Program Files\REALTEK\RTL8187 Wireless LAN Utility\RtlService.exe
    O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: System Repair Windows Update Monitor (System_Repair_UpdateMonitor) - Lenovo Group Limited - C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe
    O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
    O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe
    O23 - Service: UPS - Unknown owner - C:\Windows\System32\ups.exe (file missing)

    --
    End of file - 4756 bytes
Avatar utente
erick ortiz
Aficionado
Aficionado
 
Messaggi: 25
Iscritto il: mar nov 03, 2009 7:24 pm

Re: 2 BROWSER IGNORANO I MIEI LINK!

Messaggioda comodoforever » dom ott 31, 2010 6:43 pm

File infetti presenti..
Avatar utente
comodoforever
Senior Member
Senior Member
 
Messaggi: 233
Iscritto il: mar apr 06, 2010 6:11 pm

Re: 2 BROWSER IGNORANO I MIEI LINK!

Messaggioda Uomo_Senza_Sonno » dom ott 31, 2010 6:43 pm

crazy.cat ha scritto:con malwarebytes bisogna fare la scansione completa non la veloce.
Però prova ad usare prima questo cd http://www.MegaLab.it/3591/avira-antivir-rescue-system

Riparti da qui. Esegui la scansione completa, ma prima di iniziare fixa assolutamente queste voci, altrimenti è probabile che devi rifare tutto come riavvi.

O4 - HKLM\..\Run: [download] "C:\Users\Administrator\AppData\Roaming\download2\svcnost.exe"
O4 - HKCU\..\Run: [engel] C:\Users\Administrator\AppData\Roaming\updates\updates.exe
O4 - HKCU\..\Run: [download] "C:\Users\Administrator\AppData\Roaming\download2\svcnost.exe"

Poi riprova con combofix, e attendi che termini tutto il processo, senza chiudere forzatamente.
Grazie per tutto Zane

conosciamo l'1% delle leggi che governano l'universo, le altre non le abbiamo ancora comprese a fondo o addirittura nemmeno intuite
Avatar utente
Uomo_Senza_Sonno
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 3255
Iscritto il: gio feb 07, 2008 9:00 am
Località: http://turbolab.it

Re: 2 BROWSER IGNORANO I MIEI LINK!

Messaggioda erick ortiz » lun nov 01, 2010 3:05 pm

ok, allora ho fixato q i 3 punti !... ora pero con combofix dopo aver fatto COMPLETE STAGE 1-50. i si blocca su qyuest scritta. system file is infected !! attempting to restore"c\windows\explorer.exe"
Avatar utente
erick ortiz
Aficionado
Aficionado
 
Messaggi: 25
Iscritto il: mar nov 03, 2009 7:24 pm

Re: 2 BROWSER IGNORANO I MIEI LINK!

Messaggioda Uomo_Senza_Sonno » lun nov 01, 2010 3:22 pm

Utilizza allora un rescue disk come quello già segnalato da crazy.cat oppure come quello di kaspersky. Masterizzi e esegui il boot da cd, poi al termine del caricamento aggiorni l'antivirus ed esegui la scansione completa di tutto il disco.
Grazie per tutto Zane

conosciamo l'1% delle leggi che governano l'universo, le altre non le abbiamo ancora comprese a fondo o addirittura nemmeno intuite
Avatar utente
Uomo_Senza_Sonno
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 3255
Iscritto il: gio feb 07, 2008 9:00 am
Località: http://turbolab.it

Re: 2 BROWSER IGNORANO I MIEI LINK!

Messaggioda erick ortiz » mar nov 16, 2010 1:28 pm

AGGIORNAMENTO: posto dopo tanti tentativi sono riuscito a fa funzionare combofix ecco il log:
Codice: Seleziona tutto
 ComboFix 10-11-15.05 - Administrator 16/11/2010  10:05:04.1.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.39.1040.18.3032.2032 [GMT 1:00]
Eseguito da: c:\users\Administrator\Desktop\kimbo.exe
Opzioni usate :: c:\users\Administrator\Desktop\cfscript.txt
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

(((((((((((((((((((((((((((((((((((((   Altre eliminazioni   )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\Administrator\AppData\Roaming\addons.dat

-- Esecuzione precedente --

c:\windows\explorer.exe . . . è infetto!!

--------

c:\windows\explorer.exe . . . è infetto!!

c:\windows\System32\wininit.exe . . . è infetto!!

.
(((((((((((((((((((((((((((((((((((((((   Driver/Servizi   )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_NPF
-------\Service_NPF


(((((((((((((((((((((((((   Files Creati Da 2010-10-16 al 2010-11-16  )))))))))))))))))))))))))))))))))))
.

2010-11-16 10:21 . 2010-11-16 10:21   --------   d-----w-   c:\users\Default\AppData\Local\temp
2010-11-16 03:18 . 2010-11-16 04:23   --------   d-----w-   C:\hakimo
2010-11-16 02:35 . 2010-11-16 02:35   --------   d-----w-   c:\users\Default\AppData\Local\Microsoft Help
2010-11-16 02:30 . 2010-11-16 02:30   --------   d-----w-   c:\program files\FontFrenzy
2010-11-15 21:15 . 2010-11-15 21:15   --------   d-----w-   c:\program files\Microsoft Works
2010-11-15 21:14 . 2010-11-15 21:14   --------   d-----w-   c:\program files\Microsoft Visual Studio 8
2010-11-15 21:09 . 2010-11-15 21:09   --------   d-----w-   c:\users\Administrator\AppData\Local\Microsoft Help
2010-11-15 21:09 . 2010-11-15 21:14   --------   d-----w-   c:\program files\Microsoft Expression
2010-11-15 21:08 . 2010-11-15 21:08   --------   d-----r-   C:\MSOCache
2010-11-15 16:43 . 2000-01-24 04:01   453632   ----a-w-   c:\windows\system32\stdvcl40.dll
2010-11-13 22:06 . 2010-11-13 22:10   --------   d-----w-   c:\users\Administrator\AppData\Roaming\IDM
2010-11-13 22:05 . 2010-11-13 22:39   --------   d-----w-   c:\windows\system32\IDMs
2010-11-13 22:05 . 2010-11-13 22:05   --------   d-----w-   c:\program files\IDM
2010-11-13 21:39 . 2010-11-13 21:39   --------   d-----w-   c:\program files\Mozilla Firefox 4.0 Beta 7
2010-11-13 17:03 . 2010-11-13 17:03   --------   d-----w-   c:\program files\pdfforge Toolbar
2010-11-13 17:03 . 2010-11-13 17:03   --------   d-----w-   c:\program files\Application Updater
2010-11-13 17:03 . 2010-11-13 17:03   --------   d-----w-   c:\program files\Common Files\Spigot
2010-11-13 16:59 . 2010-11-13 16:59   724033   ----a-w-   c:\windows\unins000.exe
2010-11-13 16:46 . 2001-10-28 16:42   116224   ----a-w-   c:\windows\system32\pdfcmnnt.dll
2010-11-13 16:46 . 1998-06-24 00:00   137000   ----a-w-   c:\windows\system32\MSMAPI32.OCX
2010-11-13 16:46 . 1998-08-05 07:45   122128   ----a-w-   c:\windows\system32\VB6IT.DLL
2010-11-13 16:46 . 1998-08-05 07:45   150528   ----a-w-   c:\windows\system32\MSCMCIT.DLL
2010-11-13 16:46 . 2010-11-13 16:51   --------   d-----w-   c:\program files\PDFCreator
2010-11-13 16:46 . 1998-08-05 07:45   63488   ----a-w-   c:\windows\system32\MSCC2IT.DLL
2010-11-13 16:46 . 1998-07-06 00:00   23552   ----a-w-   c:\windows\system32\MSMPIDE.DLL
2010-11-12 15:17 . 2010-10-18 08:41   6146896   ----a-w-   c:\programdata\Microsoft\Windows Defender\Definition Updates\{20A0EA28-4A52-4EC5-8A90-BD702E0BA2CC}\mpengine.dll
2010-11-08 23:47 . 2010-11-09 00:08   --------   d-----w-   c:\program files\FXpansion
2010-11-06 19:50 . 2010-11-06 19:50   --------   d-----w-   c:\users\Administrator\AppData\Local\Mozilla
2010-11-06 12:24 . 2010-11-06 12:24   --------   d-----w-   c:\users\Administrator\AppData\Roaming\Software Informer
2010-11-06 12:24 . 2010-11-06 12:24   --------   d-----w-   c:\users\Administrator\AppData\Roaming\Free Download Manager
2010-11-06 12:24 . 2010-11-06 12:24   --------   d-----w-   c:\program files\Free Download Manager
2010-11-06 01:30 . 2010-11-06 01:30   --------   d-----w-   c:\program files\Opera(74)
2010-11-05 21:27 . 2010-11-05 21:27   --------   d-----w-   c:\users\Administrator\AppData\Roaming\Avira
2010-11-02 23:49 . 2010-11-02 23:49   --------   d-----w-   c:\program files\ConduitEngine
2010-11-02 23:49 . 2010-11-02 23:49   --------   d-----w-   c:\program files\NCH
2010-11-02 23:43 . 2010-11-02 23:46   --------   d-----w-   c:\programdata\NCH Swift Sound
2010-11-02 23:43 . 2010-11-02 23:45   --------   d-----w-   c:\program files\NCH Swift Sound
2010-11-02 23:43 . 2010-11-02 23:46   --------   d-----w-   c:\users\Administrator\AppData\Roaming\NCH Swift Sound
2010-10-31 23:45 . 2010-10-31 23:45   --------   d-----w-   c:\users\Administrator\AppData\Roaming\SonicTransfer
2010-10-31 15:00 . 2010-11-06 21:38   --------   d-----w-   C:\pippo
2010-10-31 14:42 . 2010-10-31 14:42   388096   ----a-r-   c:\users\Administrator\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-10-30 19:02 . 2010-10-19 10:41   222080   ------w-   c:\windows\system32\MpSigStub.exe
2010-10-29 22:41 . 2010-10-29 22:41   --------   d-----w-   C:\#GDATA.Trash.Store#
2010-10-29 22:40 . 2010-10-29 23:31   --------   d-----w-   c:\program files\Common Files\G DATA
2010-10-29 22:36 . 2010-10-29 22:36   --------   d-----w-   c:\users\Administrator\AppData\Local\Downloaded Installations
2010-10-29 19:01 . 2010-11-05 23:27   --------   d-----w-   C:\combo
2010-10-29 18:40 . 2010-11-05 22:19   --------   d-----w-   c:\program files\Unlocker
2010-10-27 17:27 . 2010-10-30 08:42   --------   d-----w-   c:\users\Administrator\AppData\Roaming\sorrypeople
2010-10-27 13:25 . 2010-10-29 18:46   --------   d-----w-   c:\users\Administrator\AppData\Roaming\updates
2010-10-27 13:22 . 2010-08-26 16:34   1696256   ----a-w-   c:\windows\system32\gameux.dll
2010-10-27 13:22 . 2010-08-26 16:33   28672   ----a-w-   c:\windows\system32\Apphlpdm.dll
2010-10-27 13:22 . 2010-08-26 14:23   4240384   ----a-w-   c:\windows\system32\GameUXLegacyGDFs.dll
2010-10-26 16:50 . 2010-10-26 16:51   --------   d-----w-   c:\program files\CamStudio
2010-10-24 22:10 . 2010-10-24 22:10   --------   d-----w-   c:\program files\iPod
2010-10-24 22:10 . 2010-10-24 22:11   --------   d-----w-   c:\program files\iTunes
2010-10-24 22:07 . 2010-10-24 22:07   159744   ----a-w-   c:\program files\Internet Explorer\Plugin\npqtplugin7.dll
2010-10-24 22:07 . 2010-10-24 22:07   159744   ----a-w-   c:\program files\Internet Explorer\Plugin\npqtplugin6.dll
2010-10-24 22:07 . 2010-10-24 22:07   159744   ----a-w-   c:\program files\Internet Explorer\Plugin\npqtplugin5.dll
2010-10-24 22:07 . 2010-10-24 22:07   159744   ----a-w-   c:\program files\Internet Explorer\Plugin\npqtplugin4.dll
2010-10-24 22:07 . 2010-10-24 22:07   159744   ----a-w-   c:\program files\Internet Explorer\Plugin\npqtplugin3.dll
2010-10-24 22:07 . 2010-10-24 22:07   159744   ----a-w-   c:\program files\Internet Explorer\Plugin\npqtplugin2.dll
2010-10-24 22:07 . 2010-10-24 22:07   159744   ----a-w-   c:\program files\Internet Explorer\Plugin\npqtplugin.dll
2010-10-22 20:52 . 2010-10-22 20:52   --------   d-----w-   c:\program files\Common Files\Java
2010-10-22 20:52 . 2010-10-22 20:51   472808   ----a-w-   c:\windows\system32\deployJava1.dll
2010-10-22 20:51 . 2010-10-22 20:51   --------   d-----w-   c:\program files\Java
2010-10-21 22:45 . 2005-06-10 07:39   1694592   ----a-w-   c:\windows\system32\drivers\sbusb.sys
2010-10-21 22:45 . 2005-05-26 15:52   128000   ----a-w-   c:\windows\system32\sbusbdll.dll
2010-10-21 22:45 . 2005-04-20 07:44   115200   ----a-w-   c:\windows\system32\sfms32.dll
2010-10-21 22:45 . 2005-04-20 07:44   138752   ----a-w-   c:\windows\system32\drivers\ctsfm2k.sys
2010-10-21 22:45 . 2005-04-20 07:44   106496   ----a-w-   c:\windows\system32\drivers\ctoss2k.sys
2010-10-21 22:45 . 2004-11-23 08:52   20480   ----a-w-   c:\windows\INRES.DLL
2010-10-21 22:45 . 2004-02-03 09:50   36864   ----a-w-   c:\windows\system32\sfman32.dll
2010-10-21 22:45 . 2004-02-03 09:50   59392   ----a-w-   c:\windows\system32\a3d.dll
2010-10-21 22:45 . 2003-03-05 10:19   15840   ----a-w-   c:\windows\system32\drivers\PfModNT.sys
2010-10-21 20:56 . 2010-10-29 19:57   --------   d-----w-   c:\users\Administrator\AppData\Roaming\download
2010-10-21 15:53 . 2010-10-27 13:25   115712   ----a-w-   c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mousedriver.exe
2010-10-18 23:48 . 2009-07-14 17:45   38480   ----a-w-   c:\windows\system32\drivers\WdfLdr.sys
2010-10-18 23:48 . 2009-07-14 17:45   445008   ----a-w-   c:\windows\system32\drivers\Wdf01000.sys
2010-10-18 23:43 . 2010-10-18 23:43   --------   d-----w-   c:\users\Administrator\{9317362c-cdf3-4790-8fda-7480aef03156}
2010-10-18 23:42 . 2010-10-18 23:42   --------   d-----w-   c:\program files\Common Files\PCSuite
2010-10-18 23:42 . 2010-10-18 23:42   --------   d-----w-   c:\program files\Common Files\Nokia
2010-10-18 23:41 . 2008-08-26 08:26   18816   ----a-w-   c:\windows\system32\drivers\pccsmcfd.sys
2010-10-18 23:41 . 2010-10-18 23:41   --------   d-----w-   c:\program files\PC Connectivity Solution

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-08 23:47 . 2010-03-31 15:37   69632   ----a-w-   c:\windows\system32\FxShared.dll
2010-11-08 23:47 . 2010-03-31 15:37   69632   ----a-w-   c:\windows\system32\com.fxpansion.fxshared.dll
2010-11-08 23:47 . 2010-03-31 01:53   233472   ----a-w-   c:\windows\system32\REX Shared Library.dll
2010-10-13 23:16 . 2010-10-13 23:16   54800   ----a-w-   c:\windows\system32\drivers\funfrm.sys
2010-10-13 23:16 . 2010-10-13 23:16   1024000   ----a-w-   c:\windows\system32\CamOpEx.dll
2010-10-13 23:16 . 2010-10-13 23:16   626688   ----a-w-   c:\windows\msvcr80.dll
2010-10-13 23:16 . 2010-10-13 23:16   57344   ----a-w-   c:\windows\AsfHelper.dll
2010-09-26 14:35 . 2010-09-23 16:58   615424   ----a-w-   c:\windows\system32\themeui.dll
2010-09-26 14:35 . 2008-01-21 02:23   240128   ----a-w-   c:\windows\system32\uxtheme.dll
2010-09-13 13:56 . 2010-10-14 14:29   8147456   ----a-w-   c:\windows\system32\wmploc.DLL
2010-09-08 09:17 . 2010-09-08 09:17   94208   ----a-w-   c:\windows\system32\QuickTimeVR.qtx
2010-09-08 09:17 . 2010-09-08 09:17   69632   ----a-w-   c:\windows\system32\QuickTime.qts
2010-09-08 06:01 . 2010-10-14 14:27   916480   ----a-w-   c:\windows\system32\wininet.dll
2010-09-08 05:57 . 2010-10-14 14:27   43520   ----a-w-   c:\windows\system32\licmgr10.dll
2010-09-08 05:57 . 2010-10-14 14:27   1469440   ----a-w-   c:\windows\system32\inetcpl.cpl
2010-09-08 05:56 . 2010-10-14 14:27   71680   ----a-w-   c:\windows\system32\iesetup.dll
2010-09-08 05:56 . 2010-10-14 14:27   109056   ----a-w-   c:\windows\system32\iesysprep.dll
2010-09-08 05:04 . 2010-10-14 14:27   385024   ----a-w-   c:\windows\system32\html.iec
2010-09-08 04:26 . 2010-10-14 14:27   133632   ----a-w-   c:\windows\system32\ieUnatt.exe
2010-09-08 04:25 . 2010-10-14 14:27   1638912   ----a-w-   c:\windows\system32\mshtml.tlb
2010-09-06 16:20 . 2010-10-14 14:27   125952   ----a-w-   c:\windows\system32\srvsvc.dll
2010-09-06 16:19 . 2010-10-14 14:27   17920   ----a-w-   c:\windows\system32\netevent.dll
2010-09-06 13:45 . 2010-10-14 14:27   304128   ----a-w-   c:\windows\system32\drivers\srv.sys
2010-09-06 13:45 . 2010-10-14 14:27   145408   ----a-w-   c:\windows\system32\drivers\srv2.sys
2010-09-06 13:45 . 2010-10-14 14:27   102400   ----a-w-   c:\windows\system32\drivers\srvnet.sys
2010-08-31 15:46 . 2010-10-14 14:28   954752   ----a-w-   c:\windows\system32\mfc40.dll
2010-08-31 15:46 . 2010-10-14 14:28   954288   ----a-w-   c:\windows\system32\mfc40u.dll
2010-08-31 15:44 . 2010-10-14 14:17   531968   ----a-w-   c:\windows\system32\comctl32.dll
2010-08-31 13:27 . 2010-10-14 14:17   2038272   ----a-w-   c:\windows\system32\win32k.sys
2010-08-26 16:37 . 2010-10-14 14:27   157184   ----a-w-   c:\windows\system32\t2embed.dll
2010-08-26 16:33 . 2010-10-27 13:22   173056   ----a-w-   c:\windows\apppatch\AcXtrnal.dll
2010-08-26 16:33 . 2010-10-27 13:22   458752   ----a-w-   c:\windows\apppatch\AcSpecfc.dll
2010-08-26 16:33 . 2010-10-27 13:22   2159616   ----a-w-   c:\windows\apppatch\AcGenral.dll
2010-08-26 16:33 . 2010-10-27 13:22   542720   ----a-w-   c:\windows\apppatch\AcLayers.dll
2010-08-20 16:05 . 2010-10-14 14:17   867328   ----a-w-   c:\windows\system32\wmpmde.dll
2010-06-29 14:04 . 2010-06-29 14:04   8278016   ----a-w-   c:\program files\HTML Guardian 7.msi
.

(((((((((((((((((((((((((((((((((((((   Punti Reg Caricati   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2010-05-14 1479680]
"IDMan"="c:\program files\IDM\Internet Download Manager\IDMan.exe" [2007-10-11 802816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-03-31 202256]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"SbUsb AudCtrl"="sbusbdll.dll" [2005-05-26 128000]
"Creative SB Monitoring Utility"="sbavmon.dll" [2007-06-28 93696]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-09-08 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-09-24 421160]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-04-29 437584]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408]
"SearchSettings"="c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe" [2010-10-22 524288]

c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
IDMs.exe [2010-7-7 119471]
mousedriver.exe [2010-10-27 115712]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"LINKSA"= 2010 (0x7da)
"LINKSB"= 10 (0xa)
"LINKSC"= 8 (0x8)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative MediaSource Go
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteCenter

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2010-03-31 18:58   202256   ----a-w-   c:\program files\Common Files\Real\Update_OB\realsched.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"CollaborationHost"=c:\windows\system32\p2phost.exe -s
"Sidebar"=c:\program files\Windows Sidebar\sidebar.exe /autoRun

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe"  -osboot
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

R1 funfrm;funfrm; [x]
R1 LenovoVCD;LenovoVCD;c:\windows\system32\drivers\LenovoVCD.sys [2009-02-14 16200]
R1 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver;c:\windows\system32\DRIVERS\rtlprot.sys [2007-04-23 25896]
R2 aaaxaj;System Monitor;c:\windows\system32\svchost.exe [2008-01-21 21504]
R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [2010-10-22 386560]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-04-29 304464]
R2 pgtyv;Center Image;c:\windows\system32\svchost.exe [2008-01-21 21504]
R2 ReadyComm.DirectRouter;ReadyComm.DirectRouter;c:\windows\System32\IgrsSvcs.exe [2008-01-21 21504]
R2 RealtekUSB;RealtekUSB;c:\program files\REALTEK\RTL8187 Wireless LAN Utility\RtlService.exe [2007-07-27 36864]
R2 srenum;srenum;c:\windows\system32\DRIVERS\srenum.sys [x]
R2 System_Repair_UpdateMonitor;System Repair Windows Update Monitor;c:\program files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe [2008-09-27 430080]
R2 tvtumon;tvtumon;c:\windows\system32\DRIVERS\tvtumon.sys [2008-08-29 48192]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2008-10-23 223232]
R3 ksaud;Creative USB Audio Driver;c:\windows\system32\drivers\ksaud.sys [2007-08-06 422144]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-04-29 20952]
R3 ndisrd;WinpkFilter Service;c:\windows\system32\DRIVERS\ndisrd.sys [x]
R3 PS_MDP;ReadyComm Presentation Space Helper Service;c:\windows\System32\IgrsSvcs.exe [2008-01-21 21504]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
R3 RTL8187;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187.sys [2010-02-09 335872]
R3 sbusb;Sound Blaster USB Audio Driver;c:\windows\system32\DRIVERS\sbusb.sys [2005-06-10 1694592]
R3 SynasUSB;SynasUSB;c:\windows\system32\drivers\SynasUSB.sys [2007-10-24 23288]
R3 usbsmi;Lenovo EasyCamera;c:\windows\system32\DRIVERS\SMIksdrv.sys [2009-04-14 164608]
R3 wdmirror;wdmirror;c:\windows\system32\DRIVERS\WDMirror.sys [2009-03-02 8832]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R3 WSVD;WSVD;c:\windows\system32\drivers\WSVD.sys [2008-01-10 81192]
R4 ALFA;ALFA;c:\program files\ALFA\AWUS036H Wireless LAN Utility\RtlService.exe [x]
R4 IGRS;IGRS;c:\program files\Lenovo\ReadyComm\common\IGRS.exe [2008-02-14 32768]
R4 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;c:\program files\Lenovo\ReadyComm\AppSvc.exe [2009-05-06 379968]
R4 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;c:\program files\Lenovo\ReadyComm\ConnSvc.exe [2009-05-06 412736]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-03-31 721904]
S0 Wdkbdmou;Lenovo RMCT KbdMou Service;c:\windows\system32\DRIVERS\Wdkbdmou.sys [2009-03-02 8832]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2009-01-06 14848]


--- Altri Servizi/Drivers In Memoria ---

*NewlyCreated* - ECACHE

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
IgrsSvcs   REG_MULTI_SZ      ReadyComm.DirectRouter PS_MDP
LocalServiceAndNoImpersonation   REG_MULTI_SZ      FontCache

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
pgtyv
aaaxaj

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{1BDB2A98-0041-E72F-4E08-C204F8F809B1}]
2010-11-16 09:02   119471   ----a-w-   c:\windows\System32\IDMs\IDMs.exe
.
Contenuto della cartella 'Scheduled Tasks'

2010-11-16 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2009-04-27 13:37]

2010-11-16 c:\windows\Tasks\User_Feed_Synchronization-{F99DF0FA-C7E7-4BC5-8044-88C07B81BB3F}.job
- c:\windows\system32\msfeedssync.exe [2010-10-14 04:25]
.
.
------- Scansione supplementare -------
.
uInternet Settings,ProxyServer = http=
IE: Download all links with IDM - c:\program files\IDM\Internet Download Manager\IEGetAll.htm
IE: Download FLV video content with IDM - c:\program files\IDM\Internet Download Manager\IEGetVL.htm
IE: Download with IDM - c:\program files\IDM\Internet Download Manager\IEExt.htm
FF - ProfilePath - c:\users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\cdynjar1.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=utf-8&fr=greentree_ff1&type=302398&p=
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\programdata\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
AddRemove-Google Chrome - c:\users\Administrator\AppData\Local\Google\Chrome\Application\7.0.517.41\Installer\setup.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-16 12:40
Windows 6.0.6002 Service Pack 2 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\aaaxaj]
"ServiceDll"="c:\windows\system32\egzmae.dll"
--

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\pgtyv]
"ServiceDll"="c:\windows\system32\egzmae.dll"
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_USERS\S-1-5-21-855805188-4021853458-3619117050-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,6e,14,8a,2d,01,a3,3e,4d,83,51,c8,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f3,6b,9d,32,53,99,b8,43,88,eb,fe,\
"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,6e,14,8a,2d,01,a3,3e,4d,83,51,c8,\

[HKEY_USERS\S-1-5-21-855805188-4021853458-3619117050-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"

[HKEY_USERS\S-1-5-21-855805188-4021853458-3619117050-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aifc\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"

[HKEY_USERS\S-1-5-21-855805188-4021853458-3619117050-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aiff\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"

[HKEY_USERS\S-1-5-21-855805188-4021853458-3619117050-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASX"

[HKEY_USERS\S-1-5-21-855805188-4021853458-3619117050-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AU"

[HKEY_USERS\S-1-5-21-855805188-4021853458-3619117050-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Paint.Picture"

[HKEY_USERS\S-1-5-21-855805188-4021853458-3619117050-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cue\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\wmplayer.exe"

[HKEY_USERS\S-1-5-21-855805188-4021853458-3619117050-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dat\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\mpc-hc.exe"

[HKEY_USERS\S-1-5-21-855805188-4021853458-3619117050-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.doc\UserChoice]
@Denied: (2) (Administrator)
"Progid"="OpenOffice.org.Doc"

[HKEY_USERS\S-1-5-21-855805188-4021853458-3619117050-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.download\UserChoice]
@Denied: (2) (Administrator)
"Progid"="SafariDownload"

[HKEY_USERS\S-1-5-21-855805188-4021853458-3619117050-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\photoviewer.dll"

[HKEY_USERS\S-1-5-21-855805188-4021853458-3619117050-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"

[HKEY_USERS\S-1-5-21-855805188-4021853458-3619117050-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"

[HKEY_USERS\S-1-5-21-855805188-4021853458-3619117050-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\notepad.exe"

[HKEY_USERS\S-1-5-21-855805188-4021853458-3619117050-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"

[HKEY_USERS\S-1-5-21-855805188-4021853458-3619117050-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.midi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"

[HKEY_USERS\S-1-5-21-855805188-4021853458-3619117050-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MOD\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"

[HKEY_USERS\S-1-5-21-855805188-4021853458-3619117050-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"

[HKEY_USERS\S-1-5-21-855805188-4021853458-3619117050-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpa\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"

[HKEY_USERS\S-1-5-21-855805188-4021853458-3619117050-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.php\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\7zFM.exe"

[HKEY_USERS\S-1-5-21-855805188-4021853458-3619117050-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"

[HKEY_USERS\S-1-5-21-855805188-4021853458-3619117050-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"

[HKEY_USERS\S-1-5-21-855805188-4021853458-3619117050-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AU"

[HKEY_USERS\S-1-5-21-855805188-4021853458-3619117050-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="SafariHTML"

[HKEY_USERS\S-1-5-21-855805188-4021853458-3619117050-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sys\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\notepad.exe"

[HKEY_USERS\S-1-5-21-855805188-4021853458-3619117050-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WAV"

[HKEY_USERS\S-1-5-21-855805188-4021853458-3619117050-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wax\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WAX"

[HKEY_USERS\S-1-5-21-855805188-4021853458-3619117050-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.webarchive\UserChoice]
@Denied: (2) (Administrator)
"Progid"="SafariHTML"

[HKEY_USERS\S-1-5-21-855805188-4021853458-3619117050-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASF"

[HKEY_USERS\S-1-5-21-855805188-4021853458-3619117050-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMA"

[HKEY_USERS\S-1-5-21-855805188-4021853458-3619117050-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMD"

[HKEY_USERS\S-1-5-21-855805188-4021853458-3619117050-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wms\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMS"

[HKEY_USERS\S-1-5-21-855805188-4021853458-3619117050-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASX"

[HKEY_USERS\S-1-5-21-855805188-4021853458-3619117050-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmz\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMZ"

[HKEY_USERS\S-1-5-21-855805188-4021853458-3619117050-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wpl\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WPL"

[HKEY_USERS\S-1-5-21-855805188-4021853458-3619117050-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wvx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WVX"

[HKEY_USERS\S-1-5-21-855805188-4021853458-3619117050-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"

[HKEY_USERS\S-1-5-21-855805188-4021853458-3619117050-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"

[HKEY_USERS\S-1-5-21-855805188-4021853458-3619117050-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="SafariHTML"

[HKEY_USERS\S-1-5-21-855805188-4021853458-3619117050-500_Classes\CLSID\{4469b6fe-e518-4929-bb69-7bf395b770f6}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:0000013c
"Therad"=dword:0000001d

[HKEY_USERS\S-1-5-21-855805188-4021853458-3619117050-500_Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):0f,cf,69,b3,a7,1c,f6,06,45,76,6d,78,45,68,3a,fa,55,3c,48,a6,e7,
   16,16,c6,76,20,ff,d1,2f,cb,a1,46,84,86,08,1e,7d,76,14,6f,00,00,00,00,00,00,\

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'Explorer.exe'(1284)
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_ita.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\windows\helppane.exe
.
**************************************************************************
.
Ora fine scansione: 2010-11-16  12:51:01 - Il pc è stato riavviato
ComboFix-quarantined-files.txt  2010-11-16 11:50

Pre-Run: 26.351.366.144 byte disponibili
Post-Run: 26.793.246.720 byte disponibili

- - End Of File - - 49D82805F7F57698AE7211EBBBA5FFAD



che mi sapete dire?
Avatar utente
erick ortiz
Aficionado
Aficionado
 
Messaggi: 25
Iscritto il: mar nov 03, 2009 7:24 pm

Prossimo

Torna a Sicurezza

Chi c’è in linea

Visitano il forum: Nessuno e 5 ospiti

Powered by phpBB © 2002, 2005, 2007, 2008 phpBB Group
Traduzione Italiana phpBB.it

megalab.it: testata telematica quotidiana registrata al Tribunale di Cosenza n. 22/09 del 13.08.2009, editore Master New Media S.r.l.; © Copyright 2008 Master New Media S.r.l. a socio unico - P.I. 02947530784. GRUPPO EDIZIONI MASTER Spa Tutti i diritti sono riservati. Per la pubblicità: Master Advertising