Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

log x r16 Opzioni
r16
Inviato: Tuesday, April 21, 2009 8:55:01 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Secondo findykill, hai 2 chiavi infette dal Beagle. (non eliminate)
Aspetto la scansione di Elibagla.
terremare
Inviato: Tuesday, April 21, 2009 8:57:05 PM

Rank: AiutAmico

Iscritto dal : 1/12/2009
Posts: 187
rifaccio la scansione con fendykill ?
r16
Inviato: Tuesday, April 21, 2009 9:00:42 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
terremare ha scritto:
rifaccio la scansione con fendykill ?

Mi hai letto nella mente .
Rifalla e clicca direttamente l'opzione 2
terremare
Inviato: Tuesday, April 21, 2009 9:15:14 PM

Rank: AiutAmico

Iscritto dal : 1/12/2009
Posts: 187
rifatta ecco


############################# [ FindyKill V4.725 ]

# User : Dardani Mauro (Administrators) # YOUR-6BFCBDC390
# Update on 19/04/09 by Chiquitine29
# Start at: 21.05.16 | 21/04/2009
# Website : http://pagesperso-orange.fr/FindyKill.Ad.Remover/

# Intel(R) Pentium(R) M processor 1.73GHz
# Microsoft Windows XP Home Edition (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 7.0.5730.11
# Windows Firewall Status : Enabled
# AV : Kaspersky Internet Security 8.0.0.357 [ (!) Disabled | Updated ]
# FW : Norton Internet Worm Protection[ (!) Disabled ]2006
# FW : Kaspersky Internet Security[ (!) Disabled ]8.0.0.357

# C:\ # Disco rigido locale # 77,92 Go (51,86 Go free) # NTFS
# D:\ # Disco CD-ROM
# E:\ # Disco rigido locale # 15,24 Go (1,41 Go free) # NTFS

############################## [ Active Processes ]

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Netropa\Multimedia Keyboard\nhksrv.exe
C:\Programmi\File comuni\Acronis\Schedule2\schedul2.exe
C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\Programmi\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Google\Update\GoogleUpdate.exe
C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
C:\Programmi\File comuni\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe

################## [ Infected File \ Folder ]


################## [ Infected Temp Files ]


################## [ Registry / Infected keys ]


################## [ Cleaning Removable drives ]

# Deleting Files :



################## [ Registry / Mountpoint2 ]

# -> Not found !

################## [ States / Restarting of services ]

# Services : [ Auto=2 / Request=3 / Disable=4 ]

# Ndisuio -> # Type of startup =3
# EapHost -> # Type of startup =2
# Ip6Fw -> # Type of startup =2
# SharedAccess -> # Type of startup =2
# wuauserv -> # Type of startup =2
# wscsvc -> # Type of startup =2

################## [ Searching Other Infections ]

# -> Nothing found.

################## [ Corrupted files # Re-Installation required ]

C:\Programmi\Network Associates\Common Framework\UpdaterUI.exe
C:\Programmi\OLYMPUS\OLYMPUS Master\Monitor.exe
C:\Programmi\Sonic\RecordNow!\Launch.exe
C:\WINDOWS\SoftwareDistribution\Download\a49d784415582d2f98c84ceb0a75d898\update\update.exe

################## [ ! End of Report # FindyKill V4.725 ! ]

r16
Inviato: Tuesday, April 21, 2009 10:08:28 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Ok le chiavi non ci sono oiù.
Il log di Elibagla?
terremare
Inviato: Tuesday, April 21, 2009 10:10:38 PM

Rank: AiutAmico

Iscritto dal : 1/12/2009
Posts: 187
dove lo trovo'? non so dove andare a trovarlo
r16
Inviato: Tuesday, April 21, 2009 10:12:13 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Sei distratto terremare ...
C:\InfoSat.txt
terremare
Inviato: Tuesday, April 21, 2009 10:23:05 PM

Rank: AiutAmico

Iscritto dal : 1/12/2009
Posts: 187
indicami la strada non riesco, scusa ma non so la via, sono andaro in risorse del pc ho cliccato sul disco c ma non trovo nulla, abbi pazienza.....
r16
Inviato: Tuesday, April 21, 2009 10:28:44 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Risorse del Computer.
Clicca Disco C:
Quando si apre la pagina, dovresti vedere un foglio Block Notes, che si chiama: InfoSat.txt
Non penso sia nascosto.
terremare
Inviato: Tuesday, April 21, 2009 10:37:26 PM

Rank: AiutAmico

Iscritto dal : 1/12/2009
Posts: 187
ti scapperà da ridere ma non c'è, porca miseria dove sarà
r16
Inviato: Tuesday, April 21, 2009 10:39:26 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Infatti , stò ridendo.Drool
Sicuro di averla fatta la scansione?
Come và il pc?
terremare
Inviato: Tuesday, April 21, 2009 10:40:32 PM

Rank: AiutAmico

Iscritto dal : 1/12/2009
Posts: 187
trovato questo ma è vecchio come data

Bagle_Remover.exe
Date: 12/11/2008
Time: 22.07.49,79
terremare
Inviato: Tuesday, April 21, 2009 10:42:30 PM

Rank: AiutAmico

Iscritto dal : 1/12/2009
Posts: 187
trovato questo ma è vecchio come data

Bagle_Remover.exe
Date: 12/11/2008
Time: 22.07.49,79

il pc va bene, è veloce mi sembra molto a posto e non ho ancora messo il ripristino
r16
Inviato: Tuesday, April 21, 2009 10:45:44 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Ok, terremare .
Esegui un'ultima scasione con Combofix, e postami il log.
Poi mi posti un log di HJT.
Dai che siamo alla fine.
terremare
Inviato: Tuesday, April 21, 2009 11:03:39 PM

Rank: AiutAmico

Iscritto dal : 1/12/2009
Posts: 187
ritatto findy ma non c'è niente in c



############################## [ FindyKill V4.725 ]

# User : Dardani Mauro (Administrators) # YOUR-6BFCBDC390
# Update on 19/04/09 by Chiquitine29
# Start at: 22.50.12 | 21/04/2009
# Website : http://pagesperso-orange.fr/FindyKill.Ad.Remover/

# Intel(R) Pentium(R) M processor 1.73GHz
# Microsoft Windows XP Home Edition (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 7.0.5730.11
# Windows Firewall Status : Enabled
# AV : Kaspersky Internet Security 8.0.0.357 [ (!) Disabled | Updated ]
# FW : Norton Internet Worm Protection[ (!) Disabled ]2006
# FW : Kaspersky Internet Security[ (!) Disabled ]8.0.0.357

# C:\ # Disco rigido locale # 77,92 Go (51,86 Go free) # NTFS
# D:\ # Disco CD-ROM
# E:\ # Disco rigido locale # 15,24 Go (1,41 Go free) # NTFS

############################## [ Active Processes ]

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Netropa\Multimedia Keyboard\nhksrv.exe
C:\Programmi\File comuni\Acronis\Schedule2\schedul2.exe
C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\Programmi\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\Google\Update\GoogleUpdate.exe
C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
C:\Programmi\File comuni\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe

################## [ Infected File \ Folder ]


################## [ Infected Temp Files ]


################## [ Registry / Infected keys ]


################## [ Cleaning Removable drives ]

# Deleting Files :



################## [ Registry / Mountpoint2 ]

# -> Not found !

################## [ States / Restarting of services ]

# Services : [ Auto=2 / Request=3 / Disable=4 ]

# Ndisuio -> # Type of startup =3
# EapHost -> # Type of startup =2
# Ip6Fw -> # Type of startup =2
# SharedAccess -> # Type of startup =2
# wuauserv -> # Type of startup =2
# wscsvc -> # Type of startup =2

################## [ Searching Other Infections ]

# -> Nothing found.

################## [ Corrupted files # Re-Installation required ]

C:\Programmi\Network Associates\Common Framework\UpdaterUI.exe
C:\Programmi\OLYMPUS\OLYMPUS Master\Monitor.exe
C:\Programmi\Sonic\RecordNow!\Launch.exe
C:\WINDOWS\SoftwareDistribution\Download\a49d784415582d2f98c84ceb0a75d898\update\update.exe

################## [ ! End of Report # FindyKill V4.725 ! ]

r16
Inviato: Tuesday, April 21, 2009 11:11:45 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Ehm..... terremare :Sick
Non ti ho chiesto findy, ma una scansione con Combofix, e un log di hijackthis......
Leggi bene il post sopra. ( ma allora sei veramente distratto...Drool )
Postami i due log.
Puoi disistallarlo FindyKill.
terremare
Inviato: Tuesday, April 21, 2009 11:20:35 PM

Rank: AiutAmico

Iscritto dal : 1/12/2009
Posts: 187
non sono distratto ma l'avevo ripetuta, ora combofix


ComboFix 09-04-22.02 - Dardani Mauro 21/04/2009 23.06.56.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.39.1040.18.1014.616 [GMT 2:00]
Eseguito da: c:\documents and settings\Dardani Mauro\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated)
FW: Kaspersky Internet Security *disabled*
FW: Norton Internet Worm Protection *disabled*
* Creato nuovo punto di ripristino

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.

((((((((((((((((((((((((( Files Creati Da 2009-03-21 al 2009-04-21 )))))))))))))))))))))))))))))))))))
.

2009-04-21 17:55 . 2009-04-21 20:53 -------- d-----w C:\FindyKill
2009-04-17 13:33 . 2009-02-06 10:10 227840 -c----w c:\windows\system32\dllcache\wmiprvse.exe
2009-04-17 13:33 . 2009-03-06 14:19 286208 -c----w c:\windows\system32\dllcache\pdh.dll
2009-04-17 13:33 . 2009-02-09 11:22 111104 -c----w c:\windows\system32\dllcache\services.exe
2009-04-17 13:33 . 2009-02-09 10:51 401408 -c----w c:\windows\system32\dllcache\rpcss.dll
2009-04-17 13:33 . 2009-02-09 10:51 473600 -c----w c:\windows\system32\dllcache\fastprox.dll
2009-04-17 13:33 . 2009-02-06 10:39 35328 -c----w c:\windows\system32\dllcache\sc.exe
2009-04-17 13:33 . 2009-02-09 10:51 734720 -c----w c:\windows\system32\dllcache\lsasrv.dll
2009-04-17 13:33 . 2009-02-09 10:51 683520 -c----w c:\windows\system32\dllcache\advapi32.dll
2009-04-17 13:33 . 2009-02-09 10:51 736256 -c----w c:\windows\system32\dllcache\ntdll.dll
2009-04-17 13:33 . 2009-02-09 10:51 453120 -c----w c:\windows\system32\dllcache\wmiprvsd.dll
2009-04-17 13:32 . 2009-03-27 06:48 1203922 -c----w c:\windows\system32\dllcache\sysmain.sdb
2009-04-17 13:32 . 2008-04-21 21:14 219136 -c----w c:\windows\system32\dllcache\wordpad.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-21 21:12 . 2009-02-16 16:27 -------- d-----w c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab
2009-04-21 21:10 . 2009-02-16 16:27 532512 --sha-w c:\windows\system32\drivers\fidbox2.dat
2009-04-21 21:10 . 2009-02-16 16:27 2900 --sha-w c:\windows\system32\drivers\fidbox2.idx
2009-04-21 21:10 . 2009-02-16 16:27 2508832 --sha-w c:\windows\system32\drivers\fidbox.dat
2009-04-21 21:10 . 2009-02-16 16:27 21728 --sha-w c:\windows\system32\drivers\fidbox.idx
2009-04-21 20:54 . 2009-04-21 20:50 3152 ----a-w C:\FindyKill.txt
2009-04-21 19:09 . 2005-09-21 09:01 84750 ----a-w c:\windows\system32\perfc010.dat
2009-04-21 19:09 . 2005-09-21 09:01 490208 ----a-w c:\windows\system32\perfh010.dat
2009-04-21 16:27 . 2008-03-30 19:59 -------- d-----w c:\programmi\Spybot - Search & Destroy
2009-04-21 16:26 . 2008-03-30 19:59 -------- d-----w c:\documents and settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2009-04-21 16:24 . 2008-09-07 10:04 -------- d-----w c:\programmi\eMule
2009-04-21 16:14 . 2009-03-17 13:17 -------- d-----w c:\documents and settings\All Users\Dati applicazioni\Google Updater
2009-04-20 11:05 . 2008-10-01 14:22 0 ----a-w C:\ctapi_out_gr.txt
2009-04-13 11:37 . 2008-11-12 21:22 -------- d-----w c:\programmi\Malwarebytes' Anti-Malware
2009-04-06 13:32 . 2008-11-12 21:22 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-06 13:32 . 2008-11-12 21:22 15504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-04-05 18:43 . 2008-12-04 12:23 -------- d-----w c:\documents and settings\All Users\Dati applicazioni\NOS
2009-04-05 18:43 . 2008-12-04 12:23 -------- d-----w c:\programmi\NOS
2009-03-31 16:45 . 2009-02-15 09:46 -------- d-----w c:\programmi\Java
2009-03-17 18:34 . 2005-09-21 15:04 -------- d-----w c:\programmi\File comuni\Adobe
2009-03-17 13:18 . 2008-01-10 20:03 -------- d-----w c:\programmi\Google
2009-03-09 03:19 . 2009-02-15 09:47 410984 ----a-w c:\windows\system32\deploytk.dll
2009-03-06 14:48 . 2008-11-07 21:11 -------- d-----w c:\programmi\CCleaner
2009-03-06 14:19 . 2005-09-21 09:01 286208 ----a-w c:\windows\system32\pdh.dll
2009-03-03 00:03 . 2005-09-21 09:01 826368 ----a-w c:\windows\system32\wininet.dll
2009-02-26 19:29 . 2009-02-26 18:09 -------- d-----w c:\programmi\SopCast
2009-02-22 13:36 . 2009-02-22 13:36 -------- d-----w c:\documents and settings\Dardani Mauro\Dati applicazioni\vlc
2009-02-20 17:08 . 2005-09-21 09:00 78336 ----a-w c:\windows\system32\ieencode.dll
2009-02-10 17:02 . 2004-08-19 15:34 2069760 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-02-09 14:04 . 2005-09-21 09:01 1846784 ----a-w c:\windows\system32\win32k.sys
2009-02-09 11:23 . 2005-09-21 09:00 2192768 ----a-w c:\windows\system32\ntoskrnl.exe
2009-02-09 11:22 . 2005-09-21 09:01 111104 ----a-w c:\windows\system32\services.exe
2009-02-09 10:51 . 2005-09-21 09:00 734720 ----a-w c:\windows\system32\lsasrv.dll
2009-02-09 10:51 . 2005-09-21 09:01 401408 ----a-w c:\windows\system32\rpcss.dll
2009-02-09 10:51 . 2005-09-21 09:00 683520 ----a-w c:\windows\system32\advapi32.dll
2009-02-09 10:51 . 2005-09-21 09:00 736256 ----a-w c:\windows\system32\ntdll.dll
2009-02-06 10:39 . 2005-09-21 09:01 35328 ----a-w c:\windows\system32\sc.exe
2009-02-03 19:57 . 2005-09-21 09:01 56832 ----a-w c:\windows\system32\secur32.dll
2009-01-13 19:54 . 2006-06-03 09:51 25776 ----a-w c:\documents and settings\Dardani Mauro\Dati applicazioni\GDIPFONTCACHEV1.DAT
2009-01-04 13:53 . 2008-11-13 22:00 133472 ----a-w c:\documents and settings\LocalService\Impostazioni locali\Dati applicazioni\FontCache3.0.0.0.dat
2008-11-16 09:49 . 2006-04-19 19:52 25776 ----a-w c:\documents and settings\Dardani Mauro\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2006-05-10 15:55 . 2006-04-19 19:34 142 ----a-w c:\documents and settings\Dardani Mauro\Impostazioni locali\Dati applicazioni\fusioncache.dat
2008-09-01 15:35 . 2008-09-01 15:36 32768 --sha-w c:\windows\system32\config\systemprofile\Impostazioni locali\Cronologia\History.IE5\MSHist012008090120080902\index.dat
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"MSMSGS"="c:\programmi\Messenger\msmsgs.exe" [2008-04-14 1695232]
"OM_Monitor"="c:\programmi\OLYMPUS\OLYMPUS Master\Monitor.exe" [2008-11-12 57344]
"swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-11 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-07-19 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-07-19 114688]
"Apoint"="c:\programmi\Apoint2K\Apoint.exe" [2004-03-24 196608]
"CeEKEY"="c:\programmi\TOSHIBA\E-KEY\CeEKey.exe" [2005-09-06 671744]
"TPNF"="c:\programmi\TOSHIBA\TouchPad\TPTray.exe" [2005-08-25 53248]
"HWSetup"="c:\programmi\TOSHIBA\TOSHIBA Applet\HWSetup.exe" [2004-05-01 28672]
"SVPWUTIL"="c:\programmi\Toshiba\Windows Utilities\SVPWUTIL.exe" [2004-05-01 65536]
"SmoothView"="c:\programmi\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe" [2005-05-12 118784]
"PadTouch"="c:\programmi\TOSHIBA\Touch and Launch\PadExe.exe" [2005-08-30 1077329]
"Tvs"="c:\programmi\TOSHIBA\Tvs\TvsTray.exe" [2005-04-05 73728]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2005-05-31 122941]
"TrueImageMonitor.exe"="c:\programmi\Acronis\TrueImage\TrueImageMonitor.exe" [2005-10-03 975941]
"Acronis Scheduler2 Service"="c:\programmi\File comuni\Acronis\Schedule2\schedhlp.exe" [2005-10-03 118784]
"MULTIMEDIA KEYBOARD"="c:\programmi\Netropa\Multimedia Keyboard\MMKeybd.exe" [2002-07-27 176128]
"EPSON Stylus Photo R240 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE" [2005-04-25 98304]
"QuickTime Task"="c:\programmi\QuickTime\qttask.exe" [2007-04-23 77824]
"OM_Monitor"="c:\programmi\OLYMPUS\OLYMPUS Master\FirstStart.exe" [2006-05-16 40960]
"AVP"="c:\programmi\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2009-02-16 201992]
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"AGRSMMSG"="AGRSMMSG.exe" - c:\windows\agrsmmsg.exe [2004-12-22 88358]
"Zooming"="ZoomingHook.exe" - c:\windows\system32\ZoomingHook.exe [2005-06-06 24576]
"TCtryIOHook"="TCtrlIOHook.exe" - c:\windows\system32\TCtrlIOHook.exe [2005-08-22 28672]
"TPSMain"="TPSMain.exe" - c:\windows\system32\TPSMain.exe [2005-08-12 266240]
"TFncKy"="TFncKy.exe" [BU]
"NDSTray.exe"="NDSTray.exe" [BU]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Dardani Mauro\Menu Avvio\Programmi\Esecuzione automatica\
Microsoft Office OneNote 2003 Quick Launch.lnk - c:\programmi\Microsoft Office\OFFICE11\ONENOTEM.EXE [2007-4-19 64864]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Microsoft Office.lnk - c:\programmi\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"disableregistrytoosl"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\programmi\Windows Desktop Search\MSNLNamespaceMgr.dll" [2006-03-13 233472]

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\Toshiba\\ConfigFree\\CFXFER.exe"=
"c:\\Programmi\\Messenger\\msmsgs.exe"=
"c:\\Programmi\\SopCast\\adv\\SopAdver.exe"=
"c:\\Programmi\\SopCast\\SopCast.exe"=

R2 gupdate1c9a702bf95dc54;Servizio di Google Update (gupdate1c9a702bf95dc54);c:\programmi\Google\Update\GoogleUpdate.exe [2009-03-17 133104]
S0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2009-02-16 33808]
S1 msikbd2k;Multimedia Keyboard Filter Driver;c:\windows\system32\DRIVERS\msikbd2k.sys [2001-12-20 6656]
S2 nhksrv;Netropa NHK Server;c:\programmi\Netropa\Multimedia Keyboard\nhksrv.exe [2001-08-06 28672]
S3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\DRIVERS\klfltdev.sys [2008-03-13 26640]
S3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\DRIVERS\klim5.sys [2008-03-25 24592]

.
Contenuto della cartella 'Scheduled Tasks'

2009-04-21 c:\windows\Tasks\Google Software Updater.job
- c:\programmi\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-04-17 17:09]

2009-04-21 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2009-03-17 13:17]

2009-03-18 c:\windows\Tasks\NeroLiveEpgUpdate-YOUR-6BFCBDC390_Dardani-Mauro.job
- c:\programmi\Nero\Nero 9\Nero Live\NeroLive.exe [2008-09-18 12:51]

2009-04-21 c:\windows\Tasks\Verifica aggiornamenti per Windows Live Toolbar.job
- c:\programmi\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
uSearchURL,(Default) = hxxp://g.msn.it/0SEITIT/SAOS01?FORM=TOOLBR
IE: &MSN Search - c:\programmi\MSN Toolbar Suite\TB\02.05.0000.1082\it-it\msntb.dll/search.htm
IE: &Windows Live Search - c:\programmi\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: Aggiungi al banner Blocco pubblicità - c:\programmi\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-21 23:12
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_LOCAL_MACHINE\software\Symantec\Norton Ghost\SecurityInfo]
@DACL=(02 0000)
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'winlogon.exe'(844)
c:\windows\system32\klogon.dll

- - - - - - - > 'lsass.exe'(900)
c:\windows\system32\relog_ap.dll

- - - - - - - > 'explorer.exe'(612)
c:\programmi\Windows Desktop Search\deskbar.dll
c:\programmi\Windows Desktop Search\it-it\dbres.dll.mui
c:\programmi\Windows Desktop Search\dbres.dll
c:\programmi\Windows Desktop Search\wordwheel.dll
c:\programmi\Windows Desktop Search\it-it\msnlExtRes.dll.mui
c:\programmi\Windows Desktop Search\msnlExtRes.dll
c:\programmi\Windows Desktop Search\wds_slps.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\TPwrCfg.DLL
c:\windows\system32\TPwrReg.dll
c:\windows\system32\TPSTrace.DLL
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\programmi\File comuni\Acronis\Schedule2\schedul2.exe
c:\windows\system32\bgsvcgen.exe
c:\programmi\Toshiba\ConfigFree\CFSvcs.exe
c:\programmi\Java\jre6\bin\jqs.exe
c:\programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
c:\programmi\File comuni\Nero\Nero BackItUp 4\NBService.exe
c:\windows\system32\wscntfy.exe
c:\programmi\Toshiba\ConfigFree\NDSTray.exe
c:\programmi\Apoint2K\ApntEx.exe
c:\windows\system32\TPSBattM.exe
c:\programmi\Netropa\Multimedia Keyboard\Traymon.exe
c:\programmi\Netropa\Onscreen Display\osd.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\programmi\Windows Desktop Search\wds_sl.exe
.
**************************************************************************
.
Ora fine scansione: 2009-04-21 23.15.42 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2009-04-21 21:15

Pre-Run: 55.568.736.256 byte disponibili
Post-Run: 55.521.488.896 byte disponibili

216 --- E O F --- 2009-04-17 17:19
terremare
Inviato: Tuesday, April 21, 2009 11:30:39 PM

Rank: AiutAmico

Iscritto dal : 1/12/2009
Posts: 187
.... e questo è hijackthis, spero buone notizie, ciao r16 dal rompiballe......

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23.26.59, on 21/04/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Google\Update\GoogleUpdate.exe
C:\Programmi\Netropa\Multimedia Keyboard\nhksrv.exe
C:\Programmi\File comuni\Acronis\Schedule2\schedul2.exe
C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\Programmi\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
C:\Programmi\File comuni\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Programmi\Apoint2K\Apoint.exe
C:\Programmi\TOSHIBA\E-KEY\CeEKey.exe
C:\Programmi\TOSHIBA\TouchPad\TPTray.exe
C:\WINDOWS\system32\ZoomingHook.exe
C:\WINDOWS\system32\TCtrlIOHook.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Programmi\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\Programmi\TOSHIBA\Touch and Launch\PadExe.exe
C:\Programmi\TOSHIBA\Tvs\TvsTray.exe
C:\Programmi\TOSHIBA\ConfigFree\NDSTray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Programmi\Apoint2K\Apntex.exe
C:\Programmi\Acronis\TrueImage\TrueImageMonitor.exe
C:\Programmi\File comuni\Acronis\Schedule2\schedhlp.exe
C:\Programmi\Netropa\Multimedia Keyboard\MMKeybd.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE
C:\Programmi\QuickTime\qttask.exe
C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Programmi\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Programmi\Microsoft Office\OFFICE11\ONENOTEM.EXE
C:\Programmi\Netropa\Multimedia Keyboard\TrayMon.exe
C:\Programmi\Netropa\Onscreen Display\OSD.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmi\Toshiba\TOSHIBA Controls\TFncKy.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.it/0SEITIT/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Programmi\Windows Desktop Search\dsWebAllow.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programmi\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programmi\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programmi\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Apoint] C:\Programmi\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [CeEKEY] C:\Programmi\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [TPNF] C:\Programmi\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [HWSetup] C:\Programmi\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Programmi\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe
O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [SmoothView] C:\Programmi\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [PadTouch] C:\Programmi\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [Tvs] C:\Programmi\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Programmi\Acronis\TrueImage\TrueImageMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Programmi\File comuni\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Programmi\Netropa\Multimedia Keyboard\MMKeybd.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo R240 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE /P30 "EPSON Stylus Photo R240 Series" /O6 "USB001" /M "Stylus Photo R240"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [OM_Monitor] C:\Programmi\OLYMPUS\OLYMPUS Master\FirstStart.exe
O4 - HKLM\..\Run: [AVP] "C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [OM_Monitor] C:\Programmi\OLYMPUS\OLYMPUS Master\Monitor.exe
O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Programmi\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &MSN Search - res://C:\Programmi\MSN Toolbar Suite\TB\02.05.0000.1082\it-it\msntb.dll/search.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Programmi\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Aggiungi al banner Blocco pubblicità - C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Statistiche sulla protezione del traffico Web - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Programmi\File comuni\Acronis\Schedule2\schedul2.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Programmi\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Servizio di Google Update (gupdate1c9a702bf95dc54) (gupdate1c9a702bf95dc54) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Programmi\File comuni\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Programmi\Netropa\Multimedia Keyboard\nhksrv.exe

--
End of file - 10353 bytes

r16
Inviato: Wednesday, April 22, 2009 2:33:39 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Ciao.
Dai, che non sei un rompiballe...Drool
I log sono a posto.
Ci sarebbero da sfoltire alcuni programmi che partono all'avvio, (ne ho contati 38.......tantini).
Ma se sei soddisfatto del funzionamento del pc, possiamo soprassedere.
Elimina Combofix cosi:
Start
Esegui
nella finestra di dialogo, copia ed incolla questo comando: Combofix /u e premi Invio poi cancella le cartelle in "C" di combofix (qoobox)

Elimina FindyKill.
Riattiva il ripristino configurazione di sistema e, se tutto è a posto, creane uno nuovo.
Ciao.

terremare
Inviato: Wednesday, April 22, 2009 5:47:51 PM

Rank: AiutAmico

Iscritto dal : 1/12/2009
Posts: 187
grande r16, sono contento che sia tutto o.k., sei stato esemplare come sempre, per quei 38 tantini ne riparliamo e poi se rompono li facciamo secchi. un grosso grazie da Terremare
Utenti presenti in questo topic
Guest


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.