Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » controllo log. grazie

controllo log. grazie Opzioni
Topic Precedente · Topic Sucessivo
ieu1987
Inviato: Thursday, March 05, 2009 1:12:23 PM
Rank: AiutAmico

Iscritto dal : 7/11/2008
Posts: 68
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13.11.02, on 05/03/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ATK0100\HControl.exe
C:\WINDOWS\sm56hlpr.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programmi\Wireless Console 2\wcourier.exe
C:\Programmi\ASUS\ATK Media\DMEDIA.EXE
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
C:\Programmi\ASUS\Power4 Gear\BatteryLife.exe
C:\Programmi\ASUS\Splendid\ACMON.exe
C:\Programmi\Intel\Wireless\bin\ZCfgSvc.exe
C:\Programmi\Intel\Wireless\Bin\ifrmewrk.exe
C:\Programmi\Intel\Wireless\Bin\EOUWiz.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\ACEngSvr.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
C:\Programmi\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
C:\Programmi\WinZip\WZQKPICK.EXE
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.asus.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Coolstreaming Tool-Bar v1.0 Toolbar - {bd0e4d83-654e-4213-965b-fcbe887061f4} - C:\Programmi\Coolstreaming_Tool-Bar_v1.0\tbCool.dll
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Coolstreaming Tool-Bar v1.0 Toolbar - {bd0e4d83-654e-4213-965b-fcbe887061f4} - C:\Programmi\Coolstreaming_Tool-Bar_v1.0\tbCool.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Coolstreaming Tool-Bar v1.0 Toolbar - {bd0e4d83-654e-4213-965b-fcbe887061f4} - C:\Programmi\Coolstreaming_Tool-Bar_v1.0\tbCool.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\WINDOWS\sm56hlpr.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ASUS Live Update] C:\Programmi\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [Wireless Console 2] C:\Programmi\Wireless Console 2\wcourier.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Programmi\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ABLKSR] C:\WINDOWS\ABLKSR\ABLKSR.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Programmi\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [Power_Gear] C:\Programmi\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [ACMON] C:\Programmi\ASUS\Splendid\ACMON.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Programmi\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Programmi\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] "C:\Programmi\Intel\Wireless\Bin\EOUWiz.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programmi\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe

--
End of file - 7427 bytes
Torna in alto
 
Sponsor
Inviato: Thursday, March 05, 2009 1:12:23 PM

 
Torna in alto
 
shapiro
Inviato: Thursday, March 05, 2009 1:26:31 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
ciao

non c'e' niente di dannoso, solo una voce da togliere con hjt

una cosa molto importante invece e' aggiornare il service pack

qui trovi il download

http://www.microsoft.com/downloads/details.aspx?FamilyID=5b33b5a8-5e76-401f-be08-1e1555d4f3d4&DisplayLang=it


scarica Malwarebytes


http://www.malwarebytes.org/mbam/program/mbam-setup.exe



1) lo installi
2) lo aggiorni
3) fai una scansione scegliendo la modalità completa
4) NON eliminare le eventuali minacce che rileva
5) finita la scansione seleziona il tabellino log, apri il file di testo e postalo sul forum




Scarica Lop S&D | http://eric.71.mespages.googlepages.com/LopSD.exe
con tutte le applicazioni chiuse e disconnesso
doppio click su LopSD
scegli la lingua E (invio)
1 (ricerca) invio

al termine dello scan riavvia LopSD
questa volta scegli l'opzione 2 (invio)

allega il report C:\LopR.txt insieme ad un nuovo log di hijackthis
Torna in alto
 
ieu1987
Inviato: Thursday, March 05, 2009 11:43:50 PM
Rank: AiutAmico

Iscritto dal : 7/11/2008
Posts: 68
Malwarebytes' Anti-Malware 1.34
Versione del database: 1821
Windows 5.1.2600 Service Pack 2

05/03/2009 23.42.57
mbam-log-2009-03-05 (23-42-54).txt

Tipo di scansione: Scansione completa (C:\|D:\|)
Elementi scansionati: 118580
Tempo trascorso: 17 minute(s), 4 second(s)

Processi delle memoria infetti: 0
Moduli della memoria infetti: 0
Chiavi di registro infette: 0
Valori di registro infetti: 0
Elementi dato del registro infetti: 1
Cartelle infette: 0
File infetti: 0

Processi delle memoria infetti:
(Nessun elemento malevolo rilevato)

Moduli della memoria infetti:
(Nessun elemento malevolo rilevato)

Chiavi di registro infette:
(Nessun elemento malevolo rilevato)

Valori di registro infetti:
(Nessun elemento malevolo rilevato)

Elementi dato del registro infetti:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> No action taken.

Cartelle infette:
(Nessun elemento malevolo rilevato)

File infetti:
(Nessun elemento malevolo rilevato)
Torna in alto
 
ieu1987
Inviato: Friday, March 06, 2009 10:32:17 AM
Rank: AiutAmico

Iscritto dal : 7/11/2008
Posts: 68
--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Genuine Intel(R) CPU T2300 @ 1.66GHz )
BIOS : Default System BIOS
USER : Antonio ( Administrator )
BOOT : Normal boot
Antivirus : AVG 7.5.557 7.5.557 (Activated)
C:\ (Local Disk) - FAT32 - Total:40 Go (Free:15 Go)
D:\ (Local Disk) - NTFS - Total:69 Go (Free:20 Go)
E:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 06/03/2009|10.22 )

--------------------\\ Listing folders in DATIAP~1

[18/01/2009|20.53] C:\DOCUME~1\DEFAUL~1\DATIAP~1\Identities
[18/01/2009|21.25] C:\DOCUME~1\DEFAUL~1\DATIAP~1\Intel
[18/01/2009|20.45] C:\DOCUME~1\DEFAUL~1\DATIAP~1\Microsoft
[18/01/2009|21.09] C:\DOCUME~1\DEFAUL~1\DATIAP~1\Skype
[18/01/2009|21.12] C:\DOCUME~1\DEFAUL~1\DATIAP~1\Symantec
[0|File] C:\DOCUME~1\DEFAUL~1\DATIAP~1\byte
[7|Directory] C:\DOCUME~1\DEFAUL~1\DATIAP~1\byte disponibili

[19/01/2009|01.22] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Adobe
[18/01/2009|23.27] C:\DOCUME~1\ALLUSE~1\DATIAP~1\avg7
[18/01/2009|23.27] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Grisoft
[18/01/2009|21.25] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Intel
[05/03/2009|21.03] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Malwarebytes
[19/01/2009|01.11] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Messenger Plus!
[18/01/2009|20.45] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Microsoft
[18/01/2009|20.57] C:\DOCUME~1\ALLUSE~1\DATIAP~1\SBSI
[18/01/2009|21.09] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Skype
[18/01/2009|21.11] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Symantec
[19/01/2009|11.55] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Windows Genuine Advantage
[0|File] C:\DOCUME~1\ALLUSE~1\DATIAP~1\byte
[13|Directory] C:\DOCUME~1\ALLUSE~1\DATIAP~1\byte disponibili

[18/01/2009|20.45] C:\DOCUME~1\NETWOR~1\DATIAP~1\Microsoft
[0|File] C:\DOCUME~1\NETWOR~1\DATIAP~1\byte
[3|Directory] C:\DOCUME~1\NETWOR~1\DATIAP~1\byte disponibili

[18/01/2009|23.28] C:\DOCUME~1\LOCALS~1\DATIAP~1\AVG7
[18/01/2009|20.45] C:\DOCUME~1\LOCALS~1\DATIAP~1\Microsoft
[0|File] C:\DOCUME~1\LOCALS~1\DATIAP~1\byte
[4|Directory] C:\DOCUME~1\LOCALS~1\DATIAP~1\byte disponibili

[18/01/2009|22.33] C:\DOCUME~1\ANTONIO\DATIAP~1\Adobe
[19/01/2009|19.54] C:\DOCUME~1\ANTONIO\DATIAP~1\Ahead
[18/01/2009|21.46] C:\DOCUME~1\ANTONIO\DATIAP~1\ATI
[18/01/2009|23.47] C:\DOCUME~1\ANTONIO\DATIAP~1\AVG7
[18/01/2009|20.53] C:\DOCUME~1\ANTONIO\DATIAP~1\Identities
[18/01/2009|21.25] C:\DOCUME~1\ANTONIO\DATIAP~1\Intel
[19/01/2009|01.08] C:\DOCUME~1\ANTONIO\DATIAP~1\Macromedia
[05/03/2009|21.03] C:\DOCUME~1\ANTONIO\DATIAP~1\Malwarebytes
[12/02/2009|17.13] C:\DOCUME~1\ANTONIO\DATIAP~1\Media Player Classic
[18/01/2009|20.45] C:\DOCUME~1\ANTONIO\DATIAP~1\Microsoft
[18/01/2009|23.23] C:\DOCUME~1\ANTONIO\DATIAP~1\Mozilla
[14/02/2009|16.49] C:\DOCUME~1\ANTONIO\DATIAP~1\Real
[18/01/2009|21.09] C:\DOCUME~1\ANTONIO\DATIAP~1\Skype
[19/01/2009|11.46] C:\DOCUME~1\ANTONIO\DATIAP~1\skypePM
[05/02/2009|13.21] C:\DOCUME~1\ANTONIO\DATIAP~1\Sun
[18/01/2009|21.12] C:\DOCUME~1\ANTONIO\DATIAP~1\Symantec
[18/01/2009|23.24] C:\DOCUME~1\ANTONIO\DATIAP~1\Talkback
[19/01/2009|01.14] C:\DOCUME~1\ANTONIO\DATIAP~1\vlc
[22/01/2009|22.34] C:\DOCUME~1\ANTONIO\DATIAP~1\VoipStunt
[0|File] C:\DOCUME~1\ANTONIO\DATIAP~1\byte
[21|Directory] C:\DOCUME~1\ANTONIO\DATIAP~1\byte disponibili

[20/02/2009|17.41] C:\DOCUME~1\GUEST\DATIAP~1\ATI
[20/02/2009|17.41] C:\DOCUME~1\GUEST\DATIAP~1\AVG7
[18/01/2009|20.53] C:\DOCUME~1\GUEST\DATIAP~1\Identities
[18/01/2009|21.25] C:\DOCUME~1\GUEST\DATIAP~1\Intel
[18/01/2009|20.45] C:\DOCUME~1\GUEST\DATIAP~1\Microsoft
[20/02/2009|17.41] C:\DOCUME~1\GUEST\DATIAP~1\Mozilla
[20/02/2009|17.41] C:\DOCUME~1\GUEST\DATIAP~1\Real
[18/01/2009|21.09] C:\DOCUME~1\GUEST\DATIAP~1\Skype
[18/01/2009|21.12] C:\DOCUME~1\GUEST\DATIAP~1\Symantec
[0|File] C:\DOCUME~1\GUEST\DATIAP~1\byte
[11|Directory] C:\DOCUME~1\GUEST\DATIAP~1\byte disponibili

--------------------\\ Scheduled Tasks located in C:\WINDOWS\Tasks

[06/03/2009 10.17][--ah-----] C:\WINDOWS\tasks\SA.DAT
[19/08/2004 14.00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing Folders in C:\Programmi

[18/01/2009|21.28] C:\Programmi\Adobe
[09/02/2009|18.45] C:\Programmi\Apperson
[18/01/2009|21.05] C:\Programmi\Asus
[18/01/2009|21.18] C:\Programmi\ATI Technologies
[19/01/2009|01.08] C:\Programmi\Axon Data
[19/01/2009|19.56] C:\Programmi\CCleaner
[18/01/2009|20.51] C:\Programmi\ComPlus Applications
[19/01/2009|01.16] C:\Programmi\Coolstreaming_Tool-Bar_v1.0
[26/01/2009|09.10] C:\Programmi\eMule
[18/01/2009|20.46] C:\Programmi\File comuni
[18/01/2009|23.28] C:\Programmi\Grisoft
[21/01/2009|19.15] C:\Programmi\Hewlett-Packard
[21/01/2009|19.16] C:\Programmi\hp deskjet 656c series
[18/01/2009|21.03] C:\Programmi\InstallShield Installation Information
[18/01/2009|20.58] C:\Programmi\Intel
[18/01/2009|20.51] C:\Programmi\Internet Explorer
[05/02/2009|13.22] C:\Programmi\Java
[12/02/2009|17.08] C:\Programmi\K-Lite Codec Pack
[05/03/2009|21.03] C:\Programmi\Malwarebytes' Anti-Malware
[19/01/2009|01.16] C:\Programmi\Mediacenter 1.0a
[18/01/2009|20.50] C:\Programmi\Messenger
[19/01/2009|01.08] C:\Programmi\Messenger Plus! Live
[19/01/2009|01.16] C:\Programmi\MessengerDiscovery
[18/01/2009|20.53] C:\Programmi\microsoft frontpage
[18/01/2009|21.56] C:\Programmi\Microsoft Office
[18/01/2009|21.56] C:\Programmi\Microsoft.NET
[18/01/2009|20.51] C:\Programmi\Movie Maker
[18/01/2009|23.22] C:\Programmi\Mozilla Firefox
[18/01/2009|20.50] C:\Programmi\MSN Gaming Zone
[19/01/2009|01.07] C:\Programmi\MSN Messenger
[19/01/2009|17.47] C:\Programmi\MSXML 4.0
[19/01/2009|19.52] C:\Programmi\Nero
[18/01/2009|20.51] C:\Programmi\NetMeeting
[20/01/2009|20.25] C:\Programmi\Nokia
[18/01/2009|20.51] C:\Programmi\Outlook Express
[18/01/2009|21.03] C:\Programmi\Realtek
[18/01/2009|20.51] C:\Programmi\Servizi in linea
[19/01/2009|11.45] C:\Programmi\Skype
[18/01/2009|21.09] C:\Programmi\Synaptics
[19/01/2009|19.57] C:\Programmi\Trend Micro
[18/01/2009|21.00] C:\Programmi\Uninstall Information
[19/01/2009|01.14] C:\Programmi\VideoLAN
[19/01/2009|01.13] C:\Programmi\VoipStunt.com
[19/01/2009|01.08] C:\Programmi\Windows Live
[19/01/2009|11.59] C:\Programmi\Windows Media Connect 2
[18/01/2009|20.50] C:\Programmi\Windows Media Player
[18/01/2009|20.50] C:\Programmi\Windows NT
[18/01/2009|20.51] C:\Programmi\WindowsUpdate
[19/01/2009|01.14] C:\Programmi\WinRAR
[19/01/2009|01.14] C:\Programmi\WinZip
[18/01/2009|21.08] C:\Programmi\Wireless Console 2
[18/01/2009|20.53] C:\Programmi\xerox
[0|File] C:\Programmi\byte
[54|Directory] C:\Programmi\byte disponibili

--------------------\\ Listing Folders in C:\Programmi\File comuni

[19/01/2009|01.22] C:\Programmi\File comuni\Adobe
[19/01/2009|19.52] C:\Programmi\File comuni\Ahead
[18/01/2009|21.21] C:\Programmi\File comuni\ATI Technologies
[18/01/2009|21.57] C:\Programmi\File comuni\DESIGNER
[18/01/2009|21.03] C:\Programmi\File comuni\InstallShield
[18/01/2009|20.46] C:\Programmi\File comuni\Microsoft Shared
[18/01/2009|20.51] C:\Programmi\File comuni\MSSoap
[20/01/2009|20.25] C:\Programmi\File comuni\Nokia
[18/01/2009|20.46] C:\Programmi\File comuni\ODBC
[14/02/2009|16.49] C:\Programmi\File comuni\Real
[18/01/2009|20.51] C:\Programmi\File comuni\Services
[19/01/2009|11.45] C:\Programmi\File comuni\Skype
[18/01/2009|20.46] C:\Programmi\File comuni\SpeechEngines
[18/01/2009|20.51] C:\Programmi\File comuni\System
[14/02/2009|16.50] C:\Programmi\File comuni\xing shared
[0|File] C:\Programmi\File comuni\byte
[17|Directory] C:\Programmi\File comuni\byte disponibili

--------------------\\ Process

( 50 Processes )

... OK !

--------------------\\ Searching with S_Lop

No Lop folder found !

--------------------\\ Searching for Lop Files - Folders

C:\DOCUME~1\Antonio\IMPOST~1\Temp\nsm171.tmp

--------------------\\ Searching within the Registry

..... OK !

--------------------\\ Checking the Hosts file

Hosts file CLEAN


--------------------\\ Searching for hidden files with Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-06 10:23:38
Windows 5.1.2600 Service Pack 3 FAT NTAPI
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Searching for other infections


No other infections found !

[F:1134][D:18]-> C:\DOCUME~1\Antonio\IMPOST~1\Temp
[F:33][D:0]-> C:\DOCUME~1\Antonio\Cookies
[F:823][D:4]-> C:\DOCUME~1\Antonio\IMPOST~1\TEMPOR~1\content.IE5
[F:2][D:0]-> C:\Recycled

1 - "C:\Lop SD\LopR_1.txt" - 06/03/2009|10.23 - Option : [1]

--------------------\\ Scan completed at 10.23.58









--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Genuine Intel(R) CPU T2300 @ 1.66GHz )
BIOS : Default System BIOS
USER : Antonio ( Administrator )
BOOT : Normal boot
Antivirus : AVG 7.5.557 7.5.557 (Activated)
C:\ (Local Disk) - FAT32 - Total:40 Go (Free:15 Go)
D:\ (Local Disk) - NTFS - Total:69 Go (Free:20 Go)
E:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 06/03/2009|10.26 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ FIX

Deleted! - C:\DOCUME~1\Antonio\IMPOST~1\Temp\nsm171.tmp

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing folders in DATIAP~1

[18/01/2009|20.53] C:\DOCUME~1\DEFAUL~1\DATIAP~1\Identities
[18/01/2009|21.25] C:\DOCUME~1\DEFAUL~1\DATIAP~1\Intel
[18/01/2009|20.45] C:\DOCUME~1\DEFAUL~1\DATIAP~1\Microsoft
[18/01/2009|21.09] C:\DOCUME~1\DEFAUL~1\DATIAP~1\Skype
[18/01/2009|21.12] C:\DOCUME~1\DEFAUL~1\DATIAP~1\Symantec
[0|File] C:\DOCUME~1\DEFAUL~1\DATIAP~1\byte
[7|Directory] C:\DOCUME~1\DEFAUL~1\DATIAP~1\byte disponibili

[19/01/2009|01.22] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Adobe
[18/01/2009|23.27] C:\DOCUME~1\ALLUSE~1\DATIAP~1\avg7
[18/01/2009|23.27] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Grisoft
[18/01/2009|21.25] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Intel
[05/03/2009|21.03] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Malwarebytes
[19/01/2009|01.11] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Messenger Plus!
[18/01/2009|20.45] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Microsoft
[18/01/2009|20.57] C:\DOCUME~1\ALLUSE~1\DATIAP~1\SBSI
[18/01/2009|21.09] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Skype
[18/01/2009|21.11] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Symantec
[19/01/2009|11.55] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Windows Genuine Advantage
[0|File] C:\DOCUME~1\ALLUSE~1\DATIAP~1\byte
[13|Directory] C:\DOCUME~1\ALLUSE~1\DATIAP~1\byte disponibili

[18/01/2009|20.45] C:\DOCUME~1\NETWOR~1\DATIAP~1\Microsoft
[0|File] C:\DOCUME~1\NETWOR~1\DATIAP~1\byte
[3|Directory] C:\DOCUME~1\NETWOR~1\DATIAP~1\byte disponibili

[18/01/2009|23.28] C:\DOCUME~1\LOCALS~1\DATIAP~1\AVG7
[18/01/2009|20.45] C:\DOCUME~1\LOCALS~1\DATIAP~1\Microsoft
[0|File] C:\DOCUME~1\LOCALS~1\DATIAP~1\byte
[4|Directory] C:\DOCUME~1\LOCALS~1\DATIAP~1\byte disponibili

[18/01/2009|22.33] C:\DOCUME~1\ANTONIO\DATIAP~1\Adobe
[19/01/2009|19.54] C:\DOCUME~1\ANTONIO\DATIAP~1\Ahead
[18/01/2009|21.46] C:\DOCUME~1\ANTONIO\DATIAP~1\ATI
[18/01/2009|23.47] C:\DOCUME~1\ANTONIO\DATIAP~1\AVG7
[18/01/2009|20.53] C:\DOCUME~1\ANTONIO\DATIAP~1\Identities
[18/01/2009|21.25] C:\DOCUME~1\ANTONIO\DATIAP~1\Intel
[19/01/2009|01.08] C:\DOCUME~1\ANTONIO\DATIAP~1\Macromedia
[05/03/2009|21.03] C:\DOCUME~1\ANTONIO\DATIAP~1\Malwarebytes
[12/02/2009|17.13] C:\DOCUME~1\ANTONIO\DATIAP~1\Media Player Classic
[18/01/2009|20.45] C:\DOCUME~1\ANTONIO\DATIAP~1\Microsoft
[18/01/2009|23.23] C:\DOCUME~1\ANTONIO\DATIAP~1\Mozilla
[14/02/2009|16.49] C:\DOCUME~1\ANTONIO\DATIAP~1\Real
[18/01/2009|21.09] C:\DOCUME~1\ANTONIO\DATIAP~1\Skype
[19/01/2009|11.46] C:\DOCUME~1\ANTONIO\DATIAP~1\skypePM
[05/02/2009|13.21] C:\DOCUME~1\ANTONIO\DATIAP~1\Sun
[18/01/2009|21.12] C:\DOCUME~1\ANTONIO\DATIAP~1\Symantec
[18/01/2009|23.24] C:\DOCUME~1\ANTONIO\DATIAP~1\Talkback
[19/01/2009|01.14] C:\DOCUME~1\ANTONIO\DATIAP~1\vlc
[22/01/2009|22.34] C:\DOCUME~1\ANTONIO\DATIAP~1\VoipStunt
[0|File] C:\DOCUME~1\ANTONIO\DATIAP~1\byte
[21|Directory] C:\DOCUME~1\ANTONIO\DATIAP~1\byte disponibili

[20/02/2009|17.41] C:\DOCUME~1\GUEST\DATIAP~1\ATI
[20/02/2009|17.41] C:\DOCUME~1\GUEST\DATIAP~1\AVG7
[18/01/2009|20.53] C:\DOCUME~1\GUEST\DATIAP~1\Identities
[18/01/2009|21.25] C:\DOCUME~1\GUEST\DATIAP~1\Intel
[18/01/2009|20.45] C:\DOCUME~1\GUEST\DATIAP~1\Microsoft
[20/02/2009|17.41] C:\DOCUME~1\GUEST\DATIAP~1\Mozilla
[20/02/2009|17.41] C:\DOCUME~1\GUEST\DATIAP~1\Real
[18/01/2009|21.09] C:\DOCUME~1\GUEST\DATIAP~1\Skype
[18/01/2009|21.12] C:\DOCUME~1\GUEST\DATIAP~1\Symantec
[0|File] C:\DOCUME~1\GUEST\DATIAP~1\byte
[11|Directory] C:\DOCUME~1\GUEST\DATIAP~1\byte disponibili

--------------------\\ Scheduled Tasks located in C:\WINDOWS\Tasks

[06/03/2009 10.17][--ah-----] C:\WINDOWS\tasks\SA.DAT
[19/08/2004 14.00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing Folders in C:\Programmi

[18/01/2009|21.28] C:\Programmi\Adobe
[09/02/2009|18.45] C:\Programmi\Apperson
[18/01/2009|21.05] C:\Programmi\Asus
[18/01/2009|21.18] C:\Programmi\ATI Technologies
[19/01/2009|01.08] C:\Programmi\Axon Data
[19/01/2009|19.56] C:\Programmi\CCleaner
[18/01/2009|20.51] C:\Programmi\ComPlus Applications
[19/01/2009|01.16] C:\Programmi\Coolstreaming_Tool-Bar_v1.0
[26/01/2009|09.10] C:\Programmi\eMule
[18/01/2009|20.46] C:\Programmi\File comuni
[18/01/2009|23.28] C:\Programmi\Grisoft
[21/01/2009|19.15] C:\Programmi\Hewlett-Packard
[21/01/2009|19.16] C:\Programmi\hp deskjet 656c series
[18/01/2009|21.03] C:\Programmi\InstallShield Installation Information
[18/01/2009|20.58] C:\Programmi\Intel
[18/01/2009|20.51] C:\Programmi\Internet Explorer
[05/02/2009|13.22] C:\Programmi\Java
[12/02/2009|17.08] C:\Programmi\K-Lite Codec Pack
[05/03/2009|21.03] C:\Programmi\Malwarebytes' Anti-Malware
[19/01/2009|01.16] C:\Programmi\Mediacenter 1.0a
[18/01/2009|20.50] C:\Programmi\Messenger
[19/01/2009|01.08] C:\Programmi\Messenger Plus! Live
[19/01/2009|01.16] C:\Programmi\MessengerDiscovery
[18/01/2009|20.53] C:\Programmi\microsoft frontpage
[18/01/2009|21.56] C:\Programmi\Microsoft Office
[18/01/2009|21.56] C:\Programmi\Microsoft.NET
[18/01/2009|20.51] C:\Programmi\Movie Maker
[18/01/2009|23.22] C:\Programmi\Mozilla Firefox
[18/01/2009|20.50] C:\Programmi\MSN Gaming Zone
[19/01/2009|01.07] C:\Programmi\MSN Messenger
[19/01/2009|17.47] C:\Programmi\MSXML 4.0
[19/01/2009|19.52] C:\Programmi\Nero
[18/01/2009|20.51] C:\Programmi\NetMeeting
[20/01/2009|20.25] C:\Programmi\Nokia
[18/01/2009|20.51] C:\Programmi\Outlook Express
[18/01/2009|21.03] C:\Programmi\Realtek
[18/01/2009|20.51] C:\Programmi\Servizi in linea
[19/01/2009|11.45] C:\Programmi\Skype
[18/01/2009|21.09] C:\Programmi\Synaptics
[19/01/2009|19.57] C:\Programmi\Trend Micro
[18/01/2009|21.00] C:\Programmi\Uninstall Information
[19/01/2009|01.14] C:\Programmi\VideoLAN
[19/01/2009|01.13] C:\Programmi\VoipStunt.com
[19/01/2009|01.08] C:\Programmi\Windows Live
[19/01/2009|11.59] C:\Programmi\Windows Media Connect 2
[18/01/2009|20.50] C:\Programmi\Windows Media Player
[18/01/2009|20.50] C:\Programmi\Windows NT
[18/01/2009|20.51] C:\Programmi\WindowsUpdate
[19/01/2009|01.14] C:\Programmi\WinRAR
[19/01/2009|01.14] C:\Programmi\WinZip
[18/01/2009|21.08] C:\Programmi\Wireless Console 2
[18/01/2009|20.53] C:\Programmi\xerox
[0|File] C:\Programmi\byte
[54|Directory] C:\Programmi\byte disponibili

--------------------\\ Listing Folders in C:\Programmi\File comuni

[19/01/2009|01.22] C:\Programmi\File comuni\Adobe
[19/01/2009|19.52] C:\Programmi\File comuni\Ahead
[18/01/2009|21.21] C:\Programmi\File comuni\ATI Technologies
[18/01/2009|21.57] C:\Programmi\File comuni\DESIGNER
[18/01/2009|21.03] C:\Programmi\File comuni\InstallShield
[18/01/2009|20.46] C:\Programmi\File comuni\Microsoft Shared
[18/01/2009|20.51] C:\Programmi\File comuni\MSSoap
[20/01/2009|20.25] C:\Programmi\File comuni\Nokia
[18/01/2009|20.46] C:\Programmi\File comuni\ODBC
[14/02/2009|16.49] C:\Programmi\File comuni\Real
[18/01/2009|20.51] C:\Programmi\File comuni\Services
[19/01/2009|11.45] C:\Programmi\File comuni\Skype
[18/01/2009|20.46] C:\Programmi\File comuni\SpeechEngines
[18/01/2009|20.51] C:\Programmi\File comuni\System
[14/02/2009|16.50] C:\Programmi\File comuni\xing shared
[0|File] C:\Programmi\File comuni\byte
[17|Directory] C:\Programmi\File comuni\byte disponibili

--------------------\\ Process

( 47 Processes )

... OK !

--------------------\\ Searching with S_Lop

No Lop folder found !

--------------------\\ Searching for Lop Files - Folders

No Lop folder found !

--------------------\\ Searching within the Registry

..... OK !

--------------------\\ Checking the Hosts file

Hosts file CLEAN


--------------------\\ Searching for hidden files with Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-06 10:27:27
Windows 5.1.2600 Service Pack 3 FAT NTAPI
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Searching for other infections


No other infections found !

[F:1134][D:18]-> C:\DOCUME~1\Antonio\IMPOST~1\Temp
[F:33][D:0]-> C:\DOCUME~1\Antonio\Cookies
[F:823][D:4]-> C:\DOCUME~1\Antonio\IMPOST~1\TEMPOR~1\content.IE5
[F:2][D:0]-> C:\Recycled

1 - "C:\Lop SD\LopR_1.txt" - 06/03/2009|10.23 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 06/03/2009|10.27 - Option : [2]

--------------------\\ Scan completed at 10.27.46






Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10.29.50, on 06/03/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ATK0100\HControl.exe
C:\WINDOWS\sm56hlpr.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programmi\Wireless Console 2\wcourier.exe
C:\Programmi\ASUS\ATK Media\DMEDIA.EXE
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
C:\Programmi\ASUS\Power4 Gear\BatteryLife.exe
C:\Programmi\ASUS\Splendid\ACMON.exe
C:\Programmi\Intel\Wireless\bin\ZCfgSvc.exe
C:\Programmi\Intel\Wireless\Bin\ifrmewrk.exe
C:\Programmi\Intel\Wireless\Bin\EOUWiz.exe
C:\WINDOWS\system32\ACEngSvr.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
C:\Programmi\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
C:\Programmi\WinZip\WZQKPICK.EXE
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\PROGRA~1\Grisoft\AVG7\avgw.exe
C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.asus.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Coolstreaming Tool-Bar v1.0 Toolbar - {bd0e4d83-654e-4213-965b-fcbe887061f4} - C:\Programmi\Coolstreaming_Tool-Bar_v1.0\tbCool.dll
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Coolstreaming Tool-Bar v1.0 Toolbar - {bd0e4d83-654e-4213-965b-fcbe887061f4} - C:\Programmi\Coolstreaming_Tool-Bar_v1.0\tbCool.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Coolstreaming Tool-Bar v1.0 Toolbar - {bd0e4d83-654e-4213-965b-fcbe887061f4} - C:\Programmi\Coolstreaming_Tool-Bar_v1.0\tbCool.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\WINDOWS\sm56hlpr.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ASUS Live Update] C:\Programmi\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [Wireless Console 2] C:\Programmi\Wireless Console 2\wcourier.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Programmi\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ABLKSR] C:\WINDOWS\ABLKSR\ABLKSR.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Programmi\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [Power_Gear] C:\Programmi\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [ACMON] C:\Programmi\ASUS\Splendid\ACMON.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Programmi\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Programmi\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] "C:\Programmi\Intel\Wireless\Bin\EOUWiz.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programmi\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe

--
End of file - 7717 bytes
Torna in alto
 
Utenti presenti in questo topic
Guest

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » controllo log. grazie


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.