Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » Controllo File Log Hijack

Controllo File Log Hijack Opzioni
Topic Precedente · Topic Sucessivo
patton
Inviato: Friday, November 13, 2009 8:35:35 PM
Rank: AiutAmico

Iscritto dal : 5/15/2004
Posts: 245
Win XP Pro, IE 8,Avast.
All'avvio mi compare una finestra di avviso "Seach setting Wanining"
Mi controllate il file allegato per cancellae la riga di comando che lo genera

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20.15.46, on 13/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\Programmi\Keyboard Manager\Manager Utility\KeyboardManager.exe
C:\Programmi\Intel\Wireless\bin\ZCfgSvc.exe
C:\Programmi\Intel\Wireless\Bin\ifrmewrk.exe
C:\Programmi\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALICET~1\SMARTB~1\MotiveSB.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\igfxext.exe
C:\Programmi\Acronis\TrueImage\TrueImageMonitor.exe
C:\Programmi\Acronis\TrueImage\TimounterMonitor.exe
C:\Programmi\File comuni\Acronis\Schedule2\schedhlp.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Programmi\Search Settings\SearchSettings.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\Programmi\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\a-squared Free\a2service.exe
C:\Programmi\File comuni\Acronis\Schedule2\schedul2.exe
C:\Programmi\Google\Google Talk\googletalk.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programmi\Skype\Phone\Skype.exe
C:\Programmi\IObit\Advanced SystemCare 3\AWC.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe
C:\Programmi\Telecom Italia\WanMiniport1st\WanMiniport1st_srv.exe
C:\Programmi\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Macrium\Reflect\ReflectService.exe
C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
C:\Programmi\Qlock\qlock.exe
C:\Programmi\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Alice ti aiuta\bin\mpbtn.exe
C:\Programmi\Windows Live\Contacts\wlcomm.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
C:\Programmi\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Programmi\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Programmi\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\Documents and Settings\Vin\Documenti\Documenti Gennaro\Download\HiJackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.167.9.178:3128
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programmi\Search Settings\kb128\SearchSettings.dll
R3 - URLSearchHook: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Programmi\Softonic-Eng7\tbSof1.dll
O2 - BHO: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Programmi\Dealio Toolbar\DealioToolbarIE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Programmi\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Programmi\Softonic-Eng7\tbSof1.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Programmi\Windows Live\Family Safety\fssbho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programmi\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programmi\Windows Live\Toolbar\wltcore.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programmi\Search Settings\kb128\SearchSettings.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: ChromeFrame BHO - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Programmi\Google\Chrome Frame\Application\4.0.223.9\npchrome_tab.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programmi\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Programmi\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Programmi\Dealio Toolbar\DealioToolbarIE.dll
O3 - Toolbar: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Programmi\Softonic-Eng7\tbSof1.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Keyboard Manager Utility] "c:\Programmi\Keyboard Manager\Manager Utility\KeyboardManager.exe" /lang en /H
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Programmi\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Programmi\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [OpwareSE4] "C:\Programmi\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\ALICET~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programmi\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Programmi\Acronis\TrueImage\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Programmi\Acronis\TrueImage\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Programmi\File comuni\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [fssui] "C:\Programmi\Windows Live\Family Safety\fsui.exe" -autorun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SearchSettings] C:\Programmi\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Programmi\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Programmi\Logitech\Video\ManifestEngine.exe boot
O4 - HKCU\..\Run: [googletalk] "C:\Programmi\Google\Google Talk\googletalk.exe" /autostart
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Vin\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Programmi\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Startup: qlock.lnk = C:\Programmi\Qlock\qlock.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Alice ti aiuta.lnk = C:\Programmi\Alice ti aiuta\bin\matcli.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Annota (Google Blocco Note) - res://C:\Programmi\Google\Google Notebook\gnotes1.0.2.19-574747135.dll/gn_menu2.html
O8 - Extra context menu item: Annota questa pagina (Google Blocco Note) - res://C:\Programmi\Google\Google Notebook\gnotes1.0.2.19-574747135.dll/gn_menu1.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.redshift.maris.com
O18 - Protocol hijack: cf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E}
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - (no file)
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Programmi\a-squared Free\a2service.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Programmi\File comuni\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Update Service (gupdate1c986c3209c3e68) (gupdate1c986c3209c3e68) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: Network WanMiniport First Position - Unknown owner - C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Programmi\CDBurnerXP\NMSAccessU.exe
O23 - Service: Macrium Reflect Image Mounting Service (ReflectService) - Unknown owner - C:\Programmi\Macrium\Reflect\ReflectService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 17081 bytes
Torna in alto
 
Sponsor
Inviato: Friday, November 13, 2009 8:35:35 PM

 
Torna in alto
 
shapiro
Inviato: Friday, November 13, 2009 9:29:49 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
ciao

le voci da eliminare da hijackthis sono piu' di una, l'infezione non la elimini solo con hijackthis- semmai alla fine ella scansione elimineremo anche le altre voci


Scarica e installa
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
Aggiornalo e fai una scansione completa del computer. Posta il rapporto ottenuto. Per ora non rimuovere nessuna eventuale minaccia rilevata
Torna in alto
 
patton
Inviato: Saturday, November 14, 2009 12:49:52 AM
Rank: AiutAmico

Iscritto dal : 5/15/2004
Posts: 245
Per shapiro,
ti invio quanto richiesto:

Malwarebytes' Anti-Malware 1.41
Versione del database: 3159
Windows 5.1.2600 Service Pack 3

14/11/2009 0.48.47
mbam-log-2009-11-14 (00-48-47).txt

Tipo di scansione: Scansione completa (C:\|E:\|F:\|)
Elementi scansionati: 247870
Tempo trascorso: 1 hour(s), 20 minute(s), 52 second(s)

Processi delle memoria infetti: 0
Moduli della memoria infetti: 0
Chiavi di registro infette: 0
Valori di registro infetti: 0
Elementi dato del registro infetti: 0
Cartelle infette: 0
File infetti: 0

Processi delle memoria infetti:
(Nessun elemento malevolo rilevato)

Moduli della memoria infetti:
(Nessun elemento malevolo rilevato)

Chiavi di registro infette:
(Nessun elemento malevolo rilevato)

Valori di registro infetti:
(Nessun elemento malevolo rilevato)

Elementi dato del registro infetti:
(Nessun elemento malevolo rilevato)

Cartelle infette:
(Nessun elemento malevolo rilevato)

File infetti:
(Nessun elemento malevolo rilevato)
Torna in alto
 
shapiro
Inviato: Saturday, November 14, 2009 10:53:19 AM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
con le infezioni che hai non ha trovato niente?

Scarica Combofix
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
(non installare la recovery console)
Salvalo sul desktop.
Doppio click su combofix.exe (comparirà una videata.)
Digita 1 premi Invio e segui le indicazioni.
Al termine, verrà creato un file log chiamato C:\ComboFix.txt. Postalo qui.
Durante l'operazione di scansione è importante non usare il PC e attendere pazientemente la fine delle operazioni.

NON TOCCARE NIENTE DURANTE LA SCANSIONE, NEMMENO IL MOUSE
Torna in alto
 
patton
Inviato: Saturday, November 14, 2009 1:48:57 PM
Rank: AiutAmico

Iscritto dal : 5/15/2004
Posts: 245
ti invio ComboFix.txt

ComboFix 09-11-14.03 - Vin 14/11/2009 13.02.31..2 - FAT32x86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.2038.1182 [GMT 1:00]
Eseguito da: e:\download remoto\ComboFix.exe
AV: avast! antivirus 4.8.1356 [VPS 091114-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\data
c:\data\prova.do
c:\data\prova.do.bak
c:\programmi\Dealio Toolbar
c:\programmi\Dealio Toolbar\config.ini
c:\programmi\Dealio Toolbar\DealioToolbarIE.dll
c:\programmi\Dealio Toolbar\Res\amazon.gif
c:\programmi\Dealio Toolbar\Res\apple.gif
c:\programmi\Dealio Toolbar\Res\barnes.gif
c:\programmi\Dealio Toolbar\Res\bestbuy.gif
c:\programmi\Dealio Toolbar\Res\dealio_logo.gif
c:\programmi\Dealio Toolbar\Res\dealio_logo_hover.gif
c:\programmi\Dealio Toolbar\Res\ebay.gif
c:\programmi\Dealio Toolbar\Res\icon_settings.gif
c:\programmi\Dealio Toolbar\Res\macys.gif
c:\programmi\Dealio Toolbar\Res\newegg.gif
c:\programmi\Dealio Toolbar\Res\overstock.gif
c:\programmi\Dealio Toolbar\Res\search-button-hover.gif
c:\programmi\Dealio Toolbar\Res\search-button.gif
c:\programmi\Dealio Toolbar\Res\search-chevron-hover.gif
c:\programmi\Dealio Toolbar\Res\search-chevron.gif
c:\programmi\Dealio Toolbar\Res\search_amazon.gif
c:\programmi\Dealio Toolbar\Res\search_dealio.gif
c:\programmi\Dealio Toolbar\Res\search_ebay.gif
c:\programmi\Dealio Toolbar\Res\search_yahoo.gif
c:\programmi\Dealio Toolbar\Res\separator.gif
c:\programmi\Dealio Toolbar\Res\target.gif
c:\programmi\Dealio Toolbar\Res\walmart.gif
c:\programmi\Dealio Toolbar\Res\widgets.xml
c:\programmi\Dealio Toolbar\SearchSettingsKit.exe
c:\programmi\Dealio Toolbar\WidgiHelper.exe
c:\programmi\Search Settings
c:\programmi\Search Settings\kb128\SearchSettings.dll
c:\programmi\Search Settings\kb128\SearchSettingsRes409.dll
c:\programmi\Search Settings\SearchSettings.exe
C:\test.txt
c:\windows\kb913800.exe

.
((((((((((((((((((((((((( Files Creati Da 2009-10-14 al 2009-11-14 )))))))))))))))))))))))))))))))))))
.

2009-11-12 20:09 . 2009-11-12 20:09 -------- d-----w- c:\programmi\Auslogics
2009-11-09 07:34 . 2009-11-09 07:36 -------- d-----w- c:\documents and settings\Vin\Dati applicazioni\Media Player Classic
2009-11-09 07:33 . 2009-08-16 15:08 178176 ----a-w- c:\windows\system32\unrar.dll
2009-11-09 07:33 . 2009-11-10 20:45 -------- d-----w- c:\programmi\K-Lite Codec Pack
2009-11-09 06:02 . 2009-11-09 06:02 -------- d-----w- c:\programmi\Conduit
2009-11-09 06:02 . 2009-11-09 06:02 -------- d-----w- c:\documents and settings\Vin\Impostazioni locali\Dati applicazioni\Conduit
2009-11-09 06:02 . 2009-11-09 06:48 -------- d-----w- c:\programmi\Softonic-Eng7
2009-11-09 06:02 . 2009-11-09 06:47 -------- d-----w- c:\documents and settings\Vin\Impostazioni locali\Dati applicazioni\Softonic-Eng7
2009-11-09 06:02 . 2009-09-30 09:08 52224 ----a-w- c:\documents and settings\Vin\Dati applicazioni\Mozilla\Firefox\Profiles\1lhrnkie.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\components\FFExternalAlert.dll
2009-11-09 06:02 . 2009-09-30 09:08 114688 ----a-w- c:\documents and settings\Vin\Dati applicazioni\Mozilla\Firefox\Profiles\1lhrnkie.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\components\npmozax.dll
2009-11-03 21:38 . 2009-11-05 13:35 152576 ----a-w- c:\documents and settings\Vin\Dati applicazioni\Sun\Java\jre1.6.0_17\lzma.dll
2009-10-30 07:05 . 2009-10-30 07:05 -------- d-----w- c:\programmi\iPod
2009-10-30 07:05 . 2009-10-30 07:05 -------- d-----w- c:\programmi\iTunes
2009-10-29 06:33 . 2009-10-29 06:33 -------- d-----w- c:\programmi\AliveMedia
2009-10-28 19:58 . 2009-10-28 19:58 79144 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe
2009-10-27 22:34 . 2009-10-27 22:34 -------- d-----w- c:\documents and settings\Vin\Dati applicazioni\Search Settings
2009-10-27 22:34 . 2009-10-27 22:34 -------- d-----w- c:\documents and settings\Vin\Dati applicazioni\Dealio
2009-10-27 21:58 . 2009-01-22 13:28 290816 ----a-w- c:\windows\system32\decdll.dll
2009-10-27 21:58 . 2009-10-30 16:48 -------- d-----w- c:\programmi\Free Video Converter
2009-10-27 21:58 . 2009-10-27 21:58 -------- d-----w- c:\documents and settings\Vin\Dati applicazioni\FreeVideoConverter
2009-10-27 21:53 . 2009-10-27 21:53 -------- d-----w- c:\programmi\Easy Video Converter
2009-10-21 18:59 . 2009-10-21 18:59 -------- d-----w- c:\programmi\Tracker Software
2009-10-18 18:15 . 2009-10-18 18:15 -------- d-----w- c:\documents and settings\Vin\Dati applicazioni\InstallShield
2009-10-18 17:44 . 2009-10-18 17:44 -------- d-----w- c:\documents and settings\Vin\Impostazioni locali\Dati applicazioni\VSO

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-14 11:37 . 2007-03-07 23:41 -------- d-----w- c:\documents and settings\Vin\Dati applicazioni\Skype
2009-11-14 07:55 . 2008-01-29 05:38 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2009-11-14 07:34 . 2008-01-28 21:30 -------- d-----w- c:\programmi\a-squared Free
2009-11-13 13:35 . 2009-02-13 21:59 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Google Updater
2009-11-13 06:17 . 2009-04-18 06:21 -------- d-----w- c:\programmi\IObit
2009-11-12 11:53 . 2008-01-29 05:38 -------- d-----w- c:\programmi\Spybot - Search & Destroy
2009-11-08 12:11 . 2008-08-27 07:14 -------- d-----w- c:\programmi\Glary Utilities
2009-11-07 16:45 . 2004-09-07 12:00 85678 ----a-w- c:\windows\system32\perfc010.dat
2009-11-07 16:45 . 2004-09-07 12:00 492836 ----a-w- c:\windows\system32\perfh010.dat
2009-11-05 21:27 . 2007-03-07 09:33 -------- d-----w- c:\programmi\Google
2009-11-03 21:39 . 2007-03-07 06:37 -------- d-----w- c:\programmi\Java
2009-11-02 19:42 . 2009-10-03 04:44 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-11-02 19:26 . 2009-01-03 14:11 -------- d-----w- c:\programmi\CDBurnerXP
2009-10-30 07:05 . 2007-07-07 09:43 -------- d-----w- c:\programmi\File comuni\Apple
2009-10-30 06:09 . 2007-03-13 22:15 -------- d-----w- c:\programmi\DivX
2009-10-30 06:08 . 2009-05-19 13:12 -------- d-----w- c:\programmi\File comuni\DivX Shared
2009-10-28 06:54 . 2009-09-10 14:50 -------- d-----w- c:\programmi\QuickTime
2009-10-27 05:57 . 2008-12-26 07:47 -------- d-----w- c:\documents and settings\Vin\Dati applicazioni\Image Zone Express
2009-10-24 07:11 . 2007-11-04 17:39 -------- d-----w- c:\programmi\SopCast
2009-10-22 21:16 . 2008-06-07 06:16 -------- d-----w- c:\programmi\SIW
2009-10-18 17:57 . 2007-03-07 09:10 -------- d--h--w- c:\programmi\InstallShield Installation Information
2009-10-18 17:53 . 2009-07-10 06:02 -------- d-----w- c:\programmi\Celestia
2009-10-18 17:49 . 2008-06-28 16:17 -------- d-----w- c:\documents and settings\Vin\Dati applicazioni\Vso
2009-10-15 10:58 . 2009-10-15 10:58 43646 ----a-r- c:\documents and settings\Vin\Dati applicazioni\Microsoft\Installer\{986389BF-2AE7-4C4D-B284-519BA869EDD1}\_EF7BC6DDBE20B4C1311492.exe
2009-10-15 10:58 . 2009-10-15 10:58 43646 ----a-r- c:\documents and settings\Vin\Dati applicazioni\Microsoft\Installer\{986389BF-2AE7-4C4D-B284-519BA869EDD1}\_D707CE1C009F1381803C2C.exe
2009-10-15 10:58 . 2009-10-15 10:58 43646 ----a-r- c:\documents and settings\Vin\Dati applicazioni\Microsoft\Installer\{986389BF-2AE7-4C4D-B284-519BA869EDD1}\_81A4006ABC1B62DCE5F5CA.exe
2009-10-15 10:58 . 2009-10-15 10:58 43646 ----a-r- c:\documents and settings\Vin\Dati applicazioni\Microsoft\Installer\{986389BF-2AE7-4C4D-B284-519BA869EDD1}\_21F3885A18D238E15AAE81.exe
2009-10-15 10:58 . 2009-10-15 10:58 29926 ----a-r- c:\documents and settings\Vin\Dati applicazioni\Microsoft\Installer\{986389BF-2AE7-4C4D-B284-519BA869EDD1}\_455EF241629E11584EA727.exe
2009-10-15 10:58 . 2009-10-15 10:58 109534 ----a-r- c:\documents and settings\Vin\Dati applicazioni\Microsoft\Installer\{986389BF-2AE7-4C4D-B284-519BA869EDD1}\_6FEFF9B68218417F98F549.exe
2009-10-15 10:58 . 2009-10-15 10:58 -------- d-----w- c:\programmi\Macrium
2009-10-13 21:09 . 2007-03-07 09:30 -------- d-----w- c:\programmi\File comuni\Adobe
2009-10-11 03:17 . 2008-10-27 19:49 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-06 11:12 . 2009-10-06 11:12 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-10-03 19:50 . 2009-06-02 06:27 -------- d-----w- c:\programmi\Ashampoo
2009-10-03 10:53 . 2009-10-03 10:53 -------- d-----w- c:\programmi\Microsoft Office Outlook Connector
2009-10-03 10:51 . 2008-01-29 05:09 -------- d-----w- c:\programmi\Windows Live
2009-09-26 14:16 . 2009-09-26 14:16 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\GiocoDigitale
2009-09-25 16:41 . 2009-09-25 16:41 856064 ----a-w- c:\windows\system32\divx_xx0c.dll
2009-09-25 16:41 . 2009-09-25 16:41 856064 ----a-w- c:\windows\system32\divx_xx07.dll
2009-09-25 16:41 . 2009-09-25 16:41 847872 ----a-w- c:\windows\system32\divx_xx0a.dll
2009-09-25 16:41 . 2009-09-25 16:41 843776 ----a-w- c:\windows\system32\divx_xx16.dll
2009-09-25 16:41 . 2009-09-25 16:41 839680 ----a-w- c:\windows\system32\divx_xx11.dll
2009-09-25 16:41 . 2009-09-25 16:41 696320 ----a-w- c:\windows\system32\DivX.dll
2009-09-23 18:04 . 2007-03-09 23:16 29304 ----a-w- c:\documents and settings\Vin\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2009-09-15 10:59 . 2008-11-19 13:58 1279968 ----a-w- c:\windows\system32\aswBoot.exe
2009-09-15 10:56 . 2008-11-19 13:58 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-09-15 10:56 . 2008-11-19 13:58 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-09-15 10:55 . 2008-11-19 13:58 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-09-15 10:55 . 2008-11-19 13:58 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-09-15 10:54 . 2008-11-19 13:58 52368 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-09-15 10:54 . 2008-11-19 13:58 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-09-15 10:53 . 2008-11-19 13:58 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-09-15 10:53 . 2008-11-19 13:58 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-09-11 22:02 . 2009-09-06 11:45 152576 ----a-w- c:\documents and settings\Vin\Dati applicazioni\Sun\Java\jre1.6.0_16\lzma.dll
2009-09-11 14:17 . 2008-05-26 21:48 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-11 04:56 . 2008-12-04 06:20 4045528 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-09-10 12:54 . 2008-11-09 08:16 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-10 12:53 . 2008-11-09 08:16 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-09-04 21:03 . 2004-09-07 12:00 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 07:56 . 2004-09-07 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2009-08-26 08:00 . 2004-09-07 12:00 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-25 10:16 . 2009-08-25 10:16 32224 ----a-w- c:\windows\system32\drivers\psmounter.sys
2009-09-25 16:41 . 2009-09-25 16:41 1044480 ----a-w- c:\programmi\mozilla firefox\plugins\libdivx.dll
2009-09-25 16:41 . 2009-09-25 16:41 200704 ----a-w- c:\programmi\mozilla firefox\plugins\ssldivx.dll
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:\programmi\Softonic-Eng7\tbSof1.dll" [2009-11-09 2166296]

[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-07-17 15:20 279944 ----a-w- c:\programmi\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
2009-11-09 06:48 2166296 ----a-w- c:\programmi\Softonic-Eng7\tbSof1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\programmi\AskBarDis\bar\bin\askBar.dll" [2008-07-17 279944]
"{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:\programmi\Softonic-Eng7\tbSof1.dll" [2009-11-09 2166296]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\programmi\AskBarDis\bar\bin\askBar.dll" [2008-07-17 279944]
"{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}"= "c:\programmi\Softonic-Eng7\tbSof1.dll" [2009-11-09 2166296]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Picasa Media Detector"="c:\programmi\Picasa2\PicasaMediaDetector.exe" [2008-08-21 443968]
"MsnMsgr"="c:\programmi\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883856]
"LogitechSoftwareUpdate"="c:\programmi\Logitech\Video\ManifestEngine.exe" [2005-06-08 196608]
"googletalk"="c:\programmi\Google\Google Talk\googletalk.exe" [2007-11-21 3293184]
"Google Update"="c:\documents and settings\Vin\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe" [2008-11-13 133104]
"Skype"="c:\programmi\Skype\Phone\Skype.exe" [2009-10-09 25623336]
"Advanced SystemCare 3"="c:\programmi\IObit\Advanced SystemCare 3\AWC.exe" [2009-11-04 2334856]
"PC Suite Tray"="c:\programmi\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-06-25 1414144]
"MSMSGS"="c:\programmi\Messenger\msmsgs.exe" [2008-04-13 1695232]
"swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-28 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-17 64512]
"SynTPEnh"="c:\programmi\Synaptics\SynTP\SynTPEnh.exe" [2006-01-13 761946]
"Keyboard Manager Utility"="c:\programmi\Keyboard Manager\Manager Utility\KeyboardManager.exe" [2006-03-06 1118208]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"IntelZeroConfig"="c:\programmi\Intel\Wireless\bin\ZCfgSvc.exe" [2007-02-21 819200]
"IntelWireless"="c:\programmi\Intel\Wireless\Bin\ifrmewrk.exe" [2007-02-21 970752]
"OpwareSE4"="c:\programmi\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 75304]
"Acrobat Assistant 7.0"="c:\programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2008-04-23 483328]
"HP Software Update"="c:\programmi\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 49152]
"Motive SmartBridge"="c:\progra~1\ALICET~1\SMARTB~1\MotiveSB.exe" [2006-04-21 438359]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-09-05 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-09-05 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-09-05 137752]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2005-07-19 221184]
"LogitechVideoRepair"="c:\programmi\Logitech\Video\ISStart.exe" [2005-06-08 458752]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-09-15 81000]
"TrueImageMonitor.exe"="c:\programmi\Acronis\TrueImage\TrueImageMonitor.exe" [2007-03-02 1165288]
"AcronisTimounterMonitor"="c:\programmi\Acronis\TrueImage\TimounterMonitor.exe" [2007-03-02 1945904]
"Acronis Scheduler2 Service"="c:\programmi\File comuni\Acronis\Schedule2\schedhlp.exe" [2007-03-02 149024]
"fssui"="c:\programmi\Windows Live\Family Safety\fsui.exe" [2009-08-05 647520]
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"iTunesHelper"="c:\programmi\iTunes\iTunesHelper.exe" [2009-10-28 141600]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2008-04-13 110592]
"High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" - c:\windows\system32\CHDAudPropShortcut.exe [2006-01-05 61952]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]
"Picasa Media Detector"="c:\programmi\Picasa2\PicasaMediaDetector.exe" [2008-08-21 443968]
"DWQueuedReporting"="c:\progra~1\FILECO~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"tscuninstall"="c:\windows\system32\tscupgrd.exe" [2004-09-07 44544]

c:\documents and settings\Vin\Menu Avvio\Programmi\Esecuzione automatica\
qlock.lnk - c:\programmi\Qlock\qlock.exe [2008-10-16 4142080]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Adobe Acrobat Speed Launcher.lnk - c:\windows\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe [2007-3-30 25214]
Alice ti aiuta.lnk - c:\programmi\Alice ti aiuta\bin\matcli.exe [2008-1-25 217088]
HP Digital Imaging Monitor.lnk - c:\programmi\HP\Digital Imaging\bin\hpqtra08.exe [2005-5-12 282624]
Microsoft Office.lnk - c:\programmi\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sprestrt\0sprestrt

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uranium

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"LogitechVideoTray"=c:\programmi\Logitech\Video\LogiTray.exe
"SSBkgdUpdate"="c:\programmi\File comuni\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
"QuickTime Task"="c:\programmi\QuickTime\qttask.exe" -atboottime

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\SmartFTP Client 2.0\\SmartFTP.exe"=
"c:\\Programmi\\Google\\Google Talk\\googletalk.exe"=
"c:\\Programmi\\CoreFTP\\coreftp.exe"=
"c:\\Programmi\\TVAnts\\Tvants.exe"=
"c:\\Programmi\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Programmi\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Programmi\\Gizmo Project\\mDNSResponder.exe"=
"c:\\Programmi\\Gizmo Project\\Gizmo.exe"=
"c:\\Programmi\\PPStream\\PPSAP.exe"=
"c:\\Programmi\\SopCast\\SopCast.exe"=
"c:\\Programmi\\TVUPlayer\\TVUPlayer.exe"=
"c:\\Programmi\\StreamerOne\\StreamerOne.exe"=
"c:\\Programmi\\uusee\\UUSeePlayer.exe"=
"c:\\Programmi\\FeedDemon\\FeedDemon.exe"=
"c:\\Programmi\\FeedStation\\FeedStation.exe"=
"c:\programmi\AutoIt3\Au3Info.exe"= c:\programmi\AutoIt3\Au3Info.exe:64.78.155.105/255.255.255.255:Enabled:AutoIt Window Info
"c:\\Programmi\\Synchronize It!\\wndsync.exe"=
"c:\\Programmi\\Messenger\\msmsgs.exe"=
"c:\\Programmi\\SopCast\\adv\\SopAdver.exe"=
"c:\\Programmi\\Windows Media Player\\wmplayer.exe"=
"c:\\Documents and Settings\\Vin\\Impostazioni locali\\Dati applicazioni\\Google\\Google Talk Plugin\\googletalkplugin.dll"=
"c:\\Documents and Settings\\Vin\\Impostazioni locali\\Dati applicazioni\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\Programmi\\Bonjour\\mDNSResponder.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Programmi\\iTunes\\iTunes.exe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=

R0 pssnap;Paramount Software Snapshot Filter;c:\windows\system32\drivers\pssnap.sys [20/05/2008 8.32.40 15328]
R0 pxscan;pxscan;c:\windows\system32\drivers\pxscan.sys [11/07/2009 8.50.10 22024]
R0 pxsec;pxsec;c:\windows\system32\drivers\pxsec.sys [11/07/2009 8.50.10 27656]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [19/11/2008 14.58.35 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [19/11/2008 14.58.35 20560]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [19/12/2008 7.50.50 54752]
R2 ReflectService;Macrium Reflect Image Mounting Service;c:\programmi\Macrium\Reflect\ReflectService.exe [25/08/2009 11.16.36 220128]
R2 SBKUPNT;SBKUPNT;c:\windows\system32\drivers\SBKUPNT.SYS [14/12/2007 19.00.50 14976]
R2 WinDefend;Windows Defender;c:\programmi\Windows Defender\MsMpEng.exe [03/11/2006 19.19.58 13592]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S2 gupdate1c986c3209c3e68;Google Update Service (gupdate1c986c3209c3e68);c:\programmi\Google\Update\GoogleUpdate.exe [04/02/2009 13.21.37 133104]
S2 Network WanMiniport First Position;Network WanMiniport First Position;c:\programmi\Telecom Italia\WanMiniport1st\srvany.exe [16/04/2008 14.06.02 8192]
S2 WebUpdate4;Web Update Wizard Service V4; [x]
S3 fsssvc;Servizio Windows Live Family Safety;c:\programmi\Windows Live\Family Safety\fsssvc.exe [05/08/2009 21.48.42 704864]
S3 NPF;Netgroup Packet Filter;c:\windows\system32\drivers\npf.sys [22/04/2006 8.19.14 32512]
S4 CSIScanner;CSIScanner;c:\programmi\Prevx\prevx.exe [11/07/2009 8.50.10 4368952]

--- Altri Servizi/Drivers In Memoria ---

*NewlyCreated* - MBR
*Deregistered* - mbr

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Contenuto della cartella 'Scheduled Tasks'

2009-11-14 c:\windows\Tasks\GlaryInitialize.job
- c:\programmi\Glary Utilities\initialize.exe [2008-08-27 09:21]

2009-11-14 c:\windows\Tasks\Google Software Updater.job
- c:\programmi\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-03-07 06:11]

2009-11-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2009-02-04 12:21]

2009-11-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2009-02-04 12:21]

2009-11-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1177238915-1965331169-839522115-1003Core.job
- c:\documents and settings\Vin\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe [2008-11-13 20:19]

2009-11-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1177238915-1965331169-839522115-1003UA.job
- c:\documents and settings\Vin\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe [2008-11-13 20:19]

2009-11-14 c:\windows\Tasks\MP Scheduled Scan.job
- c:\programmi\Windows Defender\MpCmdRun.exe [2006-11-03 18:20]

2009-11-14 c:\windows\Tasks\OGADaily.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 16:04]

2009-11-14 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 16:04]

2009-11-13 c:\windows\Tasks\SmartDefrag.job
- c:\programmi\IObit\IObit SmartDefrag\IObit SmartDefrag.exe [2009-11-13 15:22]

2009-11-14 c:\windows\Tasks\User_Feed_Synchronization-{E41E30A4-E8D1-4961-A198-BF1AED7D46F9}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 03:31]
.
.
------- Scansione supplementare -------
.
uStart Page = about:blank
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyServer = 192.167.9.178:3128
uInternet Settings,ProxyOverride = 127.0.0.1;*.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Annota (Google Blocco Note) - c:\programmi\Google\Google Notebook\gnotes1.0.2.19-574747135.dll/gn_menu2.html
IE: Annota questa pagina (Google Blocco Note) - c:\programmi\Google\Google Notebook\gnotes1.0.2.19-574747135.dll/gn_menu1.html
IE: Convert link target to Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Trusted Zone: maris.com\www.redshift
Handler: cf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - c:\programmi\Google\Chrome Frame\Application\4.0.223.9\npchrome_tab.dll
FF - ProfilePath - c:\documents and settings\Vin\Dati applicazioni\Mozilla\Firefox\Profiles\1lhrnkie.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: keyword.URL - hxxp://it.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=867034&p=
FF - component: c:\programmi\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\components\DealioToolbarFF.dll
FF - component: c:\programmi\Mozilla Firefox\extensions\search@searchsettings.com\components\SearchSettingsFF.dll
FF - plugin: c:\documents and settings\Vin\Dati applicazioni\Mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\programmi\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\programmi\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\programmi\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\programmi\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\programmi\Picasa2\npPicasa2.dll
FF - plugin: c:\programmi\Picasa2\npPicasa3.dll
FF - plugin: c:\programmi\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.chrome.favicons - fales
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
FF - user.js: yahoo.homepage.dontask - true
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

BHO-{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - c:\programmi\Dealio Toolbar\DealioToolbarIE.dll
Toolbar-{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - c:\programmi\Dealio Toolbar\DealioToolbarIE.dll
HKLM-Run-SearchSettings - c:\programmi\Search Settings\SearchSettings.exe
AddRemove-Convert XLS_is1 - c:\programmi\Softinterface
AddRemove-MS Word Join (Merge, Combine) Multiple Documents Software_is1 - c:\programmi\MS Word Join (Merge



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-14 13:13
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Environment*]
"Licence0"="04F0D21-79D8-7A25-D702-433F"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*]
"0140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'lsass.exe'(1156)
c:\windows\system32\relog_ap.dll

- - - - - - - > 'explorer.exe'(4176)
c:\windows\system32\WININET.dll
c:\progra~1\ALICET~1\SMARTB~1\SBHook.dll
c:\programmi\ScanSoft\OmniPageSE4.0\OpHookSE4.dll
c:\windows\system32\webcheck.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\programmi\Intel\Wireless\Bin\S24EvMon.exe
c:\programmi\Alwil Software\Avast4\aswUpdSv.exe
c:\programmi\Alwil Software\Avast4\ashServ.exe
c:\windows\system32\WgaTray.exe
c:\programmi\a-squared Free\a2service.exe
c:\programmi\File comuni\Acronis\Schedule2\schedul2.exe
c:\programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\programmi\Bonjour\mDNSResponder.exe
c:\windows\eHome\ehRecvr.exe
c:\windows\eHome\ehSched.exe
c:\programmi\Intel\Wireless\Bin\EvtEng.exe
c:\programmi\Java\jre6\bin\jqs.exe
c:\programmi\CDBurnerXP\NMSAccessU.exe
c:\programmi\Intel\Wireless\Bin\RegSrvc.exe
c:\programmi\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\system32\wdfmgr.exe
c:\windows\ehome\mcrdsvc.exe
c:\programmi\Alwil Software\Avast4\ashMaiSv.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\igfxext.exe
c:\programmi\Alwil Software\Avast4\ashWebSv.exe
c:\windows\eHome\ehmsas.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\system32\dllhost.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\programmi\iPod\bin\iPodService.exe
c:\programmi\Windows Live\Contacts\wlcomm.exe
c:\programmi\PC Connectivity Solution\ServiceLayer.exe
c:\programmi\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\programmi\PC Connectivity Solution\Transports\NclRSSrv.exe
c:\programmi\PC Connectivity Solution\Transports\NclMSBTSrv.exe
.
**************************************************************************
.
Ora fine scansione: 2009-11-14 13:27 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2009-11-14 12:27

Pre-Run: 70.145.302.528 byte disponibili
Post-Run: 70.047.252.480 byte disponibili

WindowsXP-KB310994-SP2-Pro-BootDisk-ITA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect

- - End Of File - - 241B1CB0A459630738D8AE8CCB145126
Torna in alto
 
shapiro
Inviato: Saturday, November 14, 2009 3:46:44 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
Vai su pannello di controllo e controlla che non ci sia nessuna traccia della Dealio Toolbar, l'artefice di tutte queste infezioni


scarica http://www.filehippo.com/download_ccleaner/

1) per il download dell'ultima versione clicca a destra in alto sotto la freccia verde
2) installalo (senza la toolbar aggiuntiva)
3) clicca su "avvia pulizia", ripeti il procedimento 2 volte

poi


scarica http://www.atribune.org/ccount/click.php?id=1


Avvia ATFCleaner.exe con un doppio click

1.1) seleziona la casella Select All
2.1) clicca sul pulsante Empty selected
3.1) aspetta l'avviso Done Cleaning
(se usi opera o firefox,spunta anche le loro sezioni)



Postami un log di hijackthis
Torna in alto
 
patton
Inviato: Sunday, November 15, 2009 8:05:06 AM
Rank: AiutAmico

Iscritto dal : 5/15/2004
Posts: 245
Ho eseguito le due scansioni ed eliminato dal Panello di controllo Dealio Toolbar.
Ti allego il log di hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7.58.57, on 15/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\Programmi\Keyboard Manager\Manager Utility\KeyboardManager.exe
C:\Programmi\Intel\Wireless\bin\ZCfgSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Programmi\a-squared Free\a2service.exe
C:\Programmi\Intel\Wireless\Bin\ifrmewrk.exe
C:\Programmi\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALICET~1\SMARTB~1\MotiveSB.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmi\Acronis\TrueImage\TrueImageMonitor.exe
C:\Programmi\File comuni\Acronis\Schedule2\schedhlp.exe
C:\Programmi\File comuni\Acronis\Schedule2\schedul2.exe
C:\Programmi\Acronis\TrueImage\TimounterMonitor.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\Programmi\Java\jre6\bin\jusched.exe
C:\Programmi\Windows Live\Messenger\MsnMsgr.Exe
C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
C:\Programmi\Google\Google Talk\googletalk.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe
C:\Programmi\CDBurnerXP\NMSAccessU.exe
C:\Programmi\Telecom Italia\WanMiniport1st\WanMiniport1st_srv.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Macrium\Reflect\ReflectService.exe
C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
C:\Programmi\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Skype\Phone\Skype.exe
C:\Programmi\IObit\Advanced SystemCare 3\AWC.exe
C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Qlock\qlock.exe
C:\Programmi\Alice ti aiuta\bin\mpbtn.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\dllhost.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
C:\Programmi\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Programmi\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Programmi\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\Programmi\Windows Live\Contacts\wlcomm.exe
C:\Programmi\Windows Live\Toolbar\wltuser.exe
C:\Programmi\Skype\Toolbars\Shared\SkypeNames.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\msiexec.exe
C:\Documents and Settings\Vin\Documenti\Documenti Gennaro\Download\HiJackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.167.9.178:3128
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Programmi\Softonic-Eng7\tbSof1.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Programmi\Softonic-Eng7\tbSof1.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Programmi\Windows Live\Family Safety\fssbho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programmi\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programmi\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: ChromeFrame BHO - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Programmi\Google\Chrome Frame\Application\4.0.223.9\npchrome_tab.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programmi\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Programmi\Softonic-Eng7\tbSof1.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Keyboard Manager Utility] "c:\Programmi\Keyboard Manager\Manager Utility\KeyboardManager.exe" /lang en /H
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Programmi\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Programmi\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [OpwareSE4] "C:\Programmi\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\ALICET~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programmi\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Programmi\Acronis\TrueImage\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Programmi\Acronis\TrueImage\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Programmi\File comuni\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [fssui] "C:\Programmi\Windows Live\Family Safety\fsui.exe" -autorun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Programmi\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Programmi\Logitech\Video\ManifestEngine.exe boot
O4 - HKCU\..\Run: [googletalk] "C:\Programmi\Google\Google Talk\googletalk.exe" /autostart
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Vin\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Programmi\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Programmi\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FILECO~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Startup: qlock.lnk = C:\Programmi\Qlock\qlock.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Alice ti aiuta.lnk = C:\Programmi\Alice ti aiuta\bin\matcli.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Annota (Google Blocco Note) - res://C:\Programmi\Google\Google Notebook\gnotes1.0.2.19-574747135.dll/gn_menu2.html
O8 - Extra context menu item: Annota questa pagina (Google Blocco Note) - res://C:\Programmi\Google\Google Notebook\gnotes1.0.2.19-574747135.dll/gn_menu1.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.redshift.maris.com
O18 - Protocol hijack: cf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E}
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - (no file)
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Programmi\a-squared Free\a2service.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Programmi\File comuni\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Update Service (gupdate1c986c3209c3e68) (gupdate1c986c3209c3e68) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: Network WanMiniport First Position - Unknown owner - C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Programmi\CDBurnerXP\NMSAccessU.exe
O23 - Service: Macrium Reflect Image Mounting Service (ReflectService) - Unknown owner - C:\Programmi\Macrium\Reflect\ReflectService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 16583 bytes
Torna in alto
 
shapiro
Inviato: Sunday, November 15, 2009 11:08:21 AM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
elimina tutte le toolbar che hai, c'e' anche quella della Softonic da togliere- le toolbar sono solo portatrici di schifezze nel pc


Avvia hijackthis, con tutte le applicazioni chiuse, premi su Do a system scan only , spunta ed elimina (fix checked) questa riga

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)


per il resto sembra tutto a posto - riscontri altri problemi? se hai domande sono qui
Torna in alto
 
patton
Inviato: Sunday, November 15, 2009 1:27:52 PM
Rank: AiutAmico

Iscritto dal : 5/15/2004
Posts: 245
Ho eliminato la riga da te suggerita ed eliminato Softonic.
Tutto ok.
Ti ringrazio dell'aiuto.
Ciao
Torna in alto
 
Utenti presenti in questo topic
Guest

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » Controllo File Log Hijack


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.