Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » controllo log

3 pages: [1] 2 3
controllo log Opzioni
Topic Precedente · Topic Sucessivo
arcere84
Inviato: Saturday, September 29, 2012 7:30:39 PM

Rank: AiutAmico

Iscritto dal : 1/1/2012
Posts: 166
ciao a tutti
visto che la settimana scorsa ho preso il virus della polizia postale lo ho cancellato andando in modalita provvisoria esecuzini automatiche e ho cancellato il file che ho trovato adesso il pc va però vorrei essere sicuro di aver cancellato tutto mi potete dare un controllo al log?
grazie
Torna in alto
 
Sponsor
Inviato: Saturday, September 29, 2012 7:30:39 PM

 
Torna in alto
 
arcere84
Inviato: Saturday, September 29, 2012 7:32:12 PM

Rank: AiutAmico

Iscritto dal : 1/1/2012
Posts: 166
scusate ma non avevo postato il log



Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:26:08, on 29/09/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\SlimDrivers\SlimDrivers.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\12Voip.com\12Voip\12voip.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Users\Public\Documents\AppData\PoApp\PService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Luciano\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://downloads.phpnuke.org/it/index.php?rvs=google
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.chatzum.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - (no file)
R3 - URLSearchHook: (no name) - {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Web Assistant Helper - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [PosService] C:\Users\Public\Documents\AppData\PoApp\PLauncher.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Luciano\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [12Voip] "C:\Program Files\12Voip.com\12Voip\12voip.exe" -nosplash -minimized
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Visualizza o nasconde HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{8E646C8C-9A9A-49A1-BE8A-E36764D80639}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{e29ac6c2-7037-11de-816d-806e6f6e6963}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CS1\Services\Tcpip\..\{8E646C8C-9A9A-49A1-BE8A-E36764D80639}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CS2\Services\Tcpip\..\{8E646C8C-9A9A-49A1-BE8A-E36764D80639}: NameServer = 176.31.229.24,176.31.229.25
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Servizio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Pos Service (PowerOffer Service) - PowerOfferService - C:\Users\Luciano\AppData\Local\PosService\Pos.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Serv Updater (ServUpdater) - ServiceUpd - C:\Users\Luciano\AppData\Local\ServUpdater\ServiceUpd.exe
O23 - Service: Software Upd (SoftwareUpd) - SoftwareUpdService - C:\Users\Luciano\AppData\Local\SoftwareUpdater\SoftwareUpdService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: Tor Win32 Service (tor) - Unknown owner - C:\Program Files\Tor\tor.exe
O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe
O23 - Service: VirIT eXplorer Lite (viritsvclite) - TG Soft Sas www.tgsoft.it - C:\VEXPLite\viritsvc.exe

--
End of file - 10301 bytes
Torna in alto
 
cbbusto
Inviato: Saturday, September 29, 2012 10:29:06 PM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
Fixa ed elimina queste voci:
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.chatzum.com/
R3 - URLSearchHook: (no name) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - (no file)
R3 - URLSearchHook: (no name) - {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - (no file)
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O17 - HKLM\System\CCS\Services\Tcpip\..\{8E646C8C-9A9A-49A1-BE8A-E36764D80639}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{e29ac6c2-7037-11de-816d-806e6f6e6963}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CS1\Services\Tcpip\..\{8E646C8C-9A9A-49A1-BE8A-E36764D80639}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CS2\Services\Tcpip\..\{8E646C8C-9A9A-49A1-BE8A-E36764D80639}: NameServer = 176.31.229.24,176.31.229.25
O23 - Service: Serv Updater (ServUpdater) - ServiceUpd - C:\Users\Luciano\AppData\Local\ServUpdater\ServiceUpd.exe
O23 - Service: Software Upd (SoftwareUpd) - SoftwareUpdService - C:\Users\Luciano\AppData\Local\SoftwareUpdater\SoftwareUpdService.exe

Le voci 017 sono quasi sicuramente indirizzi modificati, se invece li conosci allora non eliminarle.
Se le due voci 023 non si eliminano prova a farlo in modalità provvisoria.
Poi fai una pulizia con Ccleaner compreso il Registro.
Ciao
Torna in alto
 
shapiro
Inviato: Saturday, September 29, 2012 10:39:37 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
Commenta:
adesso il pc va però vorrei essere sicuro di aver cancellato tutto mi potete dare un controllo al log?


segui le indicazioni di cbbusto, s e vuoi stare piu' ''tranquillo'' fai questa scansione

Scarica OTL e salvalo sul desktop

Metti la spunta su SCAN ALL USERS.

Sotto output, metti la spunta su minimal output

Clicca sulla freccettina di File Age e seleziona 60 Days

Metti la spunta a LOP Check e Purity Check.

Clicca su RUN SCAN

Lascia fare la scansione senza interferire.

Al termine della scansione trovi 2 log sul desktop. OTL.txt ed Extras.txt, salvali e caricali su Wikisend,
Torna in alto
 
arcere84
Inviato: Monday, October 01, 2012 8:37:01 AM

Rank: AiutAmico

Iscritto dal : 1/1/2012
Posts: 166
ciao cbbusto ho eliminato le voci che mi hai detto ma le 023 non si cancellano neanche andando su mod.provvisoria cosa faccio ?
grazie
Torna in alto
 
arcere84
Inviato: Monday, October 01, 2012 8:45:16 AM

Rank: AiutAmico

Iscritto dal : 1/1/2012
Posts: 166
ciao shapiro
ho scaricato OTL fatto tutte le indicazioni però mi è uscito la scritta (Access violation at address CCCC0460.read of address CCCC0460.)
cosa devo fare?
Torna in alto
 
cbbusto
Inviato: Monday, October 01, 2012 10:58:27 AM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
arcere84 ha scritto:
ciao cbbusto ho eliminato le voci che mi hai detto ma le 023 non si cancellano neanche andando su mod.provvisoria cosa faccio ?
grazie


Infatti non è facile eliminarle, niente di pericoloso, sono dei servizi, sarebbe meglio non averli.
Prova a controllare in Strumenti di amministrazione/servizi, se le trovi doppio clic e disabilitale.
Prova anche in questo modo:
Start / Esegui / digiti;
sc delete ServUpdater
e dai l'ok
ripeti la stessa operazione con: SoftwareUpdService
vediamo se si riesce a toglierle, comunque ripeto non è un pericolo.
Se riesci a fare la scansione col sw indicato da shapiro sarebbe meglio, segui le sue indicazioni.
Se il pc va bene io starei tranquillo, fai molta attenzione a cosa scarichi. Ciao
Torna in alto
 
shapiro
Inviato: Monday, October 01, 2012 12:04:05 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164

prova a rimuoverlo e ri-scaricalo poi prova a fare la scansione vedi se esce ancora la segnalazione
Torna in alto
 
arcere84
Inviato: Monday, October 01, 2012 5:15:36 PM

Rank: AiutAmico

Iscritto dal : 1/1/2012
Posts: 166
per shapiro
ciao e scusami ho provato a disinstallare OTL e ricaricarlo ma mi da lo stesso errore
Torna in alto
 
shapiro
Inviato: Monday, October 01, 2012 6:23:43 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
prova a fare questa scansione indicata da r16

il file che dovrai mettere nella pennetta deve essere idoneo al tuo S.O.

questo file per S.O a 64 bit

questo file per S.O a 32 bit

inizia da >>>>> Inserisci la Pendrive nel Pc infetto.

allega il log su wikisend
Torna in alto
 
arcere84
Inviato: Monday, October 01, 2012 6:34:46 PM

Rank: AiutAmico

Iscritto dal : 1/1/2012
Posts: 166
scusa shapiro fa lo stesso se ti posto il log qui perche non ho wikisend? e non so come fare
Torna in alto
 
r16
Inviato: Monday, October 01, 2012 8:27:12 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
arcere84 ha scritto:
scusa shapiro fa lo stesso se ti posto il log qui perche non ho wikisend? e non so come fare

Postalo qui.
Torna in alto
 
arcere84
Inviato: Monday, October 01, 2012 8:44:19 PM

Rank: AiutAmico

Iscritto dal : 1/1/2012
Posts: 166
ecco grazie r16

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 30-09-2012 01
Ran by Luciano at 01-10-2012 18:26:29
Running from G:\
Service Pack 1 (X86) OS Language: Italian Standard
Attention: Could not load system hive.Errore: Impossibile accedere al file. Il file è utilizzato da un altro processo.

ATTENTION:=====> THE TOOL IS NOT RUN FROM RECOVERY ENVIRONMENT AND WILL NOT FUNCTION PROPERLY.


==================== One Month Created Files and Folders ========

2012-10-01 18:26 - 2012-10-01 18:26 - 00000000 ____D C:\FRST
2012-10-01 17:13 - 2012-10-01 17:13 - 00600576 ____A (OldTimer Tools) C:\Users\Luciano\Desktop\OTL.exe
2012-10-01 11:55 - 2012-10-01 11:55 - 00000000 ___SD C:\ComboFix
2012-10-01 10:53 - 2012-10-01 10:55 - 00001076 ____A C:\Users\Luciano\Desktop\Content Manager 2.lnk
2012-10-01 10:53 - 2012-10-01 10:54 - 00000000 ____D C:\Users\Luciano\AppData\Roaming\becker
2012-10-01 10:45 - 2012-10-01 10:46 - 07546073 ____A (Nav N Go Kft.) C:\Users\Luciano\Desktop\Content_Manager_Software_02edb6.exe
2012-10-01 08:48 - 2011-06-26 08:45 - 00256000 ____A C:\Windows\PEV.exe
2012-10-01 08:48 - 2010-11-07 19:20 - 00208896 ____A C:\Windows\MBR.exe
2012-10-01 08:48 - 2009-04-20 06:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2012-10-01 08:48 - 2000-08-31 02:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2012-10-01 08:48 - 2000-08-31 02:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2012-10-01 08:48 - 2000-08-31 02:00 - 00098816 ____A C:\Windows\sed.exe
2012-10-01 08:48 - 2000-08-31 02:00 - 00080412 ____A C:\Windows\grep.exe
2012-10-01 08:48 - 2000-08-31 02:00 - 00068096 ____A C:\Windows\zip.exe
2012-10-01 08:17 - 2012-10-01 16:57 - 00049295 ____A C:\Windows\WindowsUpdate.log
2012-10-01 08:16 - 2012-10-01 16:53 - 00000224 ____A C:\Windows\setupact.log
2012-10-01 08:16 - 2012-10-01 08:16 - 00000000 ____A C:\Windows\setuperr.log
2012-09-30 15:30 - 2012-10-01 09:48 - 00000000 ____D C:\Users\Luciano\Desktop\Nuova cartella (3)
2012-09-28 11:10 - 2012-09-28 11:10 - 00001031 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-09-28 11:10 - 2012-09-28 11:10 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2012-09-28 11:10 - 2012-09-07 17:04 - 00022856 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-09-27 18:12 - 2012-09-27 18:12 - 00347424 ____A (Microsoft Corporation) C:\Users\Luciano\Desktop\MicrosoftFixit.WindowsFirewall.RNP.36272193105200678.1.2.Run.exe
2012-09-27 17:34 - 2012-09-27 17:43 - 83023306 ___AT C:\Users\All Users\sqj.pad
2012-09-27 16:08 - 2012-09-27 16:09 - 83023306 ___AT C:\Users\All Users\avaj.pad
2012-09-26 08:33 - 2012-08-21 22:12 - 00245760 ____A (Microsoft Corporation) C:\Windows\System32\OxpsConverter.exe
2012-09-22 08:11 - 2012-08-24 09:27 - 12319744 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-09-22 08:11 - 2012-08-24 09:03 - 09738240 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-09-22 08:11 - 2012-08-24 08:59 - 01800704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-09-22 08:11 - 2012-08-24 08:51 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-09-22 08:11 - 2012-08-24 08:51 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-09-22 08:11 - 2012-08-24 08:51 - 01103872 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-09-22 08:11 - 2012-08-24 08:49 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-09-22 08:11 - 2012-08-24 08:48 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-09-22 08:11 - 2012-08-24 08:47 - 00717824 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-09-22 08:11 - 2012-08-24 08:47 - 00420864 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-09-22 08:11 - 2012-08-24 08:47 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-09-22 08:11 - 2012-08-24 08:45 - 00607744 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-09-22 08:11 - 2012-08-24 08:44 - 01793024 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-09-22 08:11 - 2012-08-24 08:44 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-09-22 08:11 - 2012-08-24 08:43 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-09-22 08:11 - 2012-08-24 08:40 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-09-18 14:48 - 2012-09-27 16:09 - 00000381 ____A C:\Users\Public\{6FA6C5B8-4C01-4748-98FE-54775731B0E3}.pif
2012-09-18 14:48 - 2012-09-18 14:48 - 21426336 ____A C:\Users\Public\{6FA6C5B8-4C01-4748-98FE-54775731B0E3}.dll
2012-09-18 14:48 - 2012-09-18 14:48 - 01812424 ____A C:\Users\Public\{6FA6C5B8-4C01-4748-98FE-54775731B0E3}.sys
2012-09-18 09:12 - 2012-09-18 09:12 - 00001713 ____A C:\Users\Public\Desktop\iTunes.lnk
2012-09-18 09:11 - 2012-08-21 13:01 - 00026840 ____A (GEAR Software Inc.) C:\Windows\System32\Drivers\GEARAspiWDM.sys
2012-09-18 09:09 - 2012-09-18 09:11 - 00000000 ____D C:\Users\All Users\188F1432-103A-4ffb-80F1-36B633C5C9E1
2012-09-18 09:09 - 2012-09-18 09:11 - 00000000 ____D C:\Program Files\iTunes
2012-09-18 09:09 - 2012-09-18 09:09 - 00000000 ____D C:\Program Files\iPod
2012-09-14 08:09 - 2012-09-14 08:09 - 00000988 ____A C:\Users\Public\Desktop\VLC media player.lnk
2012-09-12 17:19 - 2012-08-22 19:16 - 01292144 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2012-09-12 17:19 - 2012-08-22 19:16 - 00712048 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2012-09-12 17:19 - 2012-08-22 19:16 - 00240496 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2012-09-12 17:19 - 2012-08-22 19:16 - 00187760 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2012-09-12 17:19 - 2012-08-02 18:57 - 00490496 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2012-09-12 17:19 - 2012-07-04 21:45 - 00033280 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\RNDISMP.sys
2012-09-04 09:23 - 2012-05-04 11:59 - 00514560 ____A (Microsoft Corporation) C:\Windows\System32\qdvd.dll

==================== 3 Months Modified Files ==================

2012-10-01 17:49 - 2012-04-11 11:22 - 00000978 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-10-01 17:44 - 2012-01-08 10:45 - 00001140 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-10-01 17:39 - 2012-02-01 10:03 - 00001168 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1785756894-1148673503-1331610136-1001UA.job
2012-10-01 17:13 - 2012-10-01 17:13 - 00600576 ____A (OldTimer Tools) C:\Users\Luciano\Desktop\OTL.exe
2012-10-01 17:01 - 2009-07-14 06:34 - 00013440 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-10-01 17:01 - 2009-07-14 06:34 - 00013440 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-10-01 16:57 - 2012-10-01 08:17 - 00049295 ____A C:\Windows\WindowsUpdate.log
2012-10-01 16:55 - 2012-01-07 15:48 - 00000390 ____A C:\Windows\Tasks\SlimDrivers Startup.job
2012-10-01 16:53 - 2012-10-01 08:16 - 00000224 ____A C:\Windows\setupact.log
2012-10-01 16:53 - 2012-01-08 10:45 - 00001136 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-10-01 16:53 - 2012-01-06 19:00 - 00012984 ____A C:\Windows\System32\Drivers\SWDUMon.sys
2012-10-01 16:53 - 2009-07-14 06:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-10-01 11:52 - 2012-08-14 10:13 - 04759381 ____R (Swearware) C:\Users\Luciano\Desktop\ComboFix.exe
2012-10-01 10:58 - 2012-01-06 16:03 - 01236866 ____A C:\Windows\System32\PerfStringBackup.INI
2012-10-01 10:58 - 2009-07-14 10:21 - 00701188 ____A C:\Windows\System32\perfh010.dat
2012-10-01 10:58 - 2009-07-14 10:21 - 00128534 ____A C:\Windows\System32\perfc010.dat
2012-10-01 10:55 - 2012-10-01 10:53 - 00001076 ____A C:\Users\Luciano\Desktop\Content Manager 2.lnk
2012-10-01 10:46 - 2012-10-01 10:45 - 07546073 ____A (Nav N Go Kft.) C:\Users\Luciano\Desktop\Content_Manager_Software_02edb6.exe
2012-10-01 10:39 - 2009-07-14 06:53 - 00032556 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-10-01 08:39 - 2012-02-01 10:03 - 00001116 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1785756894-1148673503-1331610136-1001Core.job
2012-10-01 08:16 - 2012-10-01 08:16 - 00000000 ____A C:\Windows\setuperr.log
2012-09-28 16:41 - 2012-02-01 10:04 - 00002499 ____A C:\Users\Luciano\Desktop\Google Chrome.lnk
2012-09-28 11:10 - 2012-09-28 11:10 - 00001031 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-09-27 18:12 - 2012-09-27 18:12 - 00347424 ____A (Microsoft Corporation) C:\Users\Luciano\Desktop\MicrosoftFixit.WindowsFirewall.RNP.36272193105200678.1.2.Run.exe
2012-09-27 18:02 - 2012-01-06 16:08 - 00001912 ____A C:\Windows\epplauncher.mif
2012-09-27 17:43 - 2012-09-27 17:34 - 83023306 ___AT C:\Users\All Users\sqj.pad
2012-09-27 16:09 - 2012-09-27 16:08 - 83023306 ___AT C:\Users\All Users\avaj.pad
2012-09-27 16:09 - 2012-09-18 14:48 - 00000381 ____A C:\Users\Public\{6FA6C5B8-4C01-4748-98FE-54775731B0E3}.pif
2012-09-18 14:48 - 2012-09-18 14:48 - 21426336 ____A C:\Users\Public\{6FA6C5B8-4C01-4748-98FE-54775731B0E3}.dll
2012-09-18 14:48 - 2012-09-18 14:48 - 01812424 ____A C:\Users\Public\{6FA6C5B8-4C01-4748-98FE-54775731B0E3}.sys
2012-09-18 09:12 - 2012-09-18 09:12 - 00001713 ____A C:\Users\Public\Desktop\iTunes.lnk
2012-09-14 08:09 - 2012-09-14 08:09 - 00000988 ____A C:\Users\Public\Desktop\VLC media player.lnk
2012-09-12 17:48 - 2012-01-09 13:33 - 62164608 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-09-07 17:04 - 2012-09-28 11:10 - 00022856 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-09-04 09:59 - 2012-08-26 11:57 - 00011146 ____A C:\Users\Luciano\Desktop\MAGLIETTE 310.xlsx
2012-08-30 22:03 - 2012-08-30 22:03 - 00193552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\MpFilter.sys
2012-08-30 22:03 - 2011-04-27 16:25 - 00099272 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\NisDrvWFP.sys
2012-08-30 16:19 - 2012-01-07 12:56 - 00000349 ____A C:\Users\Public\Documents\PCLECHAL.INI
2012-08-24 09:27 - 2012-09-22 08:11 - 12319744 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-08-24 09:03 - 2012-09-22 08:11 - 09738240 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-08-24 08:59 - 2012-09-22 08:11 - 01800704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-08-24 08:51 - 2012-09-22 08:11 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-08-24 08:51 - 2012-09-22 08:11 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-08-24 08:51 - 2012-09-22 08:11 - 01103872 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-08-24 08:49 - 2012-09-22 08:11 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-08-24 08:48 - 2012-09-22 08:11 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-08-24 08:47 - 2012-09-22 08:11 - 00717824 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-08-24 08:47 - 2012-09-22 08:11 - 00420864 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-08-24 08:47 - 2012-09-22 08:11 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-08-24 08:45 - 2012-09-22 08:11 - 00607744 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-08-24 08:44 - 2012-09-22 08:11 - 01793024 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-08-24 08:44 - 2012-09-22 08:11 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-08-24 08:43 - 2012-09-22 08:11 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-08-24 08:40 - 2012-09-22 08:11 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-08-23 14:38 - 2012-04-11 11:22 - 00696520 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2012-08-23 14:38 - 2012-01-06 17:00 - 00073416 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2012-08-22 19:16 - 2012-09-12 17:19 - 01292144 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2012-08-22 19:16 - 2012-09-12 17:19 - 00712048 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2012-08-22 19:16 - 2012-09-12 17:19 - 00240496 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2012-08-22 19:16 - 2012-09-12 17:19 - 00187760 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2012-08-21 22:12 - 2012-09-26 08:33 - 00245760 ____A (Microsoft Corporation) C:\Windows\System32\OxpsConverter.exe
2012-08-21 13:01 - 2012-09-18 09:11 - 00026840 ____A (GEAR Software Inc.) C:\Windows\System32\Drivers\GEARAspiWDM.sys
2012-08-21 13:01 - 2012-01-16 09:50 - 00106928 ____A (GEAR Software Inc.) C:\Windows\System32\GEARAspi.dll
2012-08-20 08:19 - 2009-07-14 06:33 - 03972224 ____A C:\Windows\System32\FNTCACHE.DAT
2012-08-19 22:57 - 2012-01-06 16:08 - 00140928 ____A C:\Users\Luciano\AppData\Local\GDIPFONTCACHEV1.DAT
2012-08-19 15:04 - 2012-08-19 15:04 - 00001452 ____A C:\Users\Public\Desktop\Adobe Application Manager.lnk
2012-08-14 10:24 - 2012-01-06 17:18 - 00000929 ____A C:\Users\Public\Desktop\CCleaner.lnk
2012-08-14 09:16 - 2012-08-14 09:16 - 12964864 ____A C:\Users\Luciano\Desktop\ImageShackUploader-2.2.0.msi
2012-08-04 16:09 - 2012-08-04 16:02 - 04503728 ___AT C:\Users\All Users\ras_0oed.pad
2012-08-02 18:57 - 2012-09-12 17:19 - 00490496 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2012-07-27 07:58 - 2012-07-27 07:58 - 00000978 ____A C:\Users\Luciano\Desktop\12Voip.lnk
2012-07-18 19:47 - 2012-08-15 08:47 - 02345984 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-07-12 15:49 - 2009-07-14 04:04 - 00000534 ____A C:\Windows\win.ini
2012-07-09 13:42 - 2012-07-09 13:42 - 04547984 ____A (Apple, Inc.) C:\Windows\System32\usbaaplrc.dll
2012-07-09 13:42 - 2012-07-09 13:42 - 00044032 ____A (Apple, Inc.) C:\Windows\System32\Drivers\usbaapl.sys
2012-07-04 23:16 - 2012-08-15 08:47 - 00057344 ____A (Microsoft Corporation) C:\Windows\System32\netapi32.dll
2012-07-04 23:14 - 2012-08-15 08:47 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\browser.dll
2012-07-04 23:14 - 2012-08-15 08:47 - 00041984 ____A (Microsoft Corporation) C:\Windows\System32\browcli.dll
2012-07-04 21:45 - 2012-09-12 17:19 - 00033280 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\RNDISMP.sys


ZeroAccess:
C:\Users\Luciano\AppData\Local\{df7a1774-2aa9-82a2-a75e-12ec8cfbe240}
C:\Users\Luciano\AppData\Local\{df7a1774-2aa9-82a2-a75e-12ec8cfbe240}\L
C:\Users\Luciano\AppData\Local\{df7a1774-2aa9-82a2-a75e-12ec8cfbe240}\U

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Memory info ===========================

Percentage of memory in use: 38%
Total physical RAM: 3326.49 MB
Available physical RAM: 2053.92 MB
Total Pagefile: 6651.27 MB
Available Pagefile: 5285.88 MB
Total Virtual: 2047.88 MB
Available Virtual: 1927.29 MB

==================== Partitions =============================

2 Drive c: () (Fixed) (Total:931.51 GB) (Free:587.04 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
6 Drive g: (KINGSTON) (Removable) (Total:14.73 GB) (Free:12.98 GB) FAT32
7 Drive h: () (Fixed) (Total:298.09 GB) (Free:268.92 GB) NTFS

N. disco Stato Dimensioni Disponibile Din GPT
-------- ------------- ------------- ------------- --- ---
Disco 0 Online 931 Gbytes 0 byte
Disco 1 Online 298 Gbytes 0 byte
Disco 2 Online 14 Gbytes 0 byte

Partitions of Disk 0:
===============

Partizione ### Tipo Dim. Offset
--------------- ---------------- ------- -------
Partizione 1 Primario 931 Gb 31 Kb

=========================================================

Disk: 0
Partizione 1
Tipo : 07
Nascosta: No
Attiva: Si

Volume ### Let. Etichetta Fs Tipo Dim. Stato Info
--------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 C NTFS Partizione 931 Gb Integro Sistema

=========================================================

Partitions of Disk 1:
===============

Partizione ### Tipo Dim. Offset
--------------- ---------------- ------- -------
Partizione 1 Primario 298 Gb 31 Kb

=========================================================

Disk: 1
Partizione 1
Tipo : 07
Nascosta: No
Attiva: No

Volume ### Let. Etichetta Fs Tipo Dim. Stato Info
--------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 H NTFS Partizione 298 Gb Integro

=========================================================

Partitions of Disk 2:
===============

Partizione ### Tipo Dim. Offset
--------------- ---------------- ------- -------
Partizione 1 Primario 14 Gb 4032 Kb

=========================================================

Disk: 2
Partizione 1
Tipo : 0C
Nascosta: No
Attiva: No

Volume ### Let. Etichetta Fs Tipo Dim. Stato Info
--------- --- ----------- ----- ---------- ------- --------- --------
* Volume 5 G KINGSTON FAT32 Rimovibile 14 Gb Integro

=========================================================

Last Boot: 2012-09-27 13:26

==================== End Of Log ============================
Torna in alto
 
r16
Inviato: Monday, October 01, 2012 9:31:40 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Ciao.
Hai un "mix" del virus della Polizia postale + Zero Access.
Aspetta le indicazioni di Shapiro.
Ciao.
Torna in alto
 
shapiro
Inviato: Monday, October 01, 2012 9:51:30 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
Commenta:
Ciao.
Hai un "mix" del virus della Polizia postale + Zero Access.


proprio come dice r16 sei ancora infetto

adesso scarica questo file direttamente nella pennetta con la quale hai fatto la scansione e premi il pulsante FIX

A fine scansione Il tool creerà un log sulla flashdrive dal nome Fixlog.txt

allegalo qui nel forum

P.S.- c'e' anche un altro file ma non sono molto convinto se eliminarlo o no, in rete ci sono discordanze, semmai aspetta r16

parlo di questo = > C:\Windows\epplauncher.mif
Torna in alto
 
r16
Inviato: Monday, October 01, 2012 10:24:10 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
shapiro ha scritto:

P.S.- c'e' anche un altro file ma non sono molto convinto se eliminarlo o no, in rete ci sono discordanze, semmai aspetta r16
parlo di questo = > C:\Windows\epplauncher.mif

Si tratta di un componente dell'antivirus di Microsoft. ( Microsoft Security Essencial)
Ciao!
Torna in alto
 
arcere84
Inviato: Tuesday, October 02, 2012 8:46:52 AM

Rank: AiutAmico

Iscritto dal : 1/1/2012
Posts: 166
ecco e questo?

start
2012-09-27 17:34 - 2012-09-27 17:43 - 83023306 ___AT C:\Users\All Users\sqj.pad
2012-09-27 16:08 - 2012-09-27 16:09 - 83023306 ___AT C:\Users\All Users\avaj.pad
2012-09-27 17:43 - 2012-09-27 17:34 - 83023306 ___AT C:\Users\All Users\sqj.pad
2012-09-27 16:09 - 2012-09-27 16:08 - 83023306 ___AT C:\Users\All Users\avaj.pad
C:\Users\Luciano\AppData\Local\{df7a1774-2aa9-82a2-a75e-12ec8cfbe240}
end
Torna in alto
 
shapiro
Inviato: Tuesday, October 02, 2012 10:31:07 AM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
ma nooooo l'ho anche scritto


guarda nella pendrive devi postare il contenuto del file Fixlog.txt
Torna in alto
 
arcere84
Inviato: Tuesday, October 02, 2012 11:20:08 AM

Rank: AiutAmico

Iscritto dal : 1/1/2012
Posts: 166
scusami shapiro

ma guarda che sul post preccedente mi dicevi di scaricare quest file sulla pendrive io l'ho fatto e mi si è presentato una schermata diwikised cera una scitta Fixlist ho provato cliccare ma non succedeva nienta più giu ce una scitta download e ho premuto quello ed è uscito quella lista che ho postato mi inmaginavo che avevo sbagliato scusami ancora
Torna in alto
 
Utenti presenti in questo topic
Guest

3 pages: [1] 2 3

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » controllo log


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.