|
|||||||
|
|
|
 |
|
|
Strumenti |
19-10-2007, 09:53
|
#1 |
|
Member
Iscritto dal: Oct 2005
Messaggi: 34
|
dialer internet connection
Ciao a tutti,
ho un pc con connessione ADSL, molto spesso la connessione mi cade, appare un'altra connessione chiamata "Internet Connection" e cerca di collegarsi. Se cancello la connessione me la ritrovo al successivo avvio. Immagino sia un dialer ma non riesco a trovare dove si nasconde... di seguito posto il log di hijack this (che però mi sembra pulito) Qualche consiglio? Codice:
Logfile of HijackThis v1.99.1
Scan saved at 23.23.11, on 11/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmi\Windows Defender\MSASCui.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\ARESCOM\Modem Telindus Arescom ND220b\dslmon.exe
C:\Programmi\Google\Google Updater\GoogleUpdater.exe
C:\Programmi\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Programmi\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Programmi\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Programmi\Microsoft Office\Office12\ONENOTEM.EXE
C:\windows\system\bak\hpsysdrv.exe
C:\Programmi\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\Programmi\Windows Live Favorites\wlfsync.exe
C:\Documents and Settings\Proprietario\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-it9.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-it9.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-it9.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ansa.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-it9.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\programmi\hewlett-packard\digital imaging\bin\hpdtlk02.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Programmi\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Programmi\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [Home Theater SchSvr] "C:\Programmi\File comuni\InterVideo\SchSvr\SchSvr.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [UpdateManager] "C:\Programmi\File comuni\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Programmi\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\bak\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\PAC7302\Monitor.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Programmi\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [BackupNotify] c:\Programmi\Hewlett-Packard\Digital Imaging\bin\backupnotify.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Ritaglio schermata e avvio di OneNote 2007.lnk = C:\Programmi\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: DSLMON.lnk = ?
O4 - Global Startup: Google Updater.lnk = C:\Programmi\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmi\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Programmi\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O15 - Trusted Zone: *.whataboutadog.com
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20070501/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase2895.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{E7B48E7E-4BEE-49EF-A99B-400CB6B4427E}: NameServer = 85.37.17.44 85.38.28.90
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Programmi\File comuni\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FILECO~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
|
|
|
|
19-10-2007, 09:56
|
#2 | |
|
Bannato
Iscritto dal: Mar 2004
Città: Galapagos Attenzione:utente flautolente,tienilo a mente
Messaggi: 29028
|
Quote:
|
|
|
|
|
|
19-10-2007, 14:12
|
#3 |
|
Member
Iscritto dal: Oct 2005
Messaggi: 34
|
Grazie mille!
Appena ho la possibilità vi tengo aggiornati! |
|
|
|
|
15-11-2007, 14:08
|
#4 |
|
Member
Iscritto dal: Oct 2005
Messaggi: 34
|
Ciao,
ecco il log: Codice:
Find AWF report by noahdfear ©2006
Version 1.40
bak folders found
~~~~~~~~~~~
Il volume nell'unit… C Š HP_PAVILION
Numero di serie del volume: 00E8-53A4
Directory di C:\HP\KBD\BAK
02/02/2005 15.44 61.440 KBD.EXE
1 File 61.440 byte
2 Directory 59.156.996.096 byte disponibili
Il volume nell'unit… C Š HP_PAVILION
Numero di serie del volume: 00E8-53A4
Directory di C:\PROGRA~1\ITUNES\BAK
14/09/2007 09.00 267.064 iTunesHelper.exe
1 File 267.064 byte
2 Directory 59.156.996.096 byte disponibili
Il volume nell'unit… C Š HP_PAVILION
Numero di serie del volume: 00E8-53A4
Directory di C:\PROGRA~1\QUICKT~1\BAK
29/06/2007 05.24 286.720 QTTask.exe
1 File 286.720 byte
2 Directory 59.156.992.000 byte disponibili
Il volume nell'unit… C Š HP_PAVILION
Numero di serie del volume: 00E8-53A4
Directory di C:\WINDOWS\SMINST\BAK
13/09/2002 21.42 212.992 RECGUARD.EXE
1 File 212.992 byte
2 Directory 59.156.992.000 byte disponibili
Il volume nell'unit… C Š HP_PAVILION
Numero di serie del volume: 00E8-53A4
Directory di C:\WINDOWS\SYSTEM\BAK
11/10/2007 23.56 181 hpsysdrv.DAT
07/05/1998 16.04 52.736 hpsysdrv.exe
2 File 52.917 byte
2 Directory 59.156.992.000 byte disponibili
Il volume nell'unit… C Š HP_PAVILION
Numero di serie del volume: 00E8-53A4
Directory di C:\WINDOWS\SYSTEM32\BAK
19/08/2004 14.39 15.360 ctfmon.exe
07/04/2003 07.07 114.688 hkcmd.exe
23/05/2003 02.57 483.328 hphmon05.exe
3 File 613.376 byte
2 Directory 59.156.992.000 byte disponibili
Il volume nell'unit… C Š HP_PAVILION
Numero di serie del volume: 00E8-53A4
Directory di C:\PROGRA~1\ATITEC~1\ATICON~1\BAK
03/11/2004 20.10 344.064 atiptaxx.exe
1 File 344.064 byte
2 Directory 59.156.992.000 byte disponibili
Il volume nell'unit… C Š HP_PAVILION
Numero di serie del volume: 00E8-53A4
Directory di C:\PROGRA~1\HEWLET~1\{45B61~1\BAK
23/05/2003 03.03 49.152 hphupd05.exe
1 File 49.152 byte
2 Directory 59.156.992.000 byte disponibili
Il volume nell'unit… C Š HP_PAVILION
Numero di serie del volume: 00E8-53A4
Directory di C:\WINDOWS\IME\IMJP8_1\BAK
03/08/2004 21.32 208.952 IMJPMIG.EXE
1 File 208.952 byte
2 Directory 59.156.992.000 byte disponibili
Il volume nell'unit… C Š HP_PAVILION
Numero di serie del volume: 00E8-53A4
Directory di C:\WINDOWS\PIXART\PAC7302\BAK
03/11/2006 10.01 319.488 Monitor.exe
1 File 319.488 byte
2 Directory 59.156.992.000 byte disponibili
Il volume nell'unit… C Š HP_PAVILION
Numero di serie del volume: 00E8-53A4
Directory di C:\PROGRA~1\ADOBE\READER~1.0\READER\BAK
11/05/2007 02.06 40.048 Reader_sl.exe
1 File 40.048 byte
2 Directory 59.156.992.000 byte disponibili
Il volume nell'unit… C Š HP_PAVILION
Numero di serie del volume: 00E8-53A4
Directory di C:\PROGRA~1\FILECO~1\INTERV~1\SCHSVR\BAK
08/08/2003 15.51 155.648 SchSvr.exe
1 File 155.648 byte
2 Directory 59.156.987.904 byte disponibili
Il volume nell'unit… C Š HP_PAVILION
Numero di serie del volume: 00E8-53A4
Directory di C:\PROGRA~1\FILECO~1\MICROS~1\WORKSS~1\BAK
0 File 0 byte
2 Directory 59.156.987.904 byte disponibili
Il volume nell'unit… C Š HP_PAVILION
Numero di serie del volume: 00E8-53A4
Directory di C:\PROGRA~1\FILECO~1\REAL\UPDATE~1\BAK
20/08/2007 07.37 185.632 realsched.exe
1 File 185.632 byte
2 Directory 59.156.987.904 byte disponibili
Il volume nell'unit… C Š HP_PAVILION
Numero di serie del volume: 00E8-53A4
Directory di C:\PROGRA~1\FILECO~1\SONIC\UPDATE~1\BAK
19/08/2003 00.01 110.592 sgtray.exe
1 File 110.592 byte
2 Directory 59.156.987.904 byte disponibili
Il volume nell'unit… C Š HP_PAVILION
Numero di serie del volume: 00E8-53A4
Directory di C:\PROGRA~1\HEWLET~1\DIGITA~1\BIN\BAK
22/06/2003 21.25 24.576 backupnotify.exe
1 File 24.576 byte
2 Directory 59.156.987.904 byte disponibili
Il volume nell'unit… C Š HP_PAVILION
Numero di serie del volume: 00E8-53A4
Directory di C:\PROGRA~1\HEWLET~1\DIGITA~1\UNLOAD\BAK
07/10/2002 07.23 90.112 hpqcmon.exe
1 File 90.112 byte
2 Directory 59.156.987.904 byte disponibili
Il volume nell'unit… C Š HP_PAVILION
Numero di serie del volume: 00E8-53A4
Directory di C:\PROGRA~1\JAVA\JRE16~2.0_0\BIN\BAK
12/07/2007 03.00 132.496 jusched.exe
1 File 132.496 byte
2 Directory 59.156.987.904 byte disponibili
Il volume nell'unit… C Š HP_PAVILION
Numero di serie del volume: 00E8-53A4
Directory di C:\WINDOWS\SYSTEM32\IME\PINTLGNT\BAK
03/08/2004 21.31 59.392 ImScInst.exe
1 File 59.392 byte
2 Directory 59.156.987.904 byte disponibili
Il volume nell'unit… C Š HP_PAVILION
Numero di serie del volume: 00E8-53A4
Directory di C:\WINDOWS\SYSTEM32\IME\TINTLGNT\BAK
03/08/2004 21.32 455.168 TINTSETP.EXE
1 File 455.168 byte
2 Directory 59.156.987.904 byte disponibili
Il volume nell'unit… C Š HP_PAVILION
Numero di serie del volume: 00E8-53A4
Directory di C:\PROGRA~1\ADOBE\PHOTOS~1\3.0\APPS\BAK
07/07/2005 17.41 57.344 apdproxy.exe
1 File 57.344 byte
2 Directory 59.156.987.904 byte disponibili
Duplicate files of bak directory contents
~~~~~~~~~~~~~~~~~~~~~~~
61440 2 Feb 2005 "C:\hp\KBD\bak\KBD.EXE"
267048 2 Nov 2007 "C:\Programmi\iTunes\iTunesHelper.exe"
267064 14 Sep 2007 "C:\Programmi\iTunes\bak\iTunesHelper.exe"
102400 12 Nov 2007 "C:\WINDOWS\Installer\{E3FEE4E7-4488-4A3F-A6BD-13745936EADB}\iTunesIco.exe"
116008 12 Nov 2007 "C:\Documents and Settings\All Users\Dati applicazioni\Apple Computer\Installer Cache\iTunes 7.5.0.20\iTunesSetupAdmin.exe"
116024 8 Sep 2007 "C:\Documents and Settings\NetworkService\Impostazioni locali\Temporary Internet Files\Content.IE5\GABPKHUX\iTunesSetupAdmin[1].exe"
116024 14 Jul 2007 "C:\Documents and Settings\NetworkService\Impostazioni locali\Temporary Internet Files\Content.IE5\JHIO7SAL\iTunesSetupAdmin[1].exe"
116008 12 Nov 2007 "C:\Documents and Settings\Proprietario\Impostazioni locali\Temporary Internet Files\Content.IE5\C7JRAIM5\iTunesSetupAdmin[1].exe"
286720 19 Oct 2007 "C:\Programmi\QuickTime\QTTask.exe"
286720 29 Jun 2007 "C:\Programmi\QuickTime\bak\QTTask.exe"
212992 13 Sep 2002 "C:\WINDOWS\SMINST\bak\RECGUARD.EXE"
1397 26 Sep 2007 "C:\WINDOWS\system\hpsysdrv.DAT"
181 11 Oct 2007 "C:\WINDOWS\system\bak\hpsysdrv.DAT"
52736 7 May 1998 "C:\WINDOWS\system\bak\hpsysdrv.exe"
15360 19 Aug 2004 "C:\WINDOWS\system32\ctfmon.exe"
15360 19 Aug 2004 "C:\WINDOWS\system32\bak\ctfmon.exe"
114688 7 Apr 2003 "C:\WINDOWS\system32\bak\hkcmd.exe"
114688 7 Apr 2003 "C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\hkcmd.exe"
483328 23 May 2003 "C:\WINDOWS\system32\bak\hphmon05.exe"
344064 3 Nov 2004 "C:\Programmi\ATI Technologies\ATI Control Panel\bak\atiptaxx.exe"
49152 23 May 2003 "C:\Programmi\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\bak\hphupd05.exe"
208952 3 Aug 2004 "C:\WINDOWS\ime\imjp8_1\imjpmig.exe"
208952 3 Aug 2004 "C:\WINDOWS\ime\imjp8_1\bak\IMJPMIG.EXE"
319488 3 Nov 2006 "C:\Programmi\Trust\15354 Webcam Live\Monitor.exe"
319488 3 Nov 2006 "C:\WINDOWS\PixArt\Pac7302\bak\Monitor.exe"
40048 11 May 2007 "C:\Programmi\Adobe\Reader 8.0\Reader\bak\Reader_sl.exe"
155648 8 Aug 2003 "C:\Programmi\File comuni\InterVideo\SchSvr\bak\SchSvr.exe"
185632 20 Aug 2007 "C:\Programmi\File comuni\Real\Update_OB\bak\realsched.exe"
110592 19 Aug 2003 "C:\Programmi\File comuni\Sonic\Update Manager\bak\sgtray.exe"
24576 22 Jun 2003 "C:\Programmi\Hewlett-Packard\Digital Imaging\bin\BackupNotify.exe"
24576 22 Jun 2003 "C:\Programmi\Hewlett-Packard\Digital Imaging\bin\bak\backupnotify.exe"
90112 7 Oct 2002 "C:\Programmi\Hewlett-Packard\Digital Imaging\Unload\bak\hpqcmon.exe"
83608 14 Mar 2007 "C:\Programmi\Java\jre1.6.0_01\bin\jusched.exe"
132496 25 Sep 2007 "C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe"
132496 12 Jul 2007 "C:\Programmi\Java\jre1.6.0_02\bin\bak\jusched.exe"
59392 3 Aug 2004 "C:\WINDOWS\system32\IME\PINTLGNT\imscinst.exe"
59392 3 Aug 2004 "C:\WINDOWS\system32\IME\PINTLGNT\bak\ImScInst.exe"
455168 3 Aug 2004 "C:\WINDOWS\system32\IME\TINTLGNT\tintsetp.exe"
455168 3 Aug 2004 "C:\WINDOWS\system32\IME\TINTLGNT\bak\TINTSETP.EXE"
57344 7 Jul 2005 "C:\Programmi\Adobe\Photoshop Album Starter Edition\3.0\Apps\bak\apdproxy.exe"
end of report
ciao ciao! |
|
|
|
|
15-11-2007, 16:11
|
#5 |
|
Senior Member
Iscritto dal: Aug 2005
Città: Genova
Messaggi: 3397
|
ci vogliono 80 anni per preparare quello script...
ecco la guida http://www.megalab.it/articoli.php?id=985&pagina=2
__________________
Rimozione Worm/Rootkit Bagle - Rimozione Trojan Vundo - Rimozione virus MSN Messenger -Rimozione virus su chiavetta o errori di file mancante all'apertura del disco fisso - NT AUTHORITY SYSTEM spegne il pc ad ogni avvio. Cosa fare?(worm sasser/blaster/rustock) - Thread Ufficiale firewall software |
|
|
|
|
15-11-2007, 16:18
|
#6 | |
|
Bannato
Iscritto dal: Mar 2004
Città: Galapagos Attenzione:utente flautolente,tienilo a mente
Messaggi: 29028
|
metti questo script con avenger
Quote:
|
|
|
|
|
|
15-11-2007, 18:34
|
#7 |
|
Member
Iscritto dal: Oct 2005
Messaggi: 34
|
grazie mille x le risposte
 a breve vi farò sapere com'è andata!ciao ciao! |
|
|
|
|
|
| Strumenti | |
|
|
Tutti gli orari sono GMT +1. Ora sono le: 09:49.
