consiglio su log hijackthis

daewoo · 13-05-2005, 16:54

Dopo aver installato(proprio non so come ho potuto essere così ingenuo) delle estensioni per msn 7) mi so ritrovato internet explorer incasinato con spyware e search bar. Fortunatamente non è il mio browser predefinito (utilizzo firefox) per cui la questione non mi crea troppi problemi, se non fosse che sono in ufficio e soprattutto per una questione di principio !!!!. Purtroppo però non riesco ad eliminare dal sistema questa schifezza, ho provato in diversi modi e con diversi tool, cancellato voci del registro, controllato file in avvio, e altre cose ma niente di niente.
Vi posto il log di hijackthis nella speranza che qualcuno mi dia una mano. Nel log seguente balzano subito all'occhio le voci sospette ma elimnate si ripropongo sempre (sono peggio dei peperoni)

Logfile of HijackThis v1.99.1
Scan saved at 17.47.21, on 13/05/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
H:\WINDOWS\System32\smss.exe ------------> cos'è ???
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\Programmi\Ahead\InCD\InCDsrv.exe
H:\WINDOWS\system32\spoolsv.exe
H:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
H:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
H:\Programmi\RDS\RsiSvc.exe
H:\Programmi\RDS\srscandr.exe
H:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
H:\WINDOWS\system32\svchost.exe
H:\Programmi\RDS\ddsschednt.exe
H:\Programmi\RDS\dds.exe
H:\WINDOWS\Explorer.EXE
H:\Programmi\RDS\spooler.exe
H:\WINDOWS\system32\hkcmd.exe
H:\Programmi\Analog Devices\SoundMAX\SMTray.exe
H:\Programmi\Multimedia Card Reader\shwicon2k.exe
H:\Programmi\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
H:\Programmi\Ahead\InCD\InCD.exe
H:\Programmi\Java\jre1.5.0_02\bin\jusched.exe
H:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
H:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
H:\Programmi\File comuni\Real\Update_OB\realsched.exe
H:\Programmi\Microsoft AntiSpyware\gcasServ.exe
H:\Programmi\ATnotes\ATnotes.exe
H:\Programmi\Gadwin Systems\PrintScreen\PrintScreen.exe
H:\Programmi\Skype\Phone\Skype.exe
H:\Programmi\RDS\PLTBar.exe
H:\Programmi\Microsoft AntiSpyware\gcasDtServ.exe
h:\programmi\html2pop3210win32\html2pop3.exe
H:\Programmi\Outlook Express\msimn.exe
H:\Programmi\IBM\Client Access\Emulator\pcsws.exe
H:\Programmi\IBM\Client Access\Emulator\PCSCM.EXE
H:\PROGRA~1\IBM\CLIENT~1\cwblmsrv.exe
H:\Programmi\X-Lite\X-Lite.exe
H:\Programmi\MSN Messenger\msnmsgr.exe
H:\Documents and Settings\Aless\Desktop\vnc-4.0-x86_win32_viewer.exe
h:\progra~1\intern~1\iexplore.exe
h:\progra~1\intern~1\iexplore.exe
H:\Programmi\Mozilla Firefox\firefox.exe
H:\Documents and Settings\Aless\Desktop\security\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bbbbupvxehl.com/Cl8KjXye6...CiQ_HJ6mn.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Programmi\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - h:\programmi\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - h:\programmi\google\googletoolbar2.dll
O4 - HKLM\..\Run: [HotKeysCmds] H:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Smapp] H:\Programmi\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [Sunkist2k] H:\Programmi\Multimedia Card Reader\shwicon2k.exe
O4 - HKLM\..\Run: [RemoteControl] "H:\Programmi\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [InCD] H:\Programmi\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] H:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Client Access Service] "H:\Programmi\IBM\Client Access\CwbSvStr.Exe"
O4 - HKLM\..\Run: [Client Access Help Update] "H:\Programmi\IBM\Client Access\cwbinhlp.exe"
O4 - HKLM\..\Run: [Client Access Check Version] "H:\Programmi\IBM\Client Access\cwbckver.exe" LOGIN
O4 - HKLM\..\Run: [SunJavaUpdateSched] H:\Programmi\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [AVG7_CC] H:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] H:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [TkBellExe] "H:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [gcasServ] "H:\Programmi\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKCU\..\Run: [NBJ] "H:\Programmi\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [ATnotes.exe] H:\Programmi\ATnotes\ATnotes.exe
O4 - HKCU\..\Run: [Gadwin PrintScreen 2.6] H:\Programmi\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [Skype] "H:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Bird List] H:\DOCUME~1\Aless\DATIAP~1\AXISMF~1\2 new.exe
O4 - Startup: Collegamento a router.lnk = H:\router.bat
O4 - Global Startup: Avvia servizi di consegna.lnk = ?
O4 - Global Startup: Function Palette.lnk = H:\Programmi\RDS\PLTBar.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Google Search - res://h:\programmi\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://h:\programmi\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://h:\programmi\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://h:\programmi\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://h:\programmi\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Programmi\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Programmi\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - H:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - H:\PROGRA~1\ICQ\ICQ.exe
O12 - Plugin for .spop: H:\Programmi\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1107775176958
O17 - HKLM\System\CCS\Services\Tcpip\..\{285EE622-CFFB-42B9-BD3C-B41E61C5ECEC}: NameServer = 212.17.192.216,212.17.192.49
O17 - HKLM\System\CS1\Services\Tcpip\..\{285EE622-CFFB-42B9-BD3C-B41E61C5ECEC}: NameServer = 212.17.192.216,212.17.192.49
O17 - HKLM\System\CS2\Services\Tcpip\..\{285EE622-CFFB-42B9-BD3C-B41E61C5ECEC}: NameServer = 212.17.192.216,212.17.192.49
O20 - Winlogon Notify: igfxcui - H:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - H:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - H:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Comando remoto di Client Access Express (Cwbrxd) - IBM Corporation - H:\WINDOWS\CWBRXD.EXE
O23 - Service: Dds Scheduler Deamon (DdsSched) - RICOH Company Ltd. - H:\Programmi\RDS\ddsschednt.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - H:\Programmi\Ahead\InCD\InCDsrv.exe
O23 - Service: Ridoc Server Information Service (RsiSvc) - RICOH Company Ltd. - H:\Programmi\RDS\RsiSvc.exe
O23 - Service: ScanRouterDriverV2 - Ricoh Co.,Ltd. - H:\Programmi\RDS\srscandr.exe
O23 - Service: SOption - RICOH Company Ltd. - H:\Programmi\RDS\SOption.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - H:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - H:\Programmi\RealVNC\VNC4\WinVNC4.exe" -service (file missing)

grazie in anticipo.

bluepix · 13-05-2005, 17:10

Io eliminerei:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bbbbupvxehl.com/Cl8KjXye...VCiQ_HJ6mn.html

O4 - HKCU\..\Run: [Bird List] H:\DOCUME~1\Aless\DATIAP~1\AXISMF~1\2 new.exe

O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - H:\Programmi\RealVNC\VNC4\WinVNC4.exe" -service (file missing)

daewoo · 16-05-2005, 10:28

Quote:

Originariamente inviato da bluepix

Io eliminerei:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bbbbupvxehl.com/Cl8KjXye...VCiQ_HJ6mn.html

O4 - HKCU\..\Run: [Bird List] H:\DOCUME~1\Aless\DATIAP~1\AXISMF~1\2 new.exe

O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - H:\Programmi\RealVNC\VNC4\WinVNC4.exe" -service (file missing)

ma perchè se io li seleziono e li elimino con fix checked si ripropongono ???

YMen · 16-05-2005, 14:32

Quote:

Originariamente inviato da daewoo

ma perchè se io li seleziono e li elimino con fix checked si ripropongono ???

Prova ad eliminarli ed a eliminare eventuali file di registro con jv16powertools inoltre che firewall usi? perche con kerio per esempio c'è un opzione per bloccare tutte le comunicazioni in ingresso all'avvio e all'arresto di windows quindi potresti fare tutto quello che ho scritto sopra e poi riavviare il computer così forse non si ripresenteranno e inoltre scaricati wwdc.exe qui:
http://www.firewallleaktester.com/wwdc.htm
e poi blocca tutte le porte che ti propone

13-05-2005, 16:54	#1
daewoo Senior Member Iscritto dal: Mar 2004 Città: Pescara Messaggi: 480	consiglio su log hijackthis Dopo aver installato(proprio non so come ho potuto essere così ingenuo) delle estensioni per msn 7) mi so ritrovato internet explorer incasinato con spyware e search bar. Fortunatamente non è il mio browser predefinito (utilizzo firefox) per cui la questione non mi crea troppi problemi, se non fosse che sono in ufficio e soprattutto per una questione di principio !!!!. Purtroppo però non riesco ad eliminare dal sistema questa schifezza, ho provato in diversi modi e con diversi tool, cancellato voci del registro, controllato file in avvio, e altre cose ma niente di niente. Vi posto il log di hijackthis nella speranza che qualcuno mi dia una mano. Nel log seguente balzano subito all'occhio le voci sospette ma elimnate si ripropongo sempre (sono peggio dei peperoni) Logfile of HijackThis v1.99.1 Scan saved at 17.47.21, on 13/05/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: H:\WINDOWS\System32\smss.exe ------------> cos'è ??? H:\WINDOWS\system32\winlogon.exe H:\WINDOWS\system32\services.exe H:\WINDOWS\system32\lsass.exe H:\WINDOWS\system32\svchost.exe H:\WINDOWS\System32\svchost.exe H:\Programmi\Ahead\InCD\InCDsrv.exe H:\WINDOWS\system32\spoolsv.exe H:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe H:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe H:\Programmi\RDS\RsiSvc.exe H:\Programmi\RDS\srscandr.exe H:\Programmi\Analog Devices\SoundMAX\SMAgent.exe H:\WINDOWS\system32\svchost.exe H:\Programmi\RDS\ddsschednt.exe H:\Programmi\RDS\dds.exe H:\WINDOWS\Explorer.EXE H:\Programmi\RDS\spooler.exe H:\WINDOWS\system32\hkcmd.exe H:\Programmi\Analog Devices\SoundMAX\SMTray.exe H:\Programmi\Multimedia Card Reader\shwicon2k.exe H:\Programmi\CyberLink DVD Solution\PowerDVD\PDVDServ.exe H:\Programmi\Ahead\InCD\InCD.exe H:\Programmi\Java\jre1.5.0_02\bin\jusched.exe H:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe H:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe H:\Programmi\File comuni\Real\Update_OB\realsched.exe H:\Programmi\Microsoft AntiSpyware\gcasServ.exe H:\Programmi\ATnotes\ATnotes.exe H:\Programmi\Gadwin Systems\PrintScreen\PrintScreen.exe H:\Programmi\Skype\Phone\Skype.exe H:\Programmi\RDS\PLTBar.exe H:\Programmi\Microsoft AntiSpyware\gcasDtServ.exe h:\programmi\html2pop3210win32\html2pop3.exe H:\Programmi\Outlook Express\msimn.exe H:\Programmi\IBM\Client Access\Emulator\pcsws.exe H:\Programmi\IBM\Client Access\Emulator\PCSCM.EXE H:\PROGRA~1\IBM\CLIENT~1\cwblmsrv.exe H:\Programmi\X-Lite\X-Lite.exe H:\Programmi\MSN Messenger\msnmsgr.exe H:\Documents and Settings\Aless\Desktop\vnc-4.0-x86_win32_viewer.exe h:\progra~1\intern~1\iexplore.exe h:\progra~1\intern~1\iexplore.exe H:\Programmi\Mozilla Firefox\firefox.exe H:\Documents and Settings\Aless\Desktop\security\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bbbbupvxehl.com/Cl8KjXye6...CiQ_HJ6mn.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Programmi\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - h:\programmi\google\googletoolbar2.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - h:\programmi\google\googletoolbar2.dll O4 - HKLM\..\Run: [HotKeysCmds] H:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Smapp] H:\Programmi\Analog Devices\SoundMAX\SMTray.exe O4 - HKLM\..\Run: [Sunkist2k] H:\Programmi\Multimedia Card Reader\shwicon2k.exe O4 - HKLM\..\Run: [RemoteControl] "H:\Programmi\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [InCD] H:\Programmi\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [NeroFilterCheck] H:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Client Access Service] "H:\Programmi\IBM\Client Access\CwbSvStr.Exe" O4 - HKLM\..\Run: [Client Access Help Update] "H:\Programmi\IBM\Client Access\cwbinhlp.exe" O4 - HKLM\..\Run: [Client Access Check Version] "H:\Programmi\IBM\Client Access\cwbckver.exe" LOGIN O4 - HKLM\..\Run: [SunJavaUpdateSched] H:\Programmi\Java\jre1.5.0_02\bin\jusched.exe O4 - HKLM\..\Run: [AVG7_CC] H:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [AVG7_EMC] H:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O4 - HKLM\..\Run: [TkBellExe] "H:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [gcasServ] "H:\Programmi\Microsoft AntiSpyware\gcasServ.exe" O4 - HKCU\..\Run: [NBJ] "H:\Programmi\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [ATnotes.exe] H:\Programmi\ATnotes\ATnotes.exe O4 - HKCU\..\Run: [Gadwin PrintScreen 2.6] H:\Programmi\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash O4 - HKCU\..\Run: [Skype] "H:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [Bird List] H:\DOCUME~1\Aless\DATIAP~1\AXISMF~1\2 new.exe O4 - Startup: Collegamento a router.lnk = H:\router.bat O4 - Global Startup: Avvia servizi di consegna.lnk = ? O4 - Global Startup: Function Palette.lnk = H:\Programmi\RDS\PLTBar.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: &Google Search - res://h:\programmi\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Backward Links - res://h:\programmi\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://h:\programmi\google\GoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: Similar Pages - res://h:\programmi\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Translate into English - res://h:\programmi\google\GoogleToolbar2.dll/cmtrans.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Programmi\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Programmi\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - H:\PROGRA~1\ICQ\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - H:\PROGRA~1\ICQ\ICQ.exe O12 - Plugin for .spop: H:\Programmi\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1107775176958 O17 - HKLM\System\CCS\Services\Tcpip\..\{285EE622-CFFB-42B9-BD3C-B41E61C5ECEC}: NameServer = 212.17.192.216,212.17.192.49 O17 - HKLM\System\CS1\Services\Tcpip\..\{285EE622-CFFB-42B9-BD3C-B41E61C5ECEC}: NameServer = 212.17.192.216,212.17.192.49 O17 - HKLM\System\CS2\Services\Tcpip\..\{285EE622-CFFB-42B9-BD3C-B41E61C5ECEC}: NameServer = 212.17.192.216,212.17.192.49 O20 - Winlogon Notify: igfxcui - H:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - H:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - H:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: Comando remoto di Client Access Express (Cwbrxd) - IBM Corporation - H:\WINDOWS\CWBRXD.EXE O23 - Service: Dds Scheduler Deamon (DdsSched) - RICOH Company Ltd. - H:\Programmi\RDS\ddsschednt.exe O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - H:\Programmi\Ahead\InCD\InCDsrv.exe O23 - Service: Ridoc Server Information Service (RsiSvc) - RICOH Company Ltd. - H:\Programmi\RDS\RsiSvc.exe O23 - Service: ScanRouterDriverV2 - Ricoh Co.,Ltd. - H:\Programmi\RDS\srscandr.exe O23 - Service: SOption - RICOH Company Ltd. - H:\Programmi\RDS\SOption.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - H:\Programmi\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - H:\Programmi\RealVNC\VNC4\WinVNC4.exe" -service (file missing) grazie in anticipo. Ultima modifica di daewoo : 13-05-2005 alle 16:57.

13-05-2005, 17:10	#2
bluepix Senior Member Iscritto dal: Dec 2004 Città: Magenta(MI) Messaggi: 1513	Io eliminerei: R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bbbbupvxehl.com/Cl8KjXye...VCiQ_HJ6mn.html O4 - HKCU\..\Run: [Bird List] H:\DOCUME~1\Aless\DATIAP~1\AXISMF~1\2 new.exe O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - H:\Programmi\RealVNC\VNC4\WinVNC4.exe" -service (file missing)

Strumenti
Mostra una versione stampabile Invia questa pagina per email