Crash Rete Domestica - Virus ?

**Woltor** · 29-06-2009, 21:05

LOCALE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe
oobefldr.dll,ShowWelcomeCenter (User 'SERVIZIO

LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows
Sidebar\Sidebar.exe /detectMem (User 'SERVIZIO DI

RETE')
O4 - HKUS\S-1-5-18\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI
RoboForm\RoboTaskBarIcon.exe" (User

'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI
RoboForm\RoboTaskBarIcon.exe" (User

'Default user')
O4 - Startup: Microsoft Office OneNote 2007.lnk = ?
O4 - Startup: Ritaglio schermata e avvio di OneNote 2007.lnk = C:\Program
Files\Microsoft Office\Office12

\ONENOTEM.EXE
O4 - Global Startup: Avvio veloce di Adobe Acrobat.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver -
res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Atomic Email Hunter - C:\Program
Files\AtomPark\Atomic Email Hunter\ie.htm
O8 - Extra context menu item: Compila Modulo - file://C:\Program
Files\Siber Systems\AI

RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Converti destinazione link in Adobe PDF -
res://C:\Program Files\Adobe\Acrobat

7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti destinazione link in file PDF
esistente - res://C:\Program

Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Converti i link selezionati in Adobe PDF -
res://C:\Program Files\Adobe\Acrobat

7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Converti i link selezionati in file PDF
esistente - res://C:\Program

Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Converti in Adobe PDF - res://C:\Program
Files\Adobe\Acrobat 7.0

\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti nel file PDF esistente -
res://C:\Program Files\Adobe\Acrobat 7.0

\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Converti selezione in Adobe PDF -
res://C:\Program Files\Adobe\Acrobat 7.0

\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti selezione in file PDF esistente -
res://C:\Program Files\Adobe\Acrobat

7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&sporta in Microsoft Excel -
res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Personalizza - file://C:\Program Files\Siber
Systems\AI

RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: RF Barra strumenti - file://C:\Program
Files\Siber Systems\AI

RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Salva Moduli - file://C:\Program Files\Siber
Systems\AI

RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Sottoscrivi con RSS Bandit -

C:\Users\HP\AppData\Roaming\RssBandit\iecontext_su bscribebandit.htm
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} -
C:\Program Files\Google\Google

Gears\Internet Explorer\0.5.23.0\gears.dll
O9 - Extra 'Tools' menuitem: &Impostazioni di Google Gears -
{09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program

Files\Google\Google Gears\Internet Explorer\0.5.23.0\gears.dll
O9 - Extra button: Invia a OneNote -
{2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12

\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote -
{2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3

\Office12\ONBttnIE.dll
O9 - Extra button: Compila - {320AF880-6646-11D3-ABEE-C5DBF3571F46} -
file://C:\Program Files\Siber Systems\AI

RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Compila Modulo -
{320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program

Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Salva - {320AF880-6646-11D3-ABEE-C5DBF3571F49} -
file://C:\Program Files\Siber Systems\AI

RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Salva Moduli -
{320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program

Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} -
C:\Poker\Titan Poker\casino.exe (file

missing)
O9 - Extra 'Tools' menuitem: Titan Poker -
{49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan

Poker\casino.exe (file missing)
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} -
file://C:\Program Files\Siber Systems\AI

RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RF Barra strumenti -
{724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program

Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:\PROGRA~1\MICROS~3\Office12

\REFIEBAR.DLL
O9 - Extra button: Atomic Email Hunter -
{491A6C2B-1046-486b-8A8F-7D26BCB79A9B} - C:\Program

Files\AtomPark\Atomic Email Hunter\ie.htm (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Atomic Email Hunter -
{491A6C2B-1046-486b-8A8F-7D26BCB79A9B} - C:\Program

Files\AtomPark\Atomic Email Hunter\ie.htm (file missing) (HKCU)
O13 - Gopher Prefix:
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin
Object) -

http://download.divx.com/player/DivXBrowserPlugin.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} -
C:\Program Files\Microsoft

Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -
C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: DeviceNP - C:\Windows\SYSTEM32\DeviceNP.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common
Files\Adobe Systems

Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) -
Adobe Systems Incorporated -

C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea
Electronics Corporation - C:\Windows\system32

\AEADISRV.EXE
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere
Systems - C:\Windows\system32

\agrsmsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program
Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. -
C:\Program Files\Hewlett-Packard\HP Quick

Launch Buttons\Com4Qlb.exe
O23 - Service: BBBBBB (FFFFFF) - Unknown owner - C:\Windows\system32\Fuck.exe
O23 - Service: Controllo/blocco dispositivi HP ProtectTools (FLCDLOCK) -
Hewlett-Packard Ltd -

Discussione: Crash Rete Domestica - Virus ?

Strumenti discussione

Ricerca discussione

Visualizza

Visualizzazione discussione

Permessi di invio