Crash Rete Domestica - Virus ?

**Woltor** · 29-06-2009, 21:05

Salve a tutti ho un problema, da qualche giorno quando accendo il notebook per tutti i pc di casa compreso il notebook diventa impossibile l'accesso a internet, monitorando la mia scheda di rete risulta un anomalo traffico anche senza applicazioni di nessun tipo aperte.
Ho fatto una scansione con Hijackthis e risulta questo:
Grazie a tutti dell'aiuto.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19.38.18, on 29/06/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18226)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Hewlett-Packard\HP ProtectTools Security
Manager\pthosttr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\VMware\VMware Workstation\vmware-tray.exe
C:\Program Files\VMware\VMware Workstation\hqtray.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\acrotray.exe
C:\Program Files\ClamWin\bin\ClamTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Windows\System32\mobsync.exe
C:\Users\HP\AppData\Local\Google\Update\GoogleUpda te.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe
C:\Users\HP\AppData\Local\Google\Chrome\Applicatio n\chrome.exe
C:\Users\HP\AppData\Local\Google\Chrome\Applicatio n\chrome.exe
C:\Windows\system32\conime.exe
C:\Program Files\Lavasoft\Ad-Aware\ThreatWork.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Users\HP\AppData\Local\Google\Chrome\Applicatio n\chrome.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://searchbox.digsby.com/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://searchbox.digsby.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?

LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?

LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://searchbox.digsby.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://searchbox.digsby.com/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://searchbox.digsby.com/search?q=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet
Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:\Program Files\Adobe\Acrobat 7.0

\ActiveX\AcroIEHelper.dll
O2 - BHO: IexploreOmea - {09628AAA-66AD-4FA2-82E2-698185B66463} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program
Files\Siber Systems\AI

RoboForm\roboform.dll
O2 - BHO: Groove GFS Browser Helper -
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft

Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Guida per l'accesso a Windows Live -
{9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common

Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AcroIEToolbarHelper Class -
{AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat

7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper -
{DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6

\bin\jp2ssv.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} -
C:\Program Files\Google\Google

Gears\Internet Explorer\0.5.23.0\gears.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} -
C:\Program Files\Siber Systems\AI

RoboForm\roboform.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -
C:\Program Files\Adobe\Acrobat 7.0

\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows
Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP
ProtectTools Security Manager\PTHOSTTR.EXE

/Start
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch
Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [V0250Mon.exe] C:\Windows\V0250Mon.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft
Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio
Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [vmware-tray] "C:\Program Files\VMware\VMware
Workstation\vmware-tray.exe"
O4 - HKLM\..\Run: [VMware hqtray] "C:\Program Files\VMware\VMware
Workstation\hqtray.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat
7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [ClamWin] "C:\Program Files\ClamWin\bin\ClamTray.exe"
--logon
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe"
-atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog
Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common

Files\Adobe\CS4ServiceManager\CS4ServiceManager.ex e" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program
Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program
Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common
Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media
Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI
RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [Spark] C:\Program Files\Spark\Spark.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME
2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [Google Update]
"C:\Users\HP\AppData\Local\Google\Update\GoogleUpd ate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows
Sidebar\Sidebar.exe /detectMem (User 'SERVIZIO

**Woltor** · 29-06-2009, 21:05

LOCALE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe
oobefldr.dll,ShowWelcomeCenter (User 'SERVIZIO

LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows
Sidebar\Sidebar.exe /detectMem (User 'SERVIZIO DI

RETE')
O4 - HKUS\S-1-5-18\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI
RoboForm\RoboTaskBarIcon.exe" (User

'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI
RoboForm\RoboTaskBarIcon.exe" (User

'Default user')
O4 - Startup: Microsoft Office OneNote 2007.lnk = ?
O4 - Startup: Ritaglio schermata e avvio di OneNote 2007.lnk = C:\Program
Files\Microsoft Office\Office12

\ONENOTEM.EXE
O4 - Global Startup: Avvio veloce di Adobe Acrobat.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver -
res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Atomic Email Hunter - C:\Program
Files\AtomPark\Atomic Email Hunter\ie.htm
O8 - Extra context menu item: Compila Modulo - file://C:\Program
Files\Siber Systems\AI

RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Converti destinazione link in Adobe PDF -
res://C:\Program Files\Adobe\Acrobat

7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti destinazione link in file PDF
esistente - res://C:\Program

Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Converti i link selezionati in Adobe PDF -
res://C:\Program Files\Adobe\Acrobat

7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Converti i link selezionati in file PDF
esistente - res://C:\Program

Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Converti in Adobe PDF - res://C:\Program
Files\Adobe\Acrobat 7.0

\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti nel file PDF esistente -
res://C:\Program Files\Adobe\Acrobat 7.0

\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Converti selezione in Adobe PDF -
res://C:\Program Files\Adobe\Acrobat 7.0

\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti selezione in file PDF esistente -
res://C:\Program Files\Adobe\Acrobat

7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&sporta in Microsoft Excel -
res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Personalizza - file://C:\Program Files\Siber
Systems\AI

RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: RF Barra strumenti - file://C:\Program
Files\Siber Systems\AI

RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Salva Moduli - file://C:\Program Files\Siber
Systems\AI

RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Sottoscrivi con RSS Bandit -

C:\Users\HP\AppData\Roaming\RssBandit\iecontext_su bscribebandit.htm
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} -
C:\Program Files\Google\Google

Gears\Internet Explorer\0.5.23.0\gears.dll
O9 - Extra 'Tools' menuitem: &Impostazioni di Google Gears -
{09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program

Files\Google\Google Gears\Internet Explorer\0.5.23.0\gears.dll
O9 - Extra button: Invia a OneNote -
{2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12

\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote -
{2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3

\Office12\ONBttnIE.dll
O9 - Extra button: Compila - {320AF880-6646-11D3-ABEE-C5DBF3571F46} -
file://C:\Program Files\Siber Systems\AI

RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Compila Modulo -
{320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program

Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Salva - {320AF880-6646-11D3-ABEE-C5DBF3571F49} -
file://C:\Program Files\Siber Systems\AI

RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Salva Moduli -
{320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program

Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} -
C:\Poker\Titan Poker\casino.exe (file

missing)
O9 - Extra 'Tools' menuitem: Titan Poker -
{49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan

Poker\casino.exe (file missing)
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} -
file://C:\Program Files\Siber Systems\AI

RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RF Barra strumenti -
{724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program

Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:\PROGRA~1\MICROS~3\Office12

\REFIEBAR.DLL
O9 - Extra button: Atomic Email Hunter -
{491A6C2B-1046-486b-8A8F-7D26BCB79A9B} - C:\Program

Files\AtomPark\Atomic Email Hunter\ie.htm (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Atomic Email Hunter -
{491A6C2B-1046-486b-8A8F-7D26BCB79A9B} - C:\Program

Files\AtomPark\Atomic Email Hunter\ie.htm (file missing) (HKCU)
O13 - Gopher Prefix:
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin
Object) -

http://download.divx.com/player/DivXBrowserPlugin.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} -
C:\Program Files\Microsoft

Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -
C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: DeviceNP - C:\Windows\SYSTEM32\DeviceNP.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common
Files\Adobe Systems

Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) -
Adobe Systems Incorporated -

C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea
Electronics Corporation - C:\Windows\system32

\AEADISRV.EXE
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere
Systems - C:\Windows\system32

\agrsmsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program
Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. -
C:\Program Files\Hewlett-Packard\HP Quick

Launch Buttons\Com4Qlb.exe
O23 - Service: BBBBBB (FFFFFF) - Unknown owner - C:\Windows\system32\Fuck.exe
O23 - Service: Controllo/blocco dispositivi HP ProtectTools (FLCDLOCK) -
Hewlett-Packard Ltd -

**Woltor** · 29-06-2009, 21:06

C:\Windows\system32\flcdlock.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. -
C:\Program Files\Common Files\Macrovision

Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate1c918a9b8d1d9f0)
(gupdate1c918a9b8d1d9f0) - Google Inc. -

C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program
Files\Google\Common\Google

Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. -
C:\Program Files\Hewlett-

Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision
Corporation - C:\Program Files\Common

Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Program
Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program
Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Nationalqeu Instruments Domain Service (Nationalctr) -
Unknown owner - C:\Windows\system32

\svckeyea.exe
O23 - Service: National Instruments Domain Service (Nationalenb) - Unknown
owner - C:\Windows\system32

\svcihdwa.exe
O23 - Service: Nationalluc Instruments Domain Service (Nationalmum) -
Unknown owner - C:\Windows\system32

\svcecyac.exe
O23 - Service: Nationalyps Instruments Domain Service (Nationaloef) -
Unknown owner - C:\Windows\system32

\svcwmeug.exe
O23 - Service: Nationalosa Instruments Domain Service (Nationalojv) -
Unknown owner - C:\Windows\system32

\svcweacs.exe
O23 - Service: Nationalpom Instruments Domain Service (Nationalplb) -
Unknown owner - C:\Windows\system32

\svcazrgg.exe
O23 - Service: Nationalmem Instruments Domain Service (Nationalqlg) -
Unknown owner - C:\Windows\system32

\svciiiky.exe
O23 - Service: Nationalegm Instruments Domain Service (Nationalshf) -
Unknown owner - C:\Windows\system32

\svcsgeau.exe
O23 - Service: Nationalber Instruments Domain Service (Nationaluqr) -
Unknown owner - C:\Windows\system32

\svcylruw.exe
O23 - Service: Nationalwin Instruments Domain Service (Nationalwin) -
Unknown owner - C:\Windows\system32

\config\systemprofile\AppData\Local\Microsoft\Wind ows\Temporary Internet
Files\Content.IE5\YM0UHW6X\bf[1].exe
O23 - Service: Nationallvp Instruments Domain Service (Nationalwwh) -
Unknown owner - C:\Windows\system32

\svcurpwg.exe
O23 - Service: ONDA Autorun CDROM Monitor - Unknown owner -
C:\Windows\system32\SupportAppXL\onda_mon.exe (file

missing)
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program
Files\Roxio\Digital Home 9

\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program
Files\Roxio\Digital Home 9

\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions -
C:\Program Files\Common Files\Roxio

Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common
Files\Roxio Shared\9.0

\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions -
C:\Program Files\Common Files\Roxio

Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: takod - Unknown owner - C:\Windows\system32\takod.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. -
C:\Program Files\VMware\VMware

Workstation\vmware-ufad.exe
O23 - Service: ersTest (uyos) - Unknown owner - C:\Windows\iufile.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware,
Inc. - C:\Program Files\VMware\VMware

Workstation\vmware-authd.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware,
Inc. - C:\Program Files\Common

Files\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: web 2008 (web_2008) - Unknown owner - C:\Program
Files\Remote\calc5.exe
O23 - Service: wedr - Beijing Rising Information Technology Co., Ltd. -
C:\Windows\system32\wedr.exe
O23 - Service: Win32 soft Service (Win32 Service) - Unknown owner -
C:\Windows\system32

\config\systemprofile\AppData\Local\Microsoft\Wind ows\Temporary Internet
Files\Content.IE5\YM0UHW6X\fh[1].exe
O23 - Service: Windows - Unknown owner - C:\Windows\Windows.exe
O23 - Service: Windows Help System (WinHelp32) - Beijing Rising
Information Technology Co., Ltd. -

C:\Windows\system32\WinHelp32.exe
O23 - Service: winsd - Unknown owner - C:\Program Files\Common
Files\Microsoft Shared\MSINFO\winsd.exe
O23 - Service: XobniService - Xobni Corporation - C:\Program
Files\Xobni\XobniService.exe

--
End of file - 18285 bytes

Discussione: Crash Rete Domestica - Virus ?

Strumenti discussione

Ricerca discussione

Visualizza

Crash Rete Domestica - Virus ?

Permessi di invio