Pagina 1 di 2 1 2 ultimoultimo
Visualizzazione dei risultati da 1 a 10 su 12

Discussione: Trojan

  1. #1
    Utente di HTML.it
    Registrato dal
    Nov 2009
    Messaggi
    4

    Trojan

    Buonasera a tutti sono stato evidentemente infettato da un maledetto trojan in azienda, il quale, simultaneamente appare su alcuni PC e su altri no. Ma cominciamo da questo il quale è l' unico ad avere W2k+sp4.
    L' antivirus è McAfee Ver.5.0.0 Patch 003
    Compaiono i seguenti due messaggi:

    "File eliminato - jrinckqx.iku
    Artemis! D0E0C049ED70
    C:\Winnt\System32\jrinckqx.iku"

    "File eliminato - at1.job
    W32/Conflicker.worm!job
    C:\Winnt\Tasks\At1.job"

    Premesso che ho seguito le istruzioni indicate nel seguente link
    http://forum.html.it/forum/showthre...threadid=811189

    Ho inoltre il problema che, tra l' altro non riesco ad aggiornare W2k tramite Windows Update.
    Dice che è impossibile visualizzare la pagina richiesta a causa di un errore, dopo aver premuto il pulsante di ricerca aggiornamenti necessari.

    allego il log di hijack
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18.23.52, on 25/11/2009
    Platform: Windows 2000 SP4 (WinNT 5.00.2195)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
    Boot mode: Normal

    Running processes:
    C:\WINNT\System32\smss.exe
    C:\WINNT\system32\winlogon.exe
    C:\WINNT\system32\services.exe
    C:\WINNT\system32\lsass.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\system32\spoolsv.exe
    C:\WINNT\system32\DRIVERS\CDANTSRV.EXE
    C:\WINNT\system32\CRYPSERV.EXE
    C:\Programmi\McAfee\Managed VirusScan\VScan\EngineServer.exe
    C:\WINNT\System32\svchost.exe
    C:\PROGRA~1\McAfee\MANAGE~1\VScan\McShield.exe
    C:\Programmi\Microsoft SQL Server\MSSQL$WINCCFLEXIBLE\Binn\sqlservr.exe
    C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
    C:\Programmi\McAfee\Managed VirusScan\Agent\myAgtSvc.exe
    C:\WINNT\system32\nvsvc32.exe
    C:\WINNT\system32\regsvc.exe
    C:\Programmi\File comuni\Rockwell\RNADiagnosticsSrv.exe
    C:\WINNT\Explorer.EXE
    C:\Programmi\File comuni\Siemens\S7IEPG\s7oiehsx.exe
    C:\WINNT\system32\MSTask.exe
    C:\Programmi\Rockwell Software\RSLogix Emulate 5000\SimModuleService.exe
    C:\Programmi\Microsoft SQL Server\MSSQL$WINCCFLEXIBLE\Binn\sqlagent.EXE
    C:\WINNT\System32\WBEM\WinMgmt.exe
    C:\Programmi\File comuni\Siemens\sws\almsrv\almsrvx.exe
    C:\Programmi\File comuni\Siemens\S7ubtoox\s7ubtstx.exe
    C:\Programmi\McAfee\Managed VirusScan\DesktopUI\XTray.exe
    C:\WINNT\system32\ctfmon.exe
    C:\Programmi\WinZip\WZQKPICK.EXE
    C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
    C:\Programmi\Microsoft AntiSpyware\gcasDtServ.exe
    C:\WINNT\System32\svchost.exe
    C:\Programmi\File comuni\Siemens\Sqlany\dbsrv7.exe
    C:\WINNT\system32\svchost.exe
    C:\Programmi\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://companyweb
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programmi\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - (no file)
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
    O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
    O4 - HKLM\..\Run: [S7UB Start] "C:\Programmi\File comuni\Siemens\S7ubtoox\s7ubtstx.exe" -StartDB
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [gcasServ] "C:\Programmi\Microsoft AntiSpyware\gcasServ.exe"
    O4 - HKLM\..\Run: [MVS Splash] "C:\Programmi\McAfee\Managed VirusScan\DesktopUI\XTray.exe"
    O4 - HKLM\..\Run: [McAfee Managed Services Tray] "C:\Programmi\McAfee\Managed VirusScan\Agent\StartMyagtTry.exe"
    O4 - HKLM\..\Run: [VIRIT LITE MONITOR] C:\VEXPLITE\MONLITE.EXE
    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Programmi\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.5.0_03\bin\jusched.exe
    O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Programmi\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [Skype] "C:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programmi\WinZip\WZQKPICK.EXE
    O4 - Global Startup: Service Manager.lnk = C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
    O4 - Global Startup: Tasto di scelta rapida per l'avvio di AutoCAD.lnk = C:\Programmi\File comuni\Autodesk Shared\acstart16.exe
    O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_03\bin\npjpi150_03.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_03\bin\npjpi150_03.dll
    O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINNT\system32\shdocvw.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINNT\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINNT\bdoscandel.exe
    O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI05E6~1\OFFICE11\REFIEBAR.DLL
    O14 - IERESET.INF: START_PAGE_URL=http://companyweb
    O15 - Trusted Zone: http://*.mcafee.com (HKLM)
    O15 - Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
    O15 - Trusted Zone: http://vs.mcafeeasap.com (HKLM)
    O15 - Trusted Zone: http://www.mcafeeasap.com (HKLM)
    O15 - ESC Trusted Zone: http://*.mcafee.com (HKLM)
    O15 - ESC Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
    O15 - ESC Trusted Zone: http://vs.mcafeeasap.com (HKLM)
    O15 - ESC Trusted Zone: http://www.mcafeeasap.com (HKLM)
    O16 - DPF: {40C83AF8-FEA7-4A6A-A470-431EE84A0886} (SecureObjectFactory Class) - http://vs.mcafeeasap.com/MC/ITA/VS40...0505013257.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1259049548007
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1258974827961
    O16 - DPF: {B91AEDBE-93DF-4017-8BB3-F1C300C0EC51} - http://www.exor-rd.com/uniop-service/designer/setup.exe
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = ITCO.local
    O17 - HKLM\System\CCS\Services\Tcpip\..\{FD99FF08-4FC5-423E-B656-06D0EE185860}: NameServer = 192.168.0.1,213.140.2.43,213.140.2.49
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = ITCO.local
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = ITCO.local
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
    O23 - Service: 1784-PCIDS DeviceNet - Rockwell Automation - C:\Programmi\Rockwell Software\RSLogix Emulate 5000\PcidsService.exe
    O23 - Service: Automation License Manager Service (almservice) - SIEMENS AG - C:\Programmi\File comuni\Siemens\sws\almsrv\almsrvx.exe
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINNT\system32\DRIVERS\CDANTSRV.EXE
    O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINNT\SYSTEM32\CRYPSERV.EXE
    O23 - Service: Servizio amministrativo di Gestione disco logico (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
    O23 - Service: dnWhoDisp - Unknown owner - C:\Programmi\Rockwell Software\RSLINX\dnwhodisp.exe
    O23 - Service: EngineServer - McAfee, Inc. - C:\Programmi\McAfee\Managed VirusScan\VScan\EngineServer.exe
    O23 - Service: Google Update Service (gupdate1c9ae37e455b3b7) (gupdate1c9ae37e455b3b7) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
    O23 - Service: Harmony - Rockwell Software Inc. - C:\PROGRA~1\ROCKWE~1\RSCOMMON\rsobserv.exe
    O23 - Service: McShield - McAfee, Inc. - C:\PROGRA~1\McAfee\MANAGE~1\VScan\McShield.exe
    O23 - Service: Servizio di protezione antivirus e antispyware di McAfee (myAgtSvc) - McAfee, Inc. - C:\Programmi\McAfee\Managed VirusScan\Agent\myAgtSvc.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe
    O23 - Service: OpcEnum - OPC Foundation - C:\WINNT\system32\OpcEnum.exe
    O23 - Service: FactoryTalk Diagnostics Local Reader (RNADiagnosticsService) - Rockwell Software - C:\Programmi\File comuni\Rockwell\RNADiagnosticsSrv.exe
    O23 - Service: RSLinx - Rockwell Software, Inc. - C:\PROGRA~1\ROCKWE~1\RSLINX\RSLINX.EXE
    O23 - Service: SIMATIC IEPG Help Service (s7oiehsx) - SIEMENS AG - C:\Programmi\File comuni\Siemens\S7IEPG\s7oiehsx.exe
    O23 - Service: 1789-SIM Simulator Module (SimModuleService) - Unknown owner - C:\Programmi\Rockwell Software\RSLogix Emulate 5000\SimModuleService.exe
    O23 - Service: Virit eXplorer Lite (viritsvclite) - Unknown owner - C:\VEXPLITE\viritsvc.exe

    --
    End of file - 8751 bytes

  2. #2
    Dov'e' l'immagine thanks for the info???????

  3. #3
    Originariamente inviato da uovo rimbalzino
    Dov'e' l'immagine thanks for the info???????

    trovata:


  4. #4
    opterei per forum sbagliato.....
    "ci vorrebbero anche più persone come quaestio (a reb verrà un brivido)" wallrider, 22/10/2012

    "Se hai una vita di merda facebook non può essere molto meglio...". kalosjo, 16/10/2012

  5. #5
    Va in sicurezzainformatica e Vairus

  6. #6

    Sospettiamo che hai un viruzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz

  7. #7
    Utente di HTML.it L'avatar di Linkato
    Registrato dal
    Dec 2002
    Messaggi
    487
    Originariamente inviato da galz
    Va in sicurezzainformatica e Vairus
    [Berlusconi Mode On] Qui si parla di altri generi di Trojan [Berlusconi Mode Off]
    Primo Ministro Conte: "Sarà un anno bellissimo!"

  8. #8
    Utente bannato
    Registrato dal
    Jun 2007
    Messaggi
    260

    Re: Trojan

    Originariamente inviato da czdan
    Buonasera a tutti sono stato evidentemente infettato da un maledetto trojan in azienda, il quale, simultaneamente appare su alcuni PC e su altri no. Ma cominciamo da questo il quale è l' unico ad avere W2k+sp4.
    L' antivirus è McAfee Ver.5.0.0 Patch 003
    Compaiono i seguenti due messaggi:

    "File eliminato - jrinckqx.iku
    Artemis! D0E0C049ED70
    C:\Winnt\System32\jrinckqx.iku"

    "File eliminato - at1.job
    W32/Conflicker.worm!job
    C:\Winnt\Tasks\At1.job"

    Premesso che ho seguito le istruzioni indicate nel seguente link
    http://forum.html.it/forum/showthre...threadid=811189

    Ho inoltre il problema che, tra l' altro non riesco ad aggiornare W2k tramite Windows Update.
    Dice che è impossibile visualizzare la pagina richiesta a causa di un errore, dopo aver premuto il pulsante di ricerca aggiornamenti necessari.

    allego il log di hijack
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18.23.52, on 25/11/2009
    Platform: Windows 2000 SP4 (WinNT 5.00.2195)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
    Boot mode: Normal

    Running processes:
    C:\WINNT\System32\smss.exe
    C:\WINNT\system32\winlogon.exe
    C:\WINNT\system32\services.exe
    C:\WINNT\system32\lsass.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\system32\spoolsv.exe
    C:\WINNT\system32\DRIVERS\CDANTSRV.EXE
    C:\WINNT\system32\CRYPSERV.EXE
    C:\Programmi\McAfee\Managed VirusScan\VScan\EngineServer.exe
    C:\WINNT\System32\svchost.exe
    C:\PROGRA~1\McAfee\MANAGE~1\VScan\McShield.exe
    C:\Programmi\Microsoft SQL Server\MSSQL$WINCCFLEXIBLE\Binn\sqlservr.exe
    C:\Programmi\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
    C:\Programmi\McAfee\Managed VirusScan\Agent\myAgtSvc.exe
    C:\WINNT\system32\nvsvc32.exe
    C:\WINNT\system32\regsvc.exe
    C:\Programmi\File comuni\Rockwell\RNADiagnosticsSrv.exe
    C:\WINNT\Explorer.EXE
    C:\Programmi\File comuni\Siemens\S7IEPG\s7oiehsx.exe
    C:\WINNT\system32\MSTask.exe
    C:\Programmi\Rockwell Software\RSLogix Emulate 5000\SimModuleService.exe
    C:\Programmi\Microsoft SQL Server\MSSQL$WINCCFLEXIBLE\Binn\sqlagent.EXE
    C:\WINNT\System32\WBEM\WinMgmt.exe
    C:\Programmi\File comuni\Siemens\sws\almsrv\almsrvx.exe
    C:\Programmi\File comuni\Siemens\S7ubtoox\s7ubtstx.exe
    C:\Programmi\McAfee\Managed VirusScan\DesktopUI\XTray.exe
    C:\WINNT\system32\ctfmon.exe
    C:\Programmi\WinZip\WZQKPICK.EXE
    C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
    C:\Programmi\Microsoft AntiSpyware\gcasDtServ.exe
    C:\WINNT\System32\svchost.exe
    C:\Programmi\File comuni\Siemens\Sqlany\dbsrv7.exe
    C:\WINNT\system32\svchost.exe
    C:\Programmi\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://companyweb
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programmi\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - (no file)
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
    O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
    O4 - HKLM\..\Run: [S7UB Start] "C:\Programmi\File comuni\Siemens\S7ubtoox\s7ubtstx.exe" -StartDB
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [gcasServ] "C:\Programmi\Microsoft AntiSpyware\gcasServ.exe"
    O4 - HKLM\..\Run: [MVS Splash] "C:\Programmi\McAfee\Managed VirusScan\DesktopUI\XTray.exe"
    O4 - HKLM\..\Run: [McAfee Managed Services Tray] "C:\Programmi\McAfee\Managed VirusScan\Agent\StartMyagtTry.exe"
    O4 - HKLM\..\Run: [VIRIT LITE MONITOR] C:\VEXPLITE\MONLITE.EXE
    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Programmi\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.5.0_03\bin\jusched.exe
    O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Programmi\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [Skype] "C:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programmi\WinZip\WZQKPICK.EXE
    O4 - Global Startup: Service Manager.lnk = C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
    O4 - Global Startup: Tasto di scelta rapida per l'avvio di AutoCAD.lnk = C:\Programmi\File comuni\Autodesk Shared\acstart16.exe
    O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_03\bin\npjpi150_03.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_03\bin\npjpi150_03.dll
    O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINNT\system32\shdocvw.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINNT\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINNT\bdoscandel.exe
    O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI05E6~1\OFFICE11\REFIEBAR.DLL
    O14 - IERESET.INF: START_PAGE_URL=http://companyweb
    O15 - Trusted Zone: http://*.mcafee.com (HKLM)
    O15 - Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
    O15 - Trusted Zone: http://vs.mcafeeasap.com (HKLM)
    O15 - Trusted Zone: http://www.mcafeeasap.com (HKLM)
    O15 - ESC Trusted Zone: http://*.mcafee.com (HKLM)
    O15 - ESC Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
    O15 - ESC Trusted Zone: http://vs.mcafeeasap.com (HKLM)
    O15 - ESC Trusted Zone: http://www.mcafeeasap.com (HKLM)
    O16 - DPF: {40C83AF8-FEA7-4A6A-A470-431EE84A0886} (SecureObjectFactory Class) - http://vs.mcafeeasap.com/MC/ITA/VS40...0505013257.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1259049548007
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1258974827961
    O16 - DPF: {B91AEDBE-93DF-4017-8BB3-F1C300C0EC51} - http://www.exor-rd.com/uniop-service/designer/setup.exe
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = ITCO.local
    O17 - HKLM\System\CCS\Services\Tcpip\..\{FD99FF08-4FC5-423E-B656-06D0EE185860}: NameServer = 192.168.0.1,213.140.2.43,213.140.2.49
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = ITCO.local
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = ITCO.local
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
    O23 - Service: 1784-PCIDS DeviceNet - Rockwell Automation - C:\Programmi\Rockwell Software\RSLogix Emulate 5000\PcidsService.exe
    O23 - Service: Automation License Manager Service (almservice) - SIEMENS AG - C:\Programmi\File comuni\Siemens\sws\almsrv\almsrvx.exe
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINNT\system32\DRIVERS\CDANTSRV.EXE
    O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINNT\SYSTEM32\CRYPSERV.EXE
    O23 - Service: Servizio amministrativo di Gestione disco logico (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
    O23 - Service: dnWhoDisp - Unknown owner - C:\Programmi\Rockwell Software\RSLINX\dnwhodisp.exe
    O23 - Service: EngineServer - McAfee, Inc. - C:\Programmi\McAfee\Managed VirusScan\VScan\EngineServer.exe
    O23 - Service: Google Update Service (gupdate1c9ae37e455b3b7) (gupdate1c9ae37e455b3b7) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
    O23 - Service: Harmony - Rockwell Software Inc. - C:\PROGRA~1\ROCKWE~1\RSCOMMON\rsobserv.exe
    O23 - Service: McShield - McAfee, Inc. - C:\PROGRA~1\McAfee\MANAGE~1\VScan\McShield.exe
    O23 - Service: Servizio di protezione antivirus e antispyware di McAfee (myAgtSvc) - McAfee, Inc. - C:\Programmi\McAfee\Managed VirusScan\Agent\myAgtSvc.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe
    O23 - Service: OpcEnum - OPC Foundation - C:\WINNT\system32\OpcEnum.exe
    O23 - Service: FactoryTalk Diagnostics Local Reader (RNADiagnosticsService) - Rockwell Software - C:\Programmi\File comuni\Rockwell\RNADiagnosticsSrv.exe
    O23 - Service: RSLinx - Rockwell Software, Inc. - C:\PROGRA~1\ROCKWE~1\RSLINX\RSLINX.EXE
    O23 - Service: SIMATIC IEPG Help Service (s7oiehsx) - SIEMENS AG - C:\Programmi\File comuni\Siemens\S7IEPG\s7oiehsx.exe
    O23 - Service: 1789-SIM Simulator Module (SimModuleService) - Unknown owner - C:\Programmi\Rockwell Software\RSLogix Emulate 5000\SimModuleService.exe
    O23 - Service: Virit eXplorer Lite (viritsvclite) - Unknown owner - C:\VEXPLITE\viritsvc.exe

    --
    End of file - 8751 bytes

    eh si vecchi ricordi di quando usavo anche il winzoz, non ti invidio!

  9. #9
    Utente di HTML.it L'avatar di arrows
    Registrato dal
    Jun 2002
    Messaggi
    1,143
    Dai log penso che il tuo computer comincerà a bruciare entro breve, spegnilo o ancora meglio buttalo in un fosso pieno d'acqua
    Ti spio dalla finestra

  10. #10
    Utente bannato
    Registrato dal
    Jun 2007
    Messaggi
    260
    Originariamente inviato da arrows
    Dai log penso che il tuo computer comincerà a bruciare entro breve, spegnilo o ancora meglio buttalo in un fosso pieno d'acqua
    oppure installare un so poco incline ai virus magari unix based

Permessi di invio

  • Non puoi inserire discussioni
  • Non puoi inserire repliche
  • Non puoi inserire allegati
  • Non puoi modificare i tuoi messaggi
  •  
Powered by vBulletin® Version 4.2.1
Copyright © 2024 vBulletin Solutions, Inc. All rights reserved.