Go Back   Forum > Tecno-Cool > Sicurezza

LOGIN / ENTRA

Register FAQ Live Now! Rules Live TV Arcade Search Today's Posts Mark Forums Read



Our website is made possible by displaying online advertisements to our visitors.
Please consider supporting us adding to your whitelist www.coolstreaming.us . Read Guide


Reply
 
Thread Tools Search this Thread Display Modes Translate
  #1  
Old 04-13-2007, 03:04 PM
zlata9ic zlata9ic is offline
Senior Member
 
zlata9ic's Avatar
 

Join Date: Nov 2005
Location: in cantina, principalmente
Posts: 868
zlata9ic is on a distinguished road
Default Aiuto log Hijackthis

Posto il log di un amico che a dirgli appestato Ŕ fargli un complimento. Dopo vari sbattimenti,scansioni, pulizie,eiminazioni sono arrivato a questo:
Code:
C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Acer\Empowering Technology\ePerformance\MemCheck.exe C:\WINDOWS\Explorer.EXE C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe C:\Programmi\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Programmi\Sunbelt Software\Personal Firewall\kpf4ss.exe C:\Programmi\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\PROGRA~1\ALICET~1\SMARTB~1\MotiveSB.exe C:\PROGRA~1\LAUNCH~1\LManager.exe C:\Acer\Empowering Technology\eRecovery\eRAgent.exe C:\Acer\Empowering Technology\ePower\ePower_DMC.exe C:\WINDOWS\ehome\ehtray.exe C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe C:\WINDOWS\BUtilityBar\BisonBar.exe C:\Acer\Empowering Technology\ePresentation\ePresentation.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Programmi\Google\GoogleToolbarNotifier\1.2.1128 .5462\GoogleToolbarNotifier.exe C:\Programmi\File comuni\LightScribe\LSSrvc.exe C:\Programmi\Messenger\msmsgs.exe C:\Acer\Empowering Technology\eLock\LockServ.exe C:\WINDOWS\eHome\ehmsas.exe C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe C:\Acer\Empowering Technology\eLock\Monitor\LockMon.exe C:\WINDOWS\system32\nvsvc32.exe C:\Programmi\Alice ti aiuta\bin\mpbtn.exe C:\WINDOWS\system32\svchost.exe C:\DOCUME~1\GOGO\IMPOST~1\Temp\RtkBtMnt.exe C:\WINDOWS\system32\dllhost.exe C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe C:\Programmi\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\Programmi\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\wbem\unsecapp.exe C:\Programmi\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\WINDOWS\system32\wuauclt.exe D:\utilitÓ per ripigliarsi\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://it.intl.acer.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://it.intl.acer.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti R3 - URLSearchHook: Yahoo! Toolbar con blocco Pop-Up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar2.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll O3 - Toolbar: Yahoo! Toolbar con blocco Pop-Up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar2.dll O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe /idle O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [ntiMUI] C:\Programmi\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\ALICET~1\SMARTB~1\MotiveSB.exe O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe O4 - HKLM\..\Run: [eLockMonitor] C:\Acer\Empowering Technology\eLock\Monitor\LaunchMonitor.exe O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0 O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe O4 - HKLM\..\Run: [BisonBar] C:\WINDOWS\BUtilityBar\BisonBar.exe O4 - HKLM\..\Run: [AzMixerSel] C:\Programmi\Realtek\InstallShield\AzMixerSel.exe O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\1.2.1128 .5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background O4 - Global Startup: Alice ti aiuta.lnk = C:\Programmi\Alice ti aiuta\bin\matcli.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Acer Empowering Technology.lnk = ? O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Programmi\Sunbelt Software\Personal Firewall\kpf4ss.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programmi\File comuni\LightScribe\LSSrvc.exe O23 - Service: LockServ - Unknown owner - C:\Acer\Empowering Technology\eLock\LockServ.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

Ci sono alcune voci che non mi rassicurano.
grazie a chi mi indicherÓ la strada...


ToolBar Coolstreaming Reply With Quote
  #2  
Old 04-13-2007, 03:32 PM
sefirothmorpheus sefirothmorpheus is offline
Moderatore brazingles :)
 

Join Date: Mar 2006
Location: Cidade Maravilhosa
Posts: 7,478
sefirothmorpheus is on a distinguished road
Default

per adesso usa questo:
http://vil.nai.com/vil/stinger/

poi riposta il log
__________________
CoolStreaming: a cool way to smash (the) sky!
Per i nuovi arrivati: leggete il REGOLAMENTO e la sezione NUOVI ARRIVATI
Problemi con i vari softwares? Consultate la sezione GUIDE
Ricordate che in questo mondo non Ŕ gradito lo ZAPPING e se i MOD/ADM agiscono, un MOTIVO ci sarÓ!

Iscrivetevi: Formula COOL-ONE 2008 e CoolMoto 2008!
!omrehcs otseuq orteid otaloppartni onoS !otuiA

I can only show you the door. You're the one that has to walk through it...
Sefiroth-Morpheus


ToolBar Coolstreaming Reply With Quote
  #3  
Old 04-13-2007, 03:52 PM
zlata9ic zlata9ic is offline
Senior Member
 
zlata9ic's Avatar
 

Join Date: Nov 2005
Location: in cantina, principalmente
Posts: 868
zlata9ic is on a distinguished road
Default

Quote:
Originally Posted by sefirothmorpheus
per adesso usa questo:
http://vil.nai.com/vil/stinger/

poi riposta il log

grazie nostralogh ,
passeranno dei giorni prima che lo possa fare perchŔ l'appestato Ŕ partito per un breve viaggio.
Riprender˛ la discussione pi¨ in lÓ


ToolBar Coolstreaming Reply With Quote
  #4  
Old 04-14-2007, 03:36 PM
turbo911 turbo911 is offline
Senior Member
 

Join Date: Jun 2006
Posts: 219
turbo911 is on a distinguished road
Default hijajackthis

Amico sefiro posto il mio long dopo fatto lo scan Rootkit Detective mi dice
Code:
found hidden Processes and files: 13,mi sai dire che significa. Object-Type: Registry-key Object-Name: DataAfee(R) Rootkit Detective 1.0 Beta scan report Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Protected Storage System Provider\*Local Machine*\Data Status: Hidden Object-Type: Registry-key Object-Name: a5c5c2e4-6bee-4ef9-a0f5-f76a07cce771 System Provider\*Local Machine*\Data Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Protected Storage System Provider\*Local Machine*\Data\a5c5c2e4-6bee-4ef9-a0f5-f76a07cce771 Status: Hidden Object-Type: Registry-key Object-Name: 00000000-0000-0000-0000-000000000000 System Provider\*Local Machine*\Data\a5c5c2e4-6bee-4ef9-a0f5-f76a07cce771 Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Protected Storage System Provider\*Local Machine*\Data\a5c5c2e4-6bee-4ef9-a0f5-f76a07cce771\00000000-0000-0000-0000-000000000000 Status: Hidden Object-Type: Registry-key Object-Name: {6340E680-FF06-435f-8767-B79D88AEBD4D}ystem Provider\*Local Machine*\Data\a5c5c2e4-6bee-4ef9-a0f5-f76a07cce771\00000000-0000-0000-0000-000000000000 Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Protected Storage System Provider\*Local Machine*\Data\a5c5c2e4-6bee-4ef9-a0f5-f76a07cce771\00000000-0000-0000-0000-000000000000\{6340E680-FF06-435f-8767-B79D88AEBD4D} Status: Hidden Object-Type: Registry-value Object-Name: Item Data Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Protected Storage System Provider\*Local Machine*\Data\a5c5c2e4-6bee-4ef9-a0f5-f76a07cce771\00000000-0000-0000-0000-000000000000\{6340E680-FF06-435f-8767-B79D88AEBD4D} Status: Hidden Object-Type: Registry-value Object-Name: Display String Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Protected Storage System Provider\*Local Machine*\Data\a5c5c2e4-6bee-4ef9-a0f5-f76a07cce771\00000000-0000-0000-0000-000000000000 Status: Hidden Object-Type: Registry-value Object-Name: Display String Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Protected Storage System Provider\*Local Machine*\Data\a5c5c2e4-6bee-4ef9-a0f5-f76a07cce771 Status: Hidden Object-Type: Registry-key Object-Name: Data 2RE\Microsoft\Protected Storage System Provider\*Local Machine*\Data\a5c5c2e4-6bee-4ef9-a0f5-f76a07cce771 Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Protected Storage System Provider\*Local Machine*\Data 2 Status: Hidden Object-Type: Registry-key Object-Name: WindowsE\Microsoft\Protected Storage System Provider\*Local Machine*\Data 2 Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Protected Storage System Provider\*Local Machine*\Data 2\Windows Status: Hidden Object-Type: Registry-value Object-Name: Value Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Protected Storage System Provider\*Local Machine*\Data 2\Windows Status: Hidden Object-Type: File/Folder Object-Name: System Idle Process Pid: n/a Object-Path: System Idle Process Status: Visible Object-Type: File/Folder Object-Name: update.ver Pid: n/a Object-Path: C:\e56d0bee28a89ff999f82722fec0\update\update.ver Status: Hidden Object-Type: Process Object-Name: winampa.exe Pid: 1796 Object-Path: C:\Programmi\Winamp\winampa.exe Status: Visible Object-Type: Process Object-Name: System Pid: 4 Object-Path: Status: Visible Object-Type: Process Object-Name: avgnt.exe Pid: 1544 Object-Path: C:\Programmi\AntiVir PersonalEdition Classic\avgnt.exe Status: Visible Object-Type: Process Object-Name: winlogon.exe Pid: 524 Object-Path: C:\WINDOWS\system32\winlogon.exe Status: Visible Object-Type: Process Object-Name: svchost.exe Pid: 784 Object-Path: C:\WINDOWS\system32\svchost.exe Status: Visible Object-Type: Process Object-Name: svchost.exe Pid: 1296 Object-Path: C:\WINDOWS\system32\svchost.exe Status: Visible Object-Type: File/Folder Object-Name: wmfdist11.cat Pid: n/a Object-Path: C:\29576d53869c628d9f15\update\wmfdist11.cat Status: Hidden Object-Type: Process Object-Name: msmsgs.exe Pid: 1816 Object-Path: C:\Programmi\Messenger\msmsgs.exe Status: Visible Object-Type: File/Folder Object-Name: update.inf Pid: n/a Object-Path: C:\e56d0bee28a89ff999f82722fec0\update\update.inf Status: Hidden Object-Type: File/Folder Object-Name: wudf01000.cat Pid: n/a Object-Path: C:\e56d0bee28a89ff999f82722fec0\update\wudf01000.c at Status: Hidden Object-Type: File/Folder Object-Name: updspapi.dll Pid: n/a Object-Path: C:\e56d0bee28a89ff999f82722fec0\update\updspapi.dl l Status: Hidden Object-Type: Process Object-Name: svchost.exe Pid: 820 Object-Path: C:\WINDOWS\system32\svchost.exe Status: Visible Object-Type: Process Object-Name: CnxDslTb.exe Pid: 1332 Object-Path: C:\Programmi\Trust\Trust MD3100 USB ADSL MODEM\CnxDslTb.exe Status: Visible Object-Type: File/Folder Object-Name: updspapi.dll Pid: n/a Object-Path: C:\29576d53869c628d9f15\update\updspapi.dll Status: Hidden Object-Type: File/Folder Object-Name: catalog.wci Pid: n/a Object-Path: C:\System Volume Information\catalog.wci Status: Hidden Object-Type: Process Object-Name: services.exe Pid: 568 Object-Path: C:\WINDOWS\system32\services.exe Status: Visible Object-Type: Process Object-Name: spoolsv.exe Pid: 1084 Object-Path: C:\WINDOWS\system32\spoolsv.exe Status: Visible Object-Type: Process Object-Name: lsass.exe Pid: 580 Object-Path: C:\WINDOWS\system32\lsass.exe Status: Visible Object-Type: Process Object-Name: alg.exe Pid: 1860 Object-Path: C:\WINDOWS\system32\alg.exe Status: Visible Object-Type: Process Object-Name: lxbtbmgr.exe Pid: 1348 Object-Path: C:\Programmi\Lexmark 5200 series\lxbtbmgr.exe Status: Visible Object-Type: Process Object-Name: lxbtbmon.exe Pid: 1608 Object-Path: C:\Programmi\Lexmark 5200 series\lxbtbmon.exe Status: Visible Object-Type: File/Folder Object-Name: update.ver Pid: n/a Object-Path: C:\29576d53869c628d9f15\update\update.ver Status: Hidden Object-Type: Process Object-Name: svchost.exe Pid: 868 Object-Path: C:\WINDOWS\system32\svchost.exe Status: Visible Object-Type: Process Object-Name: mixer.exe Pid: 1636 Object-Path: C:\WINDOWS\mixer.exe Status: Visible Object-Type: Process Object-Name: sched.exe Pid: 1132 Object-Path: C:\Programmi\AntiVir PersonalEdition Classic\sched.exe Status: Visible Object-Type: File/Folder Object-Name: wudfcustom.dll Pid: n/a Object-Path: C:\e56d0bee28a89ff999f82722fec0\update\wudfcustom. dll Status: Hidden Object-Type: File/Folder Object-Name: update.inf Pid: n/a Object-Path: C:\29576d53869c628d9f15\update\update.inf Status: Hidden Object-Type: Process Object-Name: avguard.exe Pid: 1152 Object-Path: C:\Programmi\AntiVir PersonalEdition Classic\avguard.exe Status: Visible Object-Type: Process Object-Name: ctfmon.exe Pid: 1664 Object-Path: C:\WINDOWS\system32\ctfmon.exe Status: Visible Object-Type: File/Folder Object-Name: update.exe Pid: n/a Object-Path: C:\29576d53869c628d9f15\update\update.exe Status: Hidden Object-Type: Process Object-Name: jusched.exe Pid: 1416 Object-Path: C:\Programmi\Java\jre1.6.0_01\bin\jusched.exe Status: Visible Object-Type: Process Object-Name: IObit SmartDefr Pid: 1676 Object-Path: C:\Programmi\IObit\IObit SmartDefrag\IObit SmartDefrag.exe Status: Visible Object-Type: Process Object-Name: explorer.exe Pid: 432 Object-Path: C:\WINDOWS\explorer.exe Status: Visible Object-Type: Process Object-Name: Rootkit_Detecti Pid: 3512 Object-Path: C:\Documents and Settings\maria\Desktop\Rootkit_Detective.exe Status: Visible Object-Type: Process Object-Name: realsched.exe Pid: 1464 Object-Path: C:\Programmi\File comuni\Real\Update_OB\realsched.exe Status: Visible Object-Type: Process Object-Name: smss.exe Pid: 444 Object-Path: C:\WINDOWS\system32\smss.exe Status: Visible Object-Type: Process Object-Name: GoogleToolbarNo Pid: 1724 Object-Path: C:\Programmi\Google\GoogleToolbarNotifier\1.2.1128 .5462\GoogleToolbarNotifier.exe Status: Visible Object-Type: Process Object-Name: wuauclt.exe Pid: 2492 Object-Path: C:\WINDOWS\system32\wuauclt.exe Status: Visible Object-Type: Process Object-Name: nvsvc32.exe Pid: 1232 Object-Path: C:\WINDOWS\system32\nvsvc32.exe Status: Visible Object-Type: Process Object-Name: iPodService.exe Pid: 2000 Object-Path: C:\Programmi\iPod\bin\iPodService.exe Status: Visible Object-Type: Process Object-Name: svchost.exe Pid: 980 Object-Path: C:\WINDOWS\system32\svchost.exe Status: Visible Object-Type: Process Object-Name: svchost.exe Pid: 728 Object-Path: C:\WINDOWS\system32\svchost.exe Status: Visible Object-Type: File/Folder Object-Name: update.exe Pid: n/a Object-Path: C:\e56d0bee28a89ff999f82722fec0\update\update.exe Status: Hidden Object-Type: Process Object-Name: iTunesHelper.ex Pid: 1764 Object-Path: C:\Programmi\iTunes\iTunesHelper.exe Status: Visible Object-Type: File/Folder Object-Name: wmfdist11.cdf Pid: n/a Object-Path: C:\29576d53869c628d9f15\update\wmfdist11.cdf Status: Hidden Object-Type: Process Object-Name: csrss.exe Pid: 500 Object-Path: C:\WINDOWS\system32\csrss.exe Status: Visible Scan complete. Found hidden Processes and Files: 13 . Total files scanned: 51936


ToolBar Coolstreaming Reply With Quote
  #5  
Old 04-14-2007, 04:03 PM
sefirothmorpheus sefirothmorpheus is offline
Moderatore brazingles :)
 

Join Date: Mar 2006
Location: Cidade Maravilhosa
Posts: 7,478
sefirothmorpheus is on a distinguished road
Default

ma che software hai usato?
__________________
CoolStreaming: a cool way to smash (the) sky!
Per i nuovi arrivati: leggete il REGOLAMENTO e la sezione NUOVI ARRIVATI
Problemi con i vari softwares? Consultate la sezione GUIDE
Ricordate che in questo mondo non Ŕ gradito lo ZAPPING e se i MOD/ADM agiscono, un MOTIVO ci sarÓ!

Iscrivetevi: Formula COOL-ONE 2008 e CoolMoto 2008!
!omrehcs otseuq orteid otaloppartni onoS !otuiA

I can only show you the door. You're the one that has to walk through it...
Sefiroth-Morpheus


ToolBar Coolstreaming Reply With Quote
  #6  
Old 04-14-2007, 04:14 PM
turbo911 turbo911 is offline
Senior Member
 

Join Date: Jun 2006
Posts: 219
turbo911 is on a distinguished road
Default hijajackthis

Sefiro ho usato MacAfee RootKit Detective Beta per fare lo scanner.


ToolBar Coolstreaming Reply With Quote
Reply







Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump



All times are GMT +2. The time now is 03:23 PM.



Powered by: vBulletin Version 3.0.7
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.
Search Engine Friendly URLs by vBSEO 3.1.0 ©2007, Crawlability, Inc.