Go Back   Forum > Tecno-Cool > Sicurezza

LOGIN / ENTRA

Register FAQ Live Now! Rules Live TV Arcade Search Today's Posts Mark Forums Read


Reply
 
Thread Tools Search this Thread Display Modes Translate
  #1  
Old 07-17-2007, 04:34 PM
turbo911 turbo911 is offline
Senior Member
 

Join Date: Jun 2006
Posts: 219
turbo911 is on a distinguished road
Default

hijackthis


Amici, voi siete proprio sicuri,e mi riferisco a Safiro che e' un professore in questo campo, che hijackthis scopre tutti i rootkit?Dico cio',in quanto io,
fatto un log con esso, diceva che stavo a posto.Vedere il mio log che vi posto.Poi l'ho analizzato con F-SECURE BLACK LIGHT E SOPHOS e mi dicono la stessa cosa.Non mi sono accontentato e ho fatto lo stesso con GMER.exe che mi dice Hdden Module(no name) F761F000.Voi sapete che questo programma li analizza solo, senza cancellarli.Questi rootkit,sono cosi' fastidiosi, che appena sei sicuro, e io prima avevo fatto una scansione con lo stesso GMER.exe,e mi aveva detto che stavo a posto,escono come i vermi.


Reply With Quote
  #2  
Old 07-17-2007, 04:36 PM
turbo911 turbo911 is offline
Senior Member
 

Join Date: Jun 2006
Posts: 219
turbo911 is on a distinguished road
Default

ho dimenticato d'inviare il mio log
Code:
lRunning processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programmi\AntiVir PersonalEdition Classic\avguard.exe C:\Programmi\AntiVir PersonalEdition Classic\sched.exe C:\WINDOWS\system32\crypserv.exe C:\WINDOWS\system32\nvsvc32.exe C:\Programmi\Spyware Terminator\sp_rsser.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Programmi\Winamp\winampa.exe C:\Programmi\File comuni\Real\Update_OB\realsched.exe C:\Programmi\Java\jre1.6.0_01\bin\jusched.exe C:\Programmi\Lexmark 5200 series\lxbtbmgr.exe C:\Programmi\IObit\IObit SmartDefrag\IObit SmartDefrag.exe C:\Programmi\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\Mixer.exe C:\Programmi\Lexmark 5200 series\lxbtbmon.exe C:\Programmi\Spyware Terminator\SpywareTerminatorShield.exe C:\WINDOWS\system32\ctfmon.exe C:\Programmi\MSN Messenger\msnmsgr.exe C:\Programmi\Messenger\MSMSGS.EXE C:\Programmi\Google\GoogleToolbarNotifier\GoogleTo olbarNotifier.exe C:\Documents and Settings\maria\Desktop\HiJackThis_v2(2).exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar2.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar2.dll O4 - HKLM\..\Run: [WinampAgent] C:\Programmi\Winamp\winampa.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [Lexmark 5200 series] "C:\Programmi\Lexmark 5200 series\lxbtbmgr.exe" O4 - HKLM\..\Run: [SmartDefrag] "C:\Programmi\IObit\IObit SmartDefrag\IObit SmartDefrag.exe" /startup O4 - HKLM\..\Run: [avgnt] "C:\Programmi\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [LXBTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBTtim e.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [SpywareTerminator] "C:\Programmi\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Programmi\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\MSMSGS.EXE" /background O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\GoogleTo olbarNotifier.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Programmi\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: &Windows Live Search - res://C:\Programmi\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\MSMSGS.EXE O14 - IERESET.INF: START_PAGE_URL=http://www.google.it/ O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_01) - O17 - HKLM\System\CCS\Services\Tcpip\..\{C906D099-9A62-42F8-94DD-7E54FC039FE4}: NameServer = 208.67.222.222 208.67.220.220 O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Programmi\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe O23 - Service: lxbt_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxbtcoms.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Programmi\Spyware Terminator\sp_rsser.exe O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Programmi\Windows Live\installer\WLSetupSvc.exe -- End of file - 6135 bytes


Reply With Quote
  #3  
Old 07-17-2007, 04:40 PM
petrescu petrescu is offline
Moderatore
 

Join Date: Mar 2006
Location: Salentu:lu sule,lu mare,lu jentu
Posts: 3,526
petrescu is on a distinguished road
Default

sembra tutto ok
__________________
VISITA LA MIA PAGINA FACEBOOK


Reply With Quote
  #4  
Old 07-17-2007, 04:59 PM
turbo911 turbo911 is offline
Senior Member
 

Join Date: Jun 2006
Posts: 219
turbo911 is on a distinguished road
Default

Ho spento il computer,l'ho avviato, ho fatto di nuovo la scansione con GMER.exe
e non ha trovato nessuno rootkit, e' strano! Io penso che questi rootkit sono abbastanza malefici e molto furbi che si nascondono molto bene, che appariscono quanto tu sei sicuro che non ce l'hai.


Reply With Quote
  #5  
Old 02-20-2016, 04:22 PM
jibjabst jibjabst is offline
Member
 

Join Date: Oct 2015
Posts: 30
jibjabst is on a distinguished road
Default

h39ug0n insurance


yhh1y1bl n98leu06 b38d0s0fa gaaewf6b oqt3hcx0


Reply With Quote
  #6  
Old 09-14-2016, 11:15 AM
nguoiduatin196 nguoiduatin196 is offline
Junior Member
 

Join Date: Sep 2016
Posts: 1
nguoiduatin196 is on a distinguished road
Send a message via ICQ to nguoiduatin196 Send a message via AIM to nguoiduatin196 Send a message via MSN to nguoiduatin196 Send a message via Yahoo to nguoiduatin196
Default

414asfczczczxczv


Reply With Quote
  #7  
Old 05-19-2017, 10:05 AM
tranvietdkqt tranvietdkqt is offline
Junior Member
 

Join Date: May 2017
Location: Ha Noi
Posts: 1
tranvietdkqt is on a distinguished road
Send a message via Yahoo to tranvietdkqt
Default

Nice


Thank for your share,


Reply With Quote
  #8  
Old 06-12-2017, 07:20 AM
drdonghung drdonghung is offline
Junior Member
 

Join Date: Jun 2017
Posts: 1
drdonghung is on a distinguished road
Default

Giới thiệu pḥng khám Dr Đông Hưng


Pḥng khám chuyên khoa tiết niệu Dr Đông Hưng chuyên Dịch vụ thẩm mỹ Nam khoa, thẩm mỹ phụ khoa, điều trị bệnh Xă Hội.
Pḥng khám đạt chất lượng chuẩn hàng đầu.
Pḥng khám chuyên khoa tiết liệu Dr Đông Hưng luôn được trang bị các thiết bị y tế công nghệ cao, hiện đại giúp cho việc chuẩn đoán và điều trị bệnh chính xác và hiệu quả. Hệ thống pḥng phẫu thuật luôn đạt vô trùng theo tiêu chuẩn quốc tế, hạn chế các rủi do viêm nhiễm cho bệnh nhân. Giúp bệnh nhân tiết kiệm thời gian và tiền bạc khi điều trị.
Đội ngũ Y – Bác sĩ giỏi.
Với đội ngũ Y – Bác sĩ chuyên khoa giỏi, có nhiều năm kinh nghiệm hoạt động ở các bệnh viện lớn trên toàn quốc cùng với tiêu chí phục vụ thân thiện, chu đáo, tận t́nh Dr Đông Hưng luôn là một địa chỉ được nhiều khách hàng tin tưởng và điều trị.
Địa chỉ tại Số 30 Bùi Bằng Đoàn, Nguyễn Trăi, Hà Đông, Hà Nội
Website: drdonghung.vn
Điện thoại: 09 777 58 777


Reply With Quote
ReplyThread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT +2. The time now is 07:23 PM.


Powered by: vBulletin Copyright ©2000 - 2023, Jelsoft Enterprises Ltd.
Search Engine Friendly URLs by vBSEO 3.1.0 ©2007, Crawlability, Inc.