Indice del forum Olimpo Informatico
I Forum di Zeus News
Leggi la newsletter gratuita - Attiva il Menu compatto
 
 FAQFAQ   CercaCerca   Lista utentiLista utenti   GruppiGruppi   RegistratiRegistrati 
 ProfiloProfilo   Messaggi privatiMessaggi privati   Log inLog in 

    Newsletter RSS Facebook Twitter Contatti Ricerca
come eliminare d:RECYCLER\autoplay.exe
Nuovo argomento   Rispondi    Indice del forum -> Pronto Soccorso Virus
Precedente :: Successivo  
Autore Messaggio
vitodc
Comune mortale
Comune mortale


Registrato: 05/02/09 19:23
Messaggi: 3
MessaggioInviato: 05 Feb 2009 19:53    Oggetto: come eliminare d:RECYCLER\autoplay.exe Rispondi citando
Salve a tutti,
sono un nuovo iscritto , venuto a conoscenza di questo forum tramite una ricerca su internet.
il mio problema , come scritto nel titolo, è la presenza di questo virus (RECYCLER\autoplay.exe, riconosciuto da AVG version 8 ) che mi impedisce completamente l 'accesso al mio HD esterno (usb).

ho letto il topic "Come e cosa segnalare per i vostri problemi" quindi passerei alla descrizione della mia macchina.


Sistema operativo: Windows XP sp3
antivirus : AVG 8
firewall : Zone Allarm Pro

Ho avviato hijackthis e questo è il .log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18.51.25, on 05/02/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgfws8.exe
C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Programmi\Maxtor\Sync\SyncServices.exe
C:\Programmi\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
c:\programmi\pinnacle\shared files\programs\mediaserver\pmshost.exe
C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Programmi\DAEMON Tools Lite\daemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Windows Live\Messenger\usnsvc.exe
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Documents and Settings\__V__\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Programmi\AVG\AVG8\avgscanx.exe
C:\Programmi\AVG\AVG8\avgcsrvx.exe
C:\Programmi\AVG\AVG8\avgui.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmi\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_05\bin\ssv.dll
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Programmi\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programmi\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmi\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [VoipZoom] "C:\Programmi\VoipZoom.com\VoipZoom\VoipZoom.exe" -nosplash -minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - Startup: taskmgr.lnk = C:\WINDOWS\system32\taskmgr.exe
O8 - Extra context menu item: Converti destinazione link in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Converti i link selezionati in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Converti i link selezionati in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Converti selezione in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Invia a &Bluetooth - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmi\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallShield Licensing Service - Macrovision - C:\Programmi\File comuni\InstallShield Shared\Service\InstallShield Licensing Service.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Programmi\File comuni\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Programmi\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Programmi\LogMeIn\x86\LogMeIn.exe
O23 - Service: Maxtor Service (Maxtor Sync Service) - Seagate Technology LLC - C:\Programmi\Maxtor\Sync\SyncServices.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\programmi\pinnacle\shared files\programs\mediaserver\pmshost.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 8307 bytes


spero di aver fatto tutta la procedura in maniera corretta.
attendo un vostro consiglio su come eliminarlo Embarassed visto la mia completa inesperienza con i virus.

Grazie in anticipo a tutti coloro che mi potranno, o meno, dare una mano!
Top
Profilo Invia messaggio privato
vitodc
Comune mortale
Comune mortale


Registrato: 05/02/09 19:23
Messaggi: 3
MessaggioInviato: 05 Feb 2009 20:46    Oggetto: Rispondi citando
problema risolto grazie a COMBOFIX

se volete vi posso postare il .log

ciao
Top
Profilo Invia messaggio privato
bdoriano
Amministratore
Amministratore


Registrato: 02/04/07 12:05
Messaggi: 14391
Residenza: 3° pianeta del sistema solare...
MessaggioInviato: 06 Feb 2009 09:30    Oggetto: Rispondi citando
Ciao vitodc e benvenuto, Ciao

Si, posta il log di combofix, così vediamo cos'ha trovato. Wink

PS: se vuoi, puoi presentarti al Caffé dell'Olimpo. Very Happy
Top
Profilo Invia messaggio privato
vitodc
Comune mortale
Comune mortale


Registrato: 05/02/09 19:23
Messaggi: 3
MessaggioInviato: 06 Feb 2009 17:06    Oggetto: Rispondi citando
Grazie Bdoriano ! XD


ComboFix 09-02-04.04 - __V__ 2009-02-05 19.34.58.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1040.18.1023.321 [GMT 1:00]
Eseguito da: d:\download\ComboFix.exe
AV: AVG Internet Security *On-access scanning enabled* (Updated)
FW: AVG Firewall *enabled*
FW: ZoneAlarm Pro Firewall *enabled*
* Creato nuovo punto di ripristino

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\__V__\Impostazioni locali\Dati applicazioni\ysexrddp.dat
c:\documents and settings\__V__\Impostazioni locali\Dati applicazioni\ysexrddp.exe
c:\documents and settings\__V__\Impostazioni locali\Dati applicazioni\ysexrddp_nav.dat
c:\documents and settings\__V__\Impostazioni locali\Dati applicazioni\ysexrddp_navps.dat
c:\documents and settings\__V__\Impostazioni locali\Temporary Internet Files\MUZAoDA.cfg
c:\documents and settings\__V__\Impostazioni locali\Temporary Internet Files\MUZAoDA0.che
c:\documents and settings\__V__\Impostazioni locali\Temporary Internet Files\MUZAoDA1.che
c:\documents and settings\__V__\Impostazioni locali\Temporary Internet Files\MUZAoDA2.che
c:\documents and settings\__V__\Impostazioni locali\Temporary Internet Files\MUZAoDA3.che
c:\documents and settings\__V__\Impostazioni locali\Temporary Internet Files\MUZAoDA4.che
c:\documents and settings\__V__\Impostazioni locali\Temporary Internet Files\MUZAoDA5.che
c:\documents and settings\__V__\Impostazioni locali\Temporary Internet Files\MUZAoDA6.che
c:\documents and settings\__V__\Impostazioni locali\Temporary Internet Files\MUZAoDA7.che
c:\documents and settings\__V__\Impostazioni locali\Temporary Internet Files\MUZAoDA8.che
c:\documents and settings\__V__\Impostazioni locali\Temporary Internet Files\MUZAoDA9.che
I:\Autorun.inf
L:\Autorun.inf

.
((((((((((((((((((((((((( Files Creati Da 2009-01-05 al 2009-02-05 )))))))))))))))))))))))))))))))))))
.

2009-02-04 19:41 . 2009-02-04 19:43 <DIR> d-------- c:\programmi\eMule AdunanzA
2009-02-03 16:36 . 2007-01-11 20:20 194,304 -ra------ c:\windows\system32\drivers\RTL8187.sys
2009-01-29 17:17 . 2009-01-29 17:17 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Messenger Plus!
2009-01-29 17:13 . 2009-01-29 17:13 <DIR> d-------- c:\programmi\Messenger Plus! Live
2009-01-29 17:01 . 2009-01-29 17:01 <DIR> d-------- c:\programmi\EyeDefender
2009-01-19 16:03 . 2008-04-13 20:45 15,104 --a------ c:\windows\system32\drivers\usbscan.sys
2009-01-19 16:03 . 2008-04-13 20:45 15,104 --a--c--- c:\windows\system32\dllcache\usbscan.sys
2009-01-19 12:44 . 2005-02-25 00:00 46,080 --a------ c:\windows\system32\escimgd.dll
2009-01-19 12:44 . 2005-02-25 00:00 29,696 --a------ c:\windows\system32\escwiad.dll
2009-01-19 12:44 . 2005-02-25 00:00 22,016 --a------ c:\windows\system32\esccmd.dll
2009-01-19 12:34 . 2009-01-19 12:34 13,987 --a------ c:\windows\EPSTPLOG.BAK
2009-01-18 16:24 . 2009-01-19 12:34 <DIR> d-------- C:\EPSON
2009-01-18 16:21 . 2004-11-25 05:07 79,679 --a------ c:\windows\system32\E_FLMACE.DLL
2009-01-18 16:21 . 2003-05-21 02:27 64,000 --a------ c:\windows\system32\E_FBCBACE.DLL
2009-01-18 16:21 . 2004-09-10 20:12 49,152 --a------ c:\windows\system32\E_DCINST.DLL
2009-01-18 16:21 . 2000-06-07 01:01 34,304 --a------ c:\windows\system32\E_FBCHACE.DLL
2009-01-18 16:20 . 2009-01-19 12:44 <DIR> d-------- c:\programmi\EPSON
2009-01-18 15:51 . 2009-01-18 15:51 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\PC Drivers HeadQuarters
2009-01-17 15:28 . 2009-02-05 18:06 <DIR> d-------- c:\windows\system32\drivers\Avg
2009-01-17 15:28 . 2009-01-17 15:28 325,128 --a------ c:\windows\system32\drivers\avgldx86.sys
2009-01-17 15:28 . 2009-01-17 15:28 107,272 --a------ c:\windows\system32\drivers\avgtdix.sys
2009-01-17 15:28 . 2009-01-17 15:28 12,552 --a------ c:\windows\system32\drivers\avgrkx86.sys
2009-01-17 15:28 . 2009-01-17 15:28 10,520 --a------ c:\windows\system32\avgrsstx.dll
2009-01-17 15:27 . 2009-01-17 15:27 <DIR> d-------- c:\programmi\AVG
2009-01-17 15:27 . 2009-01-17 15:27 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\avg8
2009-01-17 15:27 . 2009-01-17 15:27 50,968 --a------ c:\windows\system32\avgfwdx.dll
2009-01-17 15:27 . 2009-01-17 15:27 29,208 --a------ c:\windows\system32\drivers\avgfwdx.sys
2009-01-17 13:58 . 2009-02-04 20:22 <DIR> d--h----- C:\$AVG8.VAULT$
2009-01-17 02:34 . 2009-01-17 02:35 <DIR> d-------- c:\programmi\Virtual Audio Cable
2009-01-17 02:34 . 2009-01-17 02:34 50,944 --a------ c:\windows\system32\drivers\vrtaucbl.sys
2009-01-15 17:38 . 2009-01-16 00:27 <DIR> d-------- c:\documents and settings\__V__\Dati applicazioni\VoipZoom
2009-01-15 17:29 . 2009-01-15 17:29 <DIR> d-------- c:\programmi\VoipZoom.com

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-05 16:39 --------- d-----w c:\documents and settings\__V__\Dati applicazioni\uTorrent
2009-02-05 16:39 --------- d-----w c:\documents and settings\__V__\Dati applicazioni\Skype
2009-02-05 15:07 --------- d-----w c:\documents and settings\__V__\Dati applicazioni\skypePM
2009-02-05 14:55 --------- d-----w c:\programmi\AdunanzA
2009-02-04 23:05 --------- d-----w c:\programmi\LogMeIn
2009-01-31 02:35 517,632 ----a-w c:\windows\Internet Logs\xDB1E.tmp
2009-01-31 02:35 4,848,128 ----a-w c:\windows\Internet Logs\xDB1F.tmp
2009-01-28 03:22 106,496 ----a-w c:\windows\Internet Logs\xDB1D.tmp
2009-01-27 22:33 360,448 ----a-w c:\windows\Internet Logs\xDB1C.tmp
2009-01-27 02:10 --------- d-----w c:\documents and settings\__V__\Dati applicazioni\Apple Computer
2009-01-24 22:40 94,208 ----a-w c:\windows\Internet Logs\xDB1A.tmp
2009-01-24 22:40 4,782,080 ----a-w c:\windows\Internet Logs\xDB1B.tmp
2009-01-24 02:05 4,780,032 ----a-w c:\windows\Internet Logs\xDB19.tmp
2009-01-24 02:05 268,288 ----a-w c:\windows\Internet Logs\xDB18.tmp
2009-01-21 00:34 88,064 ----a-w c:\windows\Internet Logs\xDB17.tmp
2009-01-20 01:25 472,576 ----a-w c:\windows\Internet Logs\xDB16.tmp
2009-01-19 11:12 --------- d-----w c:\programmi\File comuni\Nero
2009-01-18 14:53 --------- d--h--w c:\programmi\InstallShield Installation Information
2009-01-17 18:57 --------- d-----w c:\programmi\NOS
2009-01-17 18:57 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\NOS
2009-01-17 18:54 4,687,360 ----a-w c:\windows\Internet Logs\xDB15.tmp
2009-01-17 18:54 311,808 ----a-w c:\windows\Internet Logs\xDB14.tmp
2009-01-17 14:58 --------- d-----w c:\programmi\File comuni\Adobe
2009-01-17 12:41 --------- d-----w c:\programmi\Google
2009-01-17 12:41 --------- d-----w c:\programmi\ESET
2009-01-17 03:44 1,473,024 ----a-w c:\windows\Internet Logs\xDB13.tmp
2009-01-16 09:26 7,815,810 ----a-w c:\windows\Internet Logs\tvDebug.zip
2009-01-14 23:59 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\Microsoft Help
2008-12-13 04:02 109,568 ----a-w c:\windows\Internet Logs\xDB12.tmp
2008-12-11 10:57 333,952 ----a-w c:\windows\system32\drivers\srv.sys
2008-12-11 03:41 4,559,872 ----a-w c:\windows\Internet Logs\xDB11.tmp
2008-12-11 03:41 1,473,024 ----a-w c:\windows\Internet Logs\xDB10.tmp
2008-12-10 14:21 --------- d-----w c:\programmi\Skype
2008-12-10 14:21 --------- d-----w c:\programmi\File comuni\Skype
2008-11-22 19:22 174,592 ----a-w c:\windows\Internet Logs\xDBF.tmp
2008-11-21 09:59 4,467,200 ----a-w c:\windows\Internet Logs\xDBE.tmp
2008-11-21 09:59 3,843,584 ----a-w c:\windows\Internet Logs\xDBD.tmp
2008-11-13 21:05 87,352 ----a-w c:\windows\system32\LMIinit.dll
2008-11-13 21:05 83,288 ----a-w c:\windows\system32\LMIRfsClientNP.dll
2008-11-13 21:05 28,984 ----a-w c:\windows\system32\LMIport.dll
2008-11-13 21:05 23,736 ----a-w c:\windows\system32\lmimirr.dll
2008-11-13 21:05 10,040 ----a-w c:\windows\system32\lmimirr2.dll
2008-03-15 11:11 5,940 ----a-w c:\programmi\downloads.txt
2008-03-14 20:42 5,940 ----a-w c:\programmi\downloads.bak
2008-01-29 16:46 53,910 ----a-w c:\programmi\unins000.dat
2008-01-29 16:45 685,593 ----a-w c:\programmi\unins000.exe
2007-06-13 21:00 4,902,912 ----a-w c:\programmi\eMule_AdnzA.exe
2007-06-13 14:53 5,299 ----a-w c:\programmi\AdunanzA_Changelog.txt
2006-07-17 13:28 4,874,240 ----a-w c:\programmi\eMule_AdnzA.old
2006-07-03 13:21 911,872 ----a-w c:\programmi\AdUpdater.exe
2006-01-26 15:36 253,218 ----a-w c:\programmi\changelog.txt
2006-01-17 20:46 13,043 ----a-w c:\programmi\readme.txt
2005-06-16 16:34 14,894 ----a-w c:\programmi\Template.eMuleSkin.ini
2003-04-17 09:56 22,763 ----a-w c:\programmi\license-IT.txt
2002-10-08 16:10 14,971 ----a-w c:\programmi\license.txt
2008-02-28 12:30 8,784 ----a-w c:\programmi\mozilla firefox\plugins\ractrlkeyhook.dll
2008-02-28 12:33 245,408 ----a-w c:\programmi\mozilla firefox\plugins\unicows.dll
2008-09-30 15:35 32,768 --sha-w c:\windows\system32\config\systemprofile\Impostazioni locali\Cronologia\History.IE5\MSHist012008093020081001\index.dat
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\programmi\DAEMON Tools Lite\daemon.exe" [2008-04-01 486856]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"msnmsgr"="c:\programmi\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]
"VoipZoom"="c:\programmi\VoipZoom.com\VoipZoom\VoipZoom.exe" [2008-11-03 8979456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ZoneAlarm Client"="c:\programmi\Zone Labs\ZoneAlarm\zlclient.exe" [2007-06-21 919016]
"LogMeIn GUI"="c:\programmi\LogMeIn\x86\LogMeInSystray.exe" [2007-08-03 63048]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-12-05 8523776]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-01-17 1601304]

c:\documents and settings\__V__\Menu Avvio\Programmi\Esecuzione automatica\
taskmgr.lnk - c:\windows\system32\taskmgr.exe [2004-08-19 139264]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{88485281-8b4b-4f8d-9ede-82e29a064277}"= "c:\progra~1\MarkAny\CONTEN~1\MACSMA~1.DLL" [2004-11-23 192512]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2008-01-09 12:30 72208 c:\programmi\File comuni\Logishrd\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-01-17 15:28 10520 c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2008-11-13 22:05 87352 c:\windows\system32\LMIinit.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= msaud32_divx.acm

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\AdunanzA\\eMule_AdnzA.exe"=
"c:\\WINDOWS\\system32\\muzapp.exe"=
"c:\\Programmi\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Programmi\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Programmi\\uTorrent\\uTorrent.exe"=
"c:\\Programmi\\Bonjour\\mDNSResponder.exe"=
"c:\\Programmi\\iTunes\\iTunes.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Programmi\\VoipZoom.com\\VoipZoom\\VoipZoom.exe"=
"c:\\Programmi\\AVG\\AVG8\\avgam.exe"=
"c:\\Programmi\\AVG\\AVG8\\avgupd.exe"=
"c:\\Programmi\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=

R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2009-01-17 12552]
R0 si3112r;Silicon Image SiI 3112 SATARaid Controller;c:\windows\system32\drivers\SI3112r.sys [2008-03-17 85333]
R0 SiWinAcc;SiWinAcc;c:\windows\system32\drivers\SiWinAcc.sys [2008-03-17 9600]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-01-17 325128]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-01-17 107272]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-01-17 298264]
R2 avgfws8;AVG8 Firewall;c:\progra~1\AVG\AVG8\avgfws8.exe [2009-01-17 1339600]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2008-05-06 47640]
R3 3xHybrid;Pinnacle PCTV 110i service;c:\windows\system32\drivers\3xHybrid.sys [2008-03-18 799744]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [2009-01-17 29208]
R3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);c:\windows\system32\drivers\vrtaucbl.sys [2009-01-17 50944]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\programmi\LogMeIn\x86\rainfo.sys [2007-08-03 12856]
S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [2008-06-23 16512]
S3 ASUSHWIO;ASUSHWIO;\??\c:\windows\system32\drivers\ASUSHWIO.sys --> c:\windows\system32\drivers\ASUSHWIO.sys [?]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [2009-01-17 29208]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2008-09-10 138112]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2008-09-10 8320]
S3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187.sys [2009-02-03 194304]
S4 LMIRfsClientNP;LMIRfsClientNP; [x]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I]
\Shell\AutoRun\command - RECYCLER\autoplay.exe
\Shell\explore\Command - RECYCLER\autoplay.exe -explore
\Shell\open\Command - RECYCLER\autoplay.exe -open

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b230d1d0-ff51-11dc-94ec-00265414d97f}]
\Shell\Auto\command - H:\UFO.exe
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL UFO.exe
.
Contenuto della cartella 'Scheduled Tasks'

2009-01-31 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2009-02-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1757981266-1364589140-682003330-1003.job
- c:\documents and settings\__V__\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe [2009-01-27 18:59]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: Converti destinazione link in file PDF esistente - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Converti i link selezionati in Adobe PDF - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Converti i link selezionati in file PDF esistente - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Converti selezione in file PDF esistente - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Invia a &Bluetooth - c:\programmi\WIDCOMM\Software Bluetooth\btsendto_ie_ctx.htm
FF - ProfilePath - c:\documents and settings\__V__\Dati applicazioni\Mozilla\Firefox\Profiles\3tavdwdo.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.startup.homepage - hxxp://www.google.it/
FF - component: c:\documents and settings\__V__\Dati applicazioni\Mozilla\Firefox\Profiles\3tavdwdo.default\extensions\bkmrksync@nokia.com\components\BkMrkExt.dll
FF - component: c:\documents and settings\__V__\Dati applicazioni\Mozilla\Firefox\Profiles\3tavdwdo.default\extensions\piclens@cooliris.com\components\coolirisstub.dll
FF - component: c:\programmi\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\programmi\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\documents and settings\__V__\Dati applicazioni\Mozilla\Firefox\Profiles\3tavdwdo.default\extensions\LogMeInClient@logmein.com\plugins\npRACtrl.dll
FF - plugin: c:\documents and settings\__V__\Impostazioni locali\Dati applicazioni\Google\Update\1.2.133.37\npGoogleOneClick7.dll
FF - plugin: c:\program files\Real\RealPlayer\Netscape6\nppl3260.dll
FF - plugin: c:\program files\Real\RealPlayer\Netscape6\nprjplug.dll
FF - plugin: c:\program files\Real\RealPlayer\Netscape6\nprpjplug.dll
FF - plugin: c:\programmi\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
FF - plugin: c:\programmi\Mozilla Firefox\plugins\npRACtrl.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-05 19:39:34
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_USERS\S-1-5-21-1757981266-1364589140-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{81951DB6-3F36-F745-E813-3466CD5A0F6D}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"hafcdagipgfkcmal"=hex:61,61,00,7e
"hafcdagicokdhlgl"=hex:61,61,00,7e

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"cd042efbbd7f7af1647644e76e06692b"=hex:e2,63,26,f1,3f,c8,ff,68,ac,56,ef,9d,db,
58,64,67,e2,63,26,f1,3f,c8,ff,68,e1,38,89,7c,7e,45,6f,9c,e2,63,26,f1,3f,c8,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"bca643cdc5c2726b20d2ecedcc62c59b"=hex:71,3b,04,66,8b,46,0d,96,cb,e3,63,66,8f,
c1,c6,d5,6a,9c,d6,61,af,45,84,18,13,62,db,ac,e9,28,93,c8,6a,9c,d6,61,af,45,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2c81e34222e8052573023a60d06dd016"=hex:ff,7c,85,e0,43,d4,0e,fe,6a,42,99,d6,9f,
0c,25,8d,ff,7c,85,e0,43,d4,0e,fe,87,96,bc,d0,2f,45,0f,54,ff,7c,85,e0,43,d4,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2582ae41fb52324423be06337561aa48"=hex:86,8c,21,01,be,91,eb,e7,b4,46,52,78,08,
30,b9,8c,86,8c,21,01,be,91,eb,e7,4a,38,58,fa,44,ed,06,26,86,8c,21,01,be,91,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"caaeda5fd7a9ed7697d9686d4b818472"=hex:cd,44,cd,b9,a6,33,6c,cd,6d,6f,d2,4e,8f,
40,29,2c,f5,1d,4d,73,a8,13,5c,05,80,db,87,92,0d,3f,50,c5,f5,1d,4d,73,a8,13,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:b0,18,ed,a7,3f,8d,37,a4,bb,78,55,8d,32,
91,cc,11,df,20,58,62,78,6b,cf,c8,94,c0,c3,4b,67,6c,69,ff,df,20,58,62,78,6b,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"4d370831d2c43cd13623e232fed27b7b"=hex:31,77,e1,ba,b1,f8,68,02,44,e3,89,5f,77,
af,49,af,fb,a7,78,e6,12,2f,9a,ea,85,f1,dd,e6,b4,5a,da,7e,fb,a7,78,e6,12,2f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1d68fe701cdea33e477eb204b76f993d"=hex:aa,52,c6,00,84,3c,26,64,63,0d,33,cb,29,
59,e2,58,01,3a,48,fc,e8,04,4a,f1,7b,27,ba,f5,6c,8a,ac,97,01,3a,48,fc,e8,04,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1fac81b91d8e3c5aa4b0a51804d844a3"=hex:51,fa,6e,91,28,9e,14,cc,d5,ab,15,7f,1e,
81,c5,2f,f6,0f,4e,58,98,5b,89,c9,9a,5f,f6,f7,bf,63,25,7b,f6,0f,4e,58,98,5b,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"f5f62a6129303efb32fbe080bb27835b"=hex:3d,ce,ea,26,2d,45,aa,78,20,ec,68,16,fb,
7a,6f,5d,3d,ce,ea,26,2d,45,aa,78,61,7b,6d,f4,61,e1,e5,84,3d,ce,ea,26,2d,45,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:f8,31,0f,a9,5f,a0,ec,fb,dd,1e,13,7d,c8,
a7,29,f2,2a,b7,cc,b5,b9,7f,41,e7,e3,04,d5,84,28,0a,5d,4d,2a,b7,cc,b5,b9,7f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"8a8aec57dd6508a385616fbc86791ec2"=hex:fa,ea,66,7f,d4,3b,6b,70,b1,fe,e7,ac,cc,
af,83,92,6c,43,2d,1e,aa,22,2f,9c,07,ee,ad,a8,9f,ff,81,3a,6c,43,2d,1e,aa,22,\
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'winlogon.exe'(1152)
c:\programmi\file comuni\logishrd\bluetooth\LBTWlgn.dll
c:\windows\system32\LMIinit.dll
c:\programmi\file comuni\logishrd\bluetooth\LBTServ.dll
c:\windows\system32\LMIRfsClientNP.dll
.
Ora fine scansione: 2009-02-05 19.41.22
ComboFix-quarantined-files.txt 2009-02-05 18:41:10

Pre-Run: 67.019.833.344 byte disponibili
Post-Run: 70,017,400,832 byte disponibili

324 --- E O F --- 2009-01-14 23:59:27



spero di aver postato in maniera giusta :S


Grazie Bdoriano ! XD
Top
Profilo Invia messaggio privato
bdoriano
Amministratore
Amministratore


Registrato: 02/04/07 12:05
Messaggi: 14391
Residenza: 3° pianeta del sistema solare...
MessaggioInviato: 06 Feb 2009 19:47    Oggetto: Rispondi
Combofix ti ha eliminato il virus NaviPromo. Razz

Apri il Blocco note e crea un file di testo con le seguenti istruzioni:
Codice:
Registry::
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b230d1d0-ff51-11dc-94ec-00265414d97f}]

Salva il file sul desktop con il nome CFScript.txt e trascinalo sull'icona di ComboFix, come indicato in seguito:

Attendi pazientemente la fine dei lavori senza toccare tastiera, mouse o altro. Wink
Posta il log aggiornato di combofix.

Hai qualche periferica USB (chiavetta o HD esterno) infetta, dobbiamo disabilitarne l'avvio automatico all'inserimento per controllarle.
Per farlo in maniera semplice, scaricati il programma TweakUI da questa pagina e installalo.
Una volta installato, eseguilo e procedi con questi passaggi:
Citazione:
Espandi la sezione My Computer
Espandi la sottosezione Autoplay
Spostati in Types
Togli il segno di spunta a Enable Autoplay for removable drives
Clicca su Apply
Chiudi TweakUI

PS: Con Espandi intendo: clicca sul simbolo [+] di fianco alle voci che ti ho indicato Wink

Da questo momento tutti gli apparati USB smetteranno di avviarsi automaticamente.

Fai questa scansione con Kaspersky (anche delle tue chiavette USB).

Inserisci le tue chiavette e fai un check delle stesse con il tuo antivirus.
Quando sei sicuro che tutto è a posto, puoi riabilitare l'avvio automatico, rifacendo lo stesso percorso che ti ho indicato.

PS: per esperienza personale, ti posso dire che AVG è deboluccio per il controllo delle periferiche USB... Rolling Eyes
Top
Profilo Invia messaggio privato
Mostra prima i messaggi di:   
Nuovo argomento   Rispondi    Indice del forum -> Pronto Soccorso Virus Tutti i fusi orari sono GMT + 2 ore
Pagina 1 di 1

 
Vai a:  
Non puoi inserire nuovi argomenti
Non puoi rispondere a nessun argomento
Non puoi modificare i tuoi messaggi
Non puoi cancellare i tuoi messaggi
Non puoi votare nei sondaggi