PDA

View Full Version : QUESTI SONO VIRUS O NO?

artesina
13-12-2008, 14:11
Ciao a tutti, dopo aver avuto problemi ed essere stato aiutato egregiamente da Chill-out, un santo oltre che bravissimo, ora ho fatto un controllino sul pc di mio padre che con csi da qusti 2 errori se così si possono chiamare ma visto che uno è un software o file di hp e l'altro fa parte del gioco rose on line vorrei sapere se i file in questione si possono lasciare o meno
Il pc portatile hppavilion zd8000 è funzionante senza grossi problemi se non un vistoso rallentamento che a mio parere può essere causato da avast poi altro non saprei dirvi.
Se non sono pericolosi preferirei lasciarli in caso contrario eseguiro HJT (e in un secondo caso combofix se cè qualcuno che mi aiuta dopo che avrò postato i log...ma spero non ce ne sia bisogno)
Grazie a tutti
Ciaoo
ShoShen
13-12-2008, 14:25
puoi fare per precauzione un analisi dei file qui :)

http://www.virustotal.com/it/
artesina
13-12-2008, 14:30
il log è parziale ma gli altri sono good program o good questo per riuscire a caricarlo qui
Prevx Scan Log - Version v3.0.0.199
Log Generated: 13/12/2008 15:15, Type: 0,1
Some non-malicious files are not included in this log.

Last Scan: Sat 2008-12-13 14:54:03 ora solare Europa occidentale. Number of Scans: 2. Last Scan Duration: 2 minutes 20 seconds.
[G<R00000088>] C:\WINDOWS\System32\Drivers\dtscsi.sys [PX5: 09EB6F2198563BB1672703C5BEBDDC00F3DC65FA]
[B] C:\Programmi\Triggersoft\Rose Online\TriggerDetect.exe [PX5: C8D0E3690039C4B2E0EC0F18DC1D4000F264111D] Malware Group: Worm
[B] C:\Programmi\Servizi in linea\Interfree\HP300sp5.exe [PX5: 8B98308C966F7D7BE5CB052E235D1B00C6A8A96A] Malware Group: Malicious Software
[U] (ACTIVE) C:\Programmi\Alwil Software\Avast4\aswCmnB.dll [PX5: F1D10D81000D86C100F902BB1B94D10058B217C3]
[U] (ACTIVE) C:\Programmi\Alwil Software\Avast4\aswAux.dll [PX5: 686F0808003E43CC10180A167C18F500D0C5DF64]
[U] (ACTIVE) C:\Programmi\Alwil Software\Avast4\aswScan.dll [PX5: 72C09A670000CC3E502D011726DED90000AC19A3]
[U] (ACTIVE) C:\Programmi\Alwil Software\Avast4\aswEngin.dll [PX5: 87356338008BE2EA6094139EF5D75D0087D354AE]
[U] (ACTIVE) C:\Programmi\Alwil Software\Avast4\ashBase.dll [PX5: 4684401C00AD396470B403CC72917B0010F3C1D4]
[U] (ACTIVE) C:\Programmi\Alwil Software\Avast4\ashTask.dll [PX5: AAAF6EBE00F55ECCD098018CFF78B4006A28766F]
[U] (ACTIVE) C:\Programmi\Alwil Software\Avast4\aswIdle.dll [PX5: C178E3E7407088E02D2A00761D831A0096FB5674]
[U] (ACTIVE) C:\Programmi\Alwil Software\Avast4\Aavm4h.dll [PX5: E9D6A520002F5445701E03E42C8A090092AC0B37]
[U] (ACTIVE) C:\Programmi\Alwil Software\Avast4\Italian\Base.dll [PX5: BF3AC3A800A1A5AB0008015A0F6C1B00CB7586C8]
[U] (ACTIVE) C:\Programmi\Alwil Software\Avast4\ahResMes.dll [PX5: 42D7A4E6004C6A4380180045071B9200403C9852]
[U] (ACTIVE) C:\Programmi\Alwil Software\Avast4\ahResP2P.dll [PX5: 7D328FF10007D573826E0092CAA2AA000B663AB5]
[U] (ACTIVE) C:\Programmi\Alwil Software\Avast4\AhResNS.dll [PX5: 40C2C33B00FE9171D02000786B36C5004950C7DE]
[U] (ACTIVE) C:\Programmi\Alwil Software\Avast4\AhResStd.dll [PX5: C381B39000F19CA3A88100E64634F400EFDD57A0]
[U] (ACTIVE) C:\Programmi\Alwil Software\Avast4\AhResWS.dll [PX5: 8369729D00C1318CD0A7002DDDE82A00CABCE104]
[U] (ACTIVE) C:\Programmi\Alwil Software\Avast4\ashSSqlt.dll [PX5: B85052A700AB4CEE90670390BBF3960027028505]
[U] (ACTIVE) c:\programmi\alwil software\avast4\ahruimai.dll [PX5: 6FDDBB580091FB0A0023011066EEF9000E5740FF]
[U] (ACTIVE) C:\Programmi\Alwil Software\Avast4\ashUInt.dll [PX5: 46735A6900C2671900C6052DB04FDB00CD01DFE8]
[U] (ACTIVE) c:\programmi\alwil software\avast4\ahruins.dll [PX5: 5DE991DE00AF7C3B90530038DE62520051252664]
[U] (ACTIVE) c:\programmi\alwil software\avast4\ahruiout.dll [PX5: 2F9B99E70099969E601B01BE0727630076D5934E]
[U] (ACTIVE) c:\programmi\alwil software\avast4\ahruistd.dll [PX5: 81FA13F90079BF3CE0ED00840059E200A28773FB]
[U] (ACTIVE) c:\programmi\alwil software\avast4\ahruiws.dll [PX5: C10E7ED700114FD4C0F6006C31E2A80081A26D7F]
[U] (ACTIVE) C:\Programmi\Alwil Software\Avast4\ashWsFtr.dll [PX5: CA237C2100753324005F01D9824966003751BC4B]
[UN] C:\Programmi\Codice Fiscale CodFree.exe [PX5: 4ED3C22CC2A505881712091D6DA798000301709A]
[U] C:\Programmi\Canon\ZoomBrowser EX\Program\ZbTaskExport.dll [PX5: 15B326100047A575AEF0127EE379B400F68ED040]
[U] C:\Programmi\Canon\ZoomBrowser EX\Program\ZbTaskSimplePrint.dll [PX5: 66432F4500FE9C20E44400C958E3E20048448D77]
[U] C:\Programmi\Canon\ZoomBrowser EX\Program\ZbTaskChangeFileName.dll [PX5: BE7305470003231E4E26020772142C00692989A5]
[U] C:\Programmi\Canon\ZoomBrowser EX\Program\ZbTaskPhotoRecord.dll [PX5: 522882A70005F6B29ED602AA407A6A0027F4C843]
[U] C:\Programmi\Canon\ZoomBrowser EX\Program\ZbTaskGeneralEdit.dll [PX5: CD34767E00D8570C92A602208A7A9C005DBF1F02]
[U] C:\Programmi\Canon\ZoomBrowser EX\Program\ZbTaskClassifyIntoFolder.dll [PX5: 72D2A6F2001E59C0963A03C68C0AB2001A28C175]
[U] C:\Programmi\Canon\ZoomBrowser EX\Program\ZbSearchResults.dll [PX5: 206CD8CB008A9792B8E2002014D0E7009294FA00]
[U] C:\Programmi\Canon\ZoomBrowser EX\Program\ZbRecentDownloads.dll [PX5: 6F8A773400A5EE6DE29800FB909269007898A9CD]
[U] C:\Programmi\Canon\ZoomBrowser EX\Program\ZbAppProxyStub.dll [PX5: 5875514000ED86C632CC005F8381F2000B1E69F7]
[U] C:\Programmi\Canon\ZoomBrowser EX\Program\ZbImageTaskCorrect.dll [PX5: E0D8EA130028EC60080803EF7BAEDF00CA2ED6AA]
[U] C:\Programmi\Canon\ZoomBrowser EX\Program\ZbTaskPrintCore.dll [PX5: 64CA56B500B51D35EAC711366EB9F9000F0E6564]
[U] C:\PROGRAMMI\ALWIL SOFTWARE\AVAST4\DATA\ASWAR0.DLL [PX5: D03EB616C80447237F1F036C50D8E800940DE909]
[U] C:\Programmi\Canon\ZoomBrowser EX\Program\ZbCommands2.dll [PX5: E0A6752D0032B908B899043A8F681F0032C23CC5]
[U] C:\Programmi\Canon\ZoomBrowser EX\Program\ZbImageTaskRedEye.dll [PX5: 7C338C9600C5F865BE5F01C37E66C200192721F2]
[U] C:\Programmi\Canon\ZoomBrowser EX\Program\ZbVirtualFolder.dll [PX5: F416232F0095B4B112B301A51E8AB900E61862E4]
[U] C:\Programmi\Canon\ZoomBrowser EX\Program\ZbImageTaskAutoAdjustment.dll [PX5: 5197910C00F5CE3FA4B7018CCE5647007D47B454]
[U] C:\Programmi\Canon\ZoomBrowser EX\Program\ZBUI_TreeView.dll [PX5: 1B80F6BC00F1B95D508402A3376ADE00BEDEAE99]
[U] C:\Programmi\Canon\ZoomBrowser EX\Program\ZbHtmlPreview.dll [PX5: A66809E400868000068402AE0F10B30078FEE389]
[U] C:\Programmi\Canon\ZoomBrowser EX\Program\ZbTaskCIGRegist.dll [PX5: 9BE8BF3E001194F8305E023C3E230A00A17C85C6]
[U] C:\Programmi\Canon\ZoomBrowser EX\Program\ZbTaskCIGTopPage.dll [PX5: D093F13C000AFB0F40C102458F09E7009BB90736]
[U] C:\Programmi\Canon\ZoomBrowser EX\Program\ZbTaskCIGMyCamera.dll [PX5: A5ADFF5A002EF71C40F2021DFC43AE0079AAF597]
[U] C:\Programmi\Canon\ZoomBrowser EX\Program\ZBUI_Toolbar.dll [PX5: ACCA656E0033865C28170349D993840051C23184]
[U] C:\Programmi\Canon\ZoomBrowser EX\Program\ZbTaskCameraWindow.dll [PX5: 11B4B92400B384C88496039A3C31C500FBBE1918]
[U] C:\Programmi\Canon\ZoomBrowser EX\Program\ZbTaskELP_IJ.dll [PX5: 780AC02A007B0E095C3003180FB45D0087143DBC]
[U] C:\Programmi\Canon\ZoomBrowser EX\Program\ZBUI_ImageCtrl.dll [PX5: 04CAD88900F8FE764C600113CEBCC700CEE62E6F]
[U] C:\Programmi\Canon\ZoomBrowser EX\Program\ZbTaskCIGAlbum.dll [PX5: 3A1F77CB00FDE96D409C028E9444E700FD68B5B3]
[U] C:\Programmi\Canon\ZoomBrowser EX\Program\ZBUI_Utils.dll [PX5: 1CA83694008B6C66D03F041F0B19B10003D64C3F]
[U] C:\Programmi\Canon\ZoomBrowser EX\Program\ZbTaskPrintLaunchOther.dll [PX5: 376F0DA4007A15FDC60302F9994B1A00ACB8FD50]
[U] C:\Programmi\Canon\ZoomBrowser EX\Program\ZbTaskSearch.dll [PX5: 319632E400B42509EC64038862EC950084BB98BA]
[U] C:\Programmi\Canon\ZoomBrowser EX\Program\ZBUI_TaskView.dll [PX5: E1C7300E00663AAB5C4B14690C853E004C28B82D]
[U] C:\Programmi\Canon\ZoomBrowser EX\Program\ZbLocalVolumeDevice.dll [PX5: D5EF4AFD0071F7C0163F095AD5E074000D5BF969]
[U] C:\Programmi\Canon\ZoomBrowser EX\Program\ZbDmu.dll [PX5: 662BF826002316E18EB1162601313500AD9D98CD]
[U] C:\Programmi\Canon\ZoomBrowser EX\Program\ZbDmv.dll [PX5: 90038F4F00A42FAB6CDB07D2CE10D70005113DB1]
[U] C:\Programmi\Canon\ZoomBrowser EX\Program\zb_ui.dll [PX5: 9D80AA2B00504EE27CED1468B000F800A25714DA]
[U] C:\Programmi\Canon\ZoomBrowser EX\Program\ZBUI_Controls.dll [PX5: 0D95AA0300A5B0680AEF0BC3AA36D200C5963155]
[U] C:\Programmi\Canon\ZoomBrowser EX\Program\ZBUI_SimpleHelp.dll [PX5: DD7C60CC008DD90E207218BC1952060042EF56B0]
[U] C:\Programmi\Canon\ZoomBrowser EX\Program\ZBUI_Commands.dll [PX5: 33BCB9F60052F7041AFA0BE2AE9EFE00A4B0ED78]
[U] C:\Programmi\Canon\ZoomBrowser EX\Program\ZBUI_ImageViewer.dll [PX5: F7E2216A0062F9A2F674063077A1F400A4408AA3]
[U] C:\Programmi\Canon\ZoomBrowser EX\Program\ZbCoreManagers.dll [PX5: 28454F300013D993F4A006FD3FA1FB00D868AA5A]
[U] C:\Programmi\Canon\ZoomBrowser EX\Program\ZbImageTaskCrop.dll [PX5: EB71613000234C20527002A39FA59B009A2732C7]
[U] C:\Programmi\Canon\ZoomBrowser EX\Program\ZbImageTaskInsertText.dll [PX5: 6F08A3BA00B35D47684902F561BE6D0034AC3E74]
[U] C:\Programmi\Canon\ZoomBrowser EX\Program\ZbImageTaskSharpness.dll [PX5: 016F2556009A0DF0FA64011D6F806E00EFB9D2F7]
[U] C:\Programmi\Canon\ZoomBrowser EX\Program\ZbTaskPhotoStitch.dll [PX5: 80CE8B5B009E462B189701CFC29B07005981980C]
[U] C:\Programmi\Canon\ZoomBrowser EX\Program\ZbTaskCDBurn.dll [PX5: 0051694D0069FFE366E50318459F9100844AA1F4]
[U] C:\Programmi\Canon\ZoomBrowser EX\Program\ZbTaskEPPEX_EPP.dll [PX5: 89395822006058B45EBF0317A4EE23003474752F]
[U] C:\Programmi\Canon\ZoomBrowser EX\Program\ZbProxyStub.dll [PX5: FD21BD2C00C9DB1F048B02D09F89C000C3D8F98B]
[U] C:\Programmi\Canon\ZoomBrowser EX\Program\ZbTaskCIGUpload10.dll [PX5: CF653CE3000B4D8F609C057CC3879D00F62D96B1]
[U] C:\Programmi\Canon\ZoomBrowser EX\Program\ZbTaskPrintImageManagement.dll [PX5: 875FAA010055188B72590299E3946300B81AE8A5]
[U] C:\Programmi\Canon\ZoomBrowser EX\Program\ZbCommands.dll [PX5: B76E3651003E224DCCDE09DCEEDF2A00A9F66DD6]
[U] C:\Programmi\Canon\ZoomBrowser EX\Program\ZbTaskSlideShow.dll [PX5: 285D1A4000B2288630B005B5F563180081DCCAC5]
[U] C:\Programmi\Canon\ZoomBrowser EX\Program\ZbTaskSendEmail.dll [PX5: DC587D9B0004AFC93092059BC145CE00B473FBCA]
[U] C:\Programmi\Canon\ZoomBrowser EX\Program\ZbTaskMovieFrame.dll [PX5: FDFB360800CCD78E10C3067092DCD200D45A27F3]
[U] C:\Programmi\Iomega\ScreenPlay\Playlist Manager\PlaylistManager.exe [PX5: 938E3439009611635E882CC68210FC00C1228BED]
[U] C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [PX5: C2C4EC245082F8C550ED0080D8E5FF00045541AE]
[U] C:\WINDOWS\SYSTEM32\DRIVERS\ASWMON2.SYS [PX5: 15A2CF19508D4B7A6FBA01A9E10E710095B2C17C]
[U] C:\WINDOWS\SYSTEM32\DRIVERS\AAVMKER4.SYS [PX5: 8E3B352F402BDBFD692F008515D3950065BE4397]
[U] C:\WINDOWS\SYSTEM32\DRIVERS\ASWTDI.SYS [PX5: 93802162B007FCA6C60D00F33971CB0041A36C67]
[U] C:\WINDOWS\SYSTEM32\DRIVERS\ASWSP.SYS [PX5: F244562E5008616CB2D3017E36A5A6006158B51C]
[U] C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe [PX5: 4907DC72408A8C21493100FEB087CB000E89E014]
[U] C:\PROGRAMMI\ALWIL SOFTWARE\AVAST4\SETUP\SETIFACE.DLL [PX5: 12BF1B4F30866E9670CE02954D2CC800C72595F6]
[U] C:\Programmi\Canon\ZoomBrowser EX\Program\ZoomBrowser.exe [PX5: 903C21D2005A2AC6BEB602E5597EF3007E2BA1DE]
[U] C:\Programmi\Alwil Software\Avast4\ashDisp.exe [PX5: DD5B7260681702403C0B0194C4877C00A786EB7D]
[U] C:\Programmi\Alwil Software\Avast4\ashAvast.exe [PX5: 236DBE84D035954630CC04B8F07B56002EA88D28]
[U] C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe [PX5: FC9192E558541A1BE0480300572411008783E95C]
[U] C:\Programmi\Alwil Software\Avast4\ashWebSv.exe [PX5: F181A7829853D2FD62C0052679C0C80084E80A82]
[U] C:\WINDOWS\SYSTEM32\DRIVERS\ASWRDR.SYS [PX5: 48D9ACAE70B2FC9A5A5300E19F6A92002B29616B]
[U] C:\Programmi\Alwil Software\Avast4\ashQuick.exe [PX5: FD618EF10058FD6351A604C9D8C2C600D6482BF7]
[U] C:\PROGRAMMI\ALWIL SOFTWARE\AVAST4\AAVMGUIH.DLL [PX5: DA0E7BB400D8D111E0BB0210E76334000CC26F7B]
[U] C:\PROGRAMMI\ALWIL SOFTWARE\AVAST4\ASHBUG.EXE [PX5: E465C8B688D12E47FD6E0168E46B10006D51A934]
[U] C:\PROGRAMMI\ALWIL SOFTWARE\AVAST4\ASHCFGP.DLL [PX5: 76DB475E0075BB86802801E1CFF68B007EE3E329]
[U] C:\PROGRAMMI\ALWIL SOFTWARE\AVAST4\ASHCFGT.DLL [PX5: FCA2396B00FCFBA200BA025996078C00527CA60C]
[U] C:\PROGRAMMI\ALWIL SOFTWARE\AVAST4\ASHCHEST.DLL [PX5: 80EEF0F3007366F6509902353408CE00B5FBBC3A]
[U] C:\PROGRAMMI\ALWIL SOFTWARE\AVAST4\ASHCHEST.EXE [PX5: D4CC748120CAB6EB0C360106CB52C80035894BA1]
[U] C:\Programmi\Alwil Software\Avast4\ashShell.dll [PX5: 5C06B4A450A7E67E2CA60193674B88001496B06A]
[U] C:\PROGRAMMI\ALWIL SOFTWARE\AVAST4\ASHSXML.DLL [PX5: E75118150079B6EFBC03006F03C1C800F9724526]
[U] C:\PROGRAMMI\ALWIL SOFTWARE\AVAST4\ASHSIMP2.EXE [PX5: 907694B270C58FDEEDFB019E489BF100664FE6F8]
[U] C:\PROGRAMMI\ALWIL SOFTWARE\AVAST4\ASHSKPCC.EXE [PX5: C6DBD82900D1DD384644006E6ADA32008044068D]
[U] C:\PROGRAMMI\ALWIL SOFTWARE\AVAST4\ASHSIMPL.EXE [PX5: 8C6BE044307109466E53024EE7138B00238FBFB3]
[U] C:\PROGRAMMI\ALWIL SOFTWARE\AVAST4\AVCOMMEX.DLL [PX5: 8B58882D0014DF12A034010E2BAD1500F00F859C]
[U] C:\PROGRAMMI\ALWIL SOFTWARE\AVAST4\ASHSKPCK.EXE [PX5: E6573C1100F2471DF08300B1F7B9960081A69252]
[U] C:\PROGRAMMI\ALWIL SOFTWARE\AVAST4\AVSSHOOK.DLL [PX5: 425BAE6858B35C6935AE00F2FD0B0E009D6CA973]
[U] C:\PROGRAMMI\ALWIL SOFTWARE\AVAST4\ASHLOGV.EXE [PX5: 94995231082E64ABC48D00829B129400F3956FAB]
[U] C:\PROGRAMMI\ALWIL SOFTWARE\AVAST4\AVASTSS.SCR [PX5: 5270A9DCC8831FFE7C8601BB8EBF07007E00CB5B]
[U] C:\PROGRAMMI\ALWIL SOFTWARE\AVAST4\SCHED.EXE [PX5: CBBE9AA5200C4A7C0C9901BA03F382000D6AEFCA]
[U] C:\WINDOWS\SYSTEM32\ASWBOOT.EXE [PX5: A5CA58D5F08881C4DC4F12A9EEACBA0045A59CEC]
[U] C:\PROGRAMMI\ALWIL SOFTWARE\AVAST4\VISTHUPD.EXE [PX5: 4E82CA9420896915D0290029DD001C00BB0D70B4]
[U] C:\PROGRAMMI\ALWIL SOFTWARE\AVAST4\VISTHAUX.EXE [PX5: 95E6DB5C2061F8980C12012AFBDF3200A1108D6A]
[U] C:\PROGRAMMI\ALWIL SOFTWARE\AVAST4\VISTHLIC.EXE [PX5: FF7AD6E72078F672D051009DEBFAD900A74B7237]
[U] C:\PROGRAMMI\ALWIL SOFTWARE\AVAST4\ASHUPD.EXE [PX5: 845393412073E58D0CFA01AE4C7E8800B5C07BC6]
[U] C:\PROGRAMMI\ALWIL SOFTWARE\AVAST4\ASWRAWFS.DLL [PX5: 2F534107001F3B580002059FBB64670006168EBA]
[U] C:\PROGRAMMI\ALWIL SOFTWARE\AVAST4\ASWCHLIC.EXE [PX5: 5EB7076740B5BE007B8E00D90F88D70041BD0B2B]
[U] C:\Programmi\Canon\ZoomBrowser EX MCU\MCULauncher.exe [PX5: 7ED1DFDF008AF20800E81A25BC0975005101DABB]


I thread dei due problemi su csi sono non rimuovibili free e sono :
....programmi\triggersoft\roseonline\triggerdetect.exe (worm)

il secondo
....programmi\serviziinlinea\interfree\hp300sp5.exe (malicious software)
cosa ne pensate? sono da rimuovere o visto che non danno problemi possono stare li?
grazie ciaoooo
artesina
13-12-2008, 14:39
puoi fare per precauzione un analisi dei file qui :)

http://www.virustotal.com/it/

questi i 2 risultati:
il primo
File TriggerDetect.exe ricevuto il 2008.10.21 00:58:01 (CET)
Stato corrente: finito

Risultato: 3/36 (8.33%)
Formattato Stampa risultati
Antivirus Versione Ultimo aggiornamento Risultato
AhnLab-V3 - - -
AntiVir - - -
Authentium - - -
Avast - - -
AVG - - -
BitDefender - - -
CAT-QuickHeal - - -
ClamAV - - -
DrWeb - - BackDoor.ProRat.257
eSafe - - -
eTrust-Vet - - -
Ewido - - -
F-Prot - - -
F-Secure - - -
Fortinet - - -
GData - - -
Ikarus - - -
K7AntiVirus - - -
Kaspersky - - -
McAfee - - -
Microsoft - - -
NOD32 - - -
Norman - - -
Panda - - -
PCTools - - -
Prevx1 - - Worm
Rising - - -
SecureWeb-Gateway - - -
Sophos - - -
Sunbelt - - -
Symantec - - -
TheHacker - - -
TrendMicro - - -
VBA32 - - BackDoor.ProRat.257
ViRobot - - -
VirusBuster - - -
Informazioni addizionali
MD5: 311b1de65394473e8e10cbbd2006584c
SHA1: e88b56304dff01977ddc2586a633ab6bb77039b5
SHA256: 2dd1bf564a046989c7968aa1867364d009b57af1ed10babbdddaa4f1a006e2e0
SHA512: 3a723347f97a332b71ae68317bba64c03112f655dfea066d78a875d2de51b3d17405a77b18b44a08ba139b71d21444bd710611730e2c533aaacfe15270eaa59f

il secondo


HP300sp5.exe ricevuto il 2008.10.20 17:27:58 (CET)Antivirus Versione Ultimo aggiornamento Risultato
AhnLab-V3 - - -
AntiVir - - DR/386454.A
Authentium - - W32/DialerX.CTN
Avast - - Win32:Dialer-gen
AVG - - -
BitDefender - - Dialer.Interdialer.B
CAT-QuickHeal - - -
ClamAV - - -
DrWeb - - -
eSafe - - -
eTrust-Vet - - -
Ewido - - -
F-Prot - - W32/DialerX.CTN
Fortinet - - Dial/InterDialer
GData - - Dialer.Interdialer.B
Ikarus - - not-a-virus:Dialer.Win32.InterDialer.a
K7AntiVirus - - not-a-virus:Dialer.Win32.InterDialer.a
Kaspersky - - not-a-virus:Dialer.Win32.InterDialer.a
McAfee - - potentially unwanted program Generic PUP
Microsoft - - -
NOD32 - - -
Norman - - -
Panda - - Dialer.ISB
PCTools - - -
Rising - - Trojan.Dialer.dmm
SecureWeb-Gateway - - Trojan.Dropper.386454.A
Sophos - - -
Sunbelt - - -
Symantec - - -
TheHacker - - -
TrendMicro - - -
VBA32 - - Dialer.Win32.InterDialer.a
ViRobot - - -
VirusBuster - - -

Informazioni addizionali
MD5: afe67fb110c1328fc195a68e811c3773
SHA1: 0e8b61e8978f3ebeb246a5356e5f31cdc4ad85fa
SHA256: 809ad491fdf6c8f1440596503b328975849665d7e007cea657bb94a6af7f99e7
SHA512: d93077675997085ccefd5837932e959e6ccb84e7caa259bc122e8fe95bb5eb0b555c1b36eaddf1b4fea2bf3687be3dca9442aa7003084ec629f5203b78042817


<table border="1"><tr><td colspan="4">File HP300sp5.exe ricevuto il 2008.10.20 17:27:58 (CET)</td></tr><tr><td>Antivirus</td><td>Versione</td><td>Ultimo aggiornamento</td><td>Risultato</td</tr><tr><td>AhnLab-V3</td><td>-</td><td>-</td><td>-</td</tr><tr><td>AntiVir</td><td>-</td><td>-</td><td style="color: red;">DR/386454.A</td</tr><tr><td>Authentium</td><td>-</td><td>-</td><td style="color: red;">W32/DialerX.CTN</td</tr><tr><td>Avast</td><td>-</td><td>-</td><td style="color: red;">Win32:Dialer-gen</td</tr><tr><td>AVG</td><td>-</td><td>-</td><td>-</td</tr><tr><td>BitDefender</td><td>-</td><td>-</td><td style="color: red;">Dialer.Interdialer.B</td</tr><tr><td>CAT-QuickHeal</td><td>-</td><td>-</td><td>-</td</tr><tr><td>ClamAV</td><td>-</td><td>-</td><td>-</td</tr><tr><td>DrWeb</td><td>-</td><td>-</td><td>-</td</tr><tr><td>eSafe</td><td>-</td><td>-</td><td>-</td</tr><tr><td>eTrust-Vet</td><td>-</td><td>-</td><td>-</td</tr><tr><td>Ewido</td><td>-</td><td>-</td><td>-</td</tr><tr><td>F-Prot</td><td>-</td><td>-</td><td style="color: red;">W32/DialerX.CTN</td</tr><tr><td>Fortinet</td><td>-</td><td>-</td><td style="color: red;">Dial/InterDialer</td</tr><tr><td>GData</td><td>-</td><td>-</td><td style="color: red;">Dialer.Interdialer.B</td</tr><tr><td>Ikarus</td><td>-</td><td>-</td><td style="color: red;">not-a-virus:Dialer.Win32.InterDialer.a</td</tr><tr><td>K7AntiVirus</td><td>-</td><td>-</td><td style="color: red;">not-a-virus:Dialer.Win32.InterDialer.a</td</tr><tr><td>Kaspersky</td><td>-</td><td>-</td><td style="color: red;">not-a-virus:Dialer.Win32.InterDialer.a</td</tr><tr><td>McAfee</td><td>-</td><td>-</td><td style="color: red;">potentially unwanted program Generic PUP</td</tr><tr><td>Microsoft</td><td>-</td><td>-</td><td>-</td</tr><tr><td>NOD32</td><td>-</td><td>-</td><td>-</td</tr><tr><td>Norman</td><td>-</td><td>-</td><td>-</td</tr><tr><td>Panda</td><td>-</td><td>-</td><td style="color: red;">Dialer.ISB</td</tr><tr><td>PCTools</td><td>-</td><td>-</td><td>-</td</tr><tr><td>Rising</td><td>-</td><td>-</td><td style="color: red;">Trojan.Dialer.dmm</td</tr><tr><td>SecureWeb-Gateway</td><td>-</td><td>-</td><td style="color: red;">Trojan.Dropper.386454.A</td</tr><tr><td>Sophos</td><td>-</td><td>-</td><td>-</td</tr><tr><td>Sunbelt</td><td>-</td><td>-</td><td>-</td</tr><tr><td>Symantec</td><td>-</td><td>-</td><td>-</td</tr><tr><td>TheHacker</td><td>-</td><td>-</td><td>-</td</tr><tr><td>TrendMicro</td><td>-</td><td>-</td><td>-</td</tr><tr><td>VBA32</td><td>-</td><td>-</td><td style="color: red;">Dialer.Win32.InterDialer.a</td</tr><tr><td>ViRobot</td><td>-</td><td>-</td><td>-</td</tr><tr><td>VirusBuster</td><td>-</td><td>-</td><td>-</td</tr><tr><td colspan="4">&nbsp;</td></tr><tr><td colspan="4">Informazioni addizionali</td></tr><tr><td colspan="4">MD5: afe67fb110c1328fc195a68e811c3773</td></tr><tr><td colspan="4">SHA1: 0e8b61e8978f3ebeb246a5356e5f31cdc4ad85fa</td></tr><tr><td colspan="4">SHA256: 809ad491fdf6c8f1440596503b328975849665d7e007cea657bb94a6af7f99e7</td></tr><tr><td colspan="4">SHA512: d93077675997085ccefd5837932e959e6ccb84e7caa259bc122e8fe95bb5eb0b555c1b36eaddf1b4fea2bf3687be3dca9442aa7003084ec629f5203b78042817</td></tr></table>

attendo notizie
thx
Chill-Out
13-12-2008, 14:56
Ciao innazitutto è necessario iniziare ad allegare i log secondo queste modalità

MODALITA' DI PUBBLICAZIONE DEI LOG RICHIESTI:

Ogni singolo log, esclusivamente in formato txt a parte SynInspector e nell'ordine indicato in Guida, deve essere hostato su Fileqube, clicca qui per raggiungere Fileqube (http://fileqube.com/), pubblicando, nella discussione, singolarmente, per ogni log, il link che verrà rilasciato per il download

*** REGOLE di SEZIONE - obbligatoria la lettura!! *** (http://www.hwupgrade.it/forum/showthread.php?t=1751598)

successivamente per determinare lo stato del PC si rende necessario seguire la Guida alla disinfezione (http://www.hwupgrade.it/forum/showthread.php?t=1599737) allegando tutti i log prodotti in un'unico post secondo le sottoindicate modalità, grazie per la collaborazione
artesina
13-12-2008, 14:59
puoi fare per precauzione un analisi dei file qui :)

http://www.virustotal.com/it/

il file log hjt
artesina
13-12-2008, 15:03
Ciao innazitutto è necessario iniziare ad allegare i log secondo queste modalità

MODALITA' DI PUBBLICAZIONE DEI LOG RICHIESTI:

Ogni singolo log, esclusivamente in formato txt a parte SynInspector e nell'ordine indicato in Guida, deve essere hostato su Fileqube, clicca qui per raggiungere Fileqube (http://fileqube.com/), pubblicando, nella discussione, singolarmente, per ogni log, il link che verrà rilasciato per il download

*** REGOLE di SEZIONE - obbligatoria la lettura!! *** (http://www.hwupgrade.it/forum/showthread.php?t=1751598)

successivamente per determinare lo stato del PC si rende necessario seguire la Guida alla disinfezione (http://www.hwupgrade.it/forum/showthread.php?t=1599737) allegando tutti i log prodotti in un'unico post secondo le sottoindicate modalità, grazie per la collaborazione

Non ho ben capito come faccio con filecube ovvero a metterli tutti insieme;per il resto ,se non ho capito male se i file sono piccoli posso caricarli direttamente qui come hjt?
Per la prossima provvederò
p.s:sei sempre un mito :) :ave:
ShoShen
13-12-2008, 15:08
@ artesina
segui la guida alla disinfezione come giustamente diceva chill
per i due file credo non siano nulla di eccessivamente pericoloso (sempre meglio fare una verifica generale comunque )
:)
artesina
13-12-2008, 15:10
non ci riesco una volta che vedo i file uplodati su filecube a copiare il link come mai?
Probabilmente sbaglio qualcosa
http://www.fileqube.com/file/oYuFQBYSn159072
è giusto così?
spero di si
ora dovrebbero esserci entrambi i file; se poi mi consigli di eliminare qualcosa di troppo in questo post per alleggerire il sito lo faccio subito
thx
ciaoo
wjmat
15-12-2008, 00:24
il log dell'ultimo post è caricato correttamente
abbiamo bisogni di vedere tutti i log richiesti dalla guida che ti ha indicato chill