|
|||||||
|
|
|
 |
|
|
Strumenti |
02-03-2009, 18:46
|
#1 | |
|
Junior Member
Iscritto dal: Mar 2009
Messaggi: 6
|
Analisi log
ciao a tutti,
quando navigo si aprono le pagine della publicita , ho provato con tutto anche con virus vari e vari anti ecc.ecc. ma niente allora vi scrivo il mio log per vedere se c'e' qualcosa di strano. Magari non è la sezione adatta, ma almeno spero di essere presa in considerazione :-( grazie mille!! Quote:
Ultima modifica di Chill-Out : 02-03-2009 alle 19:05. |
|
|
|
|
02-03-2009, 19:11
|
#2 |
|
Moderatore
Iscritto dal: Jun 2007
Città: 127.0.0.1
Messaggi: 25885
|
1 Disattiva il Ripristino Configurazione Sistema:
Windows Vista * Start * Pannello di controllo * seleziona Sistema e manutenzione * seleziona l’icona Sistema * nel menu a sinistra clicca su Protezione sistema * togli la spunta alle voci che fanno riferimento ai dischi ai quali disattivare il Ripristino configurazione di sistema * Confermare come da richiesta Riattiva il Ripristino Configurazione Sistema solo a disinfezione terminata 2 Pulizia dei file temporanei: ATF Cleaner Download - Guida all'utilizzo Compatibile: Windows XP - Vista Caratteristiche: non necessita di installazione 3 Fai girare questo tool http://download.bleepingcomputer.com/sUBs/ComboFix.exe Doppio click su combofix.exe e segui le istruzioni Allegare il log C:\combofix.txt N.B.: Durante la scansione verranno creati alcuni file sul desktop e poi eliminati - spariranno tutte le icone del desktop - il firewall potrebbe avvisare che verranno rimossi alcuni driver (consentire) ComboFix deve essere eseguito a macchina dedicata - disconnessi dalla rete, disabilitando momentaneamente i realtime dei software di sicurezza *** REGOLE di SEZIONE - obbligatoria la lettura!! *** --> dove troverai le modalità per allegare i log Riepilogo log da allegare: Combofix Nuovo log HJT Ciao
__________________
Try again and you will be luckier.
|
|
|
|
|
05-03-2009, 11:25
|
#3 |
|
Junior Member
Iscritto dal: Mar 2009
Messaggi: 6
|
ecco il log
Codice:
Malwarebytes' Anti-Malware 1.34
Versione del database: 1783
Windows 6.0.6001 Service Pack 1
21/02/2009 15.45.02
mbam-log-2009-02-21 (15-45-02).txt
Tipo di scansione: Scansione rapida
Elementi scansionati: 59782
Tempo trascorso: 13 minute(s), 50 second(s)
Processi delle memoria infetti: 0
Moduli della memoria infetti: 0
Chiavi di registro infette: 2
Valori di registro infetti: 2
Elementi dato del registro infetti: 0
Cartelle infette: 0
File infetti: 1
Processi delle memoria infetti:
(Nessun elemento malevolo rilevato)
Moduli della memoria infetti:
(Nessun elemento malevolo rilevato)
Chiavi di registro infette:
HKEY_CLASSES_ROOT\CLSID\{b3102264-d09d-4322-b625-503fbf18dd7e} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
Valori di registro infetti:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{b3102264-d09d-4322-b625-503fbf18dd7e} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cmds (Malware.Trace) -> Delete on reboot.
Elementi dato del registro infetti:
(Nessun elemento malevolo rilevato)
Cartelle infette:
(Nessun elemento malevolo rilevato)
File infetti:
C:\Users\Sara\AppData\Local\Temp\uRlkkkhI.dll_old (Trojan.Vundo) -> Delete on reboot.
Aspetto news |
|
|
|
|
05-03-2009, 11:29
|
#4 |
|
Moderatore
Iscritto dal: Jun 2007
Città: 127.0.0.1
Messaggi: 25885
|
Non ti ho suggerito la scansione con MBAM bensì http://www.hwupgrade.it/forum/showpo...30&postcount=2
__________________
Try again and you will be luckier.
|
|
|
|
|
05-03-2009, 12:45
|
#5 |
|
Junior Member
Iscritto dal: Mar 2009
Messaggi: 6
|
ce la possiamo fare?
Allora dovrei esserci
ti posto il risultato di Combofix Codice:
ComboFix 09-03-04.01 - Sara 2009-03-05 12.36.37.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1040.18.3038.1776 [GMT 1:00]
Eseguito da: c:\users\Sara\Downloads\ComboFix.exe
* Creato nuovo punto di ripristino
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\users\Sara\AppData\Local\skesk.dat
c:\users\Sara\AppData\Local\skesk.exe
c:\users\Sara\AppData\Local\skesk_nav.dat
c:\users\Sara\AppData\Local\skesk_navps.dat
.
((((((((((((((((((((((((( Files Creati Da 2009-02-05 al 2009-03-05 )))))))))))))))))))))))))))))))))))
.
2009-03-02 17:18 . 2009-03-02 17:18 <DIR> d-------- c:\program files\Trend Micro
2009-02-28 14:03 . 2009-03-05 11:39 <DIR> d-------- c:\program files\FunkyEmoticons
2009-02-28 13:42 . 2009-02-28 13:43 <DIR> d-------- c:\program files\SecondLifeReleaseCandidate
2009-02-21 15:58 . 2009-02-21 15:58 <DIR> d-------- C:\VundoFix Backups
2009-02-21 15:29 . 2009-02-21 15:29 <DIR> d-------- c:\users\Sara\AppData\Roaming\Malwarebytes
2009-02-21 15:29 . 2009-02-21 15:29 <DIR> d-------- c:\users\All Users\Malwarebytes
2009-02-21 15:29 . 2009-02-21 15:29 <DIR> d-------- c:\programdata\Malwarebytes
2009-02-21 15:29 . 2009-02-21 15:29 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-02-21 15:29 . 2009-02-11 10:19 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys
2009-02-21 15:29 . 2009-02-11 10:19 15,504 --a------ c:\windows\System32\drivers\mbam.sys
2009-02-21 11:04 . 2009-02-28 16:36 <DIR> d--h----- C:\$AVG8.VAULT$
2009-02-21 11:03 . 2009-03-05 07:29 <DIR> d-------- c:\windows\System32\drivers\Avg
2009-02-21 11:03 . 2009-02-21 11:15 <DIR> d-------- c:\users\All Users\avg8
2009-02-21 11:03 . 2009-02-21 11:15 <DIR> d-------- c:\programdata\avg8
2009-02-21 11:03 . 2009-02-21 11:03 <DIR> d-------- c:\program files\AVG
2009-02-21 11:03 . 2009-02-21 11:03 325,128 --a------ c:\windows\System32\drivers\avgldx86.sys
2009-02-21 11:03 . 2009-02-21 11:03 107,272 --a------ c:\windows\System32\drivers\avgtdix.sys
2009-02-21 11:03 . 2009-02-21 11:03 10,520 --a------ c:\windows\System32\avgrsstx.dll
2009-02-21 10:49 . 2009-02-21 10:49 30,880 --a------ c:\windows\System32\drivers\suvevxcu.sys
2009-02-21 10:37 . 2009-02-21 11:15 <DIR> d-------- c:\program files\Spyware Doctor
2009-02-16 08:57 . 2009-01-15 04:36 1,383,424 --a------ c:\windows\System32\mshtml.tlb
2009-02-16 08:57 . 2009-01-15 07:11 827,392 --a------ c:\windows\System32\wininet.dll
2009-02-16 08:56 . 2008-12-05 05:32 428,544 --a------ c:\windows\System32\EncDec.dll
2009-02-16 08:56 . 2008-12-05 05:32 293,376 --a------ c:\windows\System32\psisdecd.dll
2009-02-16 08:56 . 2008-12-05 05:31 217,088 --a------ c:\windows\System32\psisrndr.ax
2009-02-16 08:56 . 2008-12-05 05:31 177,664 --a------ c:\windows\System32\mpg2splt.ax
2009-02-16 08:56 . 2008-12-05 05:31 80,896 --a------ c:\windows\System32\MSNP.ax
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-01 12:12 --------- d-----w c:\users\Sara\AppData\Roaming\gtk-2.0
2009-02-23 16:21 --------- d-----w c:\programdata\Roxio
2009-02-22 07:31 --------- d-----w c:\program files\Common Files\Adobe
2009-02-21 14:47 --------- d-----w c:\program files\Spybot - Search & Destroy
2009-02-21 14:32 --------- d-----w c:\programdata\Spybot - Search & Destroy
2009-02-21 10:13 --------- d---a-w c:\programdata\TEMP
2009-02-21 09:35 --------- d-----w c:\programdata\McAfee
2009-02-17 07:15 --------- d-----w c:\program files\Windows Mail
2009-02-16 07:46 --------- d-----w c:\programdata\FLEXnet
2009-02-04 11:43 --------- d-----w c:\users\Sara\AppData\Roaming\Skype
2009-02-04 11:42 --------- d-----w c:\users\Sara\AppData\Roaming\skypePM
2009-02-03 15:16 --------- d-----w c:\programdata\eMule
2009-02-03 15:15 --------- d-----w c:\program files\eMule
2009-01-29 23:45 --------- d-----w c:\users\Sara\AppData\Roaming\DivX
2009-01-29 23:25 --------- d-----w c:\programdata\Sony Corporation
2009-01-26 10:59 --------- d-----w c:\program files\Google
2009-01-17 08:51 --------- d-----w c:\programdata\Lavasoft
2009-01-12 07:57 --------- d-----w c:\users\Sara\AppData\Roaming\SecondLife
2009-01-11 08:33 --------- d-----w c:\program files\Yahoo!
2009-01-09 15:54 --------- d-----w c:\users\Sara\AppData\Roaming\Roxio
2009-01-05 22:33 3,751,995 ----a-w c:\windows\System32\GPhotos.scr
2008-12-27 17:19 48 ---ha-w c:\users\All Users\ezsidmv.dat
2008-12-27 17:19 48 ---ha-w c:\programdata\ezsidmv.dat
2008-12-17 21:06 0 ----a-w c:\users\Sara\AppData\Roaming\wklnhst.dat
2008-12-15 14:42 5,367,728 ----a-w c:\users\Sara\DriverDetective.exe
2008-12-15 09:39 1,030,653 ----a-w c:\users\Sara\Galaxy_Set___By_BLazteR.zip
2008-01-21 02:43 174 --sha-w c:\program files\desktop.ini
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NSUFloatingUI"="c:\program files\Sony\Network Utility\LANUtil.exe" [2008-07-30 262144]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2008-02-23 122880]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2006-10-22 620152]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2008-04-03 317280]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 144784]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"MarketingTools"="c:\program files\Sony\Marketing Tools\MarketingTools.exe" [2008-08-26 24576]
"AML"="c:\program files\Sony\VAIO Launcher\AML.exe" [2008-06-13 1097728]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-11-04 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-02-21 1601304]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"RtHDVCpl"="RtHDVCpl.exe" [2008-07-18 c:\windows\RtHDVCpl.exe]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Acrobat Speed Launcher.lnk - c:\windows\Installer\{AC76BA86-1033-F400-BA7E-000000000003}\_SC_Acrobat.exe [2008-08-06 295606]
Adobe Acrobat Synchronizer.lnk - c:\program files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe [2006-10-22 734872]
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-07-01 768552]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2008-07-15 17:04 98304 c:\windows\System32\VESWinlogon.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.dvsd"= c:\program files\Common Files\Sony Shared\VideoLib\sonydv.dll
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{D162BD80-4082-4DE5-9ECF-1A67BF933956}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{0E61A0B1-F210-47CC-990D-DE6E2C17EFFE}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{8A921C2A-2F53-4AFE-9AB0-0E9686738FAA}"= Disabled:UDP:c:\program files\Adobe\Photoshop Elements 6.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server
"{2D6D8243-ACE0-44D1-B98B-5FDDF147EC54}"= Disabled:TCP:c:\program files\Adobe\Photoshop Elements 6.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server
"{062C89FE-FCEE-4572-BB1A-187415B2D7E0}"= UDP:c:\program files\Google\Google Talk\googletalk.exe:Google Talk
"{2AE98C58-E40F-4FD8-84D4-E6BADAFA9E0E}"= TCP:c:\program files\Google\Google Talk\googletalk.exe:Google Talk
"{E93E2C62-E41C-472F-8605-3927834E6099}"= c:\program files\Skype\Phone\Skype.exe:Skype
"TCP Query User{B59F30C2-D5A3-4A81-9E0B-263ACD1EE4B0}c:\\program files\\secondlife\\slvoice.exe"= UDP:c:\program files\secondlife\slvoice.exe:SLVoice
"UDP Query User{71FDA740-E158-4121-BB06-B49B4B406C59}c:\\program files\\secondlife\\slvoice.exe"= TCP:c:\program files\secondlife\slvoice.exe:SLVoice
"TCP Query User{0BB3B31A-8726-476B-BEA4-7F286ACE6024}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule
"UDP Query User{CAD69975-A16E-43FB-B6EB-4C6E331F3553}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule
"{7EB7B0E4-2214-4A78-930B-47D04D03AE33}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{51AB56A8-E89F-4FF5-BAFA-6AE382985309}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{952852D6-599E-40CF-B99D-86A66F086924}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{749EA409-6D9B-4D4F-9530-DDC084129ADA}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{B32DE7E3-EE11-440E-B576-2FF3773E2170}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"TCP Query User{A27CB196-08AA-412A-A43C-BC4EDF60CA64}c:\\program files\\secondlife\\slvoice.exe"= UDP:c:\program files\secondlife\slvoice.exe:SLVoice
"UDP Query User{DB238F82-3048-4C8F-ACC8-64C022568D98}c:\\program files\\secondlife\\slvoice.exe"= TCP:c:\program files\secondlife\slvoice.exe:SLVoice
"TCP Query User{748B5F3D-3A54-4CB4-A71D-A02A899B3001}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule
"UDP Query User{FA80B447-11C1-4149-BDD0-51C538727148}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule
"{D610C38D-DCC0-4F63-987F-1D17F7890182}"= UDP:4662:emule
"{20C7D5FC-C50D-4F7D-9DAB-6F71791D6DFC}"= TCP:4672:eMULE
"{8D863F11-30BC-47E1-9C95-485D468EE9F8}"= TCP:11964:emul2
"{7D98DC95-1928-4F1F-A4BF-F0CE4282F33C}"= c:\program files\AVG\AVG8\avgemc.exe:avgemc.exe
"{19B25B2C-3555-4BBD-A661-7C637FF4A142}"= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe
"{9034B3A8-9372-445A-896D-3B98761AA79E}"= c:\program files\AVG\AVG8\avgnsx.exe:avgnsx.exe
"{6B76EDB9-B2A4-4F7B-9E37-F439E9F78415}"= UDP:5353:Adobe CSI CS4
"{1DF15069-200B-45C5-9192-31C52C74B23B}"= UDP:c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:Adobe CSI CS4
"{319DA4FC-5688-43F6-B937-5724FB6DC748}"= TCP:c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:Adobe CSI CS4
"TCP Query User{4EDEE57A-73E7-4D18-9B5E-B18DADCAFEE2}c:\\program files\\secondlifereleasecandidate\\slvoice.exe"= UDP:c:\program files\secondlifereleasecandidate\slvoice.exe:SLVoice
"UDP Query User{0F8AB211-8C23-4778-BDA1-6516CCE51A79}c:\\program files\\secondlifereleasecandidate\\slvoice.exe"= TCP:c:\program files\secondlifereleasecandidate\slvoice.exe:SLVoice
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [2009-02-21 325128]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\drivers\avgtdix.sys [2009-02-21 107272]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-02-21 903960]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-02-21 298264]
R2 NSUService;NSUService;c:\program files\Sony\Network Utility\NSUService.exe [2008-08-26 299008]
R2 regi;regi;c:\windows\System32\drivers\regi.sys [2007-04-17 11032]
R2 RtkAudioService;Realtek Audio Service;c:\windows\RTKAUDIOSERVICE.EXE [2008-08-06 104992]
R2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2008-08-06 411488]
R2 VCFw;VAIO Content Folder Watcher;c:\program files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2008-06-20 415744]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\System32\drivers\btwl2cap.sys [2008-08-06 29736]
R3 NETw5v32;Driver scheda Intel(R) Wireless WiFi Link per Windows Vista 32 Bit;c:\windows\System32\drivers\NETw5v32.sys [2008-04-28 3658752]
R3 SFEP;Sony Firmware Extension Parser;c:\windows\System32\drivers\SFEP.sys [2008-08-06 9344]
S3 SOHCImp;VAIO Media plus Content Importer;c:\program files\Sony\VAIO Media plus\SOHCImp.exe [2008-08-26 103712]
S3 SOHDms;VAIO Media plus Digital Media Server;c:\program files\Sony\VAIO Media plus\SOHDms.exe [2008-08-26 353568]
S3 SOHDs;VAIO Media plus Device Searcher;c:\program files\Sony\VAIO Media plus\SOHDs.exe [2008-08-26 62752]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2008-08-26 337184]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2008-08-26 83232]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
\shell\AutoRun\command - g:\autorun\Autorun.exe
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
HKCU-Run-Picasa Media Detector - c:\program files\Picasa2\PicasaMediaDetector.exe
HKCU-Run-skesk - c:\users\sara\appdata\local\skesk.exe
HKCU-Run-AdobeBridge - (no file)
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/webhp?sourceid=navclient&hl=it&ie=UTF-8
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Invia immagine alla periferica &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Invia pagina alla periferica &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: {3666F866-5FE4-4B1E-AB3F-97BCD8A80470} = 192.168.0.1
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-05 12:40:05
Windows 6.0.6001 Service Pack 1 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
.
Ora fine scansione: 2009-03-05 12.42.19
ComboFix-quarantined-files.txt 2009-03-05 11:42:14
Pre-Run: 258.419.970.048 byte disponibili
Post-Run: 258,383,257,600 byte disponibili
202 --- E O F --- 2009-02-24 08:47:28
|
|
|
|
|
05-03-2009, 12:49
|
#6 |
|
Moderatore
Iscritto dal: Jun 2007
Città: 127.0.0.1
Messaggi: 25885
|
Per cortesia allega i log su i Server Remoti indicati nelle Regole di sezione, grazie.
http://www.hwupgrade.it/forum/showthread.php?t=1751598
__________________
Try again and you will be luckier.
|
|
|
|
|
05-03-2009, 13:01
|
#7 |
|
Junior Member
Iscritto dal: Mar 2009
Messaggi: 6
|
|
|
|
|
|
05-03-2009, 20:49
|
#8 | |
|
Moderatore
Iscritto dal: Jun 2007
Città: 127.0.0.1
Messaggi: 25885
|
Quote:
http://www.hwupgrade.it/forum/showthread.php?t=1599737 Riepilogo log da allegare F-Secure HiJackThis PrevxCSI
__________________
Try again and you will be luckier.
|
|
|
|
|
|
|
| Strumenti | |
|
|
Tutti gli orari sono GMT +1. Ora sono le: 04:50.
