|
|||||||
|
|
|
 |
|
|
Strumenti |
20-04-2016, 21:51
|
#1 |
|
Senior Member
Iscritto dal: Oct 2008
Messaggi: 311
|
Furto password Paypal
Buonasera,
pochi giorni fa mi sono stati sottratti oltre 700 euro tramite 4 operazioni non autorizzate, sul mio conto paypal. Sembra che mi verrà restituito tutto, ma vorrei capire come è successo e se ho ancora un dispositivo infetto. Da una scansione con malwarebytes su un pc, sono stati eliminati una trentina di voci, qualcuno è in grado di leggere il log di MB e dirmi se tra queste c'è qualcosa che possa aver sottratto le password di paypal e facebook? Ho paura di avere ancora qualcosa in giro (AVG non rileva nulla). Grazie. <?xml version="1.0" encoding="UTF-16" ?> <mbam-log> <header> <date>2016/04/19 19:49:38 +0200</date> <logfile>mbam-log-2016-04-19 (19-49-33).xml</logfile> <isadmin>yes</isadmin> </header> <engine> <version>2.2.1.1043</version> <malware-database>v2016.04.19.05</malware-database> <rootkit-database>v2016.04.17.01</rootkit-database> <license>free</license> <file-protection>disabled</file-protection> <web-protection>disabled</web-protection> <self-protection>disabled</self-protection> </engine> <system> <hostname>BLSAS-PC</hostname> <ip>192.168.0.12</ip> <osversion>Windows 10</osversion> <arch>x64</arch> <username>BL SAS</username> <filesys>NTFS</filesys> </system> <summary> <type>threat</type> <result>completed</result> <objects>472228</objects> <time>374</time> <processes>0</processes> <modules>0</modules> <keys>11</keys> <values>4</values> <datas>0</datas> <folders>4</folders> <files>11</files> <sectors>0</sectors> </summary> <options> <memory>enabled</memory> <startup>enabled</startup> <filesystem>enabled</filesystem> <archives>enabled</archives> <rootkits>disabled</rootkits> <deeprootkit>disabled</deeprootkit> <heuristics>enabled</heuristics> <pup>enabled</pup> <pum>enabled</pum> </options> <items> <key><path>HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{82D3DE1D-59AF-4C9F-9F6D-415E2DAA8A32}</path><vendor>PUP.Optional.Binkiland</vendor><action>delete-on-reboot</action><hash>6e437a36267394a2a66d089b13f1fe02</hash></key> <key><path>HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Binkiland taro</path><vendor>PUP.Optional.Binkiland</vendor><action>delete-on-reboot</action><hash>f5bca10fc0d9a096bfc856c108fc20e0</hash></key> <key><path>HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE</path><vendor>PUM.Optional.DisableChromeUpdates</vendor><action>success</action><hash>28892a866237af870535ea9fc63e6898</hash></key> <key><path>HKLM\SOFTWARE\WOW6432NODE\AskPartnerNetwork</path><vendor>PUP.Optional.APNToolBar.Gen</vendor><action>success</action><hash>d4ddd7d98d0c96a0ead4ec5529da59a7</hash></key> <key><path>HKLM\SOFTWARE\WOW6432NODE\{1146AC44-2F03-4431-B4FD-889BC837521F}</path><vendor>PUP.Optional.SuperOptimizer</vendor><action>success</action><hash>624f1799cecba096c2574703df25c63a</hash></key> <key><path>HKLM\SOFTWARE\WOW6432NODE\{6791A2F3-FC80-475C-A002-C014AF797E9C}</path><vendor>PUP.Optional.SuperOptimizer</vendor><action>success</action><hash>cee30ea21d7cd1658e8c6ae0a95bde22</hash></key> <key><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{1146AC44-2F03-4431-B4FD-889BC837521F}{31064272}</path><vendor>PUP.Optional.MultiPlug</vendor><action>success</action><hash>e5cca0105f3a34022b6b092f52b233cd</hash></key> <key><path>HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE</path><vendor>PUM.Optional.DisableChromeUpdates</vendor><action>success</action><hash>bcf5b0009900a096be7c1b6e15ef14ec</hash></key> <key><path>HKU\S-1-5-18\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}</path><vendor>PUP.Optional.SuperOptimizer</vendor><action>success</action><hash>b4fd139d58410f27e233ba90d72de51b</hash></key> <key><path>HKU\S-1-5-21-1780730209-94543091-3333029319-1000\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}</path><vendor>PUP.Optional.SuperOptimizer</vendor><action>success</action><hash>03aeefc1891052e49f76e06a7c8834cc</hash></key> <key><path>HKU\S-1-5-21-1780730209-94543091-3333029319-1000\SOFTWARE\PRODUCTSETUP</path><vendor>PUP.Optional.ProductSetup</vendor><action>success</action><hash>882959570b8e60d6280c90afb74da858</hash></key> <value><path>HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{82D3DE1D-59AF-4C9F-9F6D-415E2DAA8A32}</path><valuename>Path</valuename><vendor>PUP.Optional.Binkiland</vendor><action>delete-on-reboot</action><valuedata>\Binkiland taro</valuedata><hash>6e437a36267394a2a66d089b13f1fe02</hash></value> <value><path>HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE</path><valuename>DisableAutoUpdateChecksCheckboxValue</valuename><vendor>PUM.Optional.DisableChromeUpdates</vendor><action>success</action><valuedata>1</valuedata><hash>28892a866237af870535ea9fc63e6898</hash></value> <value><path>HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE</path><valuename>DisableAutoUpdateChecksCheckboxValue</valuename><vendor>PUM.Optional.DisableChromeUpdates</vendor><action>success</action><valuedata>1</valuedata><hash>bcf5b0009900a096be7c1b6e15ef14ec</hash></value> <value><path>HKU\S-1-5-21-1780730209-94543091-3333029319-1000\SOFTWARE\PRODUCTSETUP</path><valuename>tb</valuename><vendor>PUP.Optional.ProductSetup</vendor><action>success</action><valuedata>0Q2P2X1C1N1K0J2X2X1G1M1F2V</valuedata><hash>882959570b8e60d6280c90afb74da858</hash></value> <folder><path>C:\ProgramData\{D7073FC4-8785-EE42-3603-9EC0E6814D4E}\1.9.3.1</path><vendor>PUP.Optional.Fiber.AppFlsh</vendor><action>success</action><hash>1d94fbb5cecb56e09cfac973778cdb25</hash></folder> <folder><path>C:\ProgramData\{D7073FC4-8785-EE42-3603-9EC0E6814D4E}</path><vendor>PUP.Optional.Fiber.AppFlsh</vendor><action>success</action><hash>1d94fbb5cecb56e09cfac973778cdb25</hash></folder> <folder><path>C:\Users\BL SAS\AppData\Roaming\1H1Q1V0B1L1G1N1V0M1P1Q1L1T0D1P1E2Z</path><vendor>PUP.Optional.BundleInstaller</vendor><action>success</action><hash>674a8a268b0e1e18586c21ec16ed2bd5</hash></folder> <folder><path>C:\Users\BL SAS\AppData\Roaming\1H1Q1V0B1L1G1N1V0M1P1Q1L1T0D1P1E2Z\Google Chrome Packages</path><vendor>PUP.Optional.BundleInstaller</vendor><action>success</action><hash>674a8a268b0e1e18586c21ec16ed2bd5</hash></folder> <file><path>C:\Windows\System32\roboot64.exe</path><vendor>PUP.Optional.SysTweak</vendor><action>success</action><hash>169b624e2a6fae88dc1ebb6d16ecaf51</hash></file> <file><path>C:\ProgramData\{D7073FC4-8785-EE42-3603-9EC0E6814D4E}\1.9.3.1\fiber.js</path><vendor>PUP.Optional.Fiber.AppFlsh</vendor><action>success</action><hash>1d94fbb5cecb56e09cfac973778cdb25</hash></file> <file><path>C:\ProgramData\{D7073FC4-8785-EE42-3603-9EC0E6814D4E}\1.9.3.1\aowLC</path><vendor>PUP.Optional.Fiber.AppFlsh</vendor><action>success</action><hash>1d94fbb5cecb56e09cfac973778cdb25</hash></file> <file><path>C:\ProgramData\{D7073FC4-8785-EE42-3603-9EC0E6814D4E}\1.9.3.1\dExtent</path><vendor>PUP.Optional.Fiber.AppFlsh</vendor><action>success</action><hash>1d94fbb5cecb56e09cfac973778cdb25</hash></file> <file><path>C:\ProgramData\{D7073FC4-8785-EE42-3603-9EC0E6814D4E}\1.9.3.1\extent</path><vendor>PUP.Optional.Fiber.AppFlsh</vendor><action>success</action><hash>1d94fbb5cecb56e09cfac973778cdb25</hash></file> <file><path>C:\ProgramData\{D7073FC4-8785-EE42-3603-9EC0E6814D4E}\1.9.3.1\hdat1</path><vendor>PUP.Optional.Fiber.AppFlsh</vendor><action>success</action><hash>1d94fbb5cecb56e09cfac973778cdb25</hash></file> <file><path>C:\ProgramData\{D7073FC4-8785-EE42-3603-9EC0E6814D4E}\1.9.3.1\hdat2</path><vendor>PUP.Optional.Fiber.AppFlsh</vendor><action>success</action><hash>1d94fbb5cecb56e09cfac973778cdb25</hash></file> <file><path>C:\ProgramData\{D7073FC4-8785-EE42-3603-9EC0E6814D4E}\1.9.3.1\sqlite3.dll</path><vendor>PUP.Optional.Fiber.AppFlsh</vendor><action>success</action><hash>1d94fbb5cecb56e09cfac973778cdb25</hash></file> <file><path>C:\Users\BG Srl\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.istartsurf.com_0.localstorage</path><vendor>PUP.Optional.IStartSurf.ShrtCln</vendor><action>success</action><hash>09a8337dc1d837ff9368a068867e20e0</hash></file> <file><path>C:\Users\BG Srl\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.istartsurf.com_0.localstorage-journal</path><vendor>PUP.Optional.IStartSurf.ShrtCln</vendor><action>success</action><hash>e8c98a26f8a1bc7a64971eea6f95ca36</hash></file> <file><path>C:\Users\BL SAS\AppData\Roaming\1H1Q1V0B1L1G1N1V0M1P1Q1L1T0D1P1E2Z\Google Chrome Packages\uninstaller.exe</path><vendor>PUP.Optional.BundleInstaller</vendor><action>success</action><hash>674a8a268b0e1e18586c21ec16ed2bd5</hash></file> </items> </mbam-log> |
|
|
23-04-2016, 11:33
|
#2 | |
|
Senior Member
Iscritto dal: Nov 2013
Città: Milano
Messaggi: 5136
|
Quote:
 
|
|
|
|
|
24-04-2016, 17:45
|
#3 |
|
Senior Member
Iscritto dal: Oct 2008
Messaggi: 311
|
Probabilmente hai riagione.
Ciao, grazie. |
|
|
|
30-05-2016, 02:17
|
#4 |
|
Member
Iscritto dal: Jan 2008
Messaggi: 111
|
Ti consiglio anche di mettere un programma antivirus migliore
__________________
AeroCool Vx-E Pro Nero + Corsair GS700 700W ATX 14cm + Fatal1ty Z170 Gaming K4 + Intel Core i5 6600K + Xigmatek Gaia + RAM G.SKILL Trident Z DDR4-3200 16GB Dual-Channel + SSD M.2 Samsung sm951 nvme 256gb + HD 3,5" 1TB SATAIII WD 10EALX 7200rpm 32MB + Monitor LED 21.5" Lg E2260V-PN 
|
|
|
|
30-05-2016, 09:31
|
#5 |
|
Senior Member
Iscritto dal: Sep 2004
Città: napoli
Messaggi: 5731
|
io ti consiglio di legale il numero di telefono al conto paypal con accesso tramite sms ricevuto sul cell.
__________________
Ho concluso felicemente..sochmell, LordHam,Hämmër, lukaspop,guitarforever,Maurizio81,ciccio76,kecci,tonaz,Max Med,Mike.t,Vyper,bronzodiriace,Alex r1,tommy453 |
|
|
|
13-06-2016, 04:20
|
#6 | |
|
Senior Member
Iscritto dal: Feb 2011
Messaggi: 477
|
Quote:
Come si fa ? |
|
|
|
|
15-06-2016, 10:16
|
#7 | |
|
Senior Member
Iscritto dal: Sep 2004
Città: napoli
Messaggi: 5731
|
Quote:
__________________
Ho concluso felicemente..sochmell, LordHam,Hämmër, lukaspop,guitarforever,Maurizio81,ciccio76,kecci,tonaz,Max Med,Mike.t,Vyper,bronzodiriace,Alex r1,tommy453 |
|
|
|
|
03-07-2016, 11:50
|
#8 |
|
Member
Iscritto dal: Feb 2005
Città: Asolo(TV)
Messaggi: 73
|
cambiarlo
Come antivirus siamo sul scadente
|
|
|
|
|
| Strumenti | |
|
|
Tutti gli orari sono GMT +1. Ora sono le: 07:58.
