|
|||||||
|
|
|
 |
|
|
Strumenti |
10-05-2011, 18:20
|
#1 |
|
Junior Member
Iscritto dal: Dec 2010
Messaggi: 17
|
TR/vundo.gen2
Ciao a tutti, l'altro giorno da una scansione effettuata con Avira è saltato fuori lui
Avira Log http://www.mediafire.com/?j42bw4tvflq4348 Comunque riavvio e avira non riesce ad eliminarlo. Problemi di connessione e lentezza del sistema mi fanno impazzire e trovo la guida di HWupgrade.... 1 disattivo la protezione del sistema 2 cambio i dns 3 eseguo ATF Cleaner 4 Malwarebytes log http://www.mediafire.com/?nfpva31db9gb27m 5 ComboFix log http://www.mediafire.com/?5rzlg9vaqhy9uvs 6 Kasp log http://www.mediafire.com/?ku0lgj2ms78cxgp 7 Prevx log http://www.mediafire.com/?96rrwoquvz6c295 8 HJ log http://www.mediafire.com/?2vixat8gex2muw3 Il computer se riavvio e eseguo la scansione con avira mi ritrova il file. Mi potete aiutare. Grazie in anticipo |
|
|
10-05-2011, 19:16
|
#2 | |
|
Moderatore
Iscritto dal: Jun 2007
Città: 127.0.0.1
Messaggi: 25885
|
Quote:
http://www.hwupgrade.it/forum/showthread.php?t=1933875 comunque controlla su VT http://www.virustotal.com/ il seguente file C:\Windows\SysWOW64\RegCtrlr.dll per i risultati basta copiare ed incolare nel prossimo post l'URL rilasciata a fine scansione.
__________________
Try again and you will be luckier.
|
|
|
|
|
10-05-2011, 19:47
|
#3 |
|
Junior Member
Iscritto dal: Dec 2010
Messaggi: 17
|
Antivirus
Version Last Update Result AhnLab-V3 2011.05.11.00 2011.05.10 - AntiVir 7.11.7.214 2011.05.10 - Antiy-AVL 2.0.3.7 2011.05.10 - Avast 4.8.1351.0 2011.05.10 - Avast5 5.0.677.0 2011.05.10 - AVG 10.0.0.1190 2011.05.10 - BitDefender 7.2 2011.05.10 - CAT-QuickHeal 11.00 2011.05.10 - ClamAV 0.97.0.0 2011.05.10 - Commtouch 5.3.2.6 2011.05.10 - Comodo 8652 2011.05.10 - DrWeb 5.0.2.03300 2011.05.10 - Emsisoft 5.1.0.5 2011.05.10 - eSafe 7.0.17.0 2011.05.09 - eTrust-Vet 36.1.8318 2011.05.10 - F-Prot 4.6.2.117 2011.05.10 - F-Secure 9.0.16440.0 2011.05.10 - Fortinet 4.2.257.0 2011.05.10 - GData 22 2011.05.10 - Ikarus T3.1.1.103.0 2011.05.10 - Jiangmin 13.0.900 2011.05.09 - K7AntiVirus 9.103.4614 2011.05.10 - Kaspersky 9.0.0.837 2011.05.10 - McAfee 5.400.0.1158 2011.05.10 - McAfee-GW-Edition 2010.1D 2011.05.10 - Microsoft 1.6802 2011.05.10 - NOD32 6110 2011.05.10 - Norman 6.07.07 2011.05.10 - nProtect 2011-05-10.01 2011.05.10 - Panda 10.0.3.5 2011.05.10 - PCTools 7.0.3.5 2011.05.10 - Prevx 3.0 2011.05.10 - Rising 23.57.01.05 2011.05.10 - Sophos 4.65.0 2011.05.10 - SUPERAntiSpyware 4.40.0.1006 2011.05.10 - Symantec 20101.3.2.89 2011.05.10 - TheHacker 6.7.0.1.191 2011.05.09 - TrendMicro 9.200.0.1012 2011.05.10 - TrendMicro-HouseCall 9.200.0.1012 2011.05.10 - VBA32 3.12.16.0 2011.05.09 - VIPRE 9244 2011.05.10 - ViRobot 2011.5.9.4451 2011.05.10 - VirusBuster 13.6.346.0 2011.05.10 - Additional information Show all MD5 : 9249a6c6949cb68a3cd1c4889372f65d SHA1 : 2d5255c98868392ec903c62ddfcf52dd8b5cc1c4 SHA256: 87f1633175383d1fa234542b6f0d4dff34f4535d4c62d9144042855d5cf737ff ssdeep: 768:d57rR/PTsXHR5jKUece//YEa7TY2TD1zihtixI3HfuWrlX:d5p3Qh5mrR/YEmHTD1cixWpl X File size : 41472 bytes First seen: 2009-07-19 23:35:23 Last seen : 2011-05-10 17:41:49 TrID: DirectShow filter (52.6%) Windows OCX File (32.2%) Win32 Executable MS Visual C++ (generic) (9.8%) Win32 Executable Generic (2.2%) Win32 Dynamic Link Library (generic) (1.9%) sigcheck: publisher....: Microsoft Corporation copyright....: (c) Microsoft Corporation. All rights reserved. product......: Microsoft_ Windows_ Operating System description..: RegCtrl original name: RegCtrl.dll internal name: RegCtrl file version.: 6.1.7600.16385 (win7_rtm.090713-1255) comments.....: n/a signers......: - signing date.: - verified.....: Unsigned PEInfo: PE structure information [[ basic data ]] entrypointaddress: 0x7475 timedatestamp....: 0x4A5BC633 (Mon Jul 13 23:41:39 2009) machinetype......: 0x14c (I386) [[ 4 section(s) ]] name, viradd, virsiz, rawdsiz, ntropy, md5 .text, 0x1000, 0x80EC, 0x8200, 6.29, 0257003495c3736b525b8abbd135a794 .data, 0xA000, 0x504, 0x200, 1.29, 125e7e96e260947e51e940e440b911fd .rsrc, 0xB000, 0x1078, 0x1200, 4.05, 433ea3fc18b115b6bee5093a7a053d75 .reloc, 0xD000, 0x7EC, 0x800, 5.49, a8e6e868df2f9e77fddf117f2d640914 [[ 8 import(s) ]] msvcrt.dll: _onexit, _lock, __dllonexit, _unlock, _errno, realloc, _except_handler4_common, __1type_info@@UAE@XZ, _terminate@@YAXXZ, _amsg_exit, _initterm, _XcptFilter, ___V@YAXPAX@Z, malloc, free, __3@YAXPAX@Z, memcpy_s, _CxxThrowException, wcscpy_s, __2@YAPAXI@Z, _purecall, memset, ___U@YAPAXI@Z, __CxxFrameHandler3, wcscat_s, wcsncpy_s USER32.dll: UnregisterClassA, CharNextW KERNEL32.dll: InterlockedExchange, GetVersionExA, LoadLibraryExW, FindResourceW, LoadResource, SizeofResource, MultiByteToWideChar, GetThreadLocale, SetThreadLocale, OutputDebugStringA, SetUnhandledExceptionFilter, UnhandledExceptionFilter, GetCurrentProcess, TerminateProcess, GetSystemTimeAsFileTime, GetCurrentProcessId, GetCurrentThreadId, GetTickCount, QueryPerformanceCounter, InterlockedCompareExchange, lstrlenW, RaiseException, EnterCriticalSection, LeaveCriticalSection, InitializeCriticalSection, DeleteCriticalSection, GetLastError, LoadLibraryW, GetProcAddress, GetModuleHandleW, lstrcmpiW, GetModuleFileNameW, DisableThreadLibraryCalls, InterlockedIncrement, InterlockedDecrement, FreeLibrary, Sleep ADVAPI32.dll: RegDeleteValueW, RegCreateKeyExW, RegOpenKeyExW, RegSetValueExW, RegQueryInfoKeyW, RegEnumKeyExW, RegCloseKey ole32.dll: CLSIDFromProgID, CoCreateInstance, CoTaskMemFree, CoTaskMemRealloc, CoTaskMemAlloc, StringFromGUID2 OLEAUT32.dll: -, -, -, -, -, -, -, -, -, - POWRPROF.dll: PowerDeterminePlatformRole SHLWAPI.dll: UrlGetPartW, SHRegCloseUSKey, SHRegWriteUSValueW, SHRegCreateUSKeyW, SHRegGetValueW [[ 4 export(s) ]] DllCanUnloadNow, DllGetClassObject, DllRegisterServer, DllUnregisterServer ExifTool: file metadata CharacterSet: Unicode CodeSize: 33280 CompanyName: Microsoft Corporation EntryPoint: 0x7475 FileDescription: RegCtrl FileFlagsMask: 0x003f FileOS: Windows NT 32-bit FileSize: 40 kB FileSubtype: 0 FileType: Win32 DLL FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255) FileVersionNumber: 6.1.7600.16385 ImageVersion: 6.1 InitializedDataSize: 8192 InternalName: RegCtrl LanguageCode: English (U.S.) LegalCopyright: Microsoft Corporation. All rights reserved. LinkerVersion: 9.0 MIMEType: application/octet-stream MachineType: Intel 386 or later, and compatibles OSVersion: 6.1 ObjectFileType: Dynamic link library OriginalFilename: RegCtrl.dll PEType: PE32 ProductName: Microsoft Windows Operating System ProductVersion: 6.1.7600.16385 ProductVersionNumber: 6.1.7600.16385 Subsystem: Windows GUI SubsystemVersion: 6.1 TimeStamp: 2009:07:14 01:41:39+02:00 UninitializedDataSize: 0 Symantec reputation:Suspicious.Insight |
|
|
|
10-05-2011, 19:48
|
#4 |
|
Junior Member
Iscritto dal: Dec 2010
Messaggi: 17
|
scusa se non riesco a mettere il link ma non lo trovo
abbi pazienza |
|
|
|
11-05-2011, 09:01
|
#5 | |
|
Moderatore
Iscritto dal: Jun 2007
Città: 127.0.0.1
Messaggi: 25885
|
Quote:
__________________
Try again and you will be luckier.
|
|
|
|
|
|
| Strumenti | |
|
|
Tutti gli orari sono GMT +1. Ora sono le: 14:47.
