Valutazione 4.87/ 5 (100.00%) 5838 voti

Condividi:        

CHI MI GUARDA LOG DI CONBOFIX? GRAZIE

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: kadosh, Luke57

CHI MI GUARDA LOG DI CONBOFIX? GRAZIE

Postdi demodemo » 17/11/08 06:26

SALVE, mi da dei problemi quando scarico file eseguibili mi dice errore
Allegati

[L’estensione zip è stata disattivata e non puó essere visualizzata.]

Avatar utente
demodemo
Utente Junior
 
Post: 83
Iscritto il: 26/03/08 17:15
Località: lecce e bari

Sponsor
 

Re: CHI MI GUARDA LOG DI CONBOFIX? GRAZIE

Postdi demodemo » 17/11/08 06:32

aggiungo rapporto scanzione malwarebites:
Malwarebytes' Anti-Malware 1.30
Versione del database: 1403
Windows 5.1.2600 Service Pack 3

17/11/2008 6.28.31
mbam-log-2008-11-17 (06-28-31).txt

Tipo di scansione: Scansione rapida
Elementi scansionati: 52520
Tempo trascorso: 7 minute(s), 10 second(s)

Processi delle memoria infetti: 0
Moduli della memoria infetti: 0
Chiavi di registro infette: 3
Valori di registro infetti: 0
Elementi dato del registro infetti: 0
Cartelle infette: 1
File infetti: 1

Processi delle memoria infetti:
(Nessun elemento malevolo rilevato)

Moduli della memoria infetti:
(Nessun elemento malevolo rilevato)

Chiavi di registro infette:
HKEY_CLASSES_ROOT\AppID\{b0e43034-50f5-1f84-8098-824b44f2dbc3} (Adware.AdMedia) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5041fd9-4819-4dc4-b20e-c950b5b03d2a} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> Quarantined and deleted successfully.

Valori di registro infetti:
(Nessun elemento malevolo rilevato)

Elementi dato del registro infetti:
(Nessun elemento malevolo rilevato)

Cartelle infette:
C:\Documents and Settings\All Users\Dati applicazioni\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.

File infetti:
C:\Documents and Settings\All Users\Dati applicazioni\VideoEgg\user.dat (Adware.VideoEgg) -> Quarantined and deleted successfully.
Avatar utente
demodemo
Utente Junior
 
Post: 83
Iscritto il: 26/03/08 17:15
Località: lecce e bari

Re: CHI MI GUARDA LOG DI CONBOFIX? GRAZIE

Postdi Luke57 » 17/11/08 08:57

Ciao, puoi allegare il file di combofix in formato testo? osì è illeggibile, il file è C:\combofix.txt.
Luke57
Moderatore
 
Post: 6410
Iscritto il: 11/08/05 19:10

Re: CHI MI GUARDA LOG DI CONBOFIX? GRAZIE

Postdi demodemo » 17/11/08 12:15

ComboFix 08-11-16.05 - demy 2008-11-17 12.05.46.4 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1040.18.847 [GMT 1:00]
Eseguito da: c:\documents and settings\demy\Desktop\ComboFix.exe
* Creato nuovo punto di ripristino
.

((((((((((((((((((((((((( Files Creati Da 2008-10-17 al 2008-11-17 )))))))))))))))))))))))))))))))))))
.

2008-11-17 06:12 . 2008-11-17 06:12 <DIR> d-------- c:\programmi\Malwarebytes' Anti-Malware
2008-11-17 06:12 . 2008-11-17 06:12 <DIR> d-------- c:\documents and settings\demy\Dati applicazioni\Malwarebytes
2008-11-17 06:12 . 2008-11-17 06:12 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2008-11-17 06:12 . 2008-10-22 16:10 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-11-17 06:12 . 2008-10-22 16:10 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-11-13 04:31 . 2008-09-04 18:15 1,106,944 -----c--- c:\windows\system32\dllcache\msxml3.dll
2008-11-13 04:31 . 2008-10-24 12:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys
2008-10-26 14:56 . 2008-10-15 17:36 337,408 -----c--- c:\windows\system32\dllcache\netapi32.dll
2008-10-22 18:12 . 2008-10-22 18:12 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\TVU Networks
2008-10-22 18:11 . 2008-10-22 18:11 <DIR> d-------- c:\documents and settings\demy\LocalLow
2008-10-20 18:22 . 2008-09-08 11:41 333,824 -----c--- c:\windows\system32\dllcache\srv.sys
2008-10-20 18:20 . 2008-08-14 14:22 2,192,896 -----c--- c:\windows\system32\dllcache\ntoskrnl.exe
2008-10-20 18:20 . 2008-08-14 14:22 2,148,864 -----c--- c:\windows\system32\dllcache\ntkrnlmp.exe
2008-10-20 18:20 . 2008-08-14 14:22 2,069,760 -----c--- c:\windows\system32\dllcache\ntkrnlpa.exe
2008-10-20 18:20 . 2008-08-14 14:22 2,027,520 -----c--- c:\windows\system32\dllcache\ntkrpamp.exe
2008-10-20 18:20 . 2008-09-15 16:24 1,846,400 -----c--- c:\windows\system32\dllcache\win32k.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-16 05:30 --------- d-----w c:\programmi\eMule
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-20 17:35 --------- d-----w c:\programmi\Microsoft Silverlight
2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-16 13:06 268,648 ----a-w c:\windows\system32\mucltui.dll
2008-10-16 13:06 208,744 ----a-w c:\windows\system32\muweb.dll
2008-10-11 09:58 --------- d-----w c:\programmi\File comuni\Real
2008-10-11 09:57 --------- d-----w c:\programmi\Yahoo!
2008-09-30 18:56 1,286,152 ----a-w c:\windows\system32\msxml4.dll
2008-09-15 15:24 1,846,400 ----a-w c:\windows\system32\win32k.sys
2008-09-10 01:14 1,307,648 ----a-w c:\windows\system32\msxml6.dll
2008-09-04 17:15 1,106,944 ----a-w c:\windows\system32\msxml3.dll
2008-08-26 07:57 826,368 ----a-w c:\windows\system32\wininet.dll
2007-09-08 16:08 25,600 ----a-w c:\documents and settings\demy\usbsermptxp.sys
2007-09-08 16:08 22,768 ----a-w c:\documents and settings\demy\usbsermpt.sys
2007-09-01 17:17 65,896 ----a-w c:\documents and settings\demy\Dati applicazioni\GDIPFONTCACHEV1.DAT
.

((((((((((((((((((((((((((((( snapshot_2008-11-17_ 6.05.40,79 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-11-17 10:43:33 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_678.dat
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{0A94B116-4504-4e26-AB05-E61E474AA38B}"= "c:\programmi\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL" [2007-11-25 61440]

[HKEY_CLASSES_ROOT\clsid\{0a94b116-4504-4e26-ab05-e61e474aa38b}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"MsnMsgr"="c:\programmi\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"ccleaner"="c:\programmi\CCleaner\CCleaner.exe" [2008-07-29 1213680]
"SUPERAntiSpyware"="c:\programmi\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-05-13 1510640]
"PhotoShow Deluxe Media Manager"="c:\progra~1\Ahead\NEROPH~2\data\xtras\mssysmgr.exe" [2005-02-26 212992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 39792]
"QuickTime Task"="c:\programmi\QuickTime\QTTask.exe" [2008-03-28 413696]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 78008]
"SoundMan"="SOUNDMAN.EXE" [2005-01-20 c:\windows\SOUNDMAN.EXE]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 c:\windows\system32\bthprops.cpl]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Alice ti aiuta.lnk - c:\programmi\Alice ti aiuta\bin\matcli.exe [2007-12-30 212992]
BlueSoleil.lnk - c:\programmi\IVT Corporation\BlueSoleil\BlueSoleil.exe [2006-09-05 1011712]
Microsoft Office.lnk - c:\programmi\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programmi\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2007-04-19 12:41 294912 c:\programmi\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"MSACM.CEGSM"= mobilev.acm

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableUnicastResponsesToMulticastBroadcast"= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Programmi\\Mozilla Firefox\\firefox.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Documents and Settings\\demy\\Desktop\\eMule0.49b\\eMule0.49b\\emule.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"2799:UDP"= 2799:UDP:Altova License Metering Port (UDP)
"2799:TCP"= 2799:TCP:Altova License Metering Port (TCP)

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-04-14 78416]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-04-14 20560]
S4 WebGpu;WebGpu;"\\?\c:\programmi\Windows NT\prn.exe" []

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fbdc1b78-160d-11dd-939c-0012c8001ac8}]
\Shell\AutoRun\command - f:\wd_windows_tools\setup.exe
.
Contenuto della cartella 'Scheduled Tasks'

2008-04-17 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2008-04-11 16:57]

2008-11-16 c:\windows\Tasks\User_Feed_Synchronization-{2E11ADCE-7854-4366-9328-A6439F485716}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 11:58]
.
.
------- Supplementare di scansione -------
.
FireFox -: Profile - c:\documents and settings\demy\Dati applicazioni\Mozilla\Firefox\Profiles\sqoes6ji.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FireFox -: prefs.js - STARTUP.HOMEPAGE - www.google.it
FF -: plugin - c:\programmi\Microsoft Silverlight\2.0.31005.0\npctrl.1.0.30716.0.dll
FF -: plugin - c:\programmi\Microsoft Silverlight\2.0.31005.0\npctrl.dll
FF -: plugin - c:\programmi\Yahoo!\Common\npyaxmpb.dll
FF -: plugin - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-17 12:08:53
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...


**************************************************************************
.
Ora fine scansione: 2008-11-17 12.13.11
ComboFix-quarantined-files.txt 2008-11-17 11:12:07
ComboFix2.txt 2008-11-17 05:07:19
ComboFix3.txt 2008-03-26 18:38:42
ComboFix4.txt 2008-03-26 17:36:06

Pre-Run: 21.208.543.232 byte disponibili
Post-Run: 21,196,046,336 byte disponibili

139 --- E O F --- 2008-11-13 03:36:46
Avatar utente
demodemo
Utente Junior
 
Post: 83
Iscritto il: 26/03/08 17:15
Località: lecce e bari

Re: CHI MI GUARDA LOG DI CONBOFIX? GRAZIE

Postdi demodemo » 17/11/08 12:17

ciao, luke vedi ke l' ho avviato dinuovo combofix perchè il precedente log non me lo accettava xkè troppo lungo, attendo risposta
Avatar utente
demodemo
Utente Junior
 
Post: 83
Iscritto il: 26/03/08 17:15
Località: lecce e bari

Re: CHI MI GUARDA LOG DI CONBOFIX? GRAZIE

Postdi Luke57 » 18/11/08 12:01

Ciao, mi pare OK
Luke57
Moderatore
 
Post: 6410
Iscritto il: 11/08/05 19:10

Re: CHI MI GUARDA LOG DI CONBOFIX? GRAZIE

Postdi demodemo » 18/11/08 15:39

ok, grazie
Avatar utente
demodemo
Utente Junior
 
Post: 83
Iscritto il: 26/03/08 17:15
Località: lecce e bari


Torna a Sicurezza e Privacy


Topic correlati a "CHI MI GUARDA LOG DI CONBOFIX? GRAZIE":

grazie in anticipo
Autore: Tarek
Forum: Discussioni
Risposte: 1
Un consiglio Grazie
Autore: sysuop33
Forum: Sicurezza e Privacy
Risposte: 10

Chi c’è in linea

Visitano il forum: Nessuno e 4 ospiti