Punto informatico Network
Login Esegui login | Non sei registrato? Iscriviti ora (è gratuito!)
Username: Password:
  • Annuncio Pubblicitario

indirizzo di posta elettronico sospetto

Un virus si è intromesso nel tuo computer? Vuoi navigare in tutta sicurezza? Sono sicure le transazione online? Come impedire a malintenzionati di intromettersi nel tuo pc? Come proteggere i tuoi dati? Qui trovi le risposte a queste ed altre domande

indirizzo di posta elettronico sospetto

Messaggioda roberto1956 » gio gen 22, 2009 11:47 am

Il destinatario di una mia e-mail (un ente pubblico) mi informa che la stessa era finita tra la posta spam, perché il mio indirizzo di posta elettronico (principale) .alice.it è sospetto. Inoltrando la stessa e-mail dall’indirizzo di posta .yahoo.it (sempre dal mio pc) l’indirizzo non è sospetto. Ho eseguito la scansione con Combofix.
Questo è il log

ComboFix 09-01-21.02 - Rober 2009-01-22 11.09.18.2 - FAT32x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1040.18.503.192 [GMT 1:00]
Eseguito da: c:\documents and settings\Rober\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1296 [VPS 090121-0] *On-access scanning disabled* (Updated)
* Creato nuovo punto di ripristino
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Rober\Impostazioni locali\Dati applicazioni\mgwek.dat
c:\documents and settings\Rober\Impostazioni locali\Dati applicazioni\mgwek.exe
c:\documents and settings\Rober\Impostazioni locali\Dati applicazioni\mgwek_nav.dat
c:\documents and settings\Rober\Impostazioni locali\Dati applicazioni\mgwek_navps.dat

.
((((((((((((((((((((((((( Files Creati Da 2008-12-22 al 2009-01-22 )))))))))))))))))))))))))))))))))))
.

2009-01-17 12:59 . 2009-01-17 12:59 <DIR> d-------- c:\documents and settings\Rober\Dati applicazioni\skypePM
2009-01-17 12:59 . 2009-01-17 12:59 56 --ah----- c:\windows\system32\ezsidmv.dat
2009-01-17 12:56 . 2009-01-17 12:56 <DIR> d-------- c:\programmi\Skype
2009-01-17 12:56 . 2009-01-17 12:56 <DIR> d-------- c:\programmi\File comuni\Skype
2009-01-17 12:56 . 2009-01-17 12:56 <DIR> d-------- c:\documents and settings\Rober\Dati applicazioni\Skype
2009-01-17 12:55 . 2009-01-17 12:55 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Skype

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-14 15:11 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-14 15:11 15,504 ----a-w c:\windows\system32\drivers\mbam.sys
2008-12-13 06:36 3,593,216 ----a-w c:\windows\system32\dllcache\mshtml.dll
2008-12-11 10:57 333,952 ----a-w c:\windows\system32\drivers\srv.sys
2008-12-11 10:57 333,952 ------w c:\windows\system32\dllcache\srv.sys
2008-12-04 08:30 --------- d-----w c:\documents and settings\Rober\Dati applicazioni\OfficeUpdate12
2008-12-04 08:29 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\Office Genuine Advantage
2008-11-12 13:21 19,000 ----a-w c:\documents and settings\Rober\Dati applicazioni\GDIPFONTCACHEV1.DAT
2008-11-10 04:43 410,984 ----a-w c:\windows\system32\deploytk.dll
2008-10-24 11:21 455,296 ------w c:\windows\system32\dllcache\mrxsmb.sys
2008-10-23 12:36 286,720 ----a-w c:\windows\system32\gdi32.dll
2008-10-23 12:36 286,720 ------w c:\windows\system32\dllcache\gdi32.dll
2006-06-03 01:32 14 ----a-w c:\documents and settings\Rober\getfile.dat
2008-10-07 23:56 32,768 --sha-w c:\windows\system32\config\systemprofile\Impostazioni locali\Cronologia\History.IE5\MSHist012008100820081009\index.dat
.

((((((((((((((((((((((((((((( snapshot@2008-11-18_22.58.11.34 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-10-03 09:50:04 247,326 ------w c:\windows\$hf_mig$\KB954600\SP3QFE\strmdll.dll
+ 2007-11-30 12:39:40 18,808 ------w c:\windows\$hf_mig$\KB954600\spmsg.dll
+ 2007-11-30 12:39:40 233,848 ------w c:\windows\$hf_mig$\KB954600\spuninst.exe
+ 2007-11-30 12:39:38 26,488 ------w c:\windows\$hf_mig$\KB954600\update\spcustom.dll
+ 2007-11-30 12:39:40 763,768 ------w c:\windows\$hf_mig$\KB954600\update\update.exe
+ 2007-11-30 12:39:40 402,296 ------w c:\windows\$hf_mig$\KB954600\update\updspapi.dll
+ 2008-10-23 10:17:50 62,976 ------w c:\windows\$hf_mig$\KB955839\SP3QFE\tzchange.exe
+ 2007-11-30 12:39:40 18,808 ------w c:\windows\$hf_mig$\KB955839\spmsg.dll
+ 2007-11-30 12:39:40 233,848 ------w c:\windows\$hf_mig$\KB955839\spuninst.exe
+ 2007-11-30 12:39:38 26,488 ------w c:\windows\$hf_mig$\KB955839\update\spcustom.dll
+ 2007-11-30 12:39:40 763,768 ------w c:\windows\$hf_mig$\KB955839\update\update.exe
+ 2007-11-30 12:39:40 402,296 ------w c:\windows\$hf_mig$\KB955839\update\updspapi.dll
+ 2008-10-23 12:43:04 286,720 ------w c:\windows\$hf_mig$\KB956802\SP3QFE\gdi32.dll
+ 2008-07-08 13:06:04 18,808 ------w c:\windows\$hf_mig$\KB956802\spmsg.dll
+ 2008-07-08 13:06:06 233,848 ------w c:\windows\$hf_mig$\KB956802\spuninst.exe
+ 2008-07-08 13:06:04 26,488 ------w c:\windows\$hf_mig$\KB956802\update\spcustom.dll
+ 2008-07-09 07:42:38 763,768 ------w c:\windows\$hf_mig$\KB956802\update\update.exe
+ 2008-07-09 07:42:46 402,296 ------w c:\windows\$hf_mig$\KB956802\update\updspapi.dll
+ 2008-10-16 19:32:32 124,928 ------w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\advpack.dll
+ 2008-10-16 19:32:32 347,136 ------w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\dxtmsft.dll
+ 2008-10-16 19:32:32 214,528 ------w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\dxtrans.dll
+ 2008-10-16 19:32:34 132,608 ------w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\extmgr.dll
+ 2008-10-16 19:32:34 63,488 ------w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\icardie.dll
+ 2008-10-16 12:46:08 70,656 ------w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ie4uinit.exe
+ 2008-10-16 19:32:34 153,088 ------w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieakeng.dll
+ 2008-10-16 19:32:34 230,400 ------w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieaksie.dll
+ 2008-10-15 06:33:26 161,792 ------w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ------w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieapfltr.dat
+ 2008-10-16 19:32:34 380,928 ------w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieapfltr.dll
+ 2008-10-16 19:32:34 388,608 ------w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\iedkcs32.dll
+ 2008-10-16 19:32:36 6,068,224 ------w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieframe.dll
+ 2008-10-16 19:32:36 44,544 ------w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\iernonce.dll
+ 2008-10-16 19:32:36 267,776 ------w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\iertutil.dll
+ 2008-10-16 12:46:08 13,824 ------w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieudinit.exe
+ 2008-10-15 06:34:58 633,632 ------w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\iexplore.exe
+ 2008-10-16 19:32:36 27,648 ------w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\jsproxy.dll
+ 2008-10-16 19:32:36 459,264 ------w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\msfeeds.dll
+ 2008-10-16 19:32:36 52,224 ------w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\msfeedsbs.dll
+ 2008-10-16 19:32:38 3,595,264 ------w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\mshtml.dll
+ 2008-10-16 19:32:38 477,696 ------w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\mshtmled.dll
+ 2008-10-16 19:32:38 193,024 ------w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\msrating.dll
+ 2008-10-16 19:32:38 671,232 ------w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\mstime.dll
+ 2008-10-16 19:32:38 102,912 ------w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\occache.dll
+ 2008-10-16 19:32:38 44,544 ------w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\pngfilt.dll
+ 2008-10-16 19:32:38 105,984 ------w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\url.dll
+ 2008-10-16 19:32:38 1,163,264 ------w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\urlmon.dll
+ 2008-10-16 19:32:38 233,472 ------w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\webcheck.dll
+ 2008-10-16 19:32:38 827,904 ------w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:48:10 15,584 ------w c:\windows\$hf_mig$\KB958215-IE7\spmsg.dll
+ 2007-03-06 01:48:14 215,776 ------w c:\windows\$hf_mig$\KB958215-IE7\spuninst.exe
+ 2007-03-06 01:48:08 22,752 ------w c:\windows\$hf_mig$\KB958215-IE7\update\spcustom.dll
+ 2007-03-06 01:48:34 724,192 ------w c:\windows\$hf_mig$\KB958215-IE7\update\update.exe
+ 2007-03-06 01:49:24 390,880 ------w c:\windows\$hf_mig$\KB958215-IE7\update\updspapi.dll
+ 2008-12-13 06:27:38 3,594,752 ------w c:\windows\$hf_mig$\KB960714-IE7\SP2QFE\mshtml.dll
+ 2007-03-06 01:48:10 15,584 ------w c:\windows\$hf_mig$\KB960714-IE7\spmsg.dll
+ 2007-03-06 01:48:14 215,776 ------w c:\windows\$hf_mig$\KB960714-IE7\spuninst.exe
+ 2007-03-06 01:48:08 22,752 ------w c:\windows\$hf_mig$\KB960714-IE7\update\spcustom.dll
+ 2007-03-06 01:48:32 724,192 ------w c:\windows\$hf_mig$\KB960714-IE7\update\update.exe
+ 2007-03-06 01:49:24 390,880 ------w c:\windows\$hf_mig$\KB960714-IE7\update\updspapi.dll
+ 2006-10-18 19:03:58 100,864 ------w c:\windows\$NtUninstallKB952069_WM9$\logagent.exe
+ 2007-07-27 06:35:58 233,848 ------w c:\windows\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe
+ 2007-07-27 08:41:48 382,840 ------w c:\windows\$NtUninstallKB952069_WM9$\spuninst\updspapi.dll
+ 2006-10-18 20:47:20 937,984 ------w c:\windows\$NtUninstallKB952069_WM9$\wmnetmgr.dll
+ 2006-10-18 20:47:22 2,450,944 ------w c:\windows\$NtUninstallKB952069_WM9$\wmvcore.dll
+ 2007-11-30 12:39:40 233,848 ------w c:\windows\$NtUninstallKB954600$\spuninst\spuninst.exe
+ 2007-11-30 12:39:40 402,296 ------w c:\windows\$NtUninstallKB954600$\spuninst\updspapi.dll
+ 2008-04-14 03:13:56 246,814 ------w c:\windows\$NtUninstallKB954600$\strmdll.dll
+ 2007-11-30 12:39:40 233,848 ------w c:\windows\$NtUninstallKB955839$\spuninst\spuninst.exe
+ 2007-11-30 12:39:40 402,296 ------w c:\windows\$NtUninstallKB955839$\spuninst\updspapi.dll
+ 2008-04-14 03:14:22 60,416 ------w c:\windows\$NtUninstallKB955839$\tzchange.exe
+ 2008-04-14 03:13:40 285,184 ------w c:\windows\$NtUninstallKB956802$\gdi32.dll
+ 2008-07-08 13:06:06 233,848 ------w c:\windows\$NtUninstallKB956802$\spuninst\spuninst.exe
+ 2008-07-09 07:42:46 402,296 ------w c:\windows\$NtUninstallKB956802$\spuninst\updspapi.dll
+ 2008-08-26 08:57:14 124,928 ------w c:\windows\ie7updates\KB958215-IE7\advpack.dll
+ 2008-08-26 08:57:14 347,136 ------w c:\windows\ie7updates\KB958215-IE7\dxtmsft.dll
+ 2008-08-26 08:57:14 214,528 ------w c:\windows\ie7updates\KB958215-IE7\dxtrans.dll
+ 2008-08-26 08:57:14 133,120 ------w c:\windows\ie7updates\KB958215-IE7\extmgr.dll
+ 2008-08-26 08:57:14 63,488 ------w c:\windows\ie7updates\KB958215-IE7\icardie.dll
+ 2008-08-25 09:39:58 70,656 ------w c:\windows\ie7updates\KB958215-IE7\ie4uinit.exe
+ 2008-08-26 08:57:14 153,088 ------w c:\windows\ie7updates\KB958215-IE7\ieakeng.dll
+ 2008-08-26 08:57:16 230,400 ------w c:\windows\ie7updates\KB958215-IE7\ieaksie.dll
+ 2008-08-23 06:54:52 161,792 ------w c:\windows\ie7updates\KB958215-IE7\ieakui.dll
+ 2008-08-26 08:57:16 383,488 ------w c:\windows\ie7updates\KB958215-IE7\ieapfltr.dll
+ 2008-08-26 08:57:16 384,512 ------w c:\windows\ie7updates\KB958215-IE7\iedkcs32.dll
+ 2008-10-03 17:58:44 6,066,176 ------w c:\windows\ie7updates\KB958215-IE7\ieframe.dll
+ 2008-08-26 08:57:18 44,544 ------w c:\windows\ie7updates\KB958215-IE7\iernonce.dll
+ 2008-08-26 08:57:18 267,776 ------w c:\windows\ie7updates\KB958215-IE7\iertutil.dll
+ 2008-08-25 09:38:00 13,824 ------w c:\windows\ie7updates\KB958215-IE7\ieudinit.exe
+ 2008-08-23 06:56:16 635,848 ------w c:\windows\ie7updates\KB958215-IE7\iexplore.exe
+ 2008-08-26 08:57:18 27,648 ------w c:\windows\ie7updates\KB958215-IE7\jsproxy.dll
+ 2008-08-26 08:57:18 459,264 ------w c:\windows\ie7updates\KB958215-IE7\msfeeds.dll
+ 2008-08-26 08:57:18 52,224 ------w c:\windows\ie7updates\KB958215-IE7\msfeedsbs.dll
+ 2008-08-27 09:57:22 3,593,216 ------w c:\windows\ie7updates\KB958215-IE7\mshtml.dll
+ 2008-08-26 08:57:20 477,696 ------w c:\windows\ie7updates\KB958215-IE7\mshtmled.dll
+ 2008-08-26 08:57:22 193,024 ------w c:\windows\ie7updates\KB958215-IE7\msrating.dll
+ 2008-08-26 08:57:22 671,232 ------w c:\windows\ie7updates\KB958215-IE7\mstime.dll
+ 2008-08-26 08:57:22 102,912 ------w c:\windows\ie7updates\KB958215-IE7\occache.dll
+ 2008-08-26 08:57:22 44,544 ------w c:\windows\ie7updates\KB958215-IE7\pngfilt.dll
+ 2007-03-06 01:48:14 215,776 ------w c:\windows\ie7updates\KB958215-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:49:24 390,880 ------w c:\windows\ie7updates\KB958215-IE7\spuninst\updspapi.dll
+ 2008-08-26 08:57:22 105,984 ------w c:\windows\ie7updates\KB958215-IE7\url.dll
+ 2008-08-26 08:57:22 1,159,680 ------w c:\windows\ie7updates\KB958215-IE7\urlmon.dll
+ 2008-08-26 08:57:22 233,472 ------w c:\windows\ie7updates\KB958215-IE7\webcheck.dll
+ 2008-08-26 08:57:22 826,368 ------w c:\windows\ie7updates\KB958215-IE7\wininet.dll
+ 2008-10-17 00:34:26 3,593,216 ------w c:\windows\ie7updates\KB960714-IE7\mshtml.dll
+ 2007-03-06 01:48:14 215,776 ------w c:\windows\ie7updates\KB960714-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:49:24 390,880 ------w c:\windows\ie7updates\KB960714-IE7\spuninst\updspapi.dll
- 2000-08-31 07:00:00 28,672 ----a-w c:\windows\NIRCMD.exe
+ 2000-08-31 07:00:00 29,696 ----a-w c:\windows\NIRCMD.exe
+ 2008-08-25 13:31:30 524,288 ----a-w c:\windows\opuc.dll
- 2008-08-26 08:57:14 124,928 ----a-w c:\windows\system32\advpack.dll
+ 2008-10-16 20:04:22 124,928 ----a-w c:\windows\system32\advpack.dll
- 2008-11-12 16:57:30 1,235,696 ----a-w c:\windows\system32\aswBoot.exe
+ 2008-11-26 17:21:30 1,236,208 ----a-w c:\windows\system32\aswBoot.exe
- 2008-11-12 16:51:12 97,480 ----a-w c:\windows\system32\AvastSS.scr
+ 2008-11-26 17:15:10 97,480 ----a-w c:\windows\system32\AvastSS.scr
- 2008-08-26 08:57:14 124,928 ----a-w c:\windows\system32\dllcache\advpack.dll
+ 2008-10-16 20:04:22 124,928 ----a-w c:\windows\system32\dllcache\advpack.dll
- 2008-08-26 08:57:14 347,136 ----a-w c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-10-16 20:04:22 347,136 ----a-w c:\windows\system32\dllcache\dxtmsft.dll
- 2008-08-26 08:57:14 214,528 ----a-w c:\windows\system32\dllcache\dxtrans.dll
+ 2008-10-16 20:04:22 214,528 ----a-w c:\windows\system32\dllcache\dxtrans.dll
- 2008-08-26 08:57:14 133,120 ----a-w c:\windows\system32\dllcache\extmgr.dll
+ 2008-10-16 20:04:22 133,120 ----a-w c:\windows\system32\dllcache\extmgr.dll
- 2008-08-26 08:57:14 63,488 ------w c:\windows\system32\dllcache\icardie.dll
+ 2008-10-16 20:04:22 63,488 ------w c:\windows\system32\dllcache\icardie.dll
- 2008-08-25 09:39:58 70,656 ----a-w c:\windows\system32\dllcache\ie4uinit.exe
+ 2008-10-16 13:13:44 70,656 ----a-w c:\windows\system32\dllcache\ie4uinit.exe
- 2008-08-26 08:57:14 153,088 ----a-w c:\windows\system32\dllcache\ieakeng.dll
+ 2008-10-16 20:04:22 153,088 ----a-w c:\windows\system32\dllcache\ieakeng.dll
- 2008-08-26 08:57:16 230,400 ----a-w c:\windows\system32\dllcache\ieaksie.dll
+ 2008-10-16 20:04:22 230,400 ----a-w c:\windows\system32\dllcache\ieaksie.dll
- 2008-08-23 06:54:52 161,792 ----a-w c:\windows\system32\dllcache\ieakui.dll
+ 2008-10-15 07:04:54 161,792 ----a-w c:\windows\system32\dllcache\ieakui.dll
- 2008-08-26 08:57:16 383,488 ------w c:\windows\system32\dllcache\ieapfltr.dll
+ 2008-10-16 20:04:22 383,488 ------w c:\windows\system32\dllcache\ieapfltr.dll
- 2008-08-26 08:57:16 384,512 ----a-w c:\windows\system32\dllcache\iedkcs32.dll
+ 2008-10-16 20:04:22 384,512 ----a-w c:\windows\system32\dllcache\iedkcs32.dll
- 2008-10-03 17:58:44 6,066,176 ------w c:\windows\system32\dllcache\ieframe.dll
+ 2008-10-16 20:04:24 6,066,176 ------w c:\windows\system32\dllcache\ieframe.dll
- 2008-08-26 08:57:18 44,544 ----a-w c:\windows\system32\dllcache\iernonce.dll
+ 2008-10-16 20:04:24 44,544 ----a-w c:\windows\system32\dllcache\iernonce.dll
- 2008-08-26 08:57:18 267,776 ------w c:\windows\system32\dllcache\iertutil.dll
+ 2008-10-16 20:04:24 267,776 ------w c:\windows\system32\dllcache\iertutil.dll
- 2008-08-25 09:38:00 13,824 ------w c:\windows\system32\dllcache\ieudinit.exe
+ 2008-10-16 13:11:10 13,824 ------w c:\windows\system32\dllcache\ieudinit.exe
- 2008-08-23 06:56:16 635,848 ----a-w c:\windows\system32\dllcache\iexplore.exe
+ 2008-10-15 07:06:26 633,632 ----a-w c:\windows\system32\dllcache\iexplore.exe
- 2008-08-26 08:57:18 27,648 ----a-w c:\windows\system32\dllcache\jsproxy.dll
+ 2008-10-16 20:04:24 27,648 ----a-w c:\windows\system32\dllcache\jsproxy.dll
- 2006-10-18 19:03:58 100,864 ----a-w c:\windows\system32\dllcache\logagent.exe
+ 2008-06-18 00:09:22 100,864 ----a-w c:\windows\system32\dllcache\logagent.exe
- 2008-08-26 08:57:18 459,264 ------w c:\windows\system32\dllcache\msfeeds.dll
+ 2008-10-16 20:04:24 459,264 ------w c:\windows\system32\dllcache\msfeeds.dll
- 2008-08-26 08:57:18 52,224 ------w c:\windows\system32\dllcache\msfeedsbs.dll
+ 2008-10-16 20:04:24 52,224 ------w c:\windows\system32\dllcache\msfeedsbs.dll
- 2008-08-26 08:57:20 477,696 ----a-w c:\windows\system32\dllcache\mshtmled.dll
+ 2008-10-16 20:04:24 477,696 ----a-w c:\windows\system32\dllcache\mshtmled.dll
- 2008-08-26 08:57:22 193,024 ----a-w c:\windows\system32\dllcache\msrating.dll
+ 2008-10-16 20:04:24 193,024 ----a-w c:\windows\system32\dllcache\msrating.dll
- 2008-08-26 08:57:22 671,232 ----a-w c:\windows\system32\dllcache\mstime.dll
+ 2008-10-16 20:04:24 671,232 ----a-w c:\windows\system32\dllcache\mstime.dll
- 2008-08-26 08:57:22 102,912 ----a-w c:\windows\system32\dllcache\occache.dll
+ 2008-10-16 20:04:24 102,912 ----a-w c:\windows\system32\dllcache\occache.dll
- 2008-08-26 08:57:22 44,544 ----a-w c:\windows\system32\dllcache\pngfilt.dll
+ 2008-10-16 20:04:26 44,544 ----a-w c:\windows\system32\dllcache\pngfilt.dll
- 2008-04-14 03:13:56 246,814 ----a-w c:\windows\system32\dllcache\strmdll.dll
+ 2008-10-03 10:02:46 247,326 ----a-w c:\windows\system32\dllcache\strmdll.dll
- 2008-08-26 08:57:22 105,984 ----a-w c:\windows\system32\dllcache\url.dll
+ 2008-10-16 20:04:26 105,984 ----a-w c:\windows\system32\dllcache\url.dll
- 2008-08-26 08:57:22 1,159,680 ----a-w c:\windows\system32\dllcache\urlmon.dll
+ 2008-10-16 20:04:26 1,160,192 ----a-w c:\windows\system32\dllcache\urlmon.dll
- 2008-08-26 08:57:22 233,472 ----a-w c:\windows\system32\dllcache\webcheck.dll
+ 2008-10-16 20:04:26 233,472 ----a-w c:\windows\system32\dllcache\webcheck.dll
- 2008-08-26 08:57:22 826,368 ----a-w c:\windows\system32\dllcache\wininet.dll
+ 2008-10-16 20:04:26 826,368 ----a-w c:\windows\system32\dllcache\wininet.dll
- 2006-10-18 20:47:20 937,984 ----a-w c:\windows\system32\dllcache\WMNetMgr.dll
+ 2008-06-18 04:03:08 938,496 ----a-w c:\windows\system32\dllcache\WMNetmgr.dll
- 2006-10-18 20:47:22 2,450,944 ----a-w c:\windows\system32\dllcache\wmvcore.dll
+ 2008-06-18 04:03:14 2,458,112 ----a-w c:\windows\system32\dllcache\WMVCore.dll
- 2008-11-12 16:51:36 26,944 ----a-w c:\windows\system32\drivers\aavmker4.sys
+ 2008-11-26 17:15:36 26,944 ----a-w c:\windows\system32\drivers\aavmker4.sys
- 2008-11-12 16:53:28 20,560 ----a-w c:\windows\system32\drivers\aswFsBlk.sys
+ 2008-11-26 17:17:26 20,560 ----a-w c:\windows\system32\drivers\aswFsBlk.sys
- 2008-11-12 16:54:28 93,296 ----a-w c:\windows\system32\drivers\aswmon.sys
+ 2008-11-26 17:18:26 93,296 ----a-w c:\windows\system32\drivers\aswmon.sys
- 2008-11-12 16:54:20 94,032 ----a-w c:\windows\system32\drivers\aswmon2.sys
+ 2008-11-26 17:18:18 94,032 ----a-w c:\windows\system32\drivers\aswmon2.sys
- 2008-11-12 16:52:28 23,152 ----a-w c:\windows\system32\drivers\aswRdr.sys
+ 2008-11-26 17:16:30 23,152 ----a-w c:\windows\system32\drivers\aswRdr.sys
- 2008-11-12 16:53:38 110,160 ----a-w c:\windows\system32\drivers\aswSP.sys
+ 2008-11-26 17:17:36 111,184 ----a-w c:\windows\system32\drivers\aswSP.sys
- 2008-11-12 16:52:38 50,656 ----a-w c:\windows\system32\drivers\aswTdi.sys
+ 2008-11-26 17:16:38 50,864 ----a-w c:\windows\system32\drivers\aswTdi.sys
- 2008-08-26 08:57:14 347,136 ----a-w c:\windows\system32\dxtmsft.dll
+ 2008-10-16 20:04:22 347,136 ----a-w c:\windows\system32\dxtmsft.dll
- 2008-08-26 08:57:14 214,528 ----a-w c:\windows\system32\dxtrans.dll
+ 2008-10-16 20:04:22 214,528 ----a-w c:\windows\system32\dxtrans.dll
- 2008-08-26 08:57:14 133,120 ----a-w c:\windows\system32\extmgr.dll
+ 2008-10-16 20:04:22 133,120 ----a-w c:\windows\system32\extmgr.dll
- 2008-08-26 08:57:14 63,488 ----a-w c:\windows\system32\icardie.dll
+ 2008-10-16 20:04:22 63,488 ----a-w c:\windows\system32\icardie.dll
- 2008-08-25 09:39:58 70,656 ----a-w c:\windows\system32\ie4uinit.exe
+ 2008-10-16 13:13:44 70,656 ----a-w c:\windows\system32\ie4uinit.exe
- 2008-08-26 08:57:14 153,088 ----a-w c:\windows\system32\ieakeng.dll
+ 2008-10-16 20:04:22 153,088 ----a-w c:\windows\system32\ieakeng.dll
- 2008-08-26 08:57:16 230,400 ----a-w c:\windows\system32\ieaksie.dll
+ 2008-10-16 20:04:22 230,400 ----a-w c:\windows\system32\ieaksie.dll
- 2008-08-23 06:54:52 161,792 ----a-w c:\windows\system32\ieakui.dll
+ 2008-10-15 07:04:54 161,792 ----a-w c:\windows\system32\ieakui.dll
- 2008-08-26 08:57:16 383,488 ----a-w c:\windows\system32\ieapfltr.dll
+ 2008-10-16 20:04:22 383,488 ----a-w c:\windows\system32\ieapfltr.dll
- 2008-08-26 08:57:16 384,512 ----a-w c:\windows\system32\iedkcs32.dll
+ 2008-10-16 20:04:22 384,512 ----a-w c:\windows\system32\iedkcs32.dll
- 2008-10-03 17:58:44 6,066,176 ----a-w c:\windows\system32\ieframe.dll
+ 2008-10-16 20:04:24 6,066,176 ----a-w c:\windows\system32\ieframe.dll
- 2008-08-26 08:57:18 44,544 ----a-w c:\windows\system32\iernonce.dll
+ 2008-10-16 20:04:24 44,544 ----a-w c:\windows\system32\iernonce.dll
- 2008-08-26 08:57:18 267,776 ----a-w c:\windows\system32\iertutil.dll
+ 2008-10-16 20:04:24 267,776 ----a-w c:\windows\system32\iertutil.dll
- 2008-08-25 09:38:00 13,824 ----a-w c:\windows\system32\ieudinit.exe
+ 2008-10-16 13:11:10 13,824 ----a-w c:\windows\system32\ieudinit.exe
- 2008-11-06 00:05:02 144,792 ----a-w c:\windows\system32\java.exe
+ 2008-11-10 04:43:38 144,792 ----a-w c:\windows\system32\java.exe
- 2008-11-06 00:05:02 144,792 ----a-w c:\windows\system32\javaw.exe
+ 2008-11-10 04:43:38 144,792 ----a-w c:\windows\system32\javaw.exe
- 2008-11-06 00:05:02 148,888 ----a-w c:\windows\system32\javaws.exe
+ 2008-11-10 04:43:40 148,888 ----a-w c:\windows\system32\javaws.exe
- 2008-08-26 08:57:18 27,648 ----a-w c:\windows\system32\jsproxy.dll
+ 2008-10-16 20:04:24 27,648 ----a-w c:\windows\system32\jsproxy.dll
- 2006-10-18 19:03:58 100,864 ----a-w c:\windows\system32\logagent.exe
+ 2008-06-18 00:09:22 100,864 ----a-w c:\windows\system32\logagent.exe
- 2008-11-03 15:10:26 17,318,336 ----a-w c:\windows\system32\MRT.exe
+ 2009-01-10 01:35:28 20,853,704 ----a-w c:\windows\system32\MRT.exe
- 2008-08-26 08:57:18 459,264 ----a-w c:\windows\system32\msfeeds.dll
+ 2008-10-16 20:04:24 459,264 ----a-w c:\windows\system32\msfeeds.dll
- 2008-08-26 08:57:18 52,224 ----a-w c:\windows\system32\msfeedsbs.dll
+ 2008-10-16 20:04:24 52,224 ----a-w c:\windows\system32\msfeedsbs.dll
- 2008-08-27 09:57:22 3,593,216 ----a-w c:\windows\system32\mshtml.dll
+ 2008-12-13 06:36:24 3,593,216 ----a-w c:\windows\system32\mshtml.dll
- 2008-08-26 08:57:20 477,696 ----a-w c:\windows\system32\mshtmled.dll
+ 2008-10-16 20:04:24 477,696 ----a-w c:\windows\system32\mshtmled.dll
- 2008-08-26 08:57:22 193,024 ----a-w c:\windows\system32\msrating.dll
+ 2008-10-16 20:04:24 193,024 ----a-w c:\windows\system32\msrating.dll
- 2008-08-26 08:57:22 671,232 ----a-w c:\windows\system32\mstime.dll
+ 2008-10-16 20:04:24 671,232 ----a-w c:\windows\system32\mstime.dll
- 2008-08-26 08:57:22 102,912 ----a-w c:\windows\system32\occache.dll
+ 2008-10-16 20:04:24 102,912 ----a-w c:\windows\system32\occache.dll
+ 2008-02-04 17:23:10 693,792 ----a-w c:\windows\system32\OGACheckControl.DLL
- 2008-08-26 08:57:22 44,544 ----a-w c:\windows\system32\pngfilt.dll
+ 2008-10-16 20:04:26 44,544 ----a-w c:\windows\system32\pngfilt.dll
- 2008-07-08 13:06:04 18,808 ------w c:\windows\system32\spmsg.dll
+ 2007-11-30 12:39:40 18,808 ------w c:\windows\system32\spmsg.dll
+ 1996-01-12 17:00:00 24,576 ----a-w c:\windows\system32\STKIT432.DLL
- 2008-04-14 03:13:56 246,814 ----a-w c:\windows\system32\strmdll.dll
+ 2008-10-03 10:02:46 247,326 ----a-w c:\windows\system32\strmdll.dll
- 2008-04-14 03:14:22 60,416 ------w c:\windows\system32\tzchange.exe
+ 2008-10-23 10:07:00 62,976 ------w c:\windows\system32\tzchange.exe
- 2008-08-26 08:57:22 105,984 ----a-w c:\windows\system32\url.dll
+ 2008-10-16 20:04:26 105,984 ----a-w c:\windows\system32\url.dll
- 2008-08-26 08:57:22 1,159,680 ----a-w c:\windows\system32\urlmon.dll
+ 2008-10-16 20:04:26 1,160,192 ----a-w c:\windows\system32\urlmon.dll
- 2008-08-26 08:57:22 233,472 ----a-w c:\windows\system32\webcheck.dll
+ 2008-10-16 20:04:26 233,472 ----a-w c:\windows\system32\webcheck.dll
- 2008-08-26 08:57:22 826,368 ----a-w c:\windows\system32\wininet.dll
+ 2008-10-16 20:04:26 826,368 ----a-w c:\windows\system32\wininet.dll
- 2006-10-18 20:47:20 937,984 ----a-w c:\windows\system32\WMNetMgr.dll
+ 2008-06-18 04:03:08 938,496 ----a-w c:\windows\system32\WMNetmgr.dll
- 2006-10-18 20:47:22 2,450,944 ----a-w c:\windows\system32\wmvcore.dll
+ 2008-06-18 04:03:14 2,458,112 ----a-w c:\windows\system32\WMVCore.dll
+ 2009-01-22 09:36:18 16,384 ----a-w c:\windows\Temp\Perflib_Perfdata_374.dat
+ 2009-01-21 09:59:12 16,384 ----a-w c:\windows\Temp\Perflib_Perfdata_7c4.dat
.
-- Snapshot per reimpostare la data corrente --
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-08-06 15:20 279944 --a------ c:\programmi\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\programmi\AskBarDis\bar\bin\askBar.dll" [2008-08-06 279944]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\programmi\AskBarDis\bar\bin\askBar.dll" [2008-08-06 279944]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\programmi\Messenger\msmsgs.exe" [2008-04-14 1695232]
"swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-09 68856]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"Skype"="c:\programmi\Skype\Phone\Skype.exe" [2008-11-18 21633320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Hcontrol"="c:\windows\ATK0100\Hcontrol.exe" [2004-05-27 86016]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2004-07-15 155648]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2004-07-15 118784]
"ASUS Live Update"="c:\programmi\ASUS\ASUS Live Update\ALU.exe" [2003-09-19 172032]
"Power_Gear"="c:\programmi\ASUS\Power4 Gear\BatteryLife.exe" [2004-01-19 81920]
"SynTPLpr"="c:\programmi\Synaptics\SynTP\SynTPLpr.exe" [2004-08-05 102400]
"SynTPEnh"="c:\programmi\Synaptics\SynTP\SynTPEnh.exe" [2004-08-05 684032]
"PRONoMgr.exe"="c:\programmi\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe" [2004-02-05 86016]
"Adobe Photo Downloader"="c:\programmi\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-07-07 57344]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"Motive SmartBridge"="c:\progra~1\ALICET~1\SMARTB~1\MotiveSB.exe" [2006-04-21 438359]
"AliceRE_McciTrayApp"="c:\progra~1\ALICET~1\vendors\AliceRE\content\template\driven~1\syncer\McciTrayApp.exe" [2006-11-21 936960]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2008-11-10 136600]
"SoundMan"="SOUNDMAN.EXE" [2004-05-21 c:\windows\SOUNDMAN.EXE]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
ASUS ChkMail.lnk - c:\programmi\Asus\Asus ChkMail\ChkMail.exe [2005-12-28 32768]
Microsoft Office.lnk - c:\programmi\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]
Alice ti aiuta.lnk - c:\programmi\Alice ti aiuta\bin\matcli.exe [2008-10-10 217088]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Sebring]
2004-03-03 16:48 110592 c:\windows\system32\LgNotify.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Asus\\ASUS Live Update\\LiveUpdt.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\VideoLAN\\VLC\\VLC.EXE"=
"c:\\Programmi\\Windows Media Player\\wmplayer.exe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-11-16 111184]
R3 ATKXPDisplayName;ATKXPDisplayName;c:\windows\system32\drivers\ATKACPI.sys [2005-12-28 5786]
R4 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-11-16 20560]
R4 Network WanMiniport First Position;Network WanMiniport First Position;c:\programmi\Telecom Italia\WanMiniport1st\srvany.exe [2008-07-28 8192]
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

HKCU-Run-mgwek - c:\documents and settings\rober\impostazioni locali\dati applicazioni\mgwek.exe


.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.corriere.it/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyServer = mail.voltex.co.za:80
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
TCP: {604F8BE0-DF77-483A-A2C3-B9394C23F39E} = 85.37.17.6 85.38.28.89
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-22 11:12:36
Windows 5.1.2600 Service Pack 3 FAT NTAPI

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'winlogon.exe'(728)
c:\windows\system32\LgNotify.dll
.
Ora fine scansione: 2009-01-22 11.13.51
ComboFix-quarantined-files.txt 2009-01-22 10:13:50
ComboFix2.txt 2008-11-18 21:58:50

Pre-Run: 40.979.333.120 byte disponibili
Post-Run: 41,806,200,832 byte disponibili

406 --- E O F --- 2009-01-15 01:19:22


Cortesemente, mi potete dire se ci sono virus?
Grazie
Avatar utente
roberto1956
Neo Iscritto
Neo Iscritto
 
Messaggi: 9
Iscritto il: mar nov 18, 2008 10:40 am

Re: indirizzo di posta elettronico sospetto

Messaggioda crazy.cat » gio gen 22, 2009 12:19 pm

Combofix ha trovato e rimosso il solito trojan cid.
Il fatto che un messaggio di posta venga rimbalzato può poi dipendere dai tipi di filtro che hanno impostato sul server del ricevente.
Quando i molti governano, pensano solo a contentar sé stessi, si ha allora la tirannia più balorda e più odiosa: la tirannia mascherata da libertà.
Avatar utente
crazy.cat
MLI Hero
MLI Hero
 
Messaggi: 30959
Iscritto il: lun gen 12, 2004 1:38 pm
Località: Mestre


Torna a Sicurezza

Chi c’è in linea

Visitano il forum: Nessuno e 5 ospiti

Powered by phpBB © 2002, 2005, 2007, 2008 phpBB Group
Traduzione Italiana phpBB.it

megalab.it: testata telematica quotidiana registrata al Tribunale di Cosenza n. 22/09 del 13.08.2009, editore Master New Media S.r.l.; © Copyright 2008 Master New Media S.r.l. a socio unico - P.I. 02947530784. GRUPPO EDIZIONI MASTER Spa Tutti i diritti sono riservati. Per la pubblicità: Master Advertising