Condividi:        

virus HEUR: Trojan.win32.Generic

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: m.paolo, kadosh, Luke57

virus HEUR: Trojan.win32.Generic

Postdi scacco al re » 09/12/09 22:20

kaspesrsky mi ha rilevato due file con questo virus e li ha messi in quarantena
il primo è c:\windows\system32\ctftnroz.exe
il secondo è C:\System Volume Information\_restore{8C81C4BA-43AC-4558-BC51-394FE3EBC4AB}\RP9\A0000473.exe
sono pericolosi? come faccio a toglierli definitivamente? esistono tools specifici?
sistema operativo xp home
scacco al re
scacco al re
Utente Senior
 
Post: 524
Iscritto il: 10/05/02 19:18
Località: Sestri Levante

Sponsor
 

Re: virus HEUR: Trojan.win32.Generic

Postdi shel » 10/12/09 12:32

ciao

per l'eliminazione dell'infezione nel punto di ripristino disattiva quest'ultimo, riavvia il pc e riattivi il ripristino creando un nuovo punto

per i virus in quarantena puoi stare tranquillo - per maggior sicurezza fai una scansione con ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe , avvialo e quindi premi 1 per avviare la scansione. Alla fine della scansione ti verrà rilasciato un file chiamato combofix.txt nella cartella c:\combofix, allegami tale file nel prossimo messaggio. ;)
shel
Utente Senior
 
Post: 1326
Iscritto il: 29/08/08 21:56

Re: virus HEUR: Trojan.win32.Generic

Postdi scacco al re » 10/12/09 17:03

Ti ringrazio per l'interessmento ed eccoti il contenuto del file ComboFix.txt
.
ComboFix 09-12-09.04 - Dany 10/12/2009 13.32.18.1.2 - FAT32x86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.1022.452 [GMT 1:00]
Eseguito da: c:\downloads\Software\ComboFix.exe
AV: Kaspersky Anti-Virus *On-access scanning disabled* (Updated)

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\programmi\WinPCap
c:\programmi\WinPCap\daemon_mgm.exe
c:\programmi\WinPCap\npf_mgm.exe
c:\programmi\WinPCap\rpcapd.exe
c:\windows\kb913800.exe
c:\windows\system32\ctfmon .exe
c:\windows\system32\drivers\npf.sys
c:\windows\system32\hkcmd .exe
c:\windows\system32\igfxpers .exe
c:\windows\system32\igfxtray .exe
c:\windows\system32\Packet.dll
c:\windows\system32\pthreadVC.dll
c:\windows\system32\WanPacket.dll
c:\windows\system32\wpcap.dll

.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_NPF
-------\Service_NPF


((((((((((((((((((((((((( Files Creati Da 2009-11-10 al 2009-12-10 )))))))))))))))))))))))))))))))))))
.

2009-12-08 11:07 . 2009-12-08 11:07 65536 ----a-w- c:\windows\system32\afasrv32.exe
2009-12-08 11:06 . 2008-05-27 09:52 51072 ----a-w- c:\windows\system32\drivers\MHIKEY10.sys
2009-12-08 11:06 . 2009-12-08 11:07 -------- d-----w- c:\programmi\USIM Editor
2009-12-05 19:21 . 2009-12-05 20:13 604140 --sha-w- c:\windows\system32\drivers\ISwift3.dat
2009-12-05 19:13 . 2009-12-05 19:44 95259 ----a-w- c:\windows\system32\drivers\klick.dat
2009-12-05 19:13 . 2009-12-05 19:44 108059 ----a-w- c:\windows\system32\drivers\klin.dat
2009-12-05 19:13 . 2009-12-05 19:13 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab
2009-12-05 19:09 . 2009-12-05 19:10 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab Setup Files
2009-11-29 14:36 . 2009-11-29 14:36 -------- d-----w- c:\programmi\ART Inc
2009-11-29 10:48 . 2009-11-29 10:48 -------- d-----w- c:\documents and settings\Dany\Impostazioni locali\Dati applicazioni\Western_Digital
2009-11-29 10:47 . 2009-11-29 10:47 -------- d-----w- c:\documents and settings\Dany\Dati applicazioni\Western Digital
2009-11-29 10:47 . 2009-11-29 10:47 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Western Digital
2009-11-29 10:47 . 2009-11-29 10:47 -------- d-----w- c:\documents and settings\LocalService\Impostazioni locali\Dati applicazioni\ServiceTest
2009-11-29 10:47 . 2009-02-13 11:02 11520 ----a-w- c:\windows\system32\drivers\wdcsam.sys
2009-11-29 10:47 . 2009-11-29 10:47 -------- d-----w- c:\windows\system32\DRVSTORE
2009-11-29 10:47 . 2009-11-29 10:47 -------- d-----w- c:\programmi\Western Digital
2009-11-29 10:45 . 2009-11-29 10:45 -------- d-----w- c:\documents and settings\Dany\Impostazioni locali\Dati applicazioni\Western Digital
2009-11-21 18:09 . 2009-11-21 18:09 -------- d-----w- c:\documents and settings\Dany\Dati applicazioni\Apple Computer
2009-11-21 17:55 . 2009-11-21 17:55 -------- d-----w- c:\programmi\QuickTime
2009-11-21 17:55 . 2009-11-21 17:55 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Apple Computer
2009-11-21 17:54 . 2009-11-21 17:54 -------- d-----w- c:\programmi\File comuni\Apple
2009-11-21 17:54 . 2009-11-21 17:54 -------- d-----w- c:\documents and settings\Dany\Impostazioni locali\Dati applicazioni\Apple
2009-11-21 17:54 . 2009-11-21 17:54 -------- d-----w- c:\programmi\Apple Software Update
2009-11-21 17:54 . 2009-11-21 17:54 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Apple
2009-11-21 17:54 . 2009-11-21 17:54 -------- d-----w- c:\documents and settings\Dany\Impostazioni locali\Dati applicazioni\Apple Computer
2009-11-20 09:17 . 2009-11-20 09:17 -------- d-----w- C:\FOUND.005
2009-11-19 16:43 . 2009-11-19 16:43 -------- d-----w- C:\FOUND.004

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-10 12:37 . 2008-02-04 17:33 12 ----a-w- c:\windows\bthservsdp.dat
2009-12-05 19:44 . 2009-12-05 19:44 80400 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav9exec\9.0.0.459\mzvkbd3.dll
2009-12-05 19:44 . 2009-12-05 19:44 80400 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav9exec\9.0.0.459\mzvkbd.dll
2009-12-05 19:44 . 2009-12-05 19:44 296976 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav9exec\9.0.0.459\sys\i386\5.1\klif.sys
2009-12-05 19:44 . 2009-12-05 19:44 264720 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav9exec\9.0.0.459\klwtbbho.dll
2009-12-05 19:44 . 2009-12-05 19:44 128016 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav9exec\9.0.0.459\sys\i386\kl1.sys
2009-12-05 19:44 . 2009-05-24 14:30 128016 ----a-w- c:\windows\system32\drivers\kl1.sys
2009-12-05 19:44 . 2009-12-05 19:44 109072 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.459\mzvkbd3.dll
2009-12-05 19:44 . 2009-12-05 19:44 59920 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.459\mzvkbd.dll
2009-12-05 19:44 . 2009-12-05 19:44 264720 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.459\klwtbbho.dll
2009-12-05 19:44 . 2009-12-05 19:44 296976 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.459\sys\i386\5.1\klif.sys
2009-12-05 19:44 . 2009-12-05 19:44 128016 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.459\sys\i386\kl1.sys
2009-11-19 10:22 . 2009-11-19 10:22 79488 ----a-w- c:\documents and settings\Dany\Dati applicazioni\Sun\Java\jre1.6.0_17\gtapi.dll
2009-10-31 12:30 . 2009-10-31 12:30 -------- d-----w- c:\programmi\File comuni\DVDVideoSoft
2009-10-31 12:30 . 2009-10-31 12:30 -------- d-----w- c:\programmi\DVDVideoSoft
2009-10-29 14:56 . 2003-09-24 22:43 94550 ----a-w- c:\windows\system32\perfc010.dat
2009-10-29 14:56 . 2003-09-24 22:43 517008 ----a-w- c:\windows\system32\perfh010.dat
2009-09-11 14:17 . 2004-09-07 19:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
.
Codice: Seleziona tutto
<pre>
c:\programmi\File comuni\Nero\Lib\NeroCheck .exe
c:\programmi\Realtek\InstallShield\AzMixerSel .exe
c:\programmi\Synaptics\SynTP\SynTPLpr .exe
c:\programmi\Synaptics\SynTP\SynTPEnh .exe
c:\programmi\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI .exe
c:\programmi\Launch Manager\QtZgAcer .exe
c:\programmi\Ulead Systems\Ulead VideoStudio SE\uvPL .exe
c:\windows\ehome\ehtray .exe
</pre>


((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\programmi\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" [X]
"ATICCC"="c:\programmi\ATI Technologies\ATI.ACE\cli.exe runtime -Delay" [X]
"QuickTime Task"="c:\programmi\QuickTime\QTTask.exe -atboottime" [X]
"USBestCR"="c:\programmi\USIM Editor\iconcs1954140.exe RunFromReg" [X]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-17 64512]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-09-07 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-09-07 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-09-07 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-09-07 455168]
"RTHDCPL"="RTHDCPL.EXE" [2006-04-04 16120832]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2008-12-10 136600]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"AVP"="c:\programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe" [2009-05-25 303376]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\programmi\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Programmi\\Messenger\\msmsgs.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\File comuni\\Nero\\Nero Web\\SetupX.exe"=
"c:\\Programmi\\uTorrent\\uTorrent.exe"=

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [15/12/2008 20.41.32 33808]
R2 AfaService;Afa Card Reader Service;c:\windows\system32\afasrv32.exe [08/12/2009 12.07.11 65536]
R2 GtDetectSc;GT Detect;c:\windows\system32\GtDetectSc.exe [31/01/2008 17.32.53 167936]
R2 WDDMService;WD SmartWare Drive Manager;c:\programmi\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [14/10/2009 14.31.02 98304]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\programmi\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [16/06/2009 9.58.08 20480]
R3 GTFFBUS;GT FF BUS;c:\windows\system32\drivers\gtffbus.sys [31/01/2008 17.32.51 17024]
R3 GTMNDISIRPXP;GT M 3G+ IRP NDIS;c:\windows\system32\drivers\Gtm51Irp.sys [31/01/2008 17.32.53 115840]
R3 GTUQBUS;GT UQ BUS;c:\windows\system32\drivers\gtuqbus.sys [31/01/2008 17.32.53 34560]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [13/05/2009 17.46.52 31760]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [16/05/2009 20.59.44 19472]
S3 AVerE506;AVerE506 service;c:\windows\system32\drivers\AVerE506.sys [25/08/2005 20.10.02 509312]
S3 AVerM115;AVerM115 service;c:\windows\system32\drivers\AVerM115.sys [24/08/2005 7.07.24 692992]
S3 lv321av;Logitech USB PC Camera (VC0321);c:\windows\system32\drivers\lv321av.sys [30/11/2005 5.28.58 1088896]
S3 MHIKEY10;MHIKEY10;c:\windows\system32\drivers\MHIKEY10.sys [08/12/2009 12.06.59 51072]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [29/11/2009 11.47.26 11520]
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uSearchURL,(Default) = hxxp://it.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Scarica con Free Download Manager - file://c:\programmi\Free Download Manager\dllink.htm
IE: Scarica i video con Free Download Manager - file://c:\programmi\Free Download Manager\dlfvideo.htm
IE: Scarica selezionati con Free Download Manager - file://c:\programmi\Free Download Manager\dlselected.htm
IE: Scarica tutto con Free Download Manager - file://c:\programmi\Free Download Manager\dlall.htm
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

AddRemove-HijackThis - F:\HijackThis.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-10 13:41
Windows 5.1.2600 Service Pack 3 FAT NTAPI

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'winlogon.exe'(1688)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(4036)
c:\windows\system32\WININET.dll
c:\programmi\Windows Desktop Search\deskbar.dll
c:\programmi\Windows Desktop Search\it-it\dbres.dll.mui
c:\programmi\Windows Desktop Search\dbres.dll
c:\programmi\Windows Desktop Search\wordwheel.dll
c:\programmi\Windows Desktop Search\it-it\msnlExtRes.dll.mui
c:\programmi\Windows Desktop Search\msnlExtRes.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\programmi\Intel\Wireless\Bin\EvtEng.exe
c:\programmi\Intel\Wireless\Bin\S24EvMon.exe
c:\windows\System32\SCardSvr.exe
c:\windows\system32\Ati2evxx.exe
c:\acer\Empowering Technology\admServ.exe
c:\windows\eHome\ehRecvr.exe
c:\windows\eHome\ehSched.exe
c:\programmi\File comuni\EPSON\EBAPI\SAgent2.exe
c:\programmi\Java\jre6\bin\jqs.exe
c:\programmi\File comuni\LightScribe\LSSrvc.exe
c:\programmi\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\system32\IoctlSvc.exe
c:\programmi\Intel\Wireless\Bin\RegSrvc.exe
c:\programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe
c:\windows\system32\SearchIndexer.exe
c:\windows\ehome\mcrdsvc.exe
c:\windows\eHome\ehmsas.exe
c:\windows\RTHDCPL.EXE
c:\programmi\ATI Technologies\ATI.ACE\cli.exe
c:\windows\system32\rundll32.exe
c:\programmi\QuickTime\QTTask.exe
c:\programmi\USIM Editor\iconcs1954140.exe
c:\windows\system32\dllhost.exe
c:\docume~1\Dany\IMPOST~1\Temp\RtkBtMnt.exe
c:\programmi\ATI Technologies\ATI.ACE\cli.exe
c:\programmi\ATI Technologies\ATI.ACE\cli.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Ora fine scansione: 2009-12-10 13:44:24 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2009-12-10 12:44

Pre-Run: 25.572.573.184 byte disponibili
Post-Run: 25.479.479.296 byte disponibili

- - End Of File - - EE4D65564A114C47C5D29E75E4870116
scacco al re
scacco al re
Utente Senior
 
Post: 524
Iscritto il: 10/05/02 19:18
Località: Sestri Levante

Re: virus HEUR: Trojan.win32.Generic

Postdi shel » 10/12/09 17:26

il programma USIM Editor lo hai installato tu?
shel
Utente Senior
 
Post: 1326
Iscritto il: 29/08/08 21:56

Re: virus HEUR: Trojan.win32.Generic

Postdi scacco al re » 10/12/09 19:37

ho comprato uno di quei lettori per le schede di memoria dove c'era un mini cd che mi ha intallato questo software che in pratica inserendo una sim di un operatore telefonico nell'apposita fessura me la legge. (non l'ho ancora usato)
scacco al re
scacco al re
Utente Senior
 
Post: 524
Iscritto il: 10/05/02 19:18
Località: Sestri Levante

Re: virus HEUR: Trojan.win32.Generic

Postdi shel » 11/12/09 11:16

solo per sicurezza, mi controlli questo su virus tital?

c:\windows\bthservsdp.dat
shel
Utente Senior
 
Post: 1326
Iscritto il: 29/08/08 21:56

Re: virus HEUR: Trojan.win32.Generic

Postdi scacco al re » 11/12/09 21:29

ecco il risultato:
Codice: Seleziona tutto
File bthservsdp.dat ricevuto il 2009.11.20 08:46:28 (UTC)
Stato corrente: finito
Risultato: 0/41 (0.00%)

File bthservsdp.dat ricevuto il 2009.11.20 08:46:28 (UTC)Antivirus Versione Ultimo aggiornamento Risultato
a-squared 4.5.0.41 2009.11.20 -
AhnLab-V3 5.0.0.2 2009.11.19 -
AntiVir 7.9.1.72 2009.11.19 -
Antiy-AVL 2.0.3.7 2009.11.20 -
Authentium 5.2.0.5 2009.11.19 -
Avast 4.8.1351.0 2009.11.20 -
AVG 8.5.0.425 2009.11.19 -
BitDefender 7.2 2009.11.20 -
CAT-QuickHeal 10.00 2009.11.20 -
ClamAV 0.94.1 2009.11.20 -
Comodo 2983 2009.11.19 -
DrWeb 5.0.0.12182 2009.11.20 -
eSafe 7.0.17.0 2009.11.19 -
eTrust-Vet 35.1.7132 2009.11.20 -
F-Prot 4.5.1.85 2009.11.19 -
F-Secure 9.0.15370.0 2009.11.17 -
Fortinet 3.120.0.0 2009.11.20 -
GData 19 2009.11.20 -
Ikarus T3.1.1.74.0 2009.11.20 -
Jiangmin 11.0.800 2009.11.20 -
K7AntiVirus 7.10.900 2009.11.19 -
Kaspersky 7.0.0.125 2009.11.20 -
McAfee 5807 2009.11.19 -
McAfee+Artemis 5807 2009.11.19 -
McAfee-GW-Edition 6.8.5 2009.11.20 -
Microsoft 1.5302 2009.11.20 -
NOD32 4623 2009.11.19 -
Norman 6.03.02 2009.11.19 -
nProtect 2009.1.8.0 2009.11.20 -
Panda 10.0.2.2 2009.11.20 -
PCTools 7.0.3.5 2009.11.20 -
Prevx 3.0 2009.11.20 -
Rising 22.22.04.04 2009.11.20 -
Sophos 4.47.0 2009.11.20 -
Sunbelt 3.2.1858.2 2009.11.19 -
Symantec 1.4.4.12 2009.11.20 -
TheHacker 6.5.0.2.074 2009.11.19 -
TrendMicro 9.0.0.1003 2009.11.20 -
VBA32 3.12.12.0 2009.11.20 -
ViRobot 2009.11.20.2046 2009.11.20 -
VirusBuster 5.0.21.0 2009.11.19 -
 
Informazioni addizionali
File&nbsp;size: 12 bytes
MD5&nbsp;&nbsp;&nbsp;: 873ea3362aa6ac9b704f6c27d2cc7445
SHA1&nbsp;&nbsp;: a976f67131c514248465a6ca3f544d296e708e58
SHA256: 887691213636a5b9ce9f5416e83a2538e07dc36fa9540fac42815fba40876ba7
TrID&nbsp;&nbsp;: File type identification<BR>Unknown!
ssdeep: 3:wEl:5l
PEiD&nbsp;&nbsp;: -
RDS&nbsp;&nbsp;&nbsp;: NSRL Reference Data Set<BR>-


kaspersky mi dice che il file c:\combfix\mbr.cfxxe è riskware PDM.suspicious drive installation
posso stare tranquillo?
scacco al re
scacco al re
Utente Senior
 
Post: 524
Iscritto il: 10/05/02 19:18
Località: Sestri Levante


Torna a Sicurezza e Privacy


Topic correlati a "virus HEUR: Trojan.win32.Generic":


Chi c’è in linea

Visitano il forum: Nessuno e 53 ospiti