DOMANDA scansione combofix e sospetto falso positivo

Pubblicità
baddudes

baddudes

Nuovo Utente
Messaggi
4
Reazioni
0
Punteggio
24
Ciao,

utilizzo AVG praticamente da sempre, e non ho mai avuto grossi problemi,
ultimamente pero' mi segnala C:\windows\explorer.exe come virus, e lo mette in white list perche' indispensabile al funzionamento del pc.
ho controllato con www.virustotal.com e mi da una quotazione di 0/42 come non infetto.

tuttavia oggi ho chiamato un tecnico per fargli dare un occhiata e mi ha consigliato di fare una scansione con combofix.
alla fine e' venuto fuori un file di log, ma sinceramente non ci capisco molto e non so cosa fare.

c'e' qualcuno che potrebbe aiutarmi?

grazie mille in anticipo :)

di seguito il log

ComboFix 12-07-21.01 - Salvo 23/07/2012 15.31.15.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.2013.1334 [GMT 2:00]
Eseguito da: c:\documents and settings\Salvo\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: ZoneAlarm Free Firewall *Enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Salvo\WINDOWS
c:\windows\IsUn0410.exe
c:\windows\system32\Cache
c:\windows\system32\Cache\272512937d9e61a4.fb
c:\windows\system32\Cache\2815926704371fbe.fb
c:\windows\system32\Cache\287204568329e189.fb
c:\windows\system32\Cache\28bc8f716fd76a47.fb
c:\windows\system32\Cache\2c53092c95605355.fb
c:\windows\system32\Cache\31a0997e9a5b5eb3.fb
c:\windows\system32\Cache\32c84fe32bb74d60.fb
c:\windows\system32\Cache\3917078cb68ec657.fb
c:\windows\system32\Cache\4042cd19dc254b9b.fb
c:\windows\system32\Cache\590ba23ce359fd0c.fb
c:\windows\system32\Cache\610289e025a3ee9a.fb
c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb
c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb
c:\windows\system32\Cache\6d03dad1035885d3.fb
c:\windows\system32\Cache\878fd61c56732ed5.fb
c:\windows\system32\Cache\a4e617c4d95279a5.fb
c:\windows\system32\Cache\a6597faff001a878.fb
c:\windows\system32\Cache\a8556537add6dfc5.fb
c:\windows\system32\Cache\ad10a52aff5e038d.fb
c:\windows\system32\Cache\c1fa887b03019701.fb
c:\windows\system32\Cache\c4d28dca2e7648be.fb
c:\windows\system32\Cache\d201ef9910cd39de.fb
c:\windows\system32\Cache\d2e94710a5708128.fb
c:\windows\system32\Cache\d79b9dfe81484ec4.fb
c:\windows\system32\Cache\e0de16f883bea794.fb
c:\windows\system32\Cache\f998975c9cc711ee.fb
.
.
((((((((((((((((((((((((( Files Creati Da 2012-06-23 al 2012-07-23 )))))))))))))))))))))))))))))))))))
.
.
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-12 17:15 . 2012-04-03 12:27 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-12 17:15 . 2011-05-15 18:18 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-03 11:46 . 2010-05-07 16:54 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-18 16:30 . 2011-03-22 17:58 136672 ----a-w- c:\programmi\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-11-14 . 5AE1C2695F6523AD98B948F2887D8C5E . 361600 . . [5.1.2600.5649] . . c:\windows\system32\drivers\tcpip.sys
.
[-] 2009-02-18 . 902E0A75C51196A82BED9CC0E3AC8756 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-07-09 13:50 2074208 ----a-w- c:\programmi\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\programmi\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll" [2012-07-09 2074208]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CGFLoader"="c:\programmi\Calibrize\CalibrizeLoader.exe" [2007-11-26 1961984]
"CalibrizeResume"="c:\programmi\Calibrize\CalibrizeResume.exe" [2007-11-26 413696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2009-05-21 17881600]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-04-29 141336]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-04-29 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-04-29 142872]
"Acrobat Assistant 8.0"="c:\programmi\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2007-05-10 624248]
"Adobe ARM"="c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"vProt"="c:\programmi\AVG Secure Search\vprot.exe" [2012-07-09 1107552]
"ISW"="c:\programmi\CheckPoint\ZAForceField\ForceField.exe" [2011-11-03 738944]
"ZoneAlarm"="c:\programmi\CheckPoint\ZoneAlarm\zatray.exe" [2011-11-09 73360]
"AVG_TRAY"="c:\programmi\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware"="c:\programmi\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\Bonjour\\mDNSResponder.exe"=
"c:\\Programmi\\AVG\\AVG2012\\avgmfapx.exe"=
"c:\\Programmi\\AVG\\AVG2012\\avgnsx.exe"=
"c:\\Programmi\\AVG\\AVG2012\\avgdiagex.exe"=
"c:\\Programmi\\AVG\\AVG2012\\avgemcx.exe"=
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [19/04/2012 4.50.26 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [31/01/2012 4.46.50 31952]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [22/02/2012 5.25.32 235216]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [19/03/2012 5.17.28 301248]
R2 AVGIDSAgent;AVGIDSAgent;c:\programmi\AVG\AVG2012\avgidsagent.exe [04/07/2012 17.25.54 5160568]
R2 avgwd;AVG WatchDog;c:\programmi\AVG\AVG2012\avgwdsvc.exe [14/02/2012 4.53.38 193288]
R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\programmi\CheckPoint\ZAForceField\ISWKL.sys [03/11/2011 16.44.20 27016]
R2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\programmi\CheckPoint\ZAForceField\ISWSVC.exe [03/11/2011 16.44.28 497280]
R2 TabletServicePen;TabletServicePen;c:\windows\system32\Pen_Tablet.exe [23/08/2010 19.39.39 4408616]
R2 vToolbarUpdater11.2.0;vToolbarUpdater11.2.0;c:\programmi\File comuni\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe [09/07/2012 15.50.07 935008]
R2 WTouchService;WTouch Service;c:\programmi\WTouch\WTouchService.exe [23/08/2010 19.41.02 112936]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [23/12/2011 13.32.00 139856]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [23/12/2011 13.32.06 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [23/12/2011 13.32.08 17232]
R3 TNET1130;D-Link AirPlus G+ Wireless Adapter;c:\windows\system32\drivers\GPlus.sys [04/05/2010 22.33.44 283392]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [03/04/2012 14.27.42 250056]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [04/05/2010 22.27.52 1684736]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\programmi\Mozilla Maintenance Service\maintenanceservice.exe [02/05/2012 13.15.42 113120]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [13/04/2008 17.14.22 14336]
S3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\drivers\wacmoumonitor.sys [23/08/2010 19.39.50 15656]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
.
Contenuto della cartella 'Scheduled Tasks'
.
2012-07-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 17:15]
.
2012-07-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-854245398-1677128483-682003330-1003Core.job
- c:\documents and settings\Salvo\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe [2011-12-23 13:37]
.
2012-07-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-854245398-1677128483-682003330-1003UA.job
- c:\documents and settings\Salvo\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe [2011-12-23 13:37]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://it.ask.com/?l=dis&o=14597
uInternet Settings,ProxyOverride = *.local
IE: Append to existing PDF - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
TCP: Interfaces\{B42EBD99-94C3-491C-944E-13F6B84861B0}: NameServer = 192.168.1.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\programmi\File comuni\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll
FF - ProfilePath - c:\documents and settings\Salvo\Dati applicazioni\Mozilla\Firefox\Profiles\g4ubvb9z.default\
FF - prefs.js: browser.search.selectedEngine - Google
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
HKLM-Run-ROC_roc_dec12 - c:\programmi\AVG Secure Search\ROC_roc_dec12.exe
AddRemove-CobBackup11 - c:\programmi\Cobian Backup 11\cbUninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2012-07-23 15:36
Windows 5.1.2600 Service Pack 3 NTFS
.
scansione processi nascosti ...
.
scansione entrate autostart nascoste ...
.
Scansione files nascosti ...
.
Scansione completata con successo
Files nascosti: 0
.
**************************************************************************
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
.
- - - - - - - > 'winlogon.exe'(772)
c:\programmi\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
.
- - - - - - - > 'lsass.exe'(828)
c:\programmi\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
.
Ora fine scansione: 2012-07-23 15:38:37
ComboFix-quarantined-files.txt 2012-07-23 13:38
.
Pre-Run: 15.244.869.632 byte disponibili
Post-Run: 16.696.504.320 byte disponibili
.
- - End Of File - - C80FBE34A252DC9316B91AD3ABF2FEC7
 
Fammi capire.. hai chiamato il tecnico, ha eseguito ComboFix, e basta?

Dal log non si nota granchè.

Vuoi un consiglio da amico? Disinstalla AVG.
Disinstalla AVG:
● cessane l'esecuzione dalla Traybar (vicino all'orologio)
● clicca su Start - Pannello di Controllo - Installazione Applicazioni e disinstalla AVG

Scarica AVG Remover:
Download AVG 2011 Removal Tool
● scegli la versione compatibile con il tuo Sistema Operativo
● posiziona il file sul Desktop
● doppio click sul tool per eseguirlo
● segui le istruzioni che verranno rilasciate dal programma per rimuovere correttamente l'antivirus in questione
riavvia il sistema


E, eventualmente, se ti crea gli stessi problemi, anche ZoneAlarm Firewall (sostituiscilo con Comodo Firewall Free).

A questo punto riavvia il PC e:
Scarica Avira AntiVir Personal - Free Edition: Avira Free Antivirus 2012 - Download Best Free Antivirus Software
● posiziona il file scaricato sul sul Desktop
● installa il programma, seguendo questa semplice video guida: Avira Free Antivirus 2012 - Download Best Free Antivirus Software
● durante l'installazione, togli la spunta alla voce Esegui breve scansione del sistema dopo l’installazione
● al termine dell'installazione, esegui una Scansione Completa del sistema, procedendo così:
● doppio click sull'icona di Avira AntiVir Control Center, situata sul Desktop
● si aprirà la schermata principale del programma
● clicca su Avvia l'aggiornamento, per aggiornare le definizioni virali del programma
● una volta concluso, clicca su Analizza il sistema ora, per scansionare il sistema alla ricerca di malware
● attendi pazientemente il termine della scansione
● metti in quarantena le infezioni trovate: in tal modo se legittime, potrai ripristinarle
allega il risultato che verrà rilasciato: per farlo, clicca su Report
 
Grazie mille per la risposta!

si ho chiamato il tecnico (mio cognato) che ha fatto uno scan di combofix e basta.
che ne faccio di combofix e della cartella dei file che ha messo in quarantena? rimuovo tutto? ripristino il pc prima dello scan di combofix?

questa e la lista dei file in quarantena
2012-07-23 13:38:03 . 2012-07-23 13:38:03 614 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-CobBackup11.reg.dat
2012-07-23 13:37:34 . 2012-07-23 13:37:34 180 ----a-w- C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-ROC_roc_dec12.reg.dat
2012-07-23 13:37:30 . 2012-07-23 13:37:30 600 ----a-w- C:\Qoobox\Quarantine\Registry_backups\WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}.reg.dat
2012-07-23 13:37:30 . 2012-07-23 13:37:30 171 ----a-w- C:\Qoobox\Quarantine\Registry_backups\WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829}.reg.dat
2012-07-23 13:37:28 . 2012-07-23 13:37:28 132 ----a-w- C:\Qoobox\Quarantine\Registry_backups\Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829}.reg.dat
2012-07-23 13:34:36 . 2012-07-23 13:34:36 5,751 ----a-w- C:\Qoobox\Quarantine\Registry_backups\tcpip.reg
2012-07-23 13:28:45 . 2012-07-23 13:28:45 51 ----a-w- C:\Qoobox\Quarantine\catchme.log
2012-07-09 13:50:11 . 2012-07-09 13:50:03 11,070 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\878fd61c56732ed5.fb.vir
2012-06-12 13:15:42 . 2012-07-09 13:50:03 668 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\6d03dad1035885d3.fb.vir
2012-06-12 13:15:42 . 2012-07-09 13:50:00 663 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\c1fa887b03019701.fb.vir
2012-06-12 13:15:42 . 2012-07-09 13:50:03 661 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\32c84fe32bb74d60.fb.vir
2012-06-12 13:15:42 . 2012-07-09 13:50:00 1,071 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\f998975c9cc711ee.fb.vir
2012-06-12 13:15:42 . 2012-07-09 13:50:03 1,072 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\31a0997e9a5b5eb3.fb.vir
2012-06-12 13:15:42 . 2012-06-12 13:15:37 11,070 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\a4e617c4d95279a5.fb.vir
2012-03-12 14:44:33 . 2012-03-12 14:44:01 7,902 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\2815926704371fbe.fb.vir
2012-01-18 14:21:52 . 2012-07-09 13:50:03 669 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\a8556537add6dfc5.fb.vir
2012-01-18 14:21:51 . 2012-01-18 14:21:34 7,902 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\a6597faff001a878.fb.vir
2011-11-09 12:41:30 . 2012-07-09 13:50:02 630 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\272512937d9e61a4.fb.vir
2011-11-09 12:41:30 . 2012-07-09 13:50:04 639 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\590ba23ce359fd0c.fb.vir
2011-11-09 12:41:30 . 2012-07-09 13:50:00 627 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\651c5d3cdbfb8bd1.fb.vir
2011-11-09 12:41:30 . 2012-07-09 13:50:00 398 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\6c59ac5e7e7a3ad0.fb.vir
2011-11-09 12:41:30 . 2012-07-09 13:50:03 1,045 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\d201ef9910cd39de.fb.vir
2011-11-09 12:41:30 . 2012-07-09 13:50:00 586 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\c4d28dca2e7648be.fb.vir
2011-11-09 12:41:30 . 2012-03-12 14:43:54 1,062 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\e0de16f883bea794.fb.vir
2011-11-09 12:41:30 . 2012-07-09 13:50:00 622 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\287204568329e189.fb.vir
2011-11-09 12:41:30 . 2012-07-09 13:50:00 365 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\610289e025a3ee9a.fb.vir
2011-11-09 12:41:30 . 2012-07-09 13:50:03 366 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\ad10a52aff5e038d.fb.vir
2011-11-09 12:41:30 . 2012-07-09 13:50:00 627 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\d79b9dfe81484ec4.fb.vir
2011-11-09 12:41:30 . 2012-07-09 13:50:01 567 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\d2e94710a5708128.fb.vir
2011-11-09 12:41:30 . 2012-07-09 13:50:00 1,291 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\28bc8f716fd76a47.fb.vir
2011-11-09 12:41:30 . 2012-07-09 13:50:03 633 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\2c53092c95605355.fb.vir
2011-11-09 12:41:30 . 2012-07-09 13:50:00 1,022 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\3917078cb68ec657.fb.vir
2011-11-09 12:41:30 . 2011-11-09 12:41:21 7,790 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\4042cd19dc254b9b.fb.vir
2010-05-07 18:04:18 . 1998-01-23 10:20:54 305,152 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\IsUn0410.exe.vir

grazie mille
 
Pubblicità
Pubblicità
Indietro
Top