FlashGot cu probleme?
Last Updated: May 11 2006 21:37, Started by
progy
, May 11 2006 14:47
·
0
#1
Posted 11 May 2006 - 14:47
Am dat o scanare cu RootkitRevealer si am obtinut log-ul de mai jos.
C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\axkb81ky.default\FlashGot.exe 11.05.2006 12:43 96.00 KB Hidden from Windows API. C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\axkb81ky.default\parent.lock 11.05.2006 12:42 0 bytes Hidden from Windows API. C:\Documents and Settings\User1\Local Settings\Temp\CTT2089.tmp 11.05.2006 12:53 0 bytes Hidden from Windows API. C:\Documents and Settings\User1\Local Settings\Temp\CTT2122.tmp 11.05.2006 12:53 0 bytes Visible in directory index, but not Windows API or MFT. C:\Documents and Settings\User1\Local Settings\Temp\CTTEE5C.tmp 11.05.2006 12:38 0 bytes Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\User1\Local Settings\Temp\CTTF273.tmp 11.05.2006 12:39 0 bytes Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\User1\Local Settings\Temp\flashgot.axkb81ky.default 11.05.2006 12:43 0 bytes Hidden from Windows API. C:\Documents and Settings\User1\Local Settings\Temp\flashgot.axkb81ky.default\FlashGot.exe.test 11.05.2006 12:43 1.03 KB Hidden from Windows API. C:\Documents and Settings\User1\Local Settings\Temp\~DF246E.tmp 11.05.2006 10:40 16.00 KB Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\User1\Local Settings\Temp\~DF2489.tmp 11.05.2006 10:40 512 bytes Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\User1\Local Settings\Temp\~DF2537.tmp 11.05.2006 10:40 16.00 KB Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\User1\Local Settings\Temp\~DF254E.tmp 11.05.2006 10:40 512 bytes Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\User1\Local Settings\Temp\~DF7A24.tmp 11.05.2006 10:40 16.00 KB Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\User1\Local Settings\Temp\~DF7A3F.tmp 11.05.2006 10:40 512 bytes Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\User1\Local Settings\Temp\~PST5515.tmp 11.05.2006 12:53 34.27 MB Hidden from Windows API. C:\Documents and Settings\User1\Local Settings\Temporary Internet Files\Content.IE5\2O6G5DJ2\CA2Z6D0J 11.05.2006 12:50 0 bytes Hidden from Windows API. C:\Documents and Settings\User1\Local Settings\Temporary Internet Files\Content.IE5\2O6G5DJ2\CAAZEDCL 11.05.2006 12:50 0 bytes Hidden from Windows API. C:\Documents and Settings\User1\Local Settings\Temporary Internet Files\Content.IE5\2O6G5DJ2\CACLUBKH 11.05.2006 12:48 0 bytes Hidden from Windows API. C:\Documents and Settings\User1\Local Settings\Temporary Internet Files\Content.IE5\2O6G5DJ2\CAG9GZS5 11.05.2006 12:49 0 bytes Hidden from Windows API. C:\Documents and Settings\User1\Local Settings\Temporary Internet Files\Content.IE5\2O6G5DJ2\CAKTUR8H 11.05.2006 12:50 0 bytes Hidden from Windows API. C:\Documents and Settings\User1\Local Settings\Temporary Internet Files\Content.IE5\2O6G5DJ2\CAO16BCP 11.05.2006 12:50 0 bytes Hidden from Windows API. C:\Documents and Settings\User1\Local Settings\Temporary Internet Files\Content.IE5\2O6G5DJ2\CAQB89MR 11.05.2006 12:49 0 bytes Hidden from Windows API. C:\Documents and Settings\User1\Local Settings\Temporary Internet Files\Content.IE5\2O6G5DJ2\CASP76AV 11.05.2006 12:49 0 bytes Hidden from Windows API. C:\Documents and Settings\User1\Local Settings\Temporary Internet Files\Content.IE5\2O6G5DJ2\CAU741EB 11.05.2006 12:50 0 bytes Hidden from Windows API. C:\Documents and Settings\User1\Local Settings\Temporary Internet Files\Content.IE5\2O6G5DJ2\CAWDS5MV 11.05.2006 12:50 0 bytes Hidden from Windows API. C:\Documents and Settings\User1\Local Settings\Temporary Internet Files\Content.IE5\2O6G5DJ2\CAYZSVK7 11.05.2006 12:50 0 bytes Hidden from Windows API. C:\Documents and Settings\User1\Local Settings\Temporary Internet Files\Content.IE5\2O6G5DJ2\wbk1273.tmp 11.05.2006 12:49 447 bytes Hidden from Windows API. C:\Documents and Settings\User1\Local Settings\Temporary Internet Files\Content.IE5\2O6G5DJ2\wbk1375.tmp 11.05.2006 12:49 2.30 KB Hidden from Windows API. C:\Documents and Settings\User1\Local Settings\Temporary Internet Files\Content.IE5\2O6G5DJ2\wbk13AE.tmp 11.05.2006 12:49 447 bytes Hidden from Windows API. C:\Documents and Settings\User1\Local Settings\Temporary Internet Files\Content.IE5\2O6G5DJ2\wbk13DC.tmp 11.05.2006 12:50 1.52 KB Hidden from Windows API. C:\Documents and Settings\User1\Local Settings\Temporary Internet Files\Content.IE5\2O6G5DJ2\wbk1401.tmp 11.05.2006 12:50 318 bytes Hidden from Windows API. C:\Documents and Settings\User1\Local Settings\Temporary Internet Files\Content.IE5\2O6G5DJ2\wbk1456.tmp 11.05.2006 12:50 288 bytes Hidden from Windows API. C:\Documents and Settings\User1\Local Settings\Temporary Internet Files\Content.IE5\2O6G5DJ2\wbk146A.tmp 11.05.2006 12:50 678 bytes Hidden from Windows API. C:\Documents and Settings\User1\Local Settings\Temporary Internet Files\Content.IE5\2O6G5DJ2\wbk146D.tmp 11.05.2006 12:50 956 bytes Hidden from Windows API. C:\Documents and Settings\User1\Local Settings\Temporary Internet Files\Content.IE5\2O6G5DJ2\wbk146F.tmp 11.05.2006 12:50 748 bytes Hidden from Windows API. C:\Documents and Settings\User1\Local Settings\Temporary Internet Files\Content.IE5\2O6G5DJ2\wbk1471.tmp 11.05.2006 12:50 916 bytes Hidden from Windows API. C:\Documents and Settings\User1\Local Settings\Temporary Internet Files\Content.IE5\2O6G5DJ2\wbkF93.tmp 11.05.2006 12:48 0 bytes Hidden from Windows API. Executabilul suspect e FlashGot-ul instalat ca si extensie in Firefox. E vreo problema cu extensia asta sau e alarma falsa? Tmp-urile acelea e normal sa fie ascunse? |
#2
Posted 11 May 2006 - 21:28
Tot ce pot spune este ca ceva asemanator am gasit si eu in opera 9 si era un adware,mai incearca si cu alte tipuri de antivirus inainte de face ceva,problema poate fi ca a venit odata cu instalarea respectivului program
(?.exe) sau ceva ce se misca si se ascunde foarte bine unde este cald si bine in executabile , unde poate fi detectat mai greu,sa nu mai zic de executabilele cu dubla extensie,care sunt recunoscute ca suport pentru trojani,incearca si /sau trojan hunter pe deasupra si vezi ce si cum... |
#3
Posted 11 May 2006 - 21:37
Nu ai nimic suspect in log. Ca regula nu deschide alte programe cand scanezi cu RKR.
http://www.sysintern...p?TID=3254&PN=1 Quote # Don't use your computer while RKR is scanning. Start RKR, wait about 10 seconds, click Scan, then leave computer untouched until it completes. An idle machine will minimise the possibility of false positive reports caused by changes to the system during the scan. Background processes may still make intermittent changes, but resulting discrepancies tend to be obvious from their registry or filesystem branch; on a re-scan many may not recur. |
Anunturi
Bun venit pe Forumul Softpedia!
▶ 0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users