Scribd Logo
Carica

Benvenuto in Scribd!

  • Webroot Software Session Log - 119432 - 6.0

    Caricato da

    api-19713486
    11 visualizzazioni2 pagine
    Webroot software 6.0.2. Started 10:36 AM: Start of Session, Monday, January 19, 2009 10:33 AM: Quarantining All Traces: yieldmanager cookie 10:32 AM: Custom Sweep has completed. Elapsed time 00:03:02 10:00 AM: HKUS-1-5-21-1547161642-1960408961-7253455431003softwaremicrosoftsecurity center updatesdisablenotify (ID = 4889475) 10:32

    Descrizione originale:

    Titolo originale

    Webroot Software Session Log_119432_6.0

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Formati disponibili

    TXT, PDF, TXT o leggi online da Scribd

    Hai trovato utile questo documento?

    Questo contenuto è inappropriato?

    Segnala questo documento
    Webroot software 6.0.2. Started 10:36 AM: Start of Session, Monday, January 19, 2009 10:33 AM: Quarantining All Traces: yieldmanager cookie 10:32 AM: Custom Sweep has completed. Elapsed time 00:03:02 10:00 AM: HKUS-1-5-21-1547161642-1960408961-7253455431003softwaremicrosoftsecurity center updatesdisablenotify (ID = 4889475) 10:32

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Scarica in formato TXT, PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    11 visualizzazioni2 pagine

    Webroot Software Session Log - 119432 - 6.0

    Caricato da

    api-19713486
    Webroot software 6.0.2. Started 10:36 AM: Start of Session, Monday, January 19, 2009 10:33 AM: Quarantining All Traces: yieldmanager cookie 10:32 AM: Custom Sweep has completed. Elapsed time 00:03:02 10:00 AM: HKUS-1-5-21-1547161642-1960408961-7253455431003softwaremicrosoftsecurity center updatesdisablenotify (ID = 4889475) 10:32

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Scarica in formato TXT, PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    di 2

    10:39 AM:None

    10:39 AM:Traces Found: 0


    10:39 AM:Custom Sweep has completed. Elapsed time 00:03:02
    10:39 AM:File Sweep Complete, Elapsed Time: 00:02:00
    10:37 AM:Starting File Sweep
    10:37 AM:Cookie Sweep Complete, Elapsed Time: 00:00:00
    10:37 AM:Starting Cookie Sweep
    10:37 AM:Registry Sweep Complete, Elapsed Time:00:00:05
    10:37 AM:Starting Registry Sweep
    10:37 AM:Memory Sweep Complete, Elapsed Time: 00:00:46
    10:36 AM:Starting Memory Sweep
    10:36 AM:Start Custom Sweep
    10:36 AM:Sweep initiated using definitions version 1500
    10:36 AM:License Check Status (0): Success
    E-mail Attachment: Off
    BHO Shield: Off
    IE Security Shield: Off
    Alternate Data Stream (ADS) Execution Shield: Off
    Startup Shield: Off
    Common Ad Sites: Off
    Hosts File Shield: Off
    Internet Communication Shield: Off
    ActiveX Shield: Off
    Windows Messenger Service Shield: Off
    IE Favorites Shield: Off
    File System Shield: Off
    Execution Shield: Off
    System Services Shield: Off
    IE Hijack Shield: Off
    Tracking Cookies Shield: Off
    10:36 AM: Shield States
    10:36 AM: Spyware Definitions: 1500
    10:36 AM: Webroot Software 6.0.2.24 started
    10:36 AM: | Start of Session, Monday, January 19, 2009 |
    ***************
    10:33 AM: Removal process completed. Elapsed time 00:00:04
    10:33 AM: Preparing to restart your computer. Please wait...
    10:33 AM: Quarantining All Traces: yieldmanager cookie
    10:33 AM: Quarantining All Traces: trojan-dropper-jevafus
    10:33 AM: Removal process initiated
    10:32 AM: Traces Found: 19
    10:32 AM: Custom Sweep has completed. Elapsed time 00:03:21
    10:32 AM: HKU\S-1-5-21-1547161642-1960408961-725345543-
    1003\software\microsoft\security center\ || antivirusdisablenotify (ID = 4889475)
    10:32 AM: HKU\S-1-5-21-1547161642-1960408961-725345543-
    1003\software\microsoft\security center\ || updatesdisablenotify (ID = 4889474)
    10:32 AM: HKU\S-1-5-21-1547161642-1960408961-725345543-
    1003\software\microsoft\windows\currentversion\policies\system\ ||
    disableregistrytools (ID = 4889317)
    10:32 AM: HKLM\software\microsoft\windows\currentversion\policies\system\ ||
    disableregistrytools (ID = 4939857)
    10:32 AM: HKLM\software\policies\microsoft\windows\windowsupdate\au\ || auoptions
    (ID = 4889473)
    10:32 AM: HKLM\software\policies\microsoft\windows\windowsupdate\a\ ||
    noautoupdate (ID = 4889472)
    10:32 AM: HKLM\software\microsoft\windows nt\currentversion\winlogon\ || shell (ID
    = 4889316)
    10:32 AM: File Sweep Complete, Elapsed Time: 00:02:17
    10:31 AM: C:\Program Files\Common Files\System\NVidia_Software_PreLoad.exe (ID =
    2639469)
    10:31 AM: C:\Documents and Settings\All Users\Start
    Menu\Programs\Startup\Logiteck Software PreLoad.exe (ID = 2639468)
    10:31 AM: C:\Documents and Settings\Admin\Start Menu\Programs\Startup\Assus
    XDesktop PreLoad.exe (ID = 2639467)
    10:30 AM: C:\Program Files\Common Files\System\kbdiis.dll (ID = 4882751)
    10:30 AM: Starting File Sweep
    10:30 AM: Cookie Sweep Complete, Elapsed Time: 00:00:00
    10:30 AM: c:\documents and settings\admin\cookies\admin@ad.yieldmanager[2].txt
    (ID = 3751)
    10:30 AM: Found Spy Cookie: yieldmanager cookie
    10:30 AM: Starting Cookie Sweep
    10:30 AM: Registry Sweep Complete, Elapsed Time:00:00:05
    10:30 AM: HKLM\software\microsoft\windows\currentversion\explorer\browser helper
    objects\{88410030-0911-00e7-8467-99ca3230262a}\ (ID = 4889315)
    10:30 AM: HKLM\software\clsid\{88410030-0911-00e7-8467-99ca3230262a}\ (ID =
    4889314)
    10:30 AM: HKLM\software\classes\clsid\{88410030-0911-00e7-8467-99ca3230262a}\
    (ID = 4889313)
    10:30 AM: HKLM\software\classes\clsid\ || {88410030-0911-00e7-8467-99ca3230262a}
    (ID = 4882684)
    10:30 AM: Starting Registry Sweep
    10:30 AM: Memory Sweep Complete, Elapsed Time: 00:00:53
    10:29 AM: Detected running threat: C:\Program Files\Common
    Files\System\kbdiis.dll (ID = 4882751)
    10:29 AM: Starting Memory Sweep
    10:29 AM: C:\Program Files\Common Files\System\kbdiis.dll (ID = 4882751)
    10:29 AM: HKLM\software\clsid\{88410030-0911-00e7-8467-
    99ca3230262a}\inprocserver32\ (ID = 4882751)
    10:29 AM: Found Trojan Horse: trojan-dropper-jevafus
    10:29 AM: Start Custom Sweep
    10:29 AM: Sweep initiated using definitions version 1500
    10:29 AM: | Start of Session, Monday, January 19, 2009 |
    ***************

    Potrebbero piacerti anche