Microsoft Windows Vista Community Forums - Vistaheads
Recommended Download



Welcome to the Microsoft Windows Vista Community Forums - Vistaheads, YOUR Largest Resource for Windows Vista related information.

You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so , join our community today!

If you have any problems with the registration process or your account login, please contact us.

Driver Scanner

Log of Internet Explorer activity on my PC

microsoft.public.internetexplorer.general






Speedup My PC
Reply
  #1 (permalink)  
Old 03-11-2010
Serafino Marinelli
 

Posts: n/a
Log of Internet Explorer activity on my PC
Please,
anyone can help me to understand who is writing a log that outline all web
accessed? I am with IE8 on Vista SP2. I am suspicious because if there are
the web's names it can possible also outline user and password used to
access other web (i.e. bank web).
The named log is available
C:\Users\Admin\Appdata\Local\Temp\Low\dsSam_iexplo re.exe.log (I attach an
example with access to www.google.it).
I don't know if it is created by IE8 or I am some malware installed.
Thanks in advance
Serafino

Reply With Quote
Sponsored Links
  #2 (permalink)  
Old 03-15-2010
Robert Aldwinckle
 

Posts: n/a
Re: Log of Internet Explorer activity on my PC


"Serafino Marinelli" <serafino.marinelli@libero.it> wrote in message
news:4E019A55-216F-4742-B802-75A2B4E9DC41@microsoft.com...
> Please,
> anyone can help me to understand who is writing a log that outline all web
> accessed? I am with IE8 on Vista SP2. I am suspicious because if there are
> the web's names it can possible also outline user and password used to
> access other web (i.e. bank web).
> The named log is available
> C:\Users\Admin\Appdata\Local\Temp\Low\dsSam_iexplo re.exe.log (I attach an
> example with access to www.google.it).
> I don't know if it is created by IE8 or I am some malware installed.
> Thanks in advance
> Serafino



It looks as if you have enabled some kind of diagnostic for something called
NSP? Apparently it is checking for a proxy called gapsvc.exe Does that
name mean anything to you?


HTH

Robert Aldwinckle
---

Reply With Quote
  #3 (permalink)  
Old 03-15-2010
Robert Aldwinckle
 

Posts: n/a
Re: Log of Internet Explorer activity on my PC


"Serafino Marinelli" <serafino.marinelli@libero.it> wrote in message
news:4E019A55-216F-4742-B802-75A2B4E9DC41@microsoft.com...
> Please,
> anyone can help me to understand who is writing a log that outline all web
> accessed? I am with IE8 on Vista SP2. I am suspicious because if there are
> the web's names it can possible also outline user and password used to
> access other web (i.e. bank web).
> The named log is available
> C:\Users\Admin\Appdata\Local\Temp\Low\dsSam_iexplo re.exe.log (I attach an
> example with access to www.google.it).
> I don't know if it is created by IE8 or I am some malware installed.
> Thanks in advance
> Serafino



It looks as if you have enabled some kind of diagnostic for something called
NSP? Apparently it is checking for a proxy called gapsvc.exe Does that
name mean anything to you?


HTH

Robert Aldwinckle
---

Reply With Quote
  #4 (permalink)  
Old 03-15-2010
Robert Aldwinckle
 

Posts: n/a
Re: Log of Internet Explorer activity on my PC


"Serafino Marinelli" <serafino.marinelli@libero.it> wrote in message
news:4E019A55-216F-4742-B802-75A2B4E9DC41@microsoft.com...
> Please,
> anyone can help me to understand who is writing a log that outline all web
> accessed? I am with IE8 on Vista SP2. I am suspicious because if there are
> the web's names it can possible also outline user and password used to
> access other web (i.e. bank web).
> The named log is available
> C:\Users\Admin\Appdata\Local\Temp\Low\dsSam_iexplo re.exe.log (I attach an
> example with access to www.google.it).
> I don't know if it is created by IE8 or I am some malware installed.
> Thanks in advance
> Serafino



It looks as if you have enabled some kind of diagnostic for something called
NSP? Apparently it is checking for a proxy called gapsvc.exe Does that
name mean anything to you?


HTH

Robert Aldwinckle
---

Reply With Quote
  #5 (permalink)  
Old 03-15-2010
Robert Aldwinckle
 

Posts: n/a
Re: Log of Internet Explorer activity on my PC


"Serafino Marinelli" <serafino.marinelli@libero.it> wrote in message
news:4E019A55-216F-4742-B802-75A2B4E9DC41@microsoft.com...
> Please,
> anyone can help me to understand who is writing a log that outline all web
> accessed? I am with IE8 on Vista SP2. I am suspicious because if there are
> the web's names it can possible also outline user and password used to
> access other web (i.e. bank web).
> The named log is available
> C:\Users\Admin\Appdata\Local\Temp\Low\dsSam_iexplo re.exe.log (I attach an
> example with access to www.google.it).
> I don't know if it is created by IE8 or I am some malware installed.
> Thanks in advance
> Serafino



It looks as if you have enabled some kind of diagnostic for something called
NSP? Apparently it is checking for a proxy called gapsvc.exe Does that
name mean anything to you?


HTH

Robert Aldwinckle
---

Reply With Quote
  #6 (permalink)  
Old 03-22-2010
Serafino Marinelli
 

Posts: n/a
Log of Internet Explorer activity on my PC
Hi Robert and all people,
sorry for delay to replay, but I was out of home for over a week ...
Thankyou for interest in this problem.

I don't know which are the meaning of NSP and gapsvc.exe. Apparently no-one
file or other refer to gapsvc.exe in all my system ... I did a search over
all C: for gapsvc.exe ... the only references are those present in the named
log and in your mail message.

But I must add some information that previoulsy I didn't wrote.

In December 23rd, I was very stupid and, starting with a mail message
received that I missunderstood, I had installed on my system a malware named
"plugin.exe"; I found many information on internet data but, unfortunately,
only after my problem.

The best of these informations was located at
"http://www.threatexpert.com/report.aspx?md5=bc7ee8226a8db0e67e27e61c3838eee5";
this identify all (?) activity done on system, I located all modules in the
system files and many (not all of those pointed) of the registry
modifications. I have deleted all modules and all registry identified. No
information found about the named file "dsSam_iexplore.exe.log" neither in
the entry nor in other.

I'm enough sure that the log was born with "plugin.exe".

Now the problem is:
- can be possible that there are some other modules linked to "plugin.exe"
in the system that create and populate the log, or
- the malware did some modifications on internet explorer default enabling
some kind of diagnostic, and if yes which?
I'm unable to replay to this question.
Can this help you ... to help me?
Thanks
Serafino

"Robert Aldwinckle" <robald@techemail.com> ha scritto nel messaggio
news:uSsILeAxKHA.3408@TK2MSFTNGP06.phx.gbl...
>
>
> "Serafino Marinelli" <serafino.marinelli@libero.it> wrote in message
> news:4E019A55-216F-4742-B802-75A2B4E9DC41@microsoft.com...
>> Please,
>> anyone can help me to understand who is writing a log that outline all
>> web
>> accessed? I am with IE8 on Vista SP2. I am suspicious because if there
>> are
>> the web's names it can possible also outline user and password used to
>> access other web (i.e. bank web).
>> The named log is available
>> C:\Users\Admin\Appdata\Local\Temp\Low\dsSam_iexplo re.exe.log (I attach an
>> example with access to www.google.it).
>> I don't know if it is created by IE8 or I am some malware installed.
>> Thanks in advance
>> Serafino

>
>
> It looks as if you have enabled some kind of diagnostic for something
> called NSP? Apparently it is checking for a proxy called gapsvc.exe
> Does that name mean anything to you?
>
>
> HTH
>
> Robert Aldwinckle
> ---


Reply With Quote
  #7 (permalink)  
Old 03-22-2010
PA Bear [MS MVP]
 

Posts: n/a
Re: Log of Internet Explorer activity on my PC
There is a very good chance that you are still seeing the effects of a
hijackware infection!

NB: If you had no anti-virus application installed or the subscription had
expired *when the machine first got infected* and/or your subscription has
since expired and/or the machine's not been kept fully-patched at Windows
Update, don't waste your time with any of the below: Format & reinstall
Windows. A Repair Install will NOT help!

Microsoft PCSafety provides home users (only) with no-charge support in
dealing with malware infections such as viruses, spyware (including unwanted
software), and adware.
https://support.microsoft.com/oas/de...prid=7552&st=1

Also available via the Consumer Security Support home page:
https://consumersecuritysupport.microsoft.com/

Otherwise...

1. See if you can download/run the MSRT manually:
http://www.microsoft.com/security/ma...e/default.mspx

NB: Run the FULL scan, not the QUICK scan! You may need to download the
MSRT on a non-infected machine, then transfer MRT.EXE to the infected
machine and rename it to SCAN.EXE before running it.

2a. WinXP => Run the Windows Live Safety Center's 'Protection' scan (only!)
in Safe Mode with Networking, if need be:
http://onecare.live.com/site/en-us/center/howsafe.htm

2b. Vista or Win7=> Run this scan instead:
http://onecare.live.com/site/en-us/center/whatsnew.htm

3. Now run a thorough check for hijackware, including posting requested logs
in an appropriate forum, not here. DO NOT SKIP THIS STEP!!

Checking for/Help with Hijackware:
.. http://mvps.org/winhelp2002/unwanted.htm
.. http://inetexplorer.mvps.org/tshoot.html
.. http://www.mvps.org/sramesh2k/Malware_Defence.htm
.. http://www.elephantboycomputers.com/...moving_Malware

**Chances are you will need to seek expert assistance in
http://spywarehammer.com/simplemachi...php?board=10.0,
http://www.spywarewarrior.com/viewforum.php?f=5,
http://www.dslreports.com/forum/cleanup,
http://www.bluetack.co.uk/forums/index.php,
http://aumha.net/viewforum.php?f=30 or other appropriate forums.**

If these procedures look too complex - and there is no shame in admitting
this isn't your cup of tea - take the machine to a local, reputable and
independent (i.e., not BigBoxStoreUSA or Geek Squad) computer repair shop.
--
~Robear Dyer (PA Bear)
MS MVP-IE, Mail, Security, Windows Client - since 2002


Serafino Marinelli wrote:
> Hi Robert and all people,
> sorry for delay to replay, but I was out of home for over a week ...
> Thankyou for interest in this problem.
>
> I don't know which are the meaning of NSP and gapsvc.exe. Apparently
> no-one
> file or other refer to gapsvc.exe in all my system ... I did a search over
> all C: for gapsvc.exe ... the only references are those present in the
> named
> log and in your mail message.
>
> But I must add some information that previoulsy I didn't wrote.
>
> In December 23rd, I was very stupid and, starting with a mail message
> received that I missunderstood, I had installed on my system a malware
> named
> "plugin.exe"; I found many information on internet data but,
> unfortunately,
> only after my problem.
>
> The best of these informations was located at
> "http://www.threatexpert.com/report.aspx?md5=bc7ee8226a8db0e67e27e61c3838eee5";
> this identify all (?) activity done on system, I located all modules in
> the
> system files and many (not all of those pointed) of the registry
> modifications. I have deleted all modules and all registry identified. No
> information found about the named file "dsSam_iexplore.exe.log" neither in
> the entry nor in other.
>
> I'm enough sure that the log was born with "plugin.exe".
>
> Now the problem is:
> - can be possible that there are some other modules linked to "plugin.exe"
> in the system that create and populate the log, or
> - the malware did some modifications on internet explorer default enabling
> some kind of diagnostic, and if yes which?
> I'm unable to replay to this question.
> Can this help you ... to help me?
> Thanks
> Serafino
>
> "Robert Aldwinckle" <robald@techemail.com> ha scritto nel messaggio
> news:uSsILeAxKHA.3408@TK2MSFTNGP06.phx.gbl...
>>
>>
>> "Serafino Marinelli" <serafino.marinelli@libero.it> wrote in message
>> news:4E019A55-216F-4742-B802-75A2B4E9DC41@microsoft.com...
>>> Please,
>>> anyone can help me to understand who is writing a log that outline all
>>> web
>>> accessed? I am with IE8 on Vista SP2. I am suspicious because if there
>>> are
>>> the web's names it can possible also outline user and password used to
>>> access other web (i.e. bank web).
>>> The named log is available
>>> C:\Users\Admin\Appdata\Local\Temp\Low\dsSam_iexplo re.exe.log (I attach
>>> an
>>> example with access to www.google.it).
>>> I don't know if it is created by IE8 or I am some malware installed.
>>> Thanks in advance
>>> Serafino

>>
>>
>> It looks as if you have enabled some kind of diagnostic for something
>> called NSP? Apparently it is checking for a proxy called gapsvc.exe
>> Does that name mean anything to you?
>>
>>
>> HTH
>>
>> Robert Aldwinckle
>> ---


Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Internet Activity Logs JessiM microsoft.public.internetexplorer.general 1 04-13-2009 17:25
Article ID: 911860 Internet Explorer no longer works correctly when you use a very long name in the Internet Explorer Favorites folder on a Windows Vista-based computer KBArticles English 0 10-22-2007 20:00
disabling explorer activity on folder selection Wally microsoft.public.windows.vista.file management 0 05-16-2007 12:51
[KB] Internet Explorer no longer works correctly when you use a very long name in the Internet Explorer Favorites folder on a Windows Vista-based computer Alezito [MS MVP] microsoft.public.es.windowsvista 1 05-15-2007 17:48
We're Number One! ... For Malicious Internet Activity Steve Security News 0 03-19-2007 19:24




All times are GMT +1. The time now is 22:18.




Driver Scanner - Free Scan Now

Vistaheads.com is part of the Heads Network. See also XPHeads.com , Win7Heads.com and Win8Heads.com.


Design by Vjacheslav Trushkin for phpBBStyles.com.
Powered by vBulletin® Version 3.6.7
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Search Engine Optimization by vBSEO 3.6.0 RC 2

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120