Punto informatico Network
Login Esegui login | Non sei registrato? Iscriviti ora (è gratuito!)
Username: Password:
  • Annuncio Pubblicitario

Credo di avere Bagle nel mio PC

Un virus si è intromesso nel tuo computer? Vuoi navigare in tutta sicurezza? Sono sicure le transazione online? Come impedire a malintenzionati di intromettersi nel tuo pc? Come proteggere i tuoi dati? Qui trovi le risposte a queste ed altre domande

Credo di avere Bagle nel mio PC

Messaggioda Stefyria » ven set 07, 2007 11:09 pm

Ciao a tutti, sono nuova...chiedo il vostro aiuto perché credo di aver beccato Bagle.
Ieri ho scaricato un piccolo programma, ho cercato di installarlo ma senza riuscirvi. Oggi accendo il pc e non ho più il firewall, l'antivirus e l'antispyware. Dopo una ricerca su Internet mi rendo conto di cosa ho installato, l'icona del presunto software rappresentava un mazzo di chiavi...! Seguendo l'articolo ho usato Avenger ma non credo di aver sortito risultati. Poi ho cercato di installare un antivirus, ne ho provati ben 3, ma non c'è nulla da fare, non ne funziona nessuno, il virus non mi consente di effettuare gli aggiornamenti. Ecco i log di Hijackthis e di Gmer, vi chiedo di aiutarmi per cortesia a capire se la questione è risolvibile


Logfile of HijackThis v1.99.1
Scan saved at 23.51.03, on 07/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\Programmi\File comuni\Acronis\Schedule2\schedul2.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
C:\Programmi\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\Programmi\Eset\nod32kui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\system32\libusbd-nt.exe
C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
C:\Programmi\File comuni\LightScribe\LSSrvc.exe
C:\Programmi\Eset\nod32krn.exe
C:\WINDOWS\system32\PSIService.exe
C:\PROGRA~1\NORTON~2\NORTON~1\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Documents and Settings\HP_Proprietario\Desktop\Avenger\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.it
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Buyertools - {7C7A8947-5935-4430-AC0E-E7D04697414E} - C:\PROGRA~1\BUYERT~1\IEBUTT~2.DLL
O2 - BHO: eBay - {CD9B7762-DFBC-42B1-BB30-02A78287B456} - C:\PROGRA~1\BUYERT~1\IEBUTT~1.DLL
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [nod32kui] C:\Programmi\Eset\nod32kui.exe /WAITSERVICE
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Programmi\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: amazon Search - C:\Programmi\Buyertools Reminder\Searchamazon.htm
O8 - Extra context menu item: amazon Start Search - C:\Programmi\Buyertools Reminder\Searchamazon.htm
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: eBay - Advanced Search - C:\Programmi\Buyertools Reminder\SearchEbaypower.htm
O8 - Extra context menu item: eBay - Homepage - C:\Programmi\Buyertools Reminder\SearchEbay.htm
O8 - Extra context menu item: eBay - My eBay - C:\Programmi\Buyertools Reminder\SearchEbaymein.htm
O8 - Extra context menu item: eBay Start Search - C:\Programmi\Buyertools Reminder\SearchEbay.htm
O8 - Extra context menu item: Google Search - C:\Programmi\Buyertools Reminder\SearchGoogle.htm
O8 - Extra context menu item: Google Start Search - C:\Programmi\Buyertools Reminder\SearchGoogle.htm
O8 - Extra context menu item: Invia a &Bluetooth - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: iOpus iMacros - {0483894E-2422-45E0-8384-021AFF1AF3CD} - C:\WINDOWS\system32\SHDOCVW.DLL
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Buyertools Reminder - {27914077-B4D6-4A0E-9763-76B6E9DD9A81} - C:\Programmi\Buyertools Reminder\ReminderIE.exe
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie.htm
O9 - Extra button: Guida alla connessione - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\con=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Guida alla connessione - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\con=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {2EF3FB47-7B1E-4536-BA4D-51427BD45DFA} (PIXACO Drag and Drop upload plugin) - http://it.pixaco.de/static/download/pixacodndupload.cab
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://www.gisonweb.it/provincia.milano ... axctrl.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O20 - Winlogon Notify: winbjt32 - C:\WINDOWS\
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Programmi\File comuni\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - Unknown owner - C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\guard.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Programmi\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) - http://libusb-win32.sourceforge.net - C:\WINDOWS\system32\libusbd-nt.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programmi\File comuni\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Unknown owner - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE (file missing)
O23 - Service: NOD32 Kernel Service (NOD32krn) - Unknown owner - C:\Programmi\Eset\nod32krn.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~1\SPEEDD~1\NOPDB.EXE
O23 - Service: SymWMI Service (SymWSC) - Unknown owner - c:\Programmi\File comuni\Symantec Shared\Security Center\SymWSC.exe (file missing)
O23 - Service: Utilità di pianificazione di LiveUpdate automatico - Unknown owner - C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)


----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------


GMER 1.0.13.12551 - http://www.gmer.net
Autostart scan 2007-09-07 23:32:34
Windows 5.1.2600 Service Pack 2


HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems@Windows = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon@Userinit = C:\WINDOWS\system32\userinit.exe,

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent@DLLName = Ati2evxx.dll

HKLM\SYSTEM\CurrentControlSet\Services\ >>>
AcrSch2Svc /*Acronis Scheduler2 Service*/@ = "C:\Programmi\File comuni\Acronis\Schedule2\schedul2.exe"
Apple Mobile Device /*Apple Mobile Device*/@ = "C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"
AVG Anti-Spyware Guard /*AVG Anti-Spyware Guard*/@ = C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\guard.exe /*file not found*/
btwdins /*Bluetooth Service*/@ = C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
Diskeeper /*Diskeeper*/@ = "C:\Programmi\Diskeeper Corporation\Diskeeper\DkService.exe"
EPSONStatusAgent2 /*EPSON Printer Status Agent2*/@ = C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
libusbd /*LibUsb-Win32 - Daemon, Version 0.1.10.1*/@ = system32\libusbd-nt.exe
LightScribeService /*LightScribeService Direct Disc Labeling Service*/@ = "C:\Programmi\File comuni\LightScribe\LSSrvc.exe"
NOD32krn /*NOD32 Kernel Service*/@ = C:\Programmi\Eset\nod32krn.exe
ProtexisLicensing /*ProtexisLicensing*/@ = C:\WINDOWS\system32\PSIService.exe
Speed Disk service /*Speed Disk service*/@ = C:\PROGRA~1\NORTON~2\NORTON~1\SPEEDD~1\NOPDB.EXE
Spooler /*Spooler di stampa*/@ = %SystemRoot%\system32\spoolsv.exe
SymWSC /*SymWMI Service*/@ = "c:\Programmi\File comuni\Symantec Shared\Security Center\SymWSC.exe" /*file not found*/
Utilità di pianificazione di LiveUpdate automatico /*Utilità di pianificazione di LiveUpdate automatico*/@ = "C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe"

HKLM\Software\Microsoft\Windows\CurrentVersion\Run >>>
@hpsysdrvc:\windows\system\hpsysdrv.exe = c:\windows\system\hpsysdrv.exe
@RecguardC:\WINDOWS\SMINST\RECGUARD.EXE = C:\WINDOWS\SMINST\RECGUARD.EXE
@PCDrProfiler /*file not found*/ = /*file not found*/
@ccApp"C:\Programmi\File comuni\Symantec Shared\ccApp.exe" /*file not found*/ = "C:\Programmi\File comuni\Symantec Shared\ccApp.exe" /*file not found*/
@Symantec NetDriver MonitorC:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer = C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
@!AVG Anti-Spyware"C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized = "C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
@PCSuiteTrayApplicationC:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup /*file not found*/ = C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup /*file not found*/
@QuickTime Task"C:\Programmi\QuickTime\qttask.exe" -atboottime = "C:\Programmi\QuickTime\qttask.exe" -atboottime
@iTunesHelper"C:\Programmi\iTunes\iTunesHelper.exe" = "C:\Programmi\iTunes\iTunesHelper.exe"
@nod32kuiC:\Programmi\Eset\nod32kui.exe /WAITSERVICE = C:\Programmi\Eset\nod32kui.exe /WAITSERVICE
@DiskeeperSystray"C:\Programmi\Diskeeper Corporation\Diskeeper\DkIcon.exe" = "C:\Programmi\Diskeeper Corporation\Diskeeper\DkIcon.exe"

HKCU\Software\Microsoft\Windows\CurrentVersion\Run@ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe

HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad@WPDShServiceObj = C:\WINDOWS\system32\WPDShServiceObj.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks@{57B86673-276A-48B2-BAE7-C6DBB3020EB8} = C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved >>>
@{42071714-76d4-11d1-8b24-00a0c9068ff3} /*Estensione panoramica video del Pannello di controllo*/(null) =
@{596AB062-B4D2-4215-9F74-E9109B0A8153} /*Pagina proprietà versioni precedenti*/%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll
@{9DB7A13C-F208-4981-8353-73CC61AE2783} /*Versioni precedenti*/%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll
@{30D02401-6A81-11d0-8274-00C04FD5AE38} /*IE Search Band*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{E7E4BC40-E76A-11CE-A9BB-00AA004AE837} /*Shell DocObject Viewer*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{FBF23B40-E3F0-101B-8488-00AA003E56F8} /*InternetShortcut*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{3C374A40-BAE4-11CF-BF7D-00AA006946EE} /*Microsoft Url History Service*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{FF393560-C2A7-11CF-BFF4-444553540000} /*History*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{7BD29E00-76C1-11CF-9DD0-00A0C9034933} /*Temporary Internet Files*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{7BD29E01-76C1-11CF-9DD0-00A0C9034933} /*Temporary Internet Files*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{CFBFAE00-17A6-11D0-99CB-00C04FD64497} /*Microsoft Url Search Hook*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{3DC7A020-0ACD-11CF-A9BB-00AA004AE837} /*The Internet*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{871C5380-42A0-1069-A2EA-08002B30309D} /*Internet Name Space*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} /*Autoplay for SlideShow*/(null) =
@{692F0339-CBAA-47e6-B5B5-3B84DB604E87} /*Extensions Manager Folder*/C:\WINDOWS\system32\extmgr.dll = C:\WINDOWS\system32\extmgr.dll
@{5E2121EE-0300-11D4-8D3B-444553540000} /*SimpleShlExt extension*/(null) =
@{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} /*Shell Extensions for RealOne Player*/(null) =
@{7F67036B-66F1-411A-AD85-759FB9C5B0DB} /*ShellViewRTF*/C:\WINDOWS\system32\ShellvRTF.dll = C:\WINDOWS\system32\ShellvRTF.dll
@{B41DB860-8EE4-11D2-9906-E49FADC173CA} /*WinRAR shell extension*/C:\Programmi\WinRAR\rarext.dll = C:\Programmi\WinRAR\rarext.dll
@{BDEADF00-C265-11D0-BCED-00A0C90AB50F} /*Cartelle Web*/C:\PROGRA~1\FILECO~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL = C:\PROGRA~1\FILECO~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
@{42042206-2D85-11D3-8CFF-005004838597} /*Microsoft Office HTML Icon Handler*/C:\Programmi\Microsoft Office\OFFICE11\msohev.dll = C:\Programmi\Microsoft Office\OFFICE11\msohev.dll
@{1530F7EE-5128-43BD-9977-84A4B0FAD7DF} /*PhotoToys*/C:\WINDOWS\system32\phototoys.dll = C:\WINDOWS\system32\phototoys.dll
@{FCF608CF-5716-47C3-A1A8-991D873AF72B} /*Delphi Context Menu Shell Extension Example*/C:\Programmi\Exifer\exifershellext.dll = C:\Programmi\Exifer\exifershellext.dll
@{2B3453E4-49DF-11D3-8229-0080BE509050} /*GMail Drive*/C:\WINDOWS\system32\ShellExt\GMailFS.dll = C:\WINDOWS\system32\ShellExt\GMailFS.dll
@{2B3453E4-49DF-11D3-8229-0080BE509052} /*GMailFS Property Sheet*/C:\WINDOWS\system32\ShellExt\GMailFS.dll = C:\WINDOWS\system32\ShellExt\GMailFS.dll
@{2B3453E4-49DF-11D3-8229-0080BE509054} /*GMailFS Drop Handler*/C:\WINDOWS\system32\ShellExt\GMailFS.dll = C:\WINDOWS\system32\ShellExt\GMailFS.dll
@{DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} /*UnlockerShellExtension*/C:\Programmi\Unlocker\UnlockerCOM.dll = C:\Programmi\Unlocker\UnlockerCOM.dll
@{97FA8AA2-EE77-4FF2-9449-424D8924EF21} /*IntelliType Pro Zooming Control Panel Property Page*/"C:\Programmi\Microsoft IntelliType Pro\itcplzm.dll" = "C:\Programmi\Microsoft IntelliType Pro\itcplzm.dll"
@{111D8120-25EB-4E1C-A4DF-C9EE5FCA35CB} /*IntelliType Pro Scrolling Control Panel Property Page*/"C:\Programmi\Microsoft IntelliType Pro\itcplwhl.dll" = "C:\Programmi\Microsoft IntelliType Pro\itcplwhl.dll"
@{ED6E87C6-8A83-43aa-8208-8DBC8247F4D2} /*IntelliType Pro Key Settings Control Panel Property Page*/"C:\Programmi\Microsoft IntelliType Pro\itcplkey.dll" = "C:\Programmi\Microsoft IntelliType Pro\itcplkey.dll"
@{A2569D1F-4E06-43EC-9825-0088B471BE47} /*IntelliType Pro Wireless Control Panel Property Page*/"C:\Programmi\Microsoft IntelliType Pro\itcplwir.dll" = "C:\Programmi\Microsoft IntelliType Pro\itcplwir.dll"
@{20082881-FC36-4E47-9A7A-644C95FF749F} /*IntelliPoint Wireless Control Panel Property Page*/"C:\Programmi\Microsoft IntelliPoint\ipcplwir.dll" = "C:\Programmi\Microsoft IntelliPoint\ipcplwir.dll"
@{AF90F543-6A3A-4C1B-8B16-ECEC073E69BE} /*IntelliPoint Wheel Control Panel Property Page*/"C:\Programmi\Microsoft IntelliPoint\ipcplwhl.dll" = "C:\Programmi\Microsoft IntelliPoint\ipcplwhl.dll"
@{653DCCC2-13DB-45B2-A389-427885776CFE} /*IntelliPoint Activities Control Panel Property Page*/"C:\Programmi\Microsoft IntelliPoint\ipcplact.dll" = "C:\Programmi\Microsoft IntelliPoint\ipcplact.dll"
@{124597D8-850A-41AE-849C-017A4FA99CA2} /*IntelliPoint Buttons Control Panel Property Page*/"C:\Programmi\Microsoft IntelliPoint\ipcplbtn.dll" = "C:\Programmi\Microsoft IntelliPoint\ipcplbtn.dll"
@{B7056B8E-4F99-44f8-8CBD-282390FE5428} /*VirtualCloneDrive*/C:\Programmi\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll = C:\Programmi\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll
@{46E22146-59C0-4136-9233-FB7720E777B2} /*EzCddax extension*/C:\Programmi\Easy CD-DA Extractor 10\ezcddax10.dll = C:\Programmi\Easy CD-DA Extractor 10\ezcddax10.dll
@{00020000-0000-1011-8004-0000C06B5161} /*WIBU-SYSTEMS Shell Extension*/C:\Programmi\WIBU-SYSTEMS\System\WibuShellExt.dll = C:\Programmi\WIBU-SYSTEMS\System\WibuShellExt.dll
@{35786D3C-B075-49b9-88DD-029876E11C01} /*Portable Devices*/%SystemRoot%\system32\wpdshext.dll = %SystemRoot%\system32\wpdshext.dll
@{D6791A63-E7E2-4fee-BF52-5DED8E86E9B8} /*Portable Devices Menu*/%SystemRoot%\system32\wpdshext.dll = %SystemRoot%\system32\wpdshext.dll
@{3028902F-6374-48b2-8DC6-9725E775B926} /*IE AutoComplete*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{99BCFECE-CB38-4983-BFCA-0390EDE66384} /*Exif Farm Context Menu Shell Extension*/(null) =
@{2B3453E4-49DF-11D3-8229-0080BE509056} /*GMailFS Context Menu*/C:\WINDOWS\system32\ShellExt\GMailFS.dll = C:\WINDOWS\system32\ShellExt\GMailFS.dll
@{e82a2d71-5b2f-43a0-97b8-81be15854de8} /*ShellLink for Application References*/C:\WINDOWS\system32\dfshim.dll = C:\WINDOWS\system32\dfshim.dll
@{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} /*Shell Icon Handler for Application References*/C:\WINDOWS\system32\dfshim.dll = C:\WINDOWS\system32\dfshim.dll
@{4187A059-6CEF-4DA0-80A1-15CBF47EF34C} /*Extension Changer Context Menu Handler*/C:\PROGRA~1\EXTENS~1\EXTCON~1.DLL = C:\PROGRA~1\EXTENS~1\EXTCON~1.DLL
@{416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A} /*Nokia Phone Browser*/C:\Programmi\Nokia\Nokia PC Suite 6\PhoneBrowser.dll = C:\Programmi\Nokia\Nokia PC Suite 6\PhoneBrowser.dll
@{07C45BB1-4A8C-4642-A1F5-237E7215FF66} /*IE Microsoft BrowserBand*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{1C1EDB47-CE22-4bbb-B608-77B48F83C823} /*IE Fade Task*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{205D7A97-F16D-4691-86EF-F3075DCCA57D} /*IE Menu Desk Bar*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{43886CD5-6529-41c4-A707-7B3C92C05E68} /*IE Navigation Bar*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{44C76ECD-F7FA-411c-9929-1B77BA77F524} /*IE Menu Site*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{4B78D326-D922-44f9-AF2A-07805C2A3560} /*IE Menu Band*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{6038EF75-ABFC-4e59-AB6F-12D397F6568D} /*IE Microsoft History AutoComplete List*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{6B4ECC4F-16D1-4474-94AB-5A763F2A54AE} /*IE Tracking Shell Menu*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{6CF48EF8-44CD-45d2-8832-A16EA016311B} /*IE IShellFolderBand*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{73CFD649-CD48-4fd8-A272-2070EA56526B} /*IE BandProxy*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{98FF6D4B-6387-4b0a-8FBD-C5C4BB17B4F8} /*IE MRU AutoComplete List*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{9A096BB5-9DC3-4D1C-8526-C3CBF991EA4E} /*IE RSS Feeder Folder*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{9D958C62-3954-4b44-8FAB-C4670C1DB4C2} /*IE Microsoft Shell Folder AutoComplete List*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{B31C5FAE-961F-415b-BAF0-E697A5178B94} /*IE Microsoft Multiple AutoComplete List Container*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{BC476F4C-D9D7-4100-8D4E-E043F6DEC409} /*Microsoft Browser Architecture*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{BFAD62EE-9D54-4b2a-BF3B-76F90697BD2A} /*IE Shell Rebar BandSite*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{E6EE9AAC-F76B-4947-8260-A9F136138E11} /*IE Shell Band Site Menu*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{F2CF5485-4E02-4f68-819C-B92DE9277049} /*&Links*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{F83DAC1C-9BB9-4f2b-B619-09819DA81B0E} /*IE Registry Tree Options Utility*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} /*IE User Assist*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{FDE7673D-2E19-4145-8376-BBD58C4BC7BA} /*IE Custom MRU AutoCompleted List*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@(null) =
@{6af09ec9-b429-11d4-a1fb-0090960218cb} /*My Bluetooth Places*/C:\WINDOWS\system32\btneighborhood.dll = C:\WINDOWS\system32\btneighborhood.dll
@{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} /*iTunes*/C:\Programmi\iTunes\iTunesMiniPlayer.dll = C:\Programmi\iTunes\iTunesMiniPlayer.dll
@{B089FE88-FB52-11d3-BDF1-0050DA34150D} /*NOD32 Context Menu Shell Extension*/C:\Programmi\Eset\nodshex.dll = C:\Programmi\Eset\nodshex.dll

HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ >>>
AVG Anti-Spyware@{8934FCEF-F5B8-468f-951F-78A921CD3920} = C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\context.dll
Extension Changer@{4187A059-6CEF-4DA0-80A1-15CBF47EF34C} = C:\PROGRA~1\EXTENS~1\EXTCON~1.DLL
EzCddax@{46E22146-59C0-4136-9233-FB7720E777B2} = C:\Programmi\Easy CD-DA Extractor 10\ezcddax10.dll
NOD32 Context Menu Shell Extension@{B089FE88-FB52-11d3-BDF1-0050DA34150D} = C:\Programmi\Eset\nodshex.dll
PicaView@ =
SimpleShlExt@{5E2121EE-0300-11D4-8D3B-444553540000} =
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Programmi\WinRAR\rarext.dll

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ >>>
AVG Anti-Spyware@{8934FCEF-F5B8-468f-951F-78A921CD3920} = C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\context.dll
Extension Changer@{4187A059-6CEF-4DA0-80A1-15CBF47EF34C} = C:\PROGRA~1\EXTENS~1\EXTCON~1.DLL
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Programmi\WinRAR\rarext.dll

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ >>>
ContMenu@{FCF608CF-5716-47C3-A1A8-991D873AF72B} = C:\Programmi\Exifer\exifershellext.dll
NOD32 Context Menu Shell Extension@{B089FE88-FB52-11d3-BDF1-0050DA34150D} = C:\Programmi\Eset\nodshex.dll
UnlockerShellExtension@{DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} = C:\Programmi\Unlocker\UnlockerCOM.dll
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Programmi\WinRAR\rarext.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects >>>
@{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll = C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
@{7C7A8947-5935-4430-AC0E-E7D04697414E}C:\PROGRA~1\BUYERT~1\IEBUTT~2.DLL = C:\PROGRA~1\BUYERT~1\IEBUTT~2.DLL
@{CD9B7762-DFBC-42B1-BB30-02A78287B456}C:\PROGRA~1\BUYERT~1\IEBUTT~1.DLL = C:\PROGRA~1\BUYERT~1\IEBUTT~1.DLL

HKLM\Software\Microsoft\Internet Explorer\Main >>>
@Default_Page_URLhttp://go.microsoft.com/fwlink/?LinkId=69157 = http://go.microsoft.com/fwlink/?LinkId=69157
@Start Pagehttp://www.google.it = http://www.google.it
@Local Page%SystemRoot%\system32\blank.htm = %SystemRoot%\system32\blank.htm

HKCU\Software\Microsoft\Internet Explorer\Main >>>
@Start Pagehttp://www.google.it = http://www.google.it
@Local PageC:\WINDOWS\system32\blank.htm = C:\WINDOWS\system32\blank.htm

HKLM\Software\Classes\PROTOCOLS\Filter\text/xml@CLSID = C:\Programmi\File comuni\Microsoft Shared\OFFICE11\MSOXMLMF.DLL

HKLM\Software\Classes\PROTOCOLS\Handler\ >>>
dvd@CLSID = C:\WINDOWS\system32\msvidctl.dll
its@CLSID = C:\WINDOWS\system32\itss.dll
mhtml@CLSID = %SystemRoot%\system32\inetcomm.dll
ms-its@CLSID = C:\WINDOWS\system32\itss.dll
mso-offdap11@CLSID = C:\PROGRA~1\FILECO~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
skype4com@CLSID = C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
tv@CLSID = C:\WINDOWS\system32\msvidctl.dll
wia@CLSID = C:\WINDOWS\system32\wiascr.dll

HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\ >>>
000000000001@PackedCatalogItem = imon.dll
000000000002@PackedCatalogItem = imon.dll
000000000003@PackedCatalogItem = imon.dll
000000000004@PackedCatalogItem = imon.dll
000000000005@PackedCatalogItem = imon.dll

HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000023@PackedCatalogItem = imon.dll

C:\Documents and Settings\HP_Proprietario\Menu Avvio\Programmi\Esecuzione automatica = PowerReg Scheduler.exe

C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica = BTTray.lnk

---- EOF - GMER 1.0.13 ----
Avatar utente
Stefyria
Neo Iscritto
Neo Iscritto
 
Messaggi: 4
Iscritto il: ven set 07, 2007 10:53 pm

Messaggioda crazy.cat » sab set 08, 2007 7:10 am

Fai una scansione online sul sito della bitdefender e posta qui il risultato finale.
Il nuovo bagle lascia molti file infetti in giro per il pc
http://www.bitdefender.co.uk/
Quando i molti governano, pensano solo a contentar sé stessi, si ha allora la tirannia più balorda e più odiosa: la tirannia mascherata da libertà.
Avatar utente
crazy.cat
MLI Hero
MLI Hero
 
Messaggi: 30959
Iscritto il: lun gen 12, 2004 1:38 pm
Località: Mestre

Messaggioda Stefyria » sab set 08, 2007 1:34 pm

Grazie infinite per l'aiuto....ecco il rapporto di BitDefender


BitDefender Online Scanner
Scan report generated at: Sat, Sep 08, 2007 - 14:30:22
Scan path: C:\;D:\;E:\;F:\;G:\;H:\;I:\;J:\;K:\;L:\;N:\;O:\;
Statistics
Time 03:04:07
Files 1681633
Folders 11319
Boot Sectors 5
Archives 147757
Packed Files 90872

Results

Identified Viruses 15
Infected Files 23
Suspect Files 0
Deleted Files 24

C:\avenger\backup-07.09.2007-20.47.35,01.zip=>avenger/exefld/168671.exe
Infected with: Trojan.Bagle.DO

C:\avenger\backup-07.09.2007-20.47.35,01.zip=>avenger/exefld/168671.exe
Disinfection failed

C:\avenger\backup-07.09.2007-20.47.35,01.zip=>avenger/exefld/168671.exe
Deleted

C:\avenger\backup-07.09.2007-20.47.35,01.zip
Updated

C:\avenger\backup-07.09.2007-20.47.35,01.zip=>avenger/exefld/189437.exe
Infected with: Trojan.Bagle.DO

C:\avenger\backup-07.09.2007-20.47.35,01.zip=>avenger/exefld/189437.exe
Disinfection failed

C:\avenger\backup-07.09.2007-20.47.35,01.zip=>avenger/exefld/189437.exe
Deleted

C:\avenger\backup-07.09.2007-20.47.35,01.zip
Updated

C:\avenger\backup.zip=>avenger/hidr.exe
Infected with: DeepScan:Generic.Malware.SP!VPkWkg.F81E0DDA

C:\avenger\backup.zip=>avenger/hidr.exe
Disinfection failed

C:\avenger\backup.zip=>avenger/hidr.exe
Deleted

C:\avenger\backup.zip
Updated

C:\avenger\backup.zip=>avenger/srosa.sys
Infected with: Win32.Worm.Bagle.ZJC

C:\avenger\backup.zip=>avenger/srosa.sys
Disinfection failed

C:\avenger\backup.zip=>avenger/srosa.sys
Deleted

C:\avenger\backup.zip
Updated

C:\avenger\backup.zip=>avenger/srosa.sys-ren-224
Infected with: Win32.Worm.Bagle.ZJC

C:\avenger\backup.zip=>avenger/srosa.sys-ren-224
Disinfection failed

C:\avenger\backup.zip=>avenger/srosa.sys-ren-224
Deleted

C:\avenger\backup.zip
Updated

C:\Documents and Settings\HP_Proprietario\Dati applicazioni\Sun\Java\Deployment\cache\javapi\v1.0\jar\crtdcghcn.jar-57bebbba-5dae773f.zip=>Dvnny.class
Infected with: Java.Trojan.Exploit.Bytverify

C:\Documents and Settings\HP_Proprietario\Dati applicazioni\Sun\Java\Deployment\cache\javapi\v1.0\jar\crtdcghcn.jar-57bebbba-5dae773f.zip=>Dvnny.class
Disinfection failed

C:\Documents and Settings\HP_Proprietario\Dati applicazioni\Sun\Java\Deployment\cache\javapi\v1.0\jar\crtdcghcn.jar-57bebbba-5dae773f.zip=>Dvnny.class
Deleted

C:\Documents and Settings\HP_Proprietario\Dati applicazioni\Sun\Java\Deployment\cache\javapi\v1.0\jar\crtdcghcn.jar-57bebbba-5dae773f.zip
Updated

C:\Documents and Settings\HP_Proprietario\Dati applicazioni\Sun\Java\Deployment\cache\javapi\v1.0\jar\crtdcghcn.jar-57bebbba-5dae773f.zip=>Dex.class
Infected with: Trojan.Classloader.G

C:\Documents and Settings\HP_Proprietario\Dati applicazioni\Sun\Java\Deployment\cache\javapi\v1.0\jar\crtdcghcn.jar-57bebbba-5dae773f.zip=>Dex.class
Disinfection failed

C:\Documents and Settings\HP_Proprietario\Dati applicazioni\Sun\Java\Deployment\cache\javapi\v1.0\jar\crtdcghcn.jar-57bebbba-5dae773f.zip=>Dex.class
Deleted

C:\Documents and Settings\HP_Proprietario\Dati applicazioni\Sun\Java\Deployment\cache\javapi\v1.0\jar\crtdcghcn.jar-57bebbba-5dae773f.zip
Updated

C:\Documents and Settings\HP_Proprietario\Dati applicazioni\Sun\Java\Deployment\cache\javapi\v1.0\jar\crtdcghcn.jar-57bebbba-5dae773f.zip=>Dix.class
Infected with: Trojan.Java.ClassLoader.D

C:\Documents and Settings\HP_Proprietario\Dati applicazioni\Sun\Java\Deployment\cache\javapi\v1.0\jar\crtdcghcn.jar-57bebbba-5dae773f.zip=>Dix.class
Disinfection failed

C:\Documents and Settings\HP_Proprietario\Dati applicazioni\Sun\Java\Deployment\cache\javapi\v1.0\jar\crtdcghcn.jar-57bebbba-5dae773f.zip=>Dix.class
Deleted

C:\Documents and Settings\HP_Proprietario\Dati applicazioni\Sun\Java\Deployment\cache\javapi\v1.0\jar\crtdcghcn.jar-57bebbba-5dae773f.zip
Updated

C:\Documents and Settings\HP_Proprietario\Dati applicazioni\Sun\Java\Deployment\cache\javapi\v1.0\jar\crtdcghcn.jar-57bebbba-5dae773f.zip=>Dux.class
Infected with: Trojan.Java.ClassLoader.D

C:\Documents and Settings\HP_Proprietario\Dati applicazioni\Sun\Java\Deployment\cache\javapi\v1.0\jar\crtdcghcn.jar-57bebbba-5dae773f.zip=>Dux.class
Disinfection failed

C:\Documents and Settings\HP_Proprietario\Dati applicazioni\Sun\Java\Deployment\cache\javapi\v1.0\jar\crtdcghcn.jar-57bebbba-5dae773f.zip=>Dux.class
Deleted

C:\Documents and Settings\HP_Proprietario\Dati applicazioni\Sun\Java\Deployment\cache\javapi\v1.0\jar\crtdcghcn.jar-57bebbba-5dae773f.zip
Updated

C:\Documents and Settings\HP_Proprietario\Desktop\Collegamenti\Fotografia\Copie e vari\! Bibble Pro 4.90 + Crack.rar=>BibbleProSetup490.exe
Infected with: MemScan:Trojan.Downloader.Small.ECO

C:\Documents and Settings\HP_Proprietario\Desktop\Collegamenti\Fotografia\Copie e vari\! Bibble Pro 4.90 + Crack.rar=>BibbleProSetup490.exe
Disinfection failed

C:\Documents and Settings\HP_Proprietario\Desktop\Collegamenti\Fotografia\Copie e vari\! Bibble Pro 4.90 + Crack.rar=>BibbleProSetup490.exe
Deleted

C:\Documents and Settings\HP_Proprietario\Desktop\Collegamenti\Fotografia\Copie e vari\! Bibble Pro 4.90 + Crack.rar
Update failed

C:\Documents and Settings\HP_Proprietario\Desktop\Collegamenti\Fotografia\Copie e vari\Bibble Pro 4.90 Final (Cracked).rar=>BibbleProSetup490.exe
Infected with: MemScan:Trojan.Downloader.Small.ECO

C:\Documents and Settings\HP_Proprietario\Desktop\Collegamenti\Fotografia\Copie e vari\Bibble Pro 4.90 Final (Cracked).rar=>BibbleProSetup490.exe
Disinfection failed

C:\Documents and Settings\HP_Proprietario\Desktop\Collegamenti\Fotografia\Copie e vari\Bibble Pro 4.90 Final (Cracked).rar=>BibbleProSetup490.exe
Deleted

C:\Documents and Settings\HP_Proprietario\Desktop\Collegamenti\Fotografia\Copie e vari\Bibble Pro 4.90 Final (Cracked).rar
Update failed

C:\Documents and Settings\HP_Proprietario\Desktop\Temi e software Nokia E61\Software\kgxpltsrh.rar=>kgxpltsrh.exe
Infected with: Win32.Worm.Sdbot.AS

C:\Documents and Settings\HP_Proprietario\Desktop\Temi e software Nokia E61\Software\kgxpltsrh.rar=>kgxpltsrh.exe
Disinfection failed

C:\Documents and Settings\HP_Proprietario\Desktop\Temi e software Nokia E61\Software\kgxpltsrh.rar=>kgxpltsrh.exe
Deleted

C:\Documents and Settings\HP_Proprietario\Desktop\Temi e software Nokia E61\Software\kgxpltsrh.rar
Update failed

C:\Programmi\ESET\cache\FND0.NFI=>(Quarantine-PE)
Infected with: Trojan.Bagle.DO

C:\Programmi\ESET\cache\FND0.NFI=>(Quarantine-PE)
Disinfection failed

C:\Programmi\ESET\cache\FND0.NFI=>(Quarantine-PE)
Deleted

C:\Programmi\JackSMS 3\JackSMS.exe
Infected with: Backdoor.Mirc.BV

C:\Programmi\JackSMS 3\JackSMS.exe
Disinfection failed

C:\Programmi\JackSMS 3\JackSMS.exe
Deleted

C:\Programmi\Tunebite\tunebite.4.0.0.13-patch.exe
Infected with: Trojan.Patch.F

C:\Programmi\Tunebite\tunebite.4.0.0.13-patch.exe
Disinfection failed

C:\Programmi\Tunebite\tunebite.4.0.0.13-patch.exe
Deleted

C:\Programmi\XoftSpySE\ParetoSlayer.exe
Infected with: Packer.PESpin.A

C:\Programmi\XoftSpySE\ParetoSlayer.exe
Disinfection failed

C:\Programmi\XoftSpySE\ParetoSlayer.exe
Deleted

I:\Backup chiavetta usb\Immagini campione.rar=>Immagini campione\USB\Documenti\Lisa\Norton Crack\Norton - Estendi la durata del live update fino al 2115.rar=>[APPS - ITA] Norton - Estendi la durata del live update fino al 2115!! antivirus noron firewall utilities crack trial\norton-extend.exe
Infected with: Trojan.Wombat.A

I:\Backup chiavetta usb\Immagini campione.rar=>Immagini campione\USB\Documenti\Lisa\Norton Crack\Norton - Estendi la durata del live update fino al 2115.rar=>[APPS - ITA] Norton - Estendi la durata del live update fino al 2115!! antivirus noron firewall utilities crack trial\norton-extend.exe
Disinfection failed

I:\Backup chiavetta usb\Immagini campione.rar=>Immagini campione\USB\Documenti\Lisa\Norton Crack\Norton - Estendi la durata del live update fino al 2115.rar=>[APPS - ITA] Norton - Estendi la durata del live update fino al 2115!! antivirus noron firewall utilities crack trial\norton-extend.exe
Deleted

I:\Backup chiavetta usb\Immagini campione.rar=>Immagini campione\USB\Documenti\Lisa\Norton Crack\Norton - Estendi la durata del live update fino al 2115.rar
Update failed

I:\Backup chiavetta usb\Mister Wash\CuteComp.exe=>(Instyler o)=>(Instyler Module 20)=>(CAB Sfx r)=>VVSN.exe
Infected with: Generic.Adw.SaveNow.56AD4696

I:\Backup chiavetta usb\Mister Wash\CuteComp.exe=>(Instyler o)=>(Instyler Module 20)=>(CAB Sfx r)=>VVSN.exe
Disinfection failed

I:\Backup chiavetta usb\Mister Wash\CuteComp.exe=>(Instyler o)=>(Instyler Module 20)=>(CAB Sfx r)=>VVSN.exe
Deleted

I:\Backup chiavetta usb\Mister Wash\CuteComp.exe=>(Instyler o)=>(Instyler Module 20)=>(CAB Sfx r)
Update failed

I:\Backup chiavetta usb\Pendrive\Documenti\Lisa\Norton Crack\Norton - Estendi la durata del live update fino al 2115.rar=>[APPS - ITA] Norton - Estendi la durata del live update fino al 2115!! antivirus noron firewall utilities crack trial\norton-extend.exe
Infected with: Trojan.Wombat.A

I:\Backup chiavetta usb\Pendrive\Documenti\Lisa\Norton Crack\Norton - Estendi la durata del live update fino al 2115.rar=>[APPS - ITA] Norton - Estendi la durata del live update fino al 2115!! antivirus noron firewall utilities crack trial\norton-extend.exe
Disinfection failed

I:\Backup chiavetta usb\Pendrive\Documenti\Lisa\Norton Crack\Norton - Estendi la durata del live update fino al 2115.rar=>[APPS - ITA] Norton - Estendi la durata del live update fino al 2115!! antivirus noron firewall utilities crack trial\norton-extend.exe
Deleted

I:\Backup chiavetta usb\Pendrive\Documenti\Lisa\Norton Crack\Norton - Estendi la durata del live update fino al 2115.rar
Update failed

I:\Backup chiavetta usb\Pendrive\JackSMS 3\JackSMS.exe
Infected with: Backdoor.Mirc.BV

I:\Backup chiavetta usb\Pendrive\JackSMS 3\JackSMS.exe
Disinfection failed

I:\Backup chiavetta usb\Pendrive\JackSMS 3\JackSMS.exe
Deleted

I:\Backup chiavetta usb\USB 15gen2007\Documenti\Lisa\Norton Crack\Norton - Estendi la durata del live update fino al 2115.rar=>[APPS - ITA] Norton - Estendi la durata del live update fino al 2115!! antivirus noron firewall utilities crack trial\norton-extend.exe
Infected with: Trojan.Wombat.A

I:\Backup chiavetta usb\USB 15gen2007\Documenti\Lisa\Norton Crack\Norton - Estendi la durata del live update fino al 2115.rar=>[APPS - ITA] Norton - Estendi la durata del live update fino al 2115!! antivirus noron firewall utilities crack trial\norton-extend.exe
Disinfection failed

I:\Backup chiavetta usb\USB 15gen2007\Documenti\Lisa\Norton Crack\Norton - Estendi la durata del live update fino al 2115.rar=>[APPS - ITA] Norton - Estendi la durata del live update fino al 2115!! antivirus noron firewall utilities crack trial\norton-extend.exe
Deleted

I:\Backup chiavetta usb\USB 15gen2007\Documenti\Lisa\Norton Crack\Norton - Estendi la durata del live update fino al 2115.rar
Update failed

I:\Thunderbird 1.5.0.9 (it) - 2007-02-17.pcv=>Mail/po.gmail.com/Inbox=>(message 6519)=>[Subject: Filmato Capodanno][Date: Fri, 2 Feb 2007 13:00:40 -0600]=>(MIME part)=>filmato.asx
Infected with: Trojan.Downloader.O

I:\Thunderbird 1.5.0.9 (it) - 2007-02-17.pcv=>Mail/po.gmail.com/Inbox=>(message 6519)=>[Subject: Filmato Capodanno][Date: Fri, 2 Feb 2007 13:00:40 -0600]=>(MIME part)=>filmato.asx
Disinfection failed

I:\Thunderbird 1.5.0.9 (it) - 2007-02-17.pcv=>Mail/po.gmail.com/Inbox=>(message 6519)=>[Subject: Filmato Capodanno][Date: Fri, 2 Feb 2007 13:00:40 -0600]=>(MIME part)=>filmato.asx
Deleted

I:\Thunderbird 1.5.0.9 (it) - 2007-02-17.pcv=>Mail/po.gmail.com/Inbox=>(message 6519)=>[Subject: Filmato Capodanno][Date: Fri, 2 Feb 2007 13:00:40 -0600]=>(MIME part)
Updated

I:\Thunderbird 1.5.0.9 (it) - 2007-02-17.pcv=>Mail/po.gmail.com/Inbox=>(message 6519)
Updated

I:\Thunderbird 1.5.0.9 (it) - 2007-02-17.pcv=>Mail/po.gmail.com/Inbox
Updated

I:\Thunderbird 1.5.0.9 (it) - 2007-02-17.pcv
Updated

I:\V3x\Controllare\JackSMS_3.18_Install.exe=>(RAR Sfx o)=>JackSMS.exe
Infected with: Backdoor.Mirc.BV

I:\V3x\Controllare\JackSMS_3.18_Install.exe=>(RAR Sfx o)=>JackSMS.exe
Disinfection failed

I:\V3x\Controllare\JackSMS_3.18_Install.exe=>(RAR Sfx o)=>JackSMS.exe
Deleted

I:\V3x\Controllare\JackSMS_3.18_Install.exe=>(RAR Sfx o)
Update failed
Avatar utente
Stefyria
Neo Iscritto
Neo Iscritto
 
Messaggi: 4
Iscritto il: ven set 07, 2007 10:53 pm


Messaggioda crazy.cat » sab set 08, 2007 2:58 pm

E adesso come va?
Sono stati rimossi svariati virus (vedi cosa succede a scaricare cose a casaccio senza provarle sui siti adatti www.virustotal.com).
Quando i molti governano, pensano solo a contentar sé stessi, si ha allora la tirannia più balorda e più odiosa: la tirannia mascherata da libertà.
Avatar utente
crazy.cat
MLI Hero
MLI Hero
 
Messaggi: 30959
Iscritto il: lun gen 12, 2004 1:38 pm
Località: Mestre

Messaggioda Stefyria » dom set 09, 2007 2:54 pm

Sono riuscita a reinstallare l'antivirus ed a fare gli aggiornamenti, sembra funzionare tutto.
Spero di non avere altri files infetti nel pc, secondo te è il caso di fare qualcos'altro? Ti ringrazio per l'aiuto!
Per quanto riguarda scaricare files a casaccio....mai più!!!!!
Avatar utente
Stefyria
Neo Iscritto
Neo Iscritto
 
Messaggi: 4
Iscritto il: ven set 07, 2007 10:53 pm

Messaggioda crazy.cat » dom set 09, 2007 3:17 pm

Stefyria ha scritto:Per quanto riguarda scaricare files a casaccio....mai più!!!!!

Prima di aprirli e usarli, li fai controllare
http://www.MegaLab.it/2425

Bitdefender dovrebbe aver fatto già un buon lavoro, fai una scansione completa con nod aggiornato e dovresti essere a posto.
Quando i molti governano, pensano solo a contentar sé stessi, si ha allora la tirannia più balorda e più odiosa: la tirannia mascherata da libertà.
Avatar utente
crazy.cat
MLI Hero
MLI Hero
 
Messaggi: 30959
Iscritto il: lun gen 12, 2004 1:38 pm
Località: Mestre

Messaggioda Stefyria » lun set 10, 2007 11:47 am

Lo farò al più presto, grazie ancora per l'aiuto.... [applauso+]
Avatar utente
Stefyria
Neo Iscritto
Neo Iscritto
 
Messaggi: 4
Iscritto il: ven set 07, 2007 10:53 pm


Torna a Sicurezza

Chi c’è in linea

Visitano il forum: Nessuno e 14 ospiti

Powered by phpBB © 2002, 2005, 2007, 2008 phpBB Group
Traduzione Italiana phpBB.it

megalab.it: testata telematica quotidiana registrata al Tribunale di Cosenza n. 22/09 del 13.08.2009, editore Master New Media S.r.l.; © Copyright 2008 Master New Media S.r.l. a socio unico - P.I. 02947530784. GRUPPO EDIZIONI MASTER Spa Tutti i diritti sono riservati. Per la pubblicità: Master Advertising