www.MegaLab.it

[Amantide]

Prima di avviare Systemscan disconnettiti dall'internet e chiudi tutti i programmi avviati, quelli visibili nella tray bar vicino all'orologio.

[lollo40]

cara amantide, ho fatto come mi hai detto, ho chiuso tutto ma è come prima, sistemscan si ferma al numero undici e continua ad uscire quella finestra,anche se premo sia chiudi che ignora.

[lollo40]

sono riuscita a finire il test e te lo ivio, spero sia sufficente systemscan - www.suspectfile.com - ver. 2.0.24

Date: 28/03/2007
Time: 15.37.47,22

Output limited to:
-Recent files
-Registry Run Keys
-Running Services
-Not Running Services
-Device Driver Services
-Svchost.exe instances
-Loaded Dlls
-Alternate Data Sreams
-Encrypted Files
-Hidden objects
-Suspicious Files

-------------Users folders -------------

Directory di C:\documents and settings

19/03/2007 00.58 <DIR> Administrator
20/03/2007 01.32 <DIR> All Users
12/06/2006 23.08 <DIR> Default User
20/03/2007 23.48 <DIR> LocalService
19/03/2007 00.58 <DIR> NetworkService
26/03/2007 02.39 <DIR> User
19/03/2007 00.58 <DIR> XbT

-------------Recent files (60 days) -------------
NOTE: searched only in C:, C:\WINDOWS, C:\WINDOWS\system32, C:\Programmi\File comuni, C:\WINDOWS\temp



Directory di C:\


28/03/2007 14.36 <DIR> WINDOWS
26/03/2007 23.53 <DIR> Avenger
28/03/2007 15.37 <DIR> suspectfile
27/03/2007 22.13 <DIR> Rustbfix
24/03/2007 02.11 <DIR> Programmi
26/03/2007 23.49 <DIR> Documents and Settings
25/03/2007 01.43 <DIR> Downloads
28/03/2007 14.39 <DIR> Program Files
02/03/2007 02.30 <DIR> My Downloads
25/02/2007 18.00 <DIR> google earth
27/03/2007 00.06 <DIR> VundoFix Backups
08/03/2007 10.50 936 graph.txt
26/03/2007 23.47 24.490 jngtvkxu.txt
08/03/2007 15.28 1.422 dvdlog.txt
28/03/2007 14.39 398 avenger.txt
27/03/2007 21.24 282 VundoFix.txt
22/03/2007 16.10 150 YServer.txt


Directory di C:\WINDOWS


03/02/2007 18.40 <DIR> twain_32
28/03/2007 15.30 <DIR> Temp
28/03/2007 12.40 <DIR> system32
19/03/2007 00.57 <DIR> Registration
24/03/2007 18.39 <DIR> Prefetch
03/02/2007 18.43 <DIR> pchealth
19/03/2007 00.50 <DIR> Minidump
18/03/2007 04.05 <DIR> WinSxS
21/03/2007 01.05 <DIR> Internet Logs
28/03/2007 13.57 <DIR> Help
18/03/2007 04.07 276.530 comsetup.log
08/03/2007 15.46 26 dvdSanta.INI
02/02/2007 00.58 592 EventSystem.log
19/03/2007 01.31 21 Fast800.ini
18/03/2007 04.07 746.502 FaxSetup.log
27/03/2007 00.25 565.311 gmer.dll
07/03/2007 15.52 573.440 gmer.exe
28/03/2007 13.35 250 gmer.ini
27/03/2007 00.25 80 gmer_uninstall.cmd
18/03/2007 04.07 933.911 iis6.log
18/03/2007 04.07 1.374 imsins.BAK
18/03/2007 04.07 1.374 imsins.log
16/03/2007 04.01 16.103 KB893803v2.log
18/03/2007 04.03 17.169 KB918118.log
18/03/2007 04.05 15.225 KB924667.log
18/03/2007 04.04 17.407 KB926436.log
18/03/2007 04.07 21.895 KB927779.log
18/03/2007 04.07 19.030 KB927802.log
18/03/2007 04.03 20.483 KB928090.log
18/03/2007 04.06 18.793 KB928255.log
18/03/2007 04.02 13.505 KB928843.log
18/03/2007 04.05 19.194 KB929338.log
18/03/2007 04.06 17.712 KB929969.log
18/03/2007 04.04 27.681 KB931836.log
18/03/2007 04.07 57.599 MedCtrOC.log
19/03/2007 00.50 402.194.432 MEMORY.DMP
19/03/2007 01.31 982 adiras.ini
19/03/2007 01.21 5.806 ModemLog_Modem standard 56000 bps.txt
19/03/2007 01.34 154 adidsl.ini
24/03/2007 02.26 12.898 mozver.dat
18/03/2007 04.07 40.935 msgsocm.log
18/03/2007 04.07 249.744 msmqinst.log
28/03/2007 01.02 116 NeroDigital.ini
18/03/2007 04.07 137.909 netfxocm.log
22/03/2007 22.27 304 nsw.log
19/03/2007 00.50 299.416 ntbtlog.txt
18/03/2007 04.07 174.199 ntdtcsetup.log
18/03/2007 04.07 436.382 ocgen.log
18/03/2007 04.07 47.458 ocmsn.log
26/03/2007 23.54 1.409 QTFont.for
24/02/2007 03.21 76 rack32a.ini
27/03/2007 01.19 32.532 SchedLgU.Txt
24/03/2007 00.17 211.706 setupact.log
22/03/2007 22.27 888.835 setupapi.log
22/03/2007 16.55 741 SpywareDoctor5Uninstall.log
18/03/2007 04.07 37.040 tabletoc.log
18/03/2007 04.07 374.183 tsoc.log
22/02/2007 15.50 99.970 UninstallFirefox.exe
18/03/2007 04.07 32.865 updspapi.log
27/03/2007 21.12 0 0.log
28/03/2007 14.12 301 wiadebug.log
27/03/2007 21.11 50 wiaservc.log
27/03/2007 21.11 2.084.315 WindowsUpdate.log
22/03/2007 18.34 61.144 wmsetup.log


Directory di C:\WINDOWS\system32


19/03/2007 00.57 <DIR> wbem
24/03/2007 01.08 <DIR> Restore
23/02/2007 23.40 <DIR> NtmsData
27/03/2007 00.25 <DIR> drivers
19/03/2007 00.58 <DIR> config
26/03/2007 01.24 <DIR> CatRoot2
19/03/2007 01.31 <DIR> CatRoot
22/02/2007 23.13 14.848 BASSMOD.dll
24/03/2007 01.55 16 coh.cache
27/03/2007 01.15 1.524 d3d8caps.dat
28/03/2007 12.40 1.636 d3d9caps.dat
24/02/2007 10.47 155.568 FNTCACHE.DAT
25/02/2007 23.32 29.304 GDIPFONTCACHEV1.DAT
03/02/2007 17.33 5.248 giveio.sys
22/03/2007 16.55 75.384 iklog.log
07/03/2007 02.06 9.848 jupdate-1.5.0_11-b03.log
25/03/2007 11.34 52.900 perfc009.dat
25/03/2007 11.34 63.402 perfc010.dat
25/03/2007 11.34 380.486 perfh009.dat
25/03/2007 11.34 425.804 perfh010.dat
25/03/2007 11.34 931.982 PerfStringBackup.INI
04/03/2007 01.24 2.358 qtplugin.log
29/01/2007 10.58 60.416 tzchange.exe
18/03/2007 04.04 122.268 TZLog.log
23/03/2007 22.21 2.206 wpa.dbl


Directory di C:\Programmi\File comuni


07/03/2007 01.56 <DIR> Java
03/02/2007 00.18 <DIR> Microsoft Shared
20/03/2007 01.31 <DIR> PC Tools
22/03/2007 02.32 <DIR> Skype
24/03/2007 15.38 <DIR> Symantec Shared
27/03/2007 21.11 <DIR> System
03/02/2007 01.14 <DIR> {34D3486F-03F1-1040-1108-000001200027}
24/02/2007 01.21 <DIR> {C4D3486F-03F0-1040-1108-000001200027}
24/02/2007 01.22 <DIR> {C4D3486F-03F1-1040-1108-000001200027}


Directory di C:\WINDOWS\temp


28/03/2007 15.32 <DIR> _avast4_
28/03/2007 15.30 <DIR> _av_proI.tm~a01284
16/03/2007 14.33 7.168 idd1136.tmp.exe
16/03/2007 02.29 7.168 idd115C.tmp.exe
16/03/2007 15.15 7.168 idd155D.tmp.exe
16/03/2007 20.18 7.168 idd15FD.tmp.exe
16/03/2007 20.38 7.168 idd15FF.tmp.exe
17/03/2007 01.24 7.168 idd161A.tmp.exe
17/03/2007 02.04 7.168 idd166C.tmp.exe
17/03/2007 15.32 7.168 idd16B6.tmp.exe
17/03/2007 15.52 7.168 idd16D5.tmp.exe
17/03/2007 16.32 7.168 idd16F2.tmp.exe
17/03/2007 16.52 7.168 idd16F5.tmp.exe
17/03/2007 17.12 7.168 idd16F7.tmp.exe
17/03/2007 17.32 7.168 idd16F8.tmp.exe
17/03/2007 19.12 7.168 idd178D.tmp.exe
17/03/2007 19.52 7.168 idd179D.tmp.exe
17/03/2007 20.32 7.168 idd17BD.tmp.exe
17/03/2007 20.52 7.168 idd17DC.tmp.exe
17/03/2007 23.12 7.168 idd18B3.tmp.exe
18/03/2007 00.52 7.168 idd194E.tmp.exe
18/03/2007 01.32 7.168 idd196A.tmp.exe
18/03/2007 01.52 7.168 idd196E.tmp.exe
18/03/2007 03.12 7.168 idd197A.tmp.exe
15/03/2007 18.36 7.168 iddF15.tmp.exe
08/03/2007 10.44 0 win1.tmp
08/03/2007 10.52 0 win10.tmp
08/03/2007 13.33 0 win100.tmp
15/03/2007 22.24 0 win1000.tmp
15/03/2007 22.24 0 win1001.tmp
15/03/2007 22.24 0 win1002.tmp
15/03/2007 22.26 0 win1003.tmp
15/03/2007 22.26 0 win1004.tmp
........................

[Amantide]

Abilita la visualizzazione dei file nascosti (apri una cartella qualsiasi, vai su Strumenti--> Opzioni cartella--> Visualizzazione e spunta Visualizza file e cartelle nascosti), riavvia il pc in modalità provvisoria (F8 all'avvio) ed elimina tutto il contenuto della cartella C:\WINDOWS\temp, è piena zeppa di file infetti.
Prova anche a fare la scansione con Systemscan dalla modalità provvisoria.

[lollo40]

cara amantide, scusa ancora, ma il terrore di fare danni maggiori di quelli già fatti è grande.
sono adata in modalità provvisoria su windows e temp. e c'è un casino di roba. devo cancellare tutto dal 1)avast4 all'ultimo WinFFF temp?grazie ancora

[Amantide]

Si si, devi eliminare tutti i file che si trovano all'interno della cartella C:\WINDOWS\temp
Non per caso si tratta della cartella dei file temporanei, quelli utili si ricreeranno poi da soli.

[lollo40]

ho fatto e ti invio il risultatosystemscan

Edited by Amandite.
Log eliminato a causa dell'eccessiva lunghezza (guardare log nell'allegato sotto).

[Amantide]

Purtroppo la scansione si è bloccata un altra volta... oppure a causa del'eccessiva lunghezza del log non si è riuscito a postarlo completo.
Se vedi che la fine del log che hai postato qui non coincide con il log che hai sul pc, allora mette il file .txt all'interno di un archivio rar o zip ed allegalo con il tuo prossimo messaggio.
Altrimenti avvia Systemscan, spunta SOLO la voce Suspicious files, fai la scansione ed allega qui il log.

Intanto esegui con Avenger questo script:

Files to delete:
C:\Programmi\File comuni\System\fAyF.exe
C:\WINDOWS\system32/plugin.exe
C:\WINDOWS\system32\plugin.exe

registry keys to delete:
HKLM\SYSTEM\CurrentControlSet\Services\LogWyt
HKLM\system\controlset002\services\LogWyt

[lollo40]

spero di aver fatto tutto bene e ti allego i test
Avenger Pre-Processor log
//////////////////////////////////////////

Syntax error in line --- does not appear to be a valid registry path. Line will be ignored.
Error code: 0
Line: _________________


//////////////////////////////////////////


Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\kiyisvlu

*******************

Script file located at: \??\C:\Program Files\ydyaealc.txt
Script file opened successfully.

Script file read successfully

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:



File C:\Programmi\File comuni\System\fAyF.exe not found!
Deletion of file C:\Programmi\File comuni\System\fAyF.exe failed!

Could not process line:
C:\Programmi\File comuni\System\fAyF.exe
Status: 0xc0000034



Could not open file C:\WINDOWS\system32/plugin.exe for deletion
Deletion of file C:\WINDOWS\system32/plugin.exe failed!

Could not process line:
C:\WINDOWS\system32/plugin.exe
Status: 0xc0000033



File C:\WINDOWS\system32\plugin.exe not found!
Deletion of file C:\WINDOWS\system32\plugin.exe failed!

Could not process line:
C:\WINDOWS\system32\plugin.exe
Status: 0xc0000034

Registry key HKLM\SYSTEM\CurrentControlSet\Services\LogWyt deleted successfully.


Registry key HKLM\system\controlset002\services\LogWyt not found!
Deletion of registry key HKLM\system\controlset002\services\LogWyt failed!

Could not process line:
HKLM\system\controlset002\services\LogWyt
Status: 0xc0000034


Completed script processing.

*******************

Finished! Terminate. non so come mandarti il test in winrar. l'ho compresso ma non riesco ad inserirlo

[Amantide]

Anche questo log è troncato a metà, per allegare il file rar con il log, mentre invii la risposta clicca sotto al form per il inserimento del testo sul bottone Carica il file.

Puoi provare qui, nella sezione Prove.
http://www.MegaLab.it/forum/viewforum.php?f=9

[lollo40]

scusa amantide, ma è la decima volta che disconnetto perché per vedere le pagine ci vuole un'eternità, sia con IE che con firefox, è da stamane che provo.
comunque riprovoa mandarti il test con winzip speriamo bene

[Amantide]

Ok, ora ci siamo
Dopo do una pulitina alla discussione togliendo i log replicati.

Esegui con Avenger questo script e dopo installa e fai la scansione con A-squared e SuperAntispyware.

Files to delete:
C:\Programmi\File comuni\System\Abn.exe
C:\Programmi\File comuni\System\AmzZdM.exe
C:\Programmi\File comuni\System\ciz.exe
C:\Programmi\File comuni\System\DrfZmJ.exe
C:\Programmi\File comuni\System\EALFD.exe
C:\Programmi\File comuni\System\EItrp.exe
C:\Programmi\File comuni\System\eJN.exe
C:\Programmi\File comuni\System\ePeUF.exe
C:\Programmi\File comuni\System\icN.exe
C:\Programmi\File comuni\System\KkA.exe
C:\Programmi\File comuni\System\mfP.exe
C:\Programmi\File comuni\System\oLY.exe
C:\Programmi\File comuni\System\pmsL.exe
C:\Programmi\File comuni\System\QAy.exe
C:\Programmi\File comuni\System\RmctnA.exe
C:\Programmi\File comuni\System\UhmDuX.exe
C:\Programmi\File comuni\System\YFe.exe
C:\Programmi\File comuni\System\yZr.exe

registry keys to delete:
HKLM\SYSTEM\CurrentControlSet\Services\LogWyt
HKLM\SYSTEM\CurrentControlSet\ServicesBoonty Games
HKLM\system\controlset002\services\LogWyt

folders to delete:
C:\Programmi\File comuni\BOONTY Shared

[lollo40]

cara amantide, ti unisco il test di avenger, spero sia fatto giustamente//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////

Syntax error in line --- does not appear to be a valid registry path. Line will be ignored.
Error code: 0
Line: _________________


//////////////////////////////////////////


Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\kiyisvlu

*******************

Script file located at: \??\C:\Program Files\ydyaealc.txt
Script file opened successfully.

Script file read successfully

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:



File C:\Programmi\File comuni\System\fAyF.exe not found!
Deletion of file C:\Programmi\File comuni\System\fAyF.exe failed!

Could not process line:
C:\Programmi\File comuni\System\fAyF.exe
Status: 0xc0000034



Could not open file C:\WINDOWS\system32/plugin.exe for deletion
Deletion of file C:\WINDOWS\system32/plugin.exe failed!

Could not process line:
C:\WINDOWS\system32/plugin.exe
Status: 0xc0000033



File C:\WINDOWS\system32\plugin.exe not found!
Deletion of file C:\WINDOWS\system32\plugin.exe failed!

Could not process line:
C:\WINDOWS\system32\plugin.exe
Status: 0xc0000034

Registry key HKLM\SYSTEM\CurrentControlSet\Services\LogWyt deleted successfully.


Registry key HKLM\system\controlset002\services\LogWyt not found!
Deletion of registry key HKLM\system\controlset002\services\LogWyt failed!

Could not process line:
HKLM\system\controlset002\services\LogWyt
Status: 0xc0000034


Completed script processing.

*******************

Finished! Terminate. appena fatto gli altri te li spedisco. a presto

[Amantide]

Mi sa che hai usato il penultimo script per Avenger e non quello ultimo... oppure hai sbagliato di postare il log di Avenger ed hai messo quello vecchio

[lollo40]

devo aver cancellato quello nuovo. devo rifarlo?

[Amantide]

devo aver cancellato quello nuovo. devo rifarlo?

Per sicurezza si , usa l'ultimo script però.

[lollo40]

ti invio il test di avenger fatto poco fa (mi sono segnata l'ora)
sto facendo la scansione con a-squared, ma ci vorrà tempo: te la spedisco domani assieme all'altra.//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////

Error: could not create zip file.
Error code: 0
fatto ore 22.40

//////////////////////////////////////////


Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\jyhnnmiw

*******************

Script file located at: \??\C:\Documents and Settings\xwsxpbcr.txt
Script file opened successfully.

Script file read successfully

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:



File C:\Programmi\File comuni\System\Abn.exe not found!
Deletion of file C:\Programmi\File comuni\System\Abn.exe failed!

Could not process line:
C:\Programmi\File comuni\System\Abn.exe
Status: 0xc0000034



File C:\Programmi\File comuni\System\AmzZdM.exe not found!
Deletion of file C:\Programmi\File comuni\System\AmzZdM.exe failed!

Could not process line:
C:\Programmi\File comuni\System\AmzZdM.exe
Status: 0xc0000034



File C:\Programmi\File comuni\System\ciz.exe not found!
Deletion of file C:\Programmi\File comuni\System\ciz.exe failed!

Could not process line:
C:\Programmi\File comuni\System\ciz.exe
Status: 0xc0000034



File C:\Programmi\File comuni\System\DrfZmJ.exe not found!
Deletion of file C:\Programmi\File comuni\System\DrfZmJ.exe failed!

Could not process line:
C:\Programmi\File comuni\System\DrfZmJ.exe
Status: 0xc0000034



File C:\Programmi\File comuni\System\EALFD.exe not found!
Deletion of file C:\Programmi\File comuni\System\EALFD.exe failed!

Could not process line:
C:\Programmi\File comuni\System\EALFD.exe
Status: 0xc0000034



File C:\Programmi\File comuni\System\EItrp.exe not found!
Deletion of file C:\Programmi\File comuni\System\EItrp.exe failed!

Could not process line:
C:\Programmi\File comuni\System\EItrp.exe
Status: 0xc0000034



File C:\Programmi\File comuni\System\eJN.exe not found!
Deletion of file C:\Programmi\File comuni\System\eJN.exe failed!

Could not process line:
C:\Programmi\File comuni\System\eJN.exe
Status: 0xc0000034



File C:\Programmi\File comuni\System\ePeUF.exe not found!
Deletion of file C:\Programmi\File comuni\System\ePeUF.exe failed!

Could not process line:
C:\Programmi\File comuni\System\ePeUF.exe
Status: 0xc0000034



File C:\Programmi\File comuni\System\icN.exe not found!
Deletion of file C:\Programmi\File comuni\System\icN.exe failed!

Could not process line:
C:\Programmi\File comuni\System\icN.exe
Status: 0xc0000034



File C:\Programmi\File comuni\System\KkA.exe not found!
Deletion of file C:\Programmi\File comuni\System\KkA.exe failed!

Could not process line:
C:\Programmi\File comuni\System\KkA.exe
Status: 0xc0000034



File C:\Programmi\File comuni\System\mfP.exe not found!
Deletion of file C:\Programmi\File comuni\System\mfP.exe failed!

Could not process line:
C:\Programmi\File comuni\System\mfP.exe
Status: 0xc0000034



File C:\Programmi\File comuni\System\oLY.exe not found!
Deletion of file C:\Programmi\File comuni\System\oLY.exe failed!

Could not process line:
C:\Programmi\File comuni\System\oLY.exe
Status: 0xc0000034



File C:\Programmi\File comuni\System\pmsL.exe not found!
Deletion of file C:\Programmi\File comuni\System\pmsL.exe failed!

Could not process line:
C:\Programmi\File comuni\System\pmsL.exe
Status: 0xc0000034



File C:\Programmi\File comuni\System\QAy.exe not found!
Deletion of file C:\Programmi\File comuni\System\QAy.exe failed!

Could not process line:
C:\Programmi\File comuni\System\QAy.exe
Status: 0xc0000034



File C:\Programmi\File comuni\System\RmctnA.exe not found!
Deletion of file C:\Programmi\File comuni\System\RmctnA.exe failed!

Could not process line:
C:\Programmi\File comuni\System\RmctnA.exe
Status: 0xc0000034



File C:\Programmi\File comuni\System\UhmDuX.exe not found!
Deletion of file C:\Programmi\File comuni\System\UhmDuX.exe failed!

Could not process line:
C:\Programmi\File comuni\System\UhmDuX.exe
Status: 0xc0000034



File C:\Programmi\File comuni\System\YFe.exe not found!
Deletion of file C:\Programmi\File comuni\System\YFe.exe failed!

Could not process line:
C:\Programmi\File comuni\System\YFe.exe
Status: 0xc0000034



File C:\Programmi\File comuni\System\yZr.exe not found!
Deletion of file C:\Programmi\File comuni\System\yZr.exe failed!

Could not process line:
C:\Programmi\File comuni\System\yZr.exe
Status: 0xc0000034



Registry key HKLM\SYSTEM\CurrentControlSet\Services\LogWyt not found!
Deletion of registry key HKLM\SYSTEM\CurrentControlSet\Services\LogWyt failed!

Could not process line:
HKLM\SYSTEM\CurrentControlSet\Services\LogWyt
Status: 0xc0000034



Registry key HKLM\SYSTEM\CurrentControlSet\ServicesBoonty Games not found!
Deletion of registry key HKLM\SYSTEM\CurrentControlSet\ServicesBoonty Games failed!

Could not process line:
HKLM\SYSTEM\CurrentControlSet\ServicesBoonty Games
Status: 0xc0000034



Registry key HKLM\system\controlset002\services\LogWyt not found!
Deletion of registry key HKLM\system\controlset002\services\LogWyt failed!

Could not process line:
HKLM\system\controlset002\services\LogWyt
Status: 0xc0000034



Folder C:\Programmi\File comuni\BOONTY Shared not found!
Deletion of folder C:\Programmi\File comuni\BOONTY Shared failed!

Could not process line:
C:\Programmi\File comuni\BOONTY Shared
Status: 0xc0000034


Completed script processing.

*******************

Finished! Terminate.//////////////////////////////////////////

[lollo40]

ho fatto idue test e ti invio quello di a-squared, però non mi trovo quello di super antis, ho cliccato sempre si ma ad un certo punto mi ha chiuso tutto, ho combinato un casino?
a-squared Command Line Scanner 2.1 README
===========================================

Please read this file carefully (especially "Installation
chapter") before using the program on your computer.


Contents:
---------

Program information
Description
Installation
History
Copyright and license
Technical support
Company information


Program information:
--------------------

Program Name:
a-squared Command Line Scanner

Program Version:
2.1.0.27

Program Release Date:
March 25, 2006

Program Description:
Malware scanner that removes Trojans, Worms, Dialers, Spyware/Adware,
TrackingCookies and Spyware Traces in the Registry and at the harddisk.

Target OS:
Windows 98
Windows ME
Windows 2000
Windows XP
Windows 2003 Server
Windows Vista

Software Type:
Full Version - Freeware


Usage:
------

Open a Command Prompt box and type: a2cmd

Hint: You have to add the installation folder to the PATH system variable.

By default, the help dialog appears:
----------------------------------------------------------------------

a-squared Command Line Scanner v. 2.1.0.27
(c) 2006 Emsi Software GmbH - www.emsisoft.com

a2cmd.exe [path] | [parameters]

Scan parameters (can be used together):

/f=[], /files=[path] Scan files
/m, /memory Scan Memory for active Malware
/t, /traces Scan for Spyware Traces
/c, /cookies Scan for Tracking Cookies

Scan settings parameters (used with scan parameters):

/h, /heuristic Heuristic scan for unknown Malware
/r, /riskware Alert Riskware that is often used by Malware
/a, /archive Scan in compressed archives (zip, rar, cab)
/n, /ntfs Scan in NTFS Alternate Data Streams
/l=[], /log=[filepath] Save a log file of the scan
(if no filepath is specified, the default folder "Logs" is used)
/x=[], /ext=[list] Scan only specified file extensions, comma delimited
/xe=[], /extexclude=[list] Scan all except the specified file extensions
/d, /delete Delete found Malware
/q=[], /quarantine=[folder] Put found Malware into Quarantine
(quarantine folder is optional, otherwise the "Quarantine" folder is used)

Malware handling parameters (standalone parameters):

/quello, /quarantinelist List all quarantined items
/qr=[], /quarantinerestore=[n] Restore the item number n of the quarantine
/qd=[], /quarantinedelete=[n] Delete the item number n of the quarantine

General parameters:

/u, /update Update Malware signatures
/?, /help Show help message

----------------------------------------------------------------------

Example: a2cmd /f="c:\windows\" /m /t /c /h /r /a /n /q

Description: Scans c:\windows. Memory, Traces and Cookie scan enabled.
Uses heuristics, displays Riskware and scans in Archives and ADS.
Puts found Malware in Quarantine.


History:
--------

March 25, 2007:
Version 2.1.0.27 released. Added file signature. Bugfixes.

September 29, 2006:
Version 2.0.0.103 released. Fixed some minor bugs in update and scanner.

August 29, 2006:
a-squared Command Line Scanner 2.0 released.


Copyright and license:
----------------------

The software is provided AS IS free of charge without any warranty.


Technical support:
------------------

Our technical support service is always glad to help you and to answer
any your questions. Please visit the a-squared website website to find
the fastest way to get support:
http://www.emsisoft.com/en/support/contact


Company information:
--------------------

Emsi Software GmbH

Email: info@emsisoft.com
Web: http://www.emsisoft.com

Postal Address:

Emsi Software GmbH
Faerberstr. 8
5110 Oberndorf
Austria

[Amantide]

Mi sa che hai copiato il contenuto del file readme.txt

Comunque non ti preoccupare, ora il tuo pc dovrebbe essere pulito, importante era fare la scansione con quei programmi e non mostrarmi i report.

Ciao.

[lollo40]

vuoi dire che è finito tutto davvero?
ti sono molto grata per la pazienza e la gentilezza nei miei confronti, siete tutti veramente incredibili grazie grazie grazie