help bagle!
Inviato: sab gen 12, 2008 9:57 pm
salve a tutti! potreste aiutarmi con lo script per avenger? grazie in anticipo. la scansione di kaspersky:
KASPERSKY ONLINE SCANNER REPORT
Saturday, January 12, 2008 8:31:06 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 12/01/2008
Kaspersky Anti-Virus database records: 508316
Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
A:\
C:\
D:\
E:\
Scan Statistics
Total number of scanned objects 67351
Number of viruses found 6
Number of infected objects 12
Number of suspicious objects 0
Duration of the scan process 10:59:12
Infected Object Name Virus Name Last Action
C:\Documents and Settings\All Users.WINXP\Dati applicazioni\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users.WINXP\Dati applicazioni\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\NetworkService.NT AUTHORITY\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService.NT AUTHORITY\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService.NT AUTHORITY\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService.NT AUTHORITY\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\pc1\NtUser.dat.LOG Object is locked skipped
C:\Documents and Settings\pc1\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\pc1\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\pc1\Impostazioni locali\Temporary Internet Files\Content.IE5\RNTGWCJG\b64_2[1].jpg Infected: Trojan.Win32.Pakes.bwy skipped
C:\Documents and Settings\pc1\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\pc1\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\pc1\Impostazioni locali\Dati applicazioni\Microsoft\Windows Live Mail\Hotmail (al da2\Posta inviata\69222905-0000001C.eml/[From Alessandro Cantini ][Date Mon, 12 Feb 2007 13:12:35 +0100]/SkyBattle/ButtonShyMouse.exe Infected: not-virus:BadJoke.Win32.MouseShy.a skipped
C:\Documents and Settings\pc1\Impostazioni locali\Dati applicazioni\Microsoft\Windows Live Mail\Hotmail (al da2\Posta inviata\69222905-0000001C.eml/[From Alessandro Cantini ][Date Mon, 12 Feb 2007 13:12:35 +0100]/SkyBattle Infected: not-virus:BadJoke.Win32.MouseShy.a skipped
C:\Documents and Settings\pc1\Impostazioni locali\Dati applicazioni\Microsoft\Windows Live Mail\Hotmail (al da2\Posta inviata\69222905-0000001C.eml Mail: infected - 2 skipped
C:\Documents and Settings\pc1\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\pc1\ntuser.dat Object is locked skipped
C:\WINXP\system32\config\SECURITY.LOG Object is locked skipped
C:\WINXP\system32\config\SOFTWARE.LOG Object is locked skipped
C:\WINXP\system32\config\SYSTEM.LOG Object is locked skipped
C:\WINXP\system32\config\DEFAULT.LOG Object is locked skipped
C:\WINXP\system32\config\SAM.LOG Object is locked skipped
C:\WINXP\system32\config\AppEvent.Evt Object is locked skipped
C:\WINXP\system32\config\SecEvent.Evt Object is locked skipped
C:\WINXP\system32\config\SysEvent.Evt Object is locked skipped
C:\WINXP\system32\config\DEFAULT Object is locked skipped
C:\WINXP\system32\config\SECURITY Object is locked skipped
C:\WINXP\system32\config\SOFTWARE Object is locked skipped
C:\WINXP\system32\config\SYSTEM Object is locked skipped
C:\WINXP\system32\config\SAM Object is locked skipped
C:\WINXP\system32\config\Internet.evt Object is locked skipped
C:\WINXP\system32\drivers\sptd.sys Object is locked skipped
C:\WINXP\system32\drivers\down\71843.exe Infected: Trojan.Win32.Pakes.bwy skipped
C:\WINXP\system32\drivers\down\66781.exe Infected: Trojan-Downloader.Win32.Bagle.ho skipped
C:\WINXP\system32\drivers\down\39203.exe Infected: Trojan-Downloader.Win32.Bagle.ho skipped
C:\WINXP\system32\drivers\srosa.sys Infected: Trojan-Downloader.Win32.Bagle.hw skipped
C:\WINXP\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINXP\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINXP\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINXP\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINXP\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINXP\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINXP\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINXP\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINXP\system32\CatRoot2\edb.log Object is locked skipped
C:\WINXP\system32\h323log.txt Object is locked skipped
C:\WINXP\Debug\PASSWD.LOG Object is locked skipped
D:\MULTIMEDIA!!!\Scherzi PC\ButtonShyMouse.exe Infected: not-virus:BadJoke.Win32.MouseShy.a skipped
D:\MULTIMEDIA!!!\Win-Spy\LicenseBackup.exe Infected: HackTool.Win32.Freezer.c skipped
D:\MULTIMEDIA!!!\Win-Spy\Win-Spy Eval Setup.exe/Setup1.exe Infected: Trojan-Spy.Win32.WinSpy.cz skipped
D:\MULTIMEDIA!!!\Win-Spy\Win-Spy Eval Setup.exe ZIP: infected - 1 skipped
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
Scan process completed.
KASPERSKY ONLINE SCANNER REPORT
Saturday, January 12, 2008 8:31:06 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 12/01/2008
Kaspersky Anti-Virus database records: 508316
Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
A:\
C:\
D:\
E:\
Scan Statistics
Total number of scanned objects 67351
Number of viruses found 6
Number of infected objects 12
Number of suspicious objects 0
Duration of the scan process 10:59:12
Infected Object Name Virus Name Last Action
C:\Documents and Settings\All Users.WINXP\Dati applicazioni\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users.WINXP\Dati applicazioni\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\NetworkService.NT AUTHORITY\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService.NT AUTHORITY\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService.NT AUTHORITY\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService.NT AUTHORITY\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\pc1\NtUser.dat.LOG Object is locked skipped
C:\Documents and Settings\pc1\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\pc1\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\pc1\Impostazioni locali\Temporary Internet Files\Content.IE5\RNTGWCJG\b64_2[1].jpg Infected: Trojan.Win32.Pakes.bwy skipped
C:\Documents and Settings\pc1\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\pc1\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\pc1\Impostazioni locali\Dati applicazioni\Microsoft\Windows Live Mail\Hotmail (al da2\Posta inviata\69222905-0000001C.eml/[From Alessandro Cantini ][Date Mon, 12 Feb 2007 13:12:35 +0100]/SkyBattle/ButtonShyMouse.exe Infected: not-virus:BadJoke.Win32.MouseShy.a skipped
C:\Documents and Settings\pc1\Impostazioni locali\Dati applicazioni\Microsoft\Windows Live Mail\Hotmail (al da2\Posta inviata\69222905-0000001C.eml/[From Alessandro Cantini ][Date Mon, 12 Feb 2007 13:12:35 +0100]/SkyBattle Infected: not-virus:BadJoke.Win32.MouseShy.a skipped
C:\Documents and Settings\pc1\Impostazioni locali\Dati applicazioni\Microsoft\Windows Live Mail\Hotmail (al da2\Posta inviata\69222905-0000001C.eml Mail: infected - 2 skipped
C:\Documents and Settings\pc1\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\pc1\ntuser.dat Object is locked skipped
C:\WINXP\system32\config\SECURITY.LOG Object is locked skipped
C:\WINXP\system32\config\SOFTWARE.LOG Object is locked skipped
C:\WINXP\system32\config\SYSTEM.LOG Object is locked skipped
C:\WINXP\system32\config\DEFAULT.LOG Object is locked skipped
C:\WINXP\system32\config\SAM.LOG Object is locked skipped
C:\WINXP\system32\config\AppEvent.Evt Object is locked skipped
C:\WINXP\system32\config\SecEvent.Evt Object is locked skipped
C:\WINXP\system32\config\SysEvent.Evt Object is locked skipped
C:\WINXP\system32\config\DEFAULT Object is locked skipped
C:\WINXP\system32\config\SECURITY Object is locked skipped
C:\WINXP\system32\config\SOFTWARE Object is locked skipped
C:\WINXP\system32\config\SYSTEM Object is locked skipped
C:\WINXP\system32\config\SAM Object is locked skipped
C:\WINXP\system32\config\Internet.evt Object is locked skipped
C:\WINXP\system32\drivers\sptd.sys Object is locked skipped
C:\WINXP\system32\drivers\down\71843.exe Infected: Trojan.Win32.Pakes.bwy skipped
C:\WINXP\system32\drivers\down\66781.exe Infected: Trojan-Downloader.Win32.Bagle.ho skipped
C:\WINXP\system32\drivers\down\39203.exe Infected: Trojan-Downloader.Win32.Bagle.ho skipped
C:\WINXP\system32\drivers\srosa.sys Infected: Trojan-Downloader.Win32.Bagle.hw skipped
C:\WINXP\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINXP\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINXP\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINXP\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINXP\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINXP\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINXP\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINXP\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINXP\system32\CatRoot2\edb.log Object is locked skipped
C:\WINXP\system32\h323log.txt Object is locked skipped
C:\WINXP\Debug\PASSWD.LOG Object is locked skipped
D:\MULTIMEDIA!!!\Scherzi PC\ButtonShyMouse.exe Infected: not-virus:BadJoke.Win32.MouseShy.a skipped
D:\MULTIMEDIA!!!\Win-Spy\LicenseBackup.exe Infected: HackTool.Win32.Freezer.c skipped
D:\MULTIMEDIA!!!\Win-Spy\Win-Spy Eval Setup.exe/Setup1.exe Infected: Trojan-Spy.Win32.WinSpy.cz skipped
D:\MULTIMEDIA!!!\Win-Spy\Win-Spy Eval Setup.exe ZIP: infected - 1 skipped
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
Scan process completed.