Non riesco ad installare antivirus. Credo sia bagle.
Ho fatto girare gmer che mi ha dato un centinaio di pagine di log e un paio di righe in rosso
Queste:
Process C:\WINDOWS\system32\hldrrr.exe (*** hidden *** )
Service C:\Documents and Settings\usr\Dati applicazioni\hidires\m_hook.sys
ho fatto girare Avenger con questo script:
Files to delete:
D:\Documents and Settings\utente\Dati applicazioni\hidires\m_hook.sys
D:\Documents and Settings\utente\Dati applicazioni\hidires\hidr.exe
D:\WINDOWS\system32\wintems.exe
D:\WINDOWS\system32\hldrrr.exe
folders to delete:
D:\Documents and Settings\utente\Dati applicazioni\hidires
D:\WINDOWS\exefld
registry keys to delete:
HKLM\SYSTEM\CurrentControlSet\Services\m_hook
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_M_HOOK
registry values to delete:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run | hldrrr
e mi ha dato questo risultato:
Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\whsfkvns
*******************
Script file located at: \??\C:\utjerqnb.txt
Script file opened successfully.
Script file read successfully
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
Could not open file D:\Documents and Settings\utente\Dati applicazioni\hidires\m_hook.sys for deletion
Deletion of file D:\Documents and Settings\utente\Dati applicazioni\hidires\m_hook.sys failed!
Could not process line:
D:\Documents and Settings\utente\Dati applicazioni\hidires\m_hook.sys
Status: 0xc000003a
Could not open file D:\Documents and Settings\utente\Dati applicazioni\hidires\hidr.exe for deletion
Deletion of file D:\Documents and Settings\utente\Dati applicazioni\hidires\hidr.exe failed!
Could not process line:
D:\Documents and Settings\utente\Dati applicazioni\hidires\hidr.exe
Status: 0xc000003a
Could not open file D:\WINDOWS\system32\wintems.exe for deletion
Deletion of file D:\WINDOWS\system32\wintems.exe failed!
Could not process line:
D:\WINDOWS\system32\wintems.exe
Status: 0xc000003a
Could not open file D:\WINDOWS\system32\hldrrr.exe for deletion
Deletion of file D:\WINDOWS\system32\hldrrr.exe failed!
Could not process line:
D:\WINDOWS\system32\hldrrr.exe
Status: 0xc000003a
Could not open folder D:\Documents and Settings\utente\Dati applicazioni\hidires for deletion
Deletion of folder D:\Documents and Settings\utente\Dati applicazioni\hidires failed!
Could not process line:
D:\Documents and Settings\utente\Dati applicazioni\hidires
Status: 0xc000003a
Could not open folder D:\WINDOWS\exefld for deletion
Deletion of folder D:\WINDOWS\exefld failed!
Could not process line:
D:\WINDOWS\exefld
Status: 0xc000003a
Registry key HKLM\SYSTEM\CurrentControlSet\Services\m_hook deleted successfully.
Registry key HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_M_HOOK deleted successfully.
Registry value HKLM\Software\Microsoft\Windows\CurrentVersion\Run|hldrrr deleted successfully.
Completed script processing.
Che devo fare?