Punto informatico Network
Login Esegui login | Non sei registrato? Iscriviti ora (è gratuito!)
Username: Password:
  • Annuncio Pubblicitario

Antivirus e firewall non si avviano!!!

Un virus si è intromesso nel tuo computer? Vuoi navigare in tutta sicurezza? Sono sicure le transazione online? Come impedire a malintenzionati di intromettersi nel tuo pc? Come proteggere i tuoi dati? Qui trovi le risposte a queste ed altre domande

Antivirus e firewall non si avviano!!!

Messaggioda alvin » gio gen 03, 2008 3:05 pm

Mi chiedo aiuto! In questo momento sono collegato ad internet senza nessuna protezione!
Un’ora fa ad un certo punto il pc si è impallato e riavviato da solo. Al riavvio mi è apparsa una schermata con la scritta “il computer è stato riavviato in seguito ad un grave errore” e dovevo scegliere se inviare i dati oppure no.. Ho scelto “no” ma ora non si avviano ne avast, ne segate ne spybot!!!
Ragazzi che posso fare??? C’è qualcuno che può darmi una mano? Ne avrei davvero bisogno!

P.S. Questo è il log HijackThis
Logfile of HijackThis v1.99.1
Scan saved at 15.01.08, on 03/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\lasys32.exe
C:\Programmi\QuickTime\qttask.exe
C:\systbxa.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\File comuni\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Programmi\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Documents and Settings\Alberto\Desktop\Alberto\Svago\Antivirus - programmi\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - C:\Programmi\ShoppingReport\Bin\2.0.26\ShoppingReport.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programmi\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Programmi\Megaupload\Mega Manager\MegaIEMn.dll
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [msrpc] "C:\WINDOWS\system32\msrpc.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [tskfpogk] "c:\windows\system32\tskfpogk.exe"
O4 - HKLM\..\Run: [ddjcca.exe] C:\DOCUME~1\Alberto\IMPOST~1\Temp\ddjcca.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SysDrv] C:\systbxa.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Programmi\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [drvsyskit] C:\WINDOWS\system32\drivers\hldrrr.exe
O4 - Startup: Adobe Gamma.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Promemoria del Calendario di Microsoft Works.lnk = ?
O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Programmi\MP3 Player Utilities 3.75\AMVConverter\grab.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Programmi\MP3 Player Utilities 3.75\MediaManager\grab.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Programmi\ShoppingReport\Bin\2.0.26\ShoppingReport.dll
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Programmi\ShoppingReport\Bin\2.0.26\ShoppingReport.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.co.uk/scan_uk/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 9868370857
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs:
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: DirectX Service (DirectDakc) - Unknown owner - C:\WINDOWS\
O23 - Service: Process Monitor (LVPrcSrv) - Unknown owner - c:\programmi\file comuni\logishrd\lvmvfm\LVPrcSrv.exe (file missing)
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Programmi\File comuni\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: Plisrrakmfaa - Logitech Inc. - (no file)
Avatar utente
alvin
Aficionado
Aficionado
 
Messaggi: 46
Iscritto il: dom feb 11, 2007 7:27 pm

Messaggioda crazy.cat » gio gen 03, 2008 3:25 pm

c'è un bagle più svariati altri virus
serve il report della scansione online sul sito della kaspersky che li uccidiamo tutti in un colpo.
http://www.MegaLab.it/forum/viewtopic.php?t=34966
Quando i molti governano, pensano solo a contentar sé stessi, si ha allora la tirannia più balorda e più odiosa: la tirannia mascherata da libertà.
Avatar utente
crazy.cat
MLI Hero
MLI Hero
 
Messaggi: 30959
Iscritto il: lun gen 12, 2004 1:38 pm
Località: Mestre

Messaggioda Paolino87 » gio gen 03, 2008 4:46 pm

Ciao a tutti anche io ho il medesimo problema... ho già fatto scansioni on line a bizzeffe, ma non riesco ancora a installare alcun antivirus. Poiho trovato la vostra guida e con GMER e AVENGER ho trovato i processi nascosti e ho provato a eliminarli, ma ancora nulla!

Ora ho provato a fare la scansione on-line con Kaspersky e ho analizzato tutti i miei dischi, e alla fine mi dice che non ho alcun file infetto o sospetto.... [acc2] ....

Proprio ora hoprovando la scansione delle aree critiche e niente !!!

Il report di kaspersky non posso allegarlo perché non me lo ha neanche fatto! Vi allego il log di GMER e spero che possiate darmi una mano!

Grazie mille !!! [^]
Avatar utente
Paolino87
Neo Iscritto
Neo Iscritto
 
Messaggi: 5
Iscritto il: gio gen 03, 2008 4:31 pm


Messaggioda crazy.cat » gio gen 03, 2008 6:33 pm

Paolino87 ha scritto:Il report di kaspersky non posso allegarlo perché non me lo ha neanche fatto! Vi allego il log di GMER e spero che possiate darmi una mano!

Se hai già applicato lo script generico con avanger e non hai risolto, ci deve essere un virus nascosto, il log di gmer non mi aiuta per niente.
Serve kaspersky, prova a rifarlo.
Quando i molti governano, pensano solo a contentar sé stessi, si ha allora la tirannia più balorda e più odiosa: la tirannia mascherata da libertà.
Avatar utente
crazy.cat
MLI Hero
MLI Hero
 
Messaggi: 30959
Iscritto il: lun gen 12, 2004 1:38 pm
Località: Mestre

Messaggioda alvin » gio gen 03, 2008 10:56 pm

Ho fatto la scansione con kaspersky.. Spero tanto che possiate aiutarmi magari anche in modo un po' elementare perché non sono un grande esperto..

KASPERSKY ONLINE SCANNER REPORT
Thursday, January 03, 2008 10:33:16 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 3/01/2008
Kaspersky Anti-Virus database records: 502102
Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
A:\
C:\
D:\
E:\
Scan Statistics
Total number of scanned objects 67610
Number of viruses found 22
Number of infected objects 83
Number of suspicious objects 0
Duration of the scan process 03:41:01

Infected Object Name Virus Name Last Action
C:\Documents and Settings\Alberto\.housecall6.6\Quarantine\backup-11.02.2007-16.25.34,52.zip.bac_a00804/avenger/exefld/5908526.exe Infected: Email-Worm.Win32.Bagle.hq skipped
C:\Documents and Settings\Alberto\.housecall6.6\Quarantine\backup-11.02.2007-16.25.34,52.zip.bac_a00804 ZIP: infected - 1 skipped
C:\Documents and Settings\Alberto\.housecall6.6\Quarantine\backup-11.02.2007-16.25.34,52.zip.bac_a00804 CryptFF.b: infected - 1 skipped
C:\Documents and Settings\Alberto\.housecall6.6\Quarantine\backup-11.02.2007-16.25.34,52.zip.bac_a03228/avenger/exefld/20570578.exe Infected: Email-Worm.Win32.Bagle.ht skipped
C:\Documents and Settings\Alberto\.housecall6.6\Quarantine\backup-11.02.2007-16.25.34,52.zip.bac_a03228/avenger/exefld/407115.exe Infected: Email-Worm.Win32.Bagle.ht skipped
C:\Documents and Settings\Alberto\.housecall6.6\Quarantine\backup-11.02.2007-16.25.34,52.zip.bac_a03228/avenger/exefld/419703.exe Infected: Email-Worm.Win32.Bagle.ht skipped
C:\Documents and Settings\Alberto\.housecall6.6\Quarantine\backup-11.02.2007-16.25.34,52.zip.bac_a03228/avenger/exefld/504825.exe Infected: Email-Worm.Win32.Bagle.ht skipped
C:\Documents and Settings\Alberto\.housecall6.6\Quarantine\backup-11.02.2007-16.25.34,52.zip.bac_a03228/avenger/exefld/504845.exe Infected: Email-Worm.Win32.Bagle.ht skipped
C:\Documents and Settings\Alberto\.housecall6.6\Quarantine\backup-11.02.2007-16.25.34,52.zip.bac_a03228/avenger/exefld/534498.exe Infected: Email-Worm.Win32.Bagle.ht skipped
C:\Documents and Settings\Alberto\.housecall6.6\Quarantine\backup-11.02.2007-16.25.34,52.zip.bac_a03228/avenger/exefld/553055.exe Infected: Email-Worm.Win32.Bagle.ht skipped
C:\Documents and Settings\Alberto\.housecall6.6\Quarantine\backup-11.02.2007-16.25.34,52.zip.bac_a03228/avenger/exefld/5908526.exe Infected: Email-Worm.Win32.Bagle.hq skipped
C:\Documents and Settings\Alberto\.housecall6.6\Quarantine\backup-11.02.2007-16.25.34,52.zip.bac_a03228/avenger/exefld/815352.exe Infected: Email-Worm.Win32.Bagle.ht skipped
C:\Documents and Settings\Alberto\.housecall6.6\Quarantine\backup-11.02.2007-16.25.34,52.zip.bac_a03228/avenger/exefld/914464.exe Infected: Email-Worm.Win32.Bagle.ht skipped
C:\Documents and Settings\Alberto\.housecall6.6\Quarantine\backup-11.02.2007-16.25.34,52.zip.bac_a03228/avenger/exefld/959569.exe Infected: Email-Worm.Win32.Bagle.ht skipped
C:\Documents and Settings\Alberto\.housecall6.6\Quarantine\backup-11.02.2007-16.25.34,52.zip.bac_a03228 ZIP: infected - 11 skipped
C:\Documents and Settings\Alberto\.housecall6.6\Quarantine\backup-11.02.2007-16.25.34,52.zip.bac_a03228 CryptFF.b: infected - 11 skipped
C:\Documents and Settings\Alberto\.housecall6.6\Quarantine\backup-13.02.2007-10.32.13,49.zip.bac_a03228/avenger/exefld/556570.exe Infected: Email-Worm.Win32.Bagle.hw skipped
C:\Documents and Settings\Alberto\.housecall6.6\Quarantine\backup-13.02.2007-10.32.13,49.zip.bac_a03228/avenger/exefld/601695.exe Infected: Email-Worm.Win32.Bagle.hw skipped
C:\Documents and Settings\Alberto\.housecall6.6\Quarantine\backup-13.02.2007-10.32.13,49.zip.bac_a03228/avenger/hidr.exe Infected: Email-Worm.Win32.Bagle.hz skipped
C:\Documents and Settings\Alberto\.housecall6.6\Quarantine\backup-13.02.2007-10.32.13,49.zip.bac_a03228/avenger/hldrrr.exe Infected: Email-Worm.Win32.Bagle.hv skipped
C:\Documents and Settings\Alberto\.housecall6.6\Quarantine\backup-13.02.2007-10.32.13,49.zip.bac_a03228/avenger/m_hook.sys Infected: Email-Worm.Win32.Bagle.hj skipped
C:\Documents and Settings\Alberto\.housecall6.6\Quarantine\backup-13.02.2007-10.32.13,49.zip.bac_a03228/avenger/wintems.exe Infected: Trojan-Downloader.Win32.Bagle.br skipped
C:\Documents and Settings\Alberto\.housecall6.6\Quarantine\backup-13.02.2007-10.32.13,49.zip.bac_a03228 ZIP: infected - 6 skipped
C:\Documents and Settings\Alberto\.housecall6.6\Quarantine\backup-13.02.2007-10.32.13,49.zip.bac_a03228 CryptFF.b: infected - 6 skipped
C:\Documents and Settings\Alberto\.housecall6.6\Quarantine\crtdcghcn.jar-53b026d4-5db16f3a.zip.bac_a03228/BaaaaBaa.class Infected: Trojan.Java.ClassLoader.ao skipped
C:\Documents and Settings\Alberto\.housecall6.6\Quarantine\crtdcghcn.jar-53b026d4-5db16f3a.zip.bac_a03228/VaaaaaaaBaa.class Infected: Trojan.Java.ClassLoader.ao skipped
C:\Documents and Settings\Alberto\.housecall6.6\Quarantine\crtdcghcn.jar-53b026d4-5db16f3a.zip.bac_a03228/Baaaaa.class Infected: Trojan.Java.ClassLoader.ao skipped
C:\Documents and Settings\Alberto\.housecall6.6\Quarantine\crtdcghcn.jar-53b026d4-5db16f3a.zip.bac_a03228 ZIP: infected - 3 skipped
C:\Documents and Settings\Alberto\.housecall6.6\Quarantine\crtdcghcn.jar-53b026d4-5db16f3a.zip.bac_a03228 CryptFF.b: infected - 3 skipped
C:\Documents and Settings\Alberto\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Alberto\Dati applicazioni\Mozilla\Firefox\Profiles\htjnww1t.default\cert8.db Object is locked skipped
C:\Documents and Settings\Alberto\Dati applicazioni\Mozilla\Firefox\Profiles\htjnww1t.default\foxmarks.log Object is locked skipped
C:\Documents and Settings\Alberto\Dati applicazioni\Mozilla\Firefox\Profiles\htjnww1t.default\history.dat Object is locked skipped
C:\Documents and Settings\Alberto\Dati applicazioni\Mozilla\Firefox\Profiles\htjnww1t.default\key3.db Object is locked skipped
C:\Documents and Settings\Alberto\Dati applicazioni\Mozilla\Firefox\Profiles\htjnww1t.default\parent.lock Object is locked skipped
C:\Documents and Settings\Alberto\Dati applicazioni\Mozilla\Firefox\Profiles\htjnww1t.default\search.sqlite Object is locked skipped
C:\Documents and Settings\Alberto\Dati applicazioni\Mozilla\Firefox\Profiles\htjnww1t.default\urlclassifier2.sqlite Object is locked skipped
C:\Documents and Settings\Alberto\Desktop\Alberto\Programmi\ASRLSetup.exe/file01 Infected: not-a-virus:AdTool.Win32.VB.a skipped
C:\Documents and Settings\Alberto\Desktop\Alberto\Programmi\ASRLSetup.exe Inno: infected - 1 skipped
C:\Documents and Settings\Alberto\Desktop\Alberto\Programmi\vdownloader\VDownloader.exe Infected: not-a-virus:Downloader.Win32.VDown.a skipped
C:\Documents and Settings\Alberto\Desktop\Incoming\AnvSoft Flash to 3GP Converter 5.0.zip/AnvSoft Flash to 3GP Converter 5.0.exe Infected: Trojan-Downloader.Win32.Bagle.hj skipped
C:\Documents and Settings\Alberto\Desktop\Incoming\AnvSoft Flash to 3GP Converter 5.0.zip ZIP: infected - 1 skipped
C:\Documents and Settings\Alberto\Desktop\Incoming\Anvsoft Flash to iPod Converter 2.12 [Key].zip/Anvsoft Flash to iPod Converter 2.12 [Key].exe Infected: Trojan-Downloader.Win32.Bagle.hj skipped
C:\Documents and Settings\Alberto\Desktop\Incoming\Anvsoft Flash to iPod Converter 2.12 [Key].zip ZIP: infected - 1 skipped
C:\Documents and Settings\Alberto\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Alberto\Impostazioni locali\Cronologia\History.IE5\MSHist012008010320080104\index.dat Object is locked skipped
C:\Documents and Settings\Alberto\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Alberto\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Alberto\Impostazioni locali\Dati applicazioni\Mozilla\Firefox\Profiles\htjnww1t.default\Cache\_CACHE_001_ Object is locked skipped
C:\Documents and Settings\Alberto\Impostazioni locali\Dati applicazioni\Mozilla\Firefox\Profiles\htjnww1t.default\Cache\_CACHE_002_ Object is locked skipped
C:\Documents and Settings\Alberto\Impostazioni locali\Dati applicazioni\Mozilla\Firefox\Profiles\htjnww1t.default\Cache\_CACHE_003_ Object is locked skipped
C:\Documents and Settings\Alberto\Impostazioni locali\Dati applicazioni\Mozilla\Firefox\Profiles\htjnww1t.default\Cache\_CACHE_MAP_ Object is locked skipped
C:\Documents and Settings\Alberto\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Alberto\ntuser.dat Object is locked skipped
C:\Documents and Settings\Alberto\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Fabio\Impostazioni locali\Temp\dm_0182.exe Infected: Trojan.Win32.Dialer.yw skipped
C:\Documents and Settings\Fabio\Impostazioni locali\Temporary Internet Files\Content.IE5\RU201K59\Galaxy[1].htm Infected: Trojan-Downloader.JS.Agent.ann skipped
C:\Documents and Settings\Fabio\Impostazioni locali\Temporary Internet Files\Content.IE5\RU201K59\index[11].htm Infected: Trojan-Downloader.JS.Psyme.gy skipped
C:\Documents and Settings\Fabio\Impostazioni locali\Temporary Internet Files\Content.IE5\VH5JWRGT\articles[1].htm Infected: Exploit.HTML.IESlice.al skipped
C:\Documents and Settings\Fabio\Impostazioni locali\Temporary Internet Files\Content.IE5\VH5JWRGT\flash_player_3913034[1].exe Infected: Trojan-Downloader.Win32.Agent.gvu skipped
C:\Documents and Settings\Fabio\Impostazioni locali\Temporary Internet Files\Content.IE5\VH5JWRGT\Galaxy[1].htm Infected: Trojan-Downloader.JS.Agent.ann skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Programmi\Microsoft Works\WkDetect.exe Infected: Trojan-Downloader.Win32.Bagle.hj skipped
C:\Programmi\Norton AntiVirus\Quarantine\03D751DB.exe Infected: Trojan-Clicker.Win32.Small.kj skipped
C:\Programmi\Norton AntiVirus\Quarantine\04051DA8.exe Infected: Trojan-Clicker.Win32.Small.kj skipped
C:\Programmi\Norton AntiVirus\Quarantine\040C71A1.exe Infected: Trojan-Downloader.Win32.Tiny.im skipped
C:\Programmi\Norton AntiVirus\Quarantine\0412459A.exe Infected: Trojan-Downloader.Win32.Tiny.im skipped
C:\Programmi\Norton AntiVirus\Quarantine\093D04FD.exe Infected: Trojan-Clicker.Win32.Small.kj skipped
C:\Programmi\Norton AntiVirus\Quarantine\0B9A2FF4.exe Infected: Trojan-Clicker.Win32.Small.kj skipped
C:\Programmi\Norton AntiVirus\Quarantine\0BA103ED.exe Infected: Trojan-Clicker.Win32.Small.kj skipped
C:\Programmi\Norton AntiVirus\Quarantine\0BEF7397.exe Infected: Trojan-Clicker.Win32.Small.kj skipped
C:\Programmi\Norton AntiVirus\Quarantine\0C3E6341.exe Infected: Trojan-Clicker.Win32.Small.kj skipped
C:\Programmi\Norton AntiVirus\Quarantine\2A90471F.par Infected: P2P-Worm.Win32.VB.dz skipped
C:\Programmi\Norton AntiVirus\Quarantine\2EA84ABC.exe Infected: Trojan-Clicker.Win32.Small.kj skipped
C:\Programmi\Norton AntiVirus\Quarantine\34117381.exe Infected: Trojan-Clicker.Win32.Small.kj skipped
C:\Programmi\Norton AntiVirus\Quarantine\372C4D39.exe Infected: Trojan-Clicker.Win32.Small.kj skipped
C:\Programmi\Norton AntiVirus\Quarantine\38AD2791.exe Infected: Trojan-Clicker.Win32.Small.kj skipped
C:\Programmi\Norton AntiVirus\Quarantine\390C6929.exe Infected: Trojan-Clicker.Win32.Small.kj skipped
C:\Programmi\Norton AntiVirus\Quarantine\39C06C0E.exe Infected: Trojan-Clicker.Win32.Small.kj skipped
C:\Programmi\Norton AntiVirus\Quarantine\41047492.exe Infected: Trojan-Clicker.Win32.Small.kj skipped
C:\Programmi\Norton AntiVirus\Quarantine\43307A87.exe Infected: Trojan-Clicker.Win32.Small.kj skipped
C:\Programmi\Norton AntiVirus\Quarantine\43364E80.exe Infected: Trojan-Clicker.Win32.Small.kj skipped
C:\Programmi\Norton AntiVirus\Quarantine\4339787C.exe Infected: Trojan-Clicker.Win32.Small.kj skipped
C:\Programmi\Norton AntiVirus\Quarantine\4FE9252B.tmp Infected: Trojan-Downloader.Win32.Bagle.co skipped
C:\Programmi\Norton AntiVirus\Quarantine\55F3485A.exe Infected: Trojan-Clicker.Win32.Small.kj skipped
C:\Programmi\Norton AntiVirus\Quarantine\56211427.exe Infected: Trojan-Clicker.Win32.Small.kj skipped
C:\Programmi\Norton AntiVirus\Quarantine\56423803.exe Infected: Trojan-Clicker.Win32.Small.kj skipped
C:\Programmi\Norton AntiVirus\Quarantine\566F03D1.exe Infected: Trojan-Clicker.Win32.Small.kj skipped
C:\Programmi\Norton AntiVirus\Quarantine\56CB1B6C.exe Infected: Trojan-Clicker.Win32.Small.kj skipped
C:\Programmi\Norton AntiVirus\Quarantine\5A6E596C.exe Infected: Trojan-Clicker.Win32.Small.kj skipped
C:\Programmi\Norton AntiVirus\Quarantine\5A775761.exe Infected: Trojan-Clicker.Win32.Small.kj skipped
C:\Programmi\Norton AntiVirus\Quarantine\5A7B015E.exe Infected: Trojan-Clicker.Win32.Small.kj skipped
C:\Programmi\Norton AntiVirus\Quarantine\5A912745.exe Infected: Trojan-Clicker.Win32.Small.kj skipped
C:\Programmi\Norton AntiVirus\Quarantine\5B070EC3.exe Infected: Trojan-Clicker.Win32.Small.kj skipped
C:\Programmi\Norton AntiVirus\Quarantine\5B1760B1.exe Infected: Trojan-Clicker.Win32.Small.kj skipped
C:\Programmi\Norton AntiVirus\Quarantine\5C195595.exe Infected: Trojan-Clicker.Win32.Small.kj skipped
C:\Programmi\Norton AntiVirus\Quarantine\79D95181.exe Infected: Trojan-Clicker.Win32.Small.kj skipped
C:\Programmi\ShoppingReport\Bin\2.0.26\ShoppingReport.dll Infected: not-a-virus:AdWare.Win32.Shopper.q skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{B5951D38-A328-4405-A517-95625D647E89}\RP6\A0001154.exe Infected: Trojan-Downloader.Win32.Bagle.hj skipped
C:\System Volume Information\_restore{B5951D38-A328-4405-A517-95625D647E89}\RP6\A0001157.exe Infected: Trojan-Downloader.Win32.Bagle.hj skipped
C:\System Volume Information\_restore{B5951D38-A328-4405-A517-95625D647E89}\RP6\A0001159.exe Infected: Trojan-Downloader.Win32.Bagle.hj skipped
C:\System Volume Information\_restore{B5951D38-A328-4405-A517-95625D647E89}\RP8\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\lasys32.exe Infected: Trojan.Win32.Dialer.yw skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\bak\msrpc.exe Infected: Trojan-Downloader.Win32.Delf.dlj skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\drivers\atapi.sys Object is locked skipped
C:\WINDOWS\system32\drivers\dtscsi.sys Object is locked skipped
C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\tskihmdq.exe Object is locked skipped
C:\WINDOWS\system32\upduhpxv.exe Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Tasks\chozzmxe.job Object is locked skipped
C:\WINDOWS\Tasks\dwiwrbor.job Object is locked skipped
C:\WINDOWS\Tasks\eqq.job Object is locked skipped
C:\WINDOWS\Tasks\eyxxmaz.job Object is locked skipped
C:\WINDOWS\Tasks\foouwgi.job Object is locked skipped
C:\WINDOWS\Tasks\ftuhd.job Object is locked skipped
C:\WINDOWS\Tasks\gvnjywpv.job Object is locked skipped
C:\WINDOWS\Tasks\hdexal.job Object is locked skipped
C:\WINDOWS\Tasks\lcnoh.job Object is locked skipped
C:\WINDOWS\Tasks\lnynn.job Object is locked skipped
C:\WINDOWS\Tasks\ovelr.job Object is locked skipped
C:\WINDOWS\Tasks\oytaiw.job Object is locked skipped
C:\WINDOWS\Tasks\ozxdj.job Object is locked skipped
C:\WINDOWS\Tasks\qtts.job Object is locked skipped
C:\WINDOWS\Tasks\temt.job Object is locked skipped
C:\WINDOWS\Tasks\vegeg.job Object is locked skipped
C:\WINDOWS\Tasks\xkduwzrv.job Object is locked skipped
C:\WINDOWS\Temp\BTS1.tmp Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\wisyst32.exe Object is locked skipped
Scan process completed.
Avatar utente
alvin
Aficionado
Aficionado
 
Messaggi: 46
Iscritto il: dom feb 11, 2007 7:27 pm

Messaggioda crazy.cat » ven gen 04, 2008 8:24 am

Eri riuscito a fare una bella scorta di virus niente male.
Norton dormiva come al solito...

disattiva il ripristino della configurazione e riavvia il pc, dopo usi avenger
http://www.MegaLab.it/2330

Questo è il tuo script, dopo il riavvio provi a reinstallare l'antivirus.

Codice: Seleziona tutto
Files to delete:
C:\WINDOWS\system32\drivers\hidr.exe
C:\WINDOWS\system32\drivers\hldrrr.exe
C:\WINDOWS\system32\drivers\srosa.sys
C:\WINDOWS\system32\wintems.exe
C:\WINDOWS\system32\hldrrr.exe
C:\WINDOWS\system32\trusted.exe
C:\WINDOWS\system32\drivers\pci32.sys
C:\Documents and Settings\Alberto\Desktop\Incoming\AnvSoft Flash to 3GP Converter 5.0.zip
C:\Documents and Settings\Alberto\Desktop\Incoming\Anvsoft Flash to iPod Converter 2.12 [Key].zip
C:\Documents and Settings\Fabio\Impostazioni locali\Temp\dm_0182.exe 
C:\Documents and Settings\Fabio\Impostazioni locali\Temporary Internet Files\Content.IE5\RU201K59\Galaxy[1].htm
C:\Documents and Settings\Fabio\Impostazioni locali\Temporary Internet Files\Content.IE5\RU201K59\index[11].htm
C:\Documents and Settings\Fabio\Impostazioni locali\Temporary Internet Files\Content.IE5\VH5JWRGT\articles[1].htm
C:\Documents and Settings\Fabio\Impostazioni locali\Temporary Internet Files\Content.IE5\VH5JWRGT\flash_player_3913034[1].exe
C:\Documents and Settings\Fabio\Impostazioni locali\Temporary Internet Files\Content.IE5\VH5JWRGT\Galaxy[1].htm
C:\Programmi\Microsoft Works\WkDetect.exe 
C:\Programmi\Norton AntiVirus\Quarantine\03D751DB.exe
C:\Programmi\Norton AntiVirus\Quarantine\04051DA8.exe
C:\Programmi\Norton AntiVirus\Quarantine\040C71A1.exe 
C:\Programmi\Norton AntiVirus\Quarantine\0412459A.exe 
C:\Programmi\Norton AntiVirus\Quarantine\093D04FD.exe
C:\Programmi\Norton AntiVirus\Quarantine\0B9A2FF4.exe
C:\Programmi\Norton AntiVirus\Quarantine\0BA103ED.exe
C:\Programmi\Norton AntiVirus\Quarantine\0BEF7397.exe
C:\Programmi\Norton AntiVirus\Quarantine\0C3E6341.exe
C:\Programmi\Norton AntiVirus\Quarantine\2A90471F.par 
C:\Programmi\Norton AntiVirus\Quarantine\2EA84ABC.exe
C:\Programmi\Norton AntiVirus\Quarantine\34117381.exe
C:\Programmi\Norton AntiVirus\Quarantine\372C4D39.exe
C:\Programmi\Norton AntiVirus\Quarantine\38AD2791.exe
C:\Programmi\Norton AntiVirus\Quarantine\390C6929.exe
C:\Programmi\Norton AntiVirus\Quarantine\39C06C0E.exe
C:\Programmi\Norton AntiVirus\Quarantine\41047492.exe
C:\Programmi\Norton AntiVirus\Quarantine\43307A87.exe
C:\Programmi\Norton AntiVirus\Quarantine\43364E80.exe
C:\Programmi\Norton AntiVirus\Quarantine\4339787C.exe
C:\Programmi\Norton AntiVirus\Quarantine\4FE9252B.tmp 
C:\Programmi\Norton AntiVirus\Quarantine\55F3485A.exe
C:\Programmi\Norton AntiVirus\Quarantine\56211427.exe
C:\Programmi\Norton AntiVirus\Quarantine\56423803.exe
C:\Programmi\Norton AntiVirus\Quarantine\566F03D1.exe
C:\Programmi\Norton AntiVirus\Quarantine\56CB1B6C.exe
C:\Programmi\Norton AntiVirus\Quarantine\5A6E596C.exe
C:\Programmi\Norton AntiVirus\Quarantine\5A775761.exe
C:\Programmi\Norton AntiVirus\Quarantine\5A7B015E.exe
C:\Programmi\Norton AntiVirus\Quarantine\5A912745.exe
C:\Programmi\Norton AntiVirus\Quarantine\5B070EC3.exe
C:\Programmi\Norton AntiVirus\Quarantine\5B1760B1.exe
C:\Programmi\Norton AntiVirus\Quarantine\5C195595.exe
C:\Programmi\Norton AntiVirus\Quarantine\79D95181.exe
C:\Programmi\ShoppingReport\Bin\2.0.26\ShoppingReport.dll
C:\WINDOWS\lasys32.exe
C:\WINDOWS\system32\bak\msrpc.exe
C:\WINDOWS\system32\tskihmdq.exe 
C:\WINDOWS\system32\upduhpxv.exe 
C:\WINDOWS\Tasks\chozzmxe.job
C:\WINDOWS\Tasks\dwiwrbor.job 
C:\WINDOWS\Tasks\eqq.job Object 
C:\WINDOWS\Tasks\eyxxmaz.job Object 
C:\WINDOWS\Tasks\foouwgi.job Object 
C:\WINDOWS\Tasks\ftuhd.job Object 
C:\WINDOWS\Tasks\gvnjywpv.job 
C:\WINDOWS\Tasks\hdexal.job 
C:\WINDOWS\Tasks\lcnoh.job
C:\WINDOWS\Tasks\lnynn.job 
C:\WINDOWS\Tasks\ovelr.job 
C:\WINDOWS\Tasks\oytaiw.job 
C:\WINDOWS\Tasks\ozxdj.job 
C:\WINDOWS\Tasks\qtts.job 
C:\WINDOWS\Tasks\temt.job 
C:\WINDOWS\Tasks\vegeg.job 
C:\WINDOWS\Tasks\xkduwzrv.job 
C:\WINDOWS\wisyst32.exe 

Folders to delete:
C:\Documents and Settings\Alberto\.housecall6.6
C:\Programmi\ShoppingReport
C:\WINDOWS\exefnd
C:\WINDOWS\exefld

Registry keys to delete:
HKLM\SYSTEM\CurrentControlSet\Services\srosa
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
HKLM\SYSTEM\CurrentControlSet\Services\pci32
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_PCI32
Avatar utente
crazy.cat
MLI Hero
MLI Hero
 
Messaggi: 30959
Iscritto il: lun gen 12, 2004 1:38 pm
Località: Mestre

Messaggioda alvin » ven gen 04, 2008 2:05 pm

Ho fatto esattamente come mi hai detto e questo è il risultato di Avenger:

Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\nqjtvwqa

*******************

Script file located at: \??\C:\Program Files\onpvtjlu.txt
Script file opened successfully.

Script file read successfully

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:



File C:\WINDOWS\system32\drivers\hidr.exe not found!
Deletion of file C:\WINDOWS\system32\drivers\hidr.exe failed!

Could not process line:
C:\WINDOWS\system32\drivers\hidr.exe
Status: 0xc0000034

File C:\WINDOWS\system32\drivers\hldrrr.exe deleted successfully.
File C:\WINDOWS\system32\drivers\srosa.sys deleted successfully.


File C:\WINDOWS\system32\wintems.exe not found!
Deletion of file C:\WINDOWS\system32\wintems.exe failed!

Could not process line:
C:\WINDOWS\system32\wintems.exe
Status: 0xc0000034



File C:\WINDOWS\system32\hldrrr.exe not found!
Deletion of file C:\WINDOWS\system32\hldrrr.exe failed!

Could not process line:
C:\WINDOWS\system32\hldrrr.exe
Status: 0xc0000034



File C:\WINDOWS\system32\trusted.exe not found!
Deletion of file C:\WINDOWS\system32\trusted.exe failed!

Could not process line:
C:\WINDOWS\system32\trusted.exe
Status: 0xc0000034



File C:\WINDOWS\system32\drivers\pci32.sys not found!
Deletion of file C:\WINDOWS\system32\drivers\pci32.sys failed!

Could not process line:
C:\WINDOWS\system32\drivers\pci32.sys
Status: 0xc0000034

File C:\Documents and Settings\Alberto\Desktop\Incoming\AnvSoft Flash to 3GP Converter 5.0.zip deleted successfully.
File C:\Documents and Settings\Alberto\Desktop\Incoming\Anvsoft Flash to iPod Converter 2.12 [Key].zip deleted successfully.
File C:\Documents and Settings\Fabio\Impostazioni locali\Temp\dm_0182.exe deleted successfully.
File C:\Documents and Settings\Fabio\Impostazioni locali\Temporary Internet Files\Content.IE5\RU201K59\Galaxy[1].htm deleted successfully.
File C:\Documents and Settings\Fabio\Impostazioni locali\Temporary Internet Files\Content.IE5\RU201K59\index[11].htm deleted successfully.
File C:\Documents and Settings\Fabio\Impostazioni locali\Temporary Internet Files\Content.IE5\VH5JWRGT\articles[1].htm deleted successfully.
File C:\Documents and Settings\Fabio\Impostazioni locali\Temporary Internet Files\Content.IE5\VH5JWRGT\flash_player_3913034[1].exe deleted successfully.
File C:\Documents and Settings\Fabio\Impostazioni locali\Temporary Internet Files\Content.IE5\VH5JWRGT\Galaxy[1].htm deleted successfully.
File C:\Programmi\Microsoft Works\WkDetect.exe deleted successfully.
File C:\Programmi\Norton AntiVirus\Quarantine\03D751DB.exe deleted successfully.
File C:\Programmi\Norton AntiVirus\Quarantine\04051DA8.exe deleted successfully.
File C:\Programmi\Norton AntiVirus\Quarantine\040C71A1.exe deleted successfully.
File C:\Programmi\Norton AntiVirus\Quarantine\0412459A.exe deleted successfully.
File C:\Programmi\Norton AntiVirus\Quarantine\093D04FD.exe deleted successfully.
File C:\Programmi\Norton AntiVirus\Quarantine\0B9A2FF4.exe deleted successfully.
File C:\Programmi\Norton AntiVirus\Quarantine\0BA103ED.exe deleted successfully.
File C:\Programmi\Norton AntiVirus\Quarantine\0BEF7397.exe deleted successfully.
File C:\Programmi\Norton AntiVirus\Quarantine\0C3E6341.exe deleted successfully.
File C:\Programmi\Norton AntiVirus\Quarantine\2A90471F.par deleted successfully.
File C:\Programmi\Norton AntiVirus\Quarantine\2EA84ABC.exe deleted successfully.
File C:\Programmi\Norton AntiVirus\Quarantine\34117381.exe deleted successfully.
File C:\Programmi\Norton AntiVirus\Quarantine\372C4D39.exe deleted successfully.
File C:\Programmi\Norton AntiVirus\Quarantine\38AD2791.exe deleted successfully.
File C:\Programmi\Norton AntiVirus\Quarantine\390C6929.exe deleted successfully.
File C:\Programmi\Norton AntiVirus\Quarantine\39C06C0E.exe deleted successfully.
File C:\Programmi\Norton AntiVirus\Quarantine\41047492.exe deleted successfully.
File C:\Programmi\Norton AntiVirus\Quarantine\43307A87.exe deleted successfully.
File C:\Programmi\Norton AntiVirus\Quarantine\43364E80.exe deleted successfully.
File C:\Programmi\Norton AntiVirus\Quarantine\4339787C.exe deleted successfully.
File C:\Programmi\Norton AntiVirus\Quarantine\4FE9252B.tmp deleted successfully.
File C:\Programmi\Norton AntiVirus\Quarantine\55F3485A.exe deleted successfully.
File C:\Programmi\Norton AntiVirus\Quarantine\56211427.exe deleted successfully.
File C:\Programmi\Norton AntiVirus\Quarantine\56423803.exe deleted successfully.
File C:\Programmi\Norton AntiVirus\Quarantine\566F03D1.exe deleted successfully.
File C:\Programmi\Norton AntiVirus\Quarantine\56CB1B6C.exe deleted successfully.
File C:\Programmi\Norton AntiVirus\Quarantine\5A6E596C.exe deleted successfully.
File C:\Programmi\Norton AntiVirus\Quarantine\5A775761.exe deleted successfully.
File C:\Programmi\Norton AntiVirus\Quarantine\5A7B015E.exe deleted successfully.
File C:\Programmi\Norton AntiVirus\Quarantine\5A912745.exe deleted successfully.
File C:\Programmi\Norton AntiVirus\Quarantine\5B070EC3.exe deleted successfully.
File C:\Programmi\Norton AntiVirus\Quarantine\5B1760B1.exe deleted successfully.
File C:\Programmi\Norton AntiVirus\Quarantine\5C195595.exe deleted successfully.
File C:\Programmi\Norton AntiVirus\Quarantine\79D95181.exe deleted successfully.
File C:\Programmi\ShoppingReport\Bin\2.0.26\ShoppingReport.dll deleted successfully.
File C:\WINDOWS\lasys32.exe deleted successfully.
File C:\WINDOWS\system32\bak\msrpc.exe deleted successfully.
File C:\WINDOWS\system32\tskihmdq.exe deleted successfully.
File C:\WINDOWS\system32\upduhpxv.exe deleted successfully.
File C:\WINDOWS\Tasks\chozzmxe.job deleted successfully.
File C:\WINDOWS\Tasks\dwiwrbor.job deleted successfully.


File C:\WINDOWS\Tasks\eqq.job Object not found!
Deletion of file C:\WINDOWS\Tasks\eqq.job Object failed!

Could not process line:
C:\WINDOWS\Tasks\eqq.job Object
Status: 0xc0000034



File C:\WINDOWS\Tasks\eyxxmaz.job Object not found!
Deletion of file C:\WINDOWS\Tasks\eyxxmaz.job Object failed!

Could not process line:
C:\WINDOWS\Tasks\eyxxmaz.job Object
Status: 0xc0000034



File C:\WINDOWS\Tasks\foouwgi.job Object not found!
Deletion of file C:\WINDOWS\Tasks\foouwgi.job Object failed!

Could not process line:
C:\WINDOWS\Tasks\foouwgi.job Object
Status: 0xc0000034



File C:\WINDOWS\Tasks\ftuhd.job Object not found!
Deletion of file C:\WINDOWS\Tasks\ftuhd.job Object failed!

Could not process line:
C:\WINDOWS\Tasks\ftuhd.job Object
Status: 0xc0000034

File C:\WINDOWS\Tasks\gvnjywpv.job deleted successfully.
File C:\WINDOWS\Tasks\hdexal.job deleted successfully.
File C:\WINDOWS\Tasks\lcnoh.job deleted successfully.
File C:\WINDOWS\Tasks\lnynn.job deleted successfully.
File C:\WINDOWS\Tasks\ovelr.job deleted successfully.
File C:\WINDOWS\Tasks\oytaiw.job deleted successfully.
File C:\WINDOWS\Tasks\ozxdj.job deleted successfully.
File C:\WINDOWS\Tasks\qtts.job deleted successfully.
File C:\WINDOWS\Tasks\temt.job deleted successfully.
File C:\WINDOWS\Tasks\vegeg.job deleted successfully.
File C:\WINDOWS\Tasks\xkduwzrv.job deleted successfully.
File C:\WINDOWS\wisyst32.exe deleted successfully.
Folder C:\Documents and Settings\Alberto\.housecall6.6 deleted successfully.
Folder C:\Programmi\ShoppingReport deleted successfully.


Folder C:\WINDOWS\exefnd not found!
Deletion of folder C:\WINDOWS\exefnd failed!

Could not process line:
C:\WINDOWS\exefnd
Status: 0xc0000034



Folder C:\WINDOWS\exefld not found!
Deletion of folder C:\WINDOWS\exefld failed!

Could not process line:
C:\WINDOWS\exefld
Status: 0xc0000034

Registry key HKLM\SYSTEM\CurrentControlSet\Services\srosa deleted successfully.
Registry key HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA deleted successfully.


Registry key HKLM\SYSTEM\CurrentControlSet\Services\pci32 not found!
Deletion of registry key HKLM\SYSTEM\CurrentControlSet\Services\pci32 failed!

Could not process line:
HKLM\SYSTEM\CurrentControlSet\Services\pci32
Status: 0xc0000034



Registry key HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_PCI32 not found!
Deletion of registry key HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_PCI32 failed!

Could not process line:
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_PCI32
Status: 0xc0000034


Completed script processing.

*******************

Finished! Terminate.


Credo che vada tutto bene.. Ad ogni modo ora sia Avast che Sygate funzionano! L'unica cosa che non capisco è come mai la connessione (alice) salti dopo qualche minuto la prima volta e poi subito dopo la riconnessione tutto procede bene...

Comunque... GRAZIE MILLE!!!!!!!! SIETE GRANDI!!! [^]
Avatar utente
alvin
Aficionado
Aficionado
 
Messaggi: 46
Iscritto il: dom feb 11, 2007 7:27 pm


Torna a Sicurezza

Chi c’è in linea

Visitano il forum: Nessuno e 5 ospiti

Powered by phpBB © 2002, 2005, 2007, 2008 phpBB Group
Traduzione Italiana phpBB.it

megalab.it: testata telematica quotidiana registrata al Tribunale di Cosenza n. 22/09 del 13.08.2009, editore Master New Media S.r.l.; © Copyright 2008 Master New Media S.r.l. a socio unico - P.I. 02947530784. GRUPPO EDIZIONI MASTER Spa Tutti i diritti sono riservati. Per la pubblicità: Master Advertising