Punto informatico Network
Login Esegui login | Non sei registrato? Iscriviti ora (è gratuito!)
Username: Password:
  • Annuncio Pubblicitario

Scansione gmer

Un virus si è intromesso nel tuo computer? Vuoi navigare in tutta sicurezza? Sono sicure le transazione online? Come impedire a malintenzionati di intromettersi nel tuo pc? Come proteggere i tuoi dati? Qui trovi le risposte a queste ed altre domande

Rispondi al messaggio

Scansione gmer

Messaggioda maurino71 » dom gen 13, 2008 12:14 pm

ciao a tutti,non so se e' la sezione giusta per postare il mio problema,in altro caso chiedo scusa....
ho effettuato una scansione con gmer per il fatto che sono alcuni giorni che programmi copme spyware terminator,nod32 no mi eseguono gli aggiornamenti e per la precisione spyware terminator rileva gli aggiornamenti ma non li esegue se non manualmente,invece nod32 addirittura oltre agli aggornamenti non mi esegue neppure l'avvio automatico.
il problema con gmer sta che il mi manda in crash il sistema con relativa videata blu con la relativa scritta:
MULTIPLE_IRP_COMPLETE_REQUESTS.
***STOP:0X00000044(0X82A16B70,0X00000D63,0X00000000,0X00000000

se puo' essere utile vi allego anche il log di hijackthis:


Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 11.28.16, on 13/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\File comuni\Acronis\Schedule2\schedul2.exe
C:\Programmi\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\Programmi\Agnitum\Outpost Firewall\outpost.exe
C:\PROGRA~1\SPYWAR~1\sp_rsser.exe
C:\Programmi\DynDNS Updater\DynDNS.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\Programmi\Java\jre1.6.0_02\bin\jusched.exe
C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe
C:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE
C:\WINDOWS\CY_BG.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Programmi\File comuni\Acronis\Schedule2\schedhlp.exe
C:\WINDOWS\CY_NINT.exe
C:\Programmi\TrojanHunter 4.7\THGuard.exe
C:\WINDOWS\system32\oodtray.exe
C:\Programmi\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programmi\Eraser\eraser.exe
C:\Programmi\TweakRAM\TweakRAM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\ESET\nod32kui.exe
C:\Programmi\Opera\Opera.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Maurino\Desktop\Nuova cartella\e\HiJackThis_v2.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Maurino
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Programmi\Internet Download Manager\IDMIECC.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Programmi\Crawler\ctbr.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O3 - Toolbar: LEC - {1DBAB667-A486-421e-AFE4-CF07DD0088E5} - C:\Programmi\Power Translator 10\Applications\LEC IE Translation Extension.dll
O3 - Toolbar: Toolbar &Crawler - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Programmi\Crawler\ctbr.dll
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [EPSON Stylus DX4800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE /P26 "EPSON Stylus DX4800 Series" /O6 "USB001" /M "Stylus DX4800"
O4 - HKLM\..\Run: [CY_BG] C:\WINDOWS\CY_BG.EXE
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Programmi\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Programmi\File comuni\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [THGuard] "C:\Programmi\TrojanHunter 4.7\THGuard.exe"
O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe
O4 - HKLM\..\Run: [AWMON] "C:\Programmi\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [SDTray] C:\Programmi\Spyware Doctor\SDTrayApp.exe
O4 - HKLM\..\Run: [BDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
O4 - HKLM\..\Run: [BDAgent] "C:\Programmi\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [Eraser] C:\Programmi\Eraser\eraser.exe -hide
O4 - HKCU\..\Run: [TweakRAM] C:\Programmi\TweakRAM\TweakRAM.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: Download All Links with IDM - C:\Programmi\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Programmi\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Outpost Firewall Pro Regolazione rapida - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Programmi\Agnitum\Outpost Firewall\Plugins\BrowserBar\ie_bar.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 7274453171
O16 - DPF: {A364AF35-0CDF-41E8-8F3B-E0E55E15EBA1} (Zenturi Active Programs Control) - http://www.programchecker.com/dll/nixon.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2F6C5154-1D58-4ECB-A03F-A81D5CFFB5DC}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS1\Services\Tcpip\..\{2F6C5154-1D58-4ECB-A03F-A81D5CFFB5DC}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Programmi\Crawler\ctbr.dll
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Programmi\File comuni\Acronis\Schedule2\schedul2.exe
O23 - Service: DynDNS Updater Service (DynDNS_Updater_Service) - Kana Solution - C:\Programmi\DynDNS Updater\DynDNS.exe
O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Programmi\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\Programmi\Agnitum\Outpost Firewall\outpost.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Programmi\SiSoftware\SiSoftware Sandra Lite XIIc\Win32\RpcDataSrv.exe
O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Programmi\SiSoftware\SiSoftware Sandra Lite XIIc\RpcSandraSrv.exe
O23 - Service: Spyware Terminator Clam Service (sp_clamsrv) - Crawler.com - C:\Programmi\WinClamAVShield\sp_clamsrv.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\PROGRA~1\SPYWAR~1\sp_rsser.exe

--
End of file - 10160 bytes


grazie mille per l'aiuto

ciaociao


[uhm] [uhm] [uhm] [uhm]
Avatar utente
maurino71
Senior Member
Senior Member
 
Messaggi: 248
Iscritto il: dom nov 12, 2006 11:45 am
Località: lonato(bs)
Top

Messaggioda ste_95 » dom gen 13, 2008 12:26 pm

Cioè NOD32 è stato improvvisamente eliminato dal sistema?
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am
Top

Messaggioda maurino71 » dom gen 13, 2008 12:38 pm

no l'antivirus non e' stato eliminato,in precedenza avevo bitdefender,poi l'ho eliminato perche' mi dava dei problemi ed ho reinstalllato nod32,solo che ora oltre a non eseguire gli aggiornamenti non mi parte neppure l'avvio automatico con l'avvio del sistema
Avatar utente
maurino71
Senior Member
Senior Member
 
Messaggi: 248
Iscritto il: dom nov 12, 2006 11:45 am
Località: lonato(bs)
Top
Top

Messaggioda ste_95 » dom gen 13, 2008 12:40 pm

[uhm] Esegui la scansione online con kaspersky se riesci [uhm]
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am
Top

Messaggioda maurino71 » dom gen 13, 2008 12:43 pm

l'ho gia fatta sia con trendmicro che con eset,ma non e' stato rilevato assolutamente niente
Avatar utente
maurino71
Senior Member
Senior Member
 
Messaggi: 248
Iscritto il: dom nov 12, 2006 11:45 am
Località: lonato(bs)
Top

Messaggioda ste_95 » dom gen 13, 2008 12:48 pm

Kaspersky ha un motore diverso e migliore... Essendo impossibilitati all'uso di GMER e vedendo hijackthis pulito...
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am
Top

Messaggioda maurino71 » dom gen 13, 2008 3:25 pm

provo e poi riferisco
Avatar utente
maurino71
Senior Member
Senior Member
 
Messaggi: 248
Iscritto il: dom nov 12, 2006 11:45 am
Località: lonato(bs)
Top

Messaggioda maurino71 » dom gen 13, 2008 4:03 pm

scansione eseguita,ecco il log

C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\ODiag.evt Object is locked skipped
C:\WINDOWS\system32\config\OSession.evt Object is locked skipped
C:\WINDOWS\system32\config\Paramete.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\JET4779.tmp Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
C:\DOCUME~1\Maurino\IMPOST~1\Temp\110.tmp/data0005 Infected: not-a-virus:AdWare.Win32.BHO.kj skipped
C:\DOCUME~1\Maurino\IMPOST~1\Temp\110.tmp NSIS: infected - 1 skipped
C:\DOCUME~1\Maurino\IMPOST~1\Temp\Perflib_Perfdata_894.dat Object is locked skipped

Scan process completed.


ha trovato un adaware...not-a-virus:AdWare.Win32.BHO.kj

che posso fare per toglierlo?????
Avatar utente
maurino71
Senior Member
Senior Member
 
Messaggi: 248
Iscritto il: dom nov 12, 2006 11:45 am
Località: lonato(bs)
Top

Messaggioda ste_95 » dom gen 13, 2008 4:10 pm

Esegui una pulizia con CCleaner.
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am
Top

Messaggioda maurino71 » dom gen 13, 2008 4:28 pm

pulizia eseguita,pero'il problema persiste,forse il problema risiede altrove.....accetto consigli

[cry] [cry] [cry] [cry]
Avatar utente
maurino71
Senior Member
Senior Member
 
Messaggi: 248
Iscritto il: dom nov 12, 2006 11:45 am
Località: lonato(bs)
Top

Messaggioda ste_95 » dom gen 13, 2008 4:55 pm

Noto ora che la scansione con kaspersky è stata eseguita solamente delle aree critiche, non dell'intero computer.
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am
Top

Messaggioda maurino71 » dom gen 13, 2008 9:49 pm

dopo l'errore,ecco che ho rifatto la scansione.......il risultato non e' bello.
Log:


-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Sunday, January 13, 2008 9:49:08 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 13/01/2008
Kaspersky Anti-Virus database records: 510092
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
G:\
H:\

Scan Statistics:
Total number of scanned objects: 146288
Number of viruses found: 14
Number of infected objects: 45
Number of suspicious objects: 0
Duration of the scan process: 03:08:30

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Maurino\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Maurino\Dati applicazioni\Mozilla\Firefox\Profiles\gmn0v9az.default\cert8.db Object is locked skipped
C:\Documents and Settings\Maurino\Dati applicazioni\Mozilla\Firefox\Profiles\gmn0v9az.default\formhistory.dat Object is locked skipped
C:\Documents and Settings\Maurino\Dati applicazioni\Mozilla\Firefox\Profiles\gmn0v9az.default\GoogleToolbarData\googlesafebrowsing.db Object is locked skipped
C:\Documents and Settings\Maurino\Dati applicazioni\Mozilla\Firefox\Profiles\gmn0v9az.default\history.dat Object is locked skipped
C:\Documents and Settings\Maurino\Dati applicazioni\Mozilla\Firefox\Profiles\gmn0v9az.default\key3.db Object is locked skipped
C:\Documents and Settings\Maurino\Dati applicazioni\Mozilla\Firefox\Profiles\gmn0v9az.default\parent.lock Object is locked skipped
C:\Documents and Settings\Maurino\Dati applicazioni\Mozilla\Firefox\Profiles\gmn0v9az.default\search.sqlite Object is locked skipped
C:\Documents and Settings\Maurino\Dati applicazioni\Mozilla\Firefox\Profiles\gmn0v9az.default\urlclassifier2.sqlite Object is locked skipped
C:\Documents and Settings\Maurino\Desktop\Nuova cartella\Romina\[PROGRAMMI_PC]_-_SeCuRiTy_PaCk_2007_By_Alexander_y_Yndio_(update_05.07.2007).rar/[PROGRAMMI PC] - SeCuRiTy PaCk 2007 By Alexander y Yndio (update 05.07.2007)/[PROGRAMMI PC] - Nuke Nabber v2.9 beta.rar/nn29b.exe/Report.exe Infected: not-a-virus:NetTool.Win32.NukeNabber.21 skipped
C:\Documents and Settings\Maurino\Desktop\Nuova cartella\Romina\[PROGRAMMI_PC]_-_SeCuRiTy_PaCk_2007_By_Alexander_y_Yndio_(update_05.07.2007).rar/[PROGRAMMI PC] - SeCuRiTy PaCk 2007 By Alexander y Yndio (update 05.07.2007)/[PROGRAMMI PC] - Nuke Nabber v2.9 beta.rar/nn29b.exe/nukenabber.exe Infected: not-a-virus:NetTool.Win32.NukeNabber.21 skipped
C:\Documents and Settings\Maurino\Desktop\Nuova cartella\Romina\[PROGRAMMI_PC]_-_SeCuRiTy_PaCk_2007_By_Alexander_y_Yndio_(update_05.07.2007).rar/[PROGRAMMI PC] - SeCuRiTy PaCk 2007 By Alexander y Yndio (update 05.07.2007)/[PROGRAMMI PC] - Nuke Nabber v2.9 beta.rar/nn29b.exe Infected: not-a-virus:NetTool.Win32.NukeNabber.21 skipped
C:\Documents and Settings\Maurino\Desktop\Nuova cartella\Romina\[PROGRAMMI_PC]_-_SeCuRiTy_PaCk_2007_By_Alexander_y_Yndio_(update_05.07.2007).rar/[PROGRAMMI PC] - SeCuRiTy PaCk 2007 By Alexander y Yndio (update 05.07.2007)/[PROGRAMMI PC] - Nuke Nabber v2.9 beta.rar Infected: not-a-virus:NetTool.Win32.NukeNabber.21 skipped
C:\Documents and Settings\Maurino\Desktop\Nuova cartella\Romina\[PROGRAMMI_PC]_-_SeCuRiTy_PaCk_2007_By_Alexander_y_Yndio_(update_05.07.2007).rar RAR: infected - 4 skipped
C:\Documents and Settings\Maurino\Documenti\Sw\load_www.sourceparadise.org.rar/cryptload/router/FRITZ!Box/nc.exe Infected: not-a-virus:RemoteAdmin.Win32.NetCat skipped
C:\Documents and Settings\Maurino\Documenti\Sw\load_www.sourceparadise.org.rar RAR: infected - 1 skipped
C:\Documents and Settings\Maurino\Documenti\Sw\VistaTP7.exe/WISE0030.BIN Infected: not-a-virus:RiskTool.Win32.PsKill.e skipped
C:\Documents and Settings\Maurino\Documenti\Sw\VistaTP7.exe WiseSFX: infected - 1 skipped
C:\Documents and Settings\Maurino\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Maurino\Impostazioni locali\Cronologia\History.IE5\MSHist012008011320080114\index.dat Object is locked skipped
C:\Documents and Settings\Maurino\Impostazioni locali\Dati applicazioni\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\Maurino\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Maurino\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Maurino\Impostazioni locali\Dati applicazioni\Mozilla\Firefox\Profiles\gmn0v9az.default\Cache\_CACHE_001_ Object is locked skipped
C:\Documents and Settings\Maurino\Impostazioni locali\Dati applicazioni\Mozilla\Firefox\Profiles\gmn0v9az.default\Cache\_CACHE_002_ Object is locked skipped
C:\Documents and Settings\Maurino\Impostazioni locali\Dati applicazioni\Mozilla\Firefox\Profiles\gmn0v9az.default\Cache\_CACHE_003_ Object is locked skipped
C:\Documents and Settings\Maurino\Impostazioni locali\Dati applicazioni\Mozilla\Firefox\Profiles\gmn0v9az.default\Cache\_CACHE_MAP_ Object is locked skipped
C:\Documents and Settings\Maurino\Impostazioni locali\Temp\Perflib_Perfdata_894.dat Object is locked skipped
C:\Documents and Settings\Maurino\Impostazioni locali\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\Maurino\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Maurino\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Maurino\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Maurino\UserData\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Programmi\Agnitum\Outpost Firewall\op_data.ldb Object is locked skipped
C:\Programmi\Agnitum\Outpost Firewall\op_data.mdb Object is locked skipped
C:\Programmi\ESET\cache\CACHE.NDB Object is locked skipped
C:\Programmi\ESET\logs\virlog.dat Object is locked skipped
C:\Programmi\ESET\logs\warnlog.dat Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{DAD547BD-72D8-420D-BDC9-018590A9EE99}\RP119\A0047688.exe/SubSeven.exe Infected: Backdoor.Win32.SubSeven.213.bonus skipped
C:\System Volume Information\_restore{DAD547BD-72D8-420D-BDC9-018590A9EE99}\RP119\A0047688.exe/EditServer.exe Infected: Backdoor.Win32.SubSeven.213.bonus skipped
C:\System Volume Information\_restore{DAD547BD-72D8-420D-BDC9-018590A9EE99}\RP119\A0047688.exe/server.exe Infected: Backdoor.Win32.SubSeven.213.bonus skipped
C:\System Volume Information\_restore{DAD547BD-72D8-420D-BDC9-018590A9EE99}\RP119\A0047688.exe ZIP: infected - 3 skipped
C:\System Volume Information\_restore{DAD547BD-72D8-420D-BDC9-018590A9EE99}\RP121\A0050063.dll Infected: not-a-virus:AdWare.Win32.BHO.kj skipped
C:\System Volume Information\_restore{DAD547BD-72D8-420D-BDC9-018590A9EE99}\RP123\A0051457.dll Infected: not-a-virus:AdWare.Win32.BHO.ic skipped
C:\System Volume Information\_restore{DAD547BD-72D8-420D-BDC9-018590A9EE99}\RP123\A0051458.exe Infected: not-a-virus:AdWare.Win32.BHO.cc skipped
C:\System Volume Information\_restore{DAD547BD-72D8-420D-BDC9-018590A9EE99}\RP127\change.log Object is locked skipped
C:\System Volume Information\_restore{DAD547BD-72D8-420D-BDC9-018590A9EE99}\RP88\A0036990.dll Infected: Trojan-PSW.Win32.Sinowal.fu skipped
C:\System Volume Information\_restore{DAD547BD-72D8-420D-BDC9-018590A9EE99}\RP88\A0037018.dll Infected: Trojan-PSW.Win32.Sinowal.fw skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\ODiag.evt Object is locked skipped
C:\WINDOWS\system32\config\OSession.evt Object is locked skipped
C:\WINDOWS\system32\config\Paramete.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\JET4779.tmp Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
D:\a\Nuova cartella (2)\EuMeNiDe-mIrc.rar/EuMeNiDe-mIrc/Mirc-EuMeNiDe-2007.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.616 skipped
D:\a\Nuova cartella (2)\EuMeNiDe-mIrc.rar RAR: infected - 1 skipped
D:\EuMeNiDe-mIrc\download\[PROGRAMMI_PC]_-_SeCuRiTy_PaCk_2007_By_Alexander_y_Yndio_(update_05.07.2007).rar/[PROGRAMMI PC] - SeCuRiTy PaCk 2007 By Alexander y Yndio (update 05.07.2007)/[PROGRAMMI PC] - Nuke Nabber v2.9 beta.rar/nn29b.exe/Report.exe Infected: not-a-virus:NetTool.Win32.NukeNabber.21 skipped
D:\EuMeNiDe-mIrc\download\[PROGRAMMI_PC]_-_SeCuRiTy_PaCk_2007_By_Alexander_y_Yndio_(update_05.07.2007).rar/[PROGRAMMI PC] - SeCuRiTy PaCk 2007 By Alexander y Yndio (update 05.07.2007)/[PROGRAMMI PC] - Nuke Nabber v2.9 beta.rar/nn29b.exe/nukenabber.exe Infected: not-a-virus:NetTool.Win32.NukeNabber.21 skipped
D:\EuMeNiDe-mIrc\download\[PROGRAMMI_PC]_-_SeCuRiTy_PaCk_2007_By_Alexander_y_Yndio_(update_05.07.2007).rar/[PROGRAMMI PC] - SeCuRiTy PaCk 2007 By Alexander y Yndio (update 05.07.2007)/[PROGRAMMI PC] - Nuke Nabber v2.9 beta.rar/nn29b.exe Infected: not-a-virus:NetTool.Win32.NukeNabber.21 skipped
D:\EuMeNiDe-mIrc\download\[PROGRAMMI_PC]_-_SeCuRiTy_PaCk_2007_By_Alexander_y_Yndio_(update_05.07.2007).rar/[PROGRAMMI PC] - SeCuRiTy PaCk 2007 By Alexander y Yndio (update 05.07.2007)/[PROGRAMMI PC] - Nuke Nabber v2.9 beta.rar Infected: not-a-virus:NetTool.Win32.NukeNabber.21 skipped
D:\EuMeNiDe-mIrc\download\[PROGRAMMI_PC]_-_SeCuRiTy_PaCk_2007_By_Alexander_y_Yndio_(update_05.07.2007).rar RAR: infected - 4 skipped
D:\EuMeNiDe-mIrc\Mirc-EuMeNiDe-2007.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.616 skipped
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
D:\System Volume Information\_restore{D435715E-5AF2-4B91-A916-4D99D3077F1F}\RP27\A0011493.exe/Toolbar.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch.bm skipped
D:\System Volume Information\_restore{D435715E-5AF2-4B91-A916-4D99D3077F1F}\RP27\A0011493.exe RAR: infected - 1 skipped
D:\System Volume Information\_restore{DAD547BD-72D8-420D-BDC9-018590A9EE99}\RP127\change.log Object is locked skipped
E:\DownThemAll\vtp7.zip_/Vista Transformation Pack 7.0.exe/WISE0030.BIN Infected: not-a-virus:RiskTool.Win32.PsKill.e skipped
E:\DownThemAll\vtp7.zip_/Vista Transformation Pack 7.0.exe Infected: not-a-virus:RiskTool.Win32.PsKill.e skipped
E:\DownThemAll\vtp7.zip_ ZIP: infected - 2 skipped
E:\programmi\8download.manager.rar/8DM.exe/AutoPlay/Docs/Crack/DAP.exe Infected: Trojan-Spy.Win32.Banker.fzf skipped
E:\programmi\8download.manager.rar/8DM.exe/AutoPlay/Docs/Crack_1/DAP.exe Infected: Trojan-Spy.Win32.Banker.fzf skipped
E:\programmi\8download.manager.rar/8DM.exe/AutoPlay/Docs/DAP.exe Infected: Trojan-Spy.Win32.Banker.fzf skipped
E:\programmi\8download.manager.rar/8DM.exe Infected: Trojan-Spy.Win32.Banker.fzf skipped
E:\programmi\8download.manager.rar RAR: infected - 4 skipped
E:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
E:\System Volume Information\_restore{DAD547BD-72D8-420D-BDC9-018590A9EE99}\RP127\change.log Object is locked skipped
G:\f\EuMeNiDe-mIrc.rar/EuMeNiDe-mIrc/Mirc-EuMeNiDe-2007.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.616 skipped
G:\f\EuMeNiDe-mIrc.rar RAR: infected - 1 skipped
G:\f\Vista Transformation Pack 6.0 Final.rar/Vista Transformation Pack 6.0 Final/Vista Transformation Pack 6.0.exe/WISE0030.BIN Infected: not-a-virus:RiskTool.Win32.CloseApp.a skipped
G:\f\Vista Transformation Pack 6.0 Final.rar/Vista Transformation Pack 6.0 Final/Vista Transformation Pack 6.0.exe/WISE0053.BIN/WISE0005.BIN Infected: not-a-virus:RiskTool.Win32.CloseApp.a skipped
G:\f\Vista Transformation Pack 6.0 Final.rar/Vista Transformation Pack 6.0 Final/Vista Transformation Pack 6.0.exe/WISE0053.BIN Infected: not-a-virus:RiskTool.Win32.CloseApp.a skipped
G:\f\Vista Transformation Pack 6.0 Final.rar/Vista Transformation Pack 6.0 Final/Vista Transformation Pack 6.0.exe Infected: not-a-virus:RiskTool.Win32.CloseApp.a skipped
G:\f\Vista Transformation Pack 6.0 Final.rar RAR: infected - 4 skipped
G:\f\Winrar_2007_Crystal_Edition___Crack.rar/Winrar 2007 Crystal Edition + Crack/Winrar3.70_Crack.exe Infected: Backdoor.Win32.Bifrose.afs skipped
G:\f\Winrar_2007_Crystal_Edition___Crack.rar RAR: infected - 1 skipped

Scan process completed.



a parte i sw,come posso ripulire il mio so???


[cry] [cry] [cry] [cry]
Avatar utente
maurino71
Senior Member
Senior Member
 
Messaggi: 248
Iscritto il: dom nov 12, 2006 11:45 am
Località: lonato(bs)
Top

Messaggioda ste_95 » dom gen 13, 2008 9:51 pm

Un'ultima richiesta: Così com'è la scansione è pressoché illeggibile, potresti salvare il risultato assegnatoti in formato html e allegarlo a un post?
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am
Top

Messaggioda maurino71 » dom gen 13, 2008 9:58 pm

scusami,ora ti mando il file in formato html............
ehm,ehm,come ti mando il file in formato html?????a volte e' brutta l'ignoranza
Avatar utente
maurino71
Senior Member
Senior Member
 
Messaggi: 248
Iscritto il: dom nov 12, 2006 11:45 am
Località: lonato(bs)
Top
Rispondi al messaggio

Torna a Sicurezza

Chi c’è in linea

Visitano il forum: Nessuno e 14 ospiti

cron
Powered by phpBB © 2002, 2005, 2007, 2008 phpBB Group
Traduzione Italiana phpBB.it

megalab.it: testata telematica quotidiana registrata al Tribunale di Cosenza n. 22/09 del 13.08.2009, editore Master New Media S.r.l.; © Copyright 2008 Master New Media S.r.l. a socio unico - P.I. 02947530784. GRUPPO EDIZIONI MASTER Spa Tutti i diritti sono riservati. Per la pubblicità: Master Advertising