Punto informatico Network
Login Esegui login | Non sei registrato? Iscriviti ora (è gratuito!)
Username: Password:
  • Annuncio Pubblicitario

ancora bagle (object is locked skipped)

Un virus si è intromesso nel tuo computer? Vuoi navigare in tutta sicurezza? Sono sicure le transazione online? Come impedire a malintenzionati di intromettersi nel tuo pc? Come proteggere i tuoi dati? Qui trovi le risposte a queste ed altre domande

Rispondi al messaggio

ancora bagle (object is locked skipped)

Messaggioda girovaga » ven gen 25, 2008 11:04 am

ciao è da un po' di giorni che leggo il forum e so che ne avete già parlato tantissimo di bagle ma non ne vengo fuori.

innanzi tutto quando kaspersky trova un file e ci scrive "object is locked skipped"
cosa significa?
non è riuscito a controllare il file? lo ha saltato? perché?

e poi come potete vedere dal report che segue ha trovato 7 file infetti nella cartella C:\Documents and Settings\teresa\Impostazioni locali\Temporary Internet Files\Content.IE5\
posso cancellare completamente tutto il contenuto (files e cartelle) della cartella content.ie5?

grazie a tutti per tutto quello che avete scritto ...ho imparato tante cose.

segue report:


-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
venerdì 25 gennaio 2008 10.08.06
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 25/01/2008
Kaspersky Anti-Virus database records: 496983
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: standard
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\

Scan Statistics:
Total number of scanned objects: 87901
Number of viruses found: 1
Number of infected objects: 7
Number of suspicious objects: 0
Duration of the scan process: 00:59:19

Infected Object Name / Virus Name / Last Action
C:\4760\Apache2\logs\access.log Object is locked skipped
C:\4760\Apache2\logs\error.log Object is locked skipped
C:\4760\data\alarms.db Object is locked skipped
C:\4760\data\nmc5.db Object is locked skipped
C:\4760\data\nmc5.log Object is locked skipped
C:\4760\data\notify\channel-0 Object is locked skipped
C:\4760\data\notify\channel-1 Object is locked skipped
C:\4760\data\notify\channel-2 Object is locked skipped
C:\4760\data\notify\channel-3 Object is locked skipped
C:\4760\data\notify\channel_factory Object is locked skipped
C:\4760\data\notify\log.0000000001 Object is locked skipped
C:\4760\data\reporting.db Object is locked skipped
C:\4760\data\voip.db Object is locked skipped
C:\4760\Log\NMCCMISD_1.log Object is locked skipped
C:\4760\Log\NMCCOM_SERVER_1.log Object is locked skipped
C:\4760\Log\NMCCOM_SERVER_FtpProxy_1.log Object is locked skipped
C:\4760\Log\NMCCOM_SERVER_HttpFrame_1.log Object is locked skipped
C:\4760\Log\NMCCOM_SERVER_ModemMonitor_1.log Object is locked skipped
C:\4760\Log\NMCexecdex_1.log Object is locked skipped
C:\4760\Log\NMCExtractor_1.log Object is locked skipped
C:\4760\Log\NMCFaultManager_1.log Object is locked skipped
C:\4760\Log\NMCFaultManager_AlarmTrigger_1.log Object is locked skipped
C:\4760\Log\NMCFaultManager_IARService_1.log Object is locked skipped
C:\4760\Log\NMCFaultManager_OfficeDefinitionsReader_1.log Object is locked skipped
C:\4760\Log\NMCFaultManager_OfficeReceiver_1.log Object is locked skipped
C:\4760\Log\NMCGCS_Admin_1.log Object is locked skipped
C:\4760\Log\NMCGCS_Config_1.log Object is locked skipped
C:\4760\Log\NMCLdapPlugins_1.log Object is locked skipped
C:\4760\Log\NMCLD_1.log Object is locked skipped
C:\4760\Log\NMCLD_AccOrg_1.log Object is locked skipped
C:\4760\Log\NMCLD_IP_1.log Object is locked skipped
C:\4760\Log\NMCLD_NewAccPlg_1.log Object is locked skipped
C:\4760\Log\NMCLicServer_1.log Object is locked skipped
C:\4760\Log\NMCLicServer_LicVerif_1.log Object is locked skipped
C:\4760\Log\NMCsave_restore_1.log Object is locked skipped
C:\4760\Log\NMCsave_restore_NmcMonitorServices_1.log Object is locked skipped
C:\4760\Log\NMCScheduler_1.log Object is locked skipped
C:\4760\Log\NMCSecurityServer_1.log Object is locked skipped
C:\4760\Log\NMCsvc_mgr_1.log Object is locked skipped
C:\4760\Log\NMCSyncLdapPbx_1.log Object is locked skipped
C:\4760\Log\NMCSyncLdapPbx_AlzPoller_1.log Object is locked skipped
C:\4760\Log\NMCSyncLdapPbx_HttpSrv_1.log Object is locked skipped
C:\4760\Log\NMCSyncLdapPbx_Inv_1.log Object is locked skipped
C:\4760\Log\NMCSyncLdapPbx_Opt_1.log Object is locked skipped
C:\4760\Netscape\server5\admin-serv\logs\access Object is locked skipped
C:\4760\Netscape\server5\admin-serv\logs\error Object is locked skipped
C:\4760\Netscape\server5\alias\admin-serv-ARIANNA-F03E5ED-cert8.db Object is locked skipped
C:\4760\Netscape\server5\alias\admin-serv-ARIANNA-F03E5ED-key3.db Object is locked skipped
C:\4760\Netscape\server5\slapd-4760\db\log.0000000019 Object is locked skipped
C:\4760\Netscape\server5\slapd-4760\db\NetscapeRoot\NetscapeRoot_aci.db3 Object is locked skipped
C:\4760\Netscape\server5\slapd-4760\db\NetscapeRoot\NetscapeRoot_ancestorid.db3 Object is locked skipped
C:\4760\Netscape\server5\slapd-4760\db\NetscapeRoot\NetscapeRoot_entrydn.db3 Object is locked skipped
C:\4760\Netscape\server5\slapd-4760\db\NetscapeRoot\NetscapeRoot_id2entry.db3 Object is locked skipped
C:\4760\Netscape\server5\slapd-4760\db\NetscapeRoot\NetscapeRoot_objectclass.db3 Object is locked skipped
C:\4760\Netscape\server5\slapd-4760\db\nmcroot\nmcroot_aci.db3 Object is locked skipped
C:\4760\Netscape\server5\slapd-4760\db\nmcroot\nmcroot_ancestorid.db3 Object is locked skipped
C:\4760\Netscape\server5\slapd-4760\db\nmcroot\nmcroot_cn.db3 Object is locked skipped
C:\4760\Netscape\server5\slapd-4760\db\nmcroot\nmcroot_entrydn.db3 Object is locked skipped
C:\4760\Netscape\server5\slapd-4760\db\nmcroot\nmcroot_id2entry.db3 Object is locked skipped
C:\4760\Netscape\server5\slapd-4760\db\nmcroot\nmcroot_NmcOwner.db3 Object is locked skipped
C:\4760\Netscape\server5\slapd-4760\db\nmcroot\nmcroot_nsuniqueid.db3 Object is locked skipped
C:\4760\Netscape\server5\slapd-4760\db\nmcroot\nmcroot_numsubordinates.db3 Object is locked skipped
C:\4760\Netscape\server5\slapd-4760\db\nmcroot\nmcroot_objectclass.db3 Object is locked skipped
C:\4760\Netscape\server5\slapd-4760\db\nmcroot\nmcroot_parentid.db3 Object is locked skipped
C:\4760\Netscape\server5\slapd-4760\db\nmcroot\nmcroot_PbxDelivery.db3 Object is locked skipped
C:\4760\Netscape\server5\slapd-4760\db\userRoot\userRoot_aci.db3 Object is locked skipped
C:\4760\Netscape\server5\slapd-4760\db\userRoot\userRoot_entrydn.db3 Object is locked skipped
C:\4760\Netscape\server5\slapd-4760\db\userRoot\userRoot_id2entry.db3 Object is locked skipped
C:\4760\Netscape\server5\slapd-4760\db\userRoot\userRoot_objectclass.db3 Object is locked skipped
C:\4760\Netscape\server5\slapd-4760\logs\access Object is locked skipped
C:\4760\Netscape\server5\slapd-4760\logs\audit Object is locked skipped
C:\4760\Netscape\server5\slapd-4760\logs\errors Object is locked skipped
C:\4760\Netscape\server5\slapd-4760\logs\slapd.stats Object is locked skipped
C:\Documents and Settings\Administrator\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\ApplicationHistory\CLI.EXE.af01e8cc.ini.inuse Object is locked skipped
C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Administrator\Impostazioni locali\Temp\Perflib_Perfdata_10e8.dat Object is locked skipped
C:\Documents and Settings\Administrator\Impostazioni locali\Temp\Perflib_Perfdata_16ac.dat Object is locked skipped
C:\Documents and Settings\Administrator\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\ntuser.dat Object is locked skipped
C:\Documents and Settings\Administrator\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\All Users\Dati applicazioni\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Dati applicazioni\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\teresa\Impostazioni locali\Temporary Internet Files\Content.IE5\3WBUG4OO\b64_1[1].jpg Infected: Trojan-PSW.Win32.Agent.xd skipped
C:\Documents and Settings\teresa\Impostazioni locali\Temporary Internet Files\Content.IE5\3WBUG4OO\b64_1[2].jpg Infected: Trojan-PSW.Win32.Agent.xd skipped
C:\Documents and Settings\teresa\Impostazioni locali\Temporary Internet Files\Content.IE5\3WBUG4OO\b64_1[3].jpg Infected: Trojan-PSW.Win32.Agent.xd skipped
C:\Documents and Settings\teresa\Impostazioni locali\Temporary Internet Files\Content.IE5\4BGI9WJ2\b64_1[2].jpg Infected: Trojan-PSW.Win32.Agent.xd skipped
C:\Documents and Settings\teresa\Impostazioni locali\Temporary Internet Files\Content.IE5\D193ILSN\b64_1[1].jpg Infected: Trojan-PSW.Win32.Agent.xd skipped
C:\Documents and Settings\teresa\Impostazioni locali\Temporary Internet Files\Content.IE5\D193ILSN\b64_1[2].jpg Infected: Trojan-PSW.Win32.Agent.xd skipped
C:\Documents and Settings\teresa\Impostazioni locali\Temporary Internet Files\Content.IE5\X82EKT68\b64_1[1].jpg Infected: Trojan-PSW.Win32.Agent.xd skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\WINDOWS\bthservsdp.dat Object is locked skipped
C:\WINDOWS\CSC\00000001 Object is locked skipped
C:\WINDOWS\Debug\Netlogon.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{E45C341E-0142-4477-9A1C-A9238A0CC6A1}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\ACEEvent.evt Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\drivers\atapi.sys Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped
C:\WINDOWS\system32\spool\PRINTERS\FP00000.SHD Object is locked skipped
C:\WINDOWS\system32\spool\PRINTERS\FP00000.SPL Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\asat0000.tmp Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.
chi tace fa sempre la figura della persona intelligente!!!
Avatar utente
girovaga
Neo Iscritto
Neo Iscritto
 
Messaggi: 1
Iscritto il: ven gen 25, 2008 10:15 am
Top

Messaggioda ste_95 » ven gen 25, 2008 1:55 pm

Disabilita il ripristino configurazione di sistema.

Scarica Avenger
Estrailo in una cartella a tua scelta
Esegui il file avenger.exe con la figura di una spada
Metti il pallino su input script manually
Quindi scegli la lente e cliccaci
Ora incolla queste righe nella box bianca che si è aperta:

Files to delete:
C:\WINDOWS\system32\drivers\hidr.exe
C:\WINDOWS\system32\drivers\srosa.sys
C:\WINDOWS\system32\wintems.exe
C:\WINDOWS\system32\hldrrr.exe
C:\WINDOWS\system32\trusted.exe
C:\WINDOWS\system32\drivers\pci32.sys
C:\windows\system32\drivers\hldrrr.exe
C:\WINDOWS\system32\drivers\hldrrr.ex_
C:\WINDOWS\system32\mdelk.exe
C:\Documents and Settings\teresa\Impostazioni locali\Temporary Internet Files\Content.IE5\4BGI9WJ2\b64_1[2].jpg
C:\Documents and Settings\teresa\Impostazioni locali\Temporary Internet Files\Content.IE5\X82EKT68\b64_1[1].jpg

folders to delete:
C:\WINDOWS\exefnd
C:\WINDOWS\exefld
C:\WINDOWS\system32\drivers\down
C:\Documents and Settings\teresa\Impostazioni locali\Temporary Internet Files\Content.IE5\3WBUG4OO
C:\Documents and Settings\teresa\Impostazioni locali\Temporary Internet Files\Content.IE5\D193ILSN

registry keys to delete:
HKLM\SYSTEM\CurrentControlSet\Services\srosa
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
HKLM\SYSTEM\CurrentControlSet\Services\pci32
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_PCI32

Adesso devi cliccare su Done in basso nella box
Seleziona il semaforino in alto a destra
Rispondi di Si alle due richieste di Avenger
Adesso il tuo computer dovrebbe riavviarsi, nel caso non succedesse, riavvialo tu manualmente
Al riavvio del computer, copia e incolla qui il contenuto del blocco note che apparirà.

Ora, se tutto è andato a buon fine, dovresti riuscire a reinstallare un valido antivirus.

[ciao]
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am
Top
Rispondi al messaggio

Torna a Sicurezza

Chi c’è in linea

Visitano il forum: Nessuno e 32 ospiti

Powered by phpBB © 2002, 2005, 2007, 2008 phpBB Group
Traduzione Italiana phpBB.it

megalab.it: testata telematica quotidiana registrata al Tribunale di Cosenza n. 22/09 del 13.08.2009, editore Master New Media S.r.l.; © Copyright 2008 Master New Media S.r.l. a socio unico - P.I. 02947530784. GRUPPO EDIZIONI MASTER Spa Tutti i diritti sono riservati. Per la pubblicità: Master Advertising