da norfolksquare » mar feb 12, 2008 1:21 am
Dopo aver seguito tutti i passi sembrerebbe che il PC si sia liberato del maledetto bagle!!! Ora la rete wireless funziona (anche se ho dovuto rimpostare un valore del servizio NDIS che si era misteriosamente spostato su 4....), ho potuto installare AVG e il PC non si riavvia più da solo :-)
In realtà dopo aver fatto una scansione con spyeraser della Uniblue, ho trovato ancora 6 chiavi infette, ma questa volta è stato possibile rimuoverle al termine della scansione, mentre in precedenza mi diceva sempre che eano usate dal sistema e non potevano essere eliminate.
Incollo qui il report di avenger, qualche file sembra non averlo trovato, ma per quanto posso vedere tutto è andato per il meglio.
Non so proprio come ringraziarti!!!
A presto!
Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\vxpbooyp
*******************
Script file located at: \??\C:\kxtjlnpm.txt
Script file opened successfully.
Script file read successfully
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
File C:\WINDOWS\system32\drivers\srosa.sys deleted successfully.
File C:\WINDOWS\system32\wintems.exe not found!
Deletion of file C:\WINDOWS\system32\wintems.exe failed!
Could not process line:
C:\WINDOWS\system32\wintems.exe
Status: 0xc0000034
File C:\windows\system32\drivers\hldrrr.exe deleted successfully.
File C:\WINDOWS\system32\mdelk.exe deleted successfully.
File C:\Documents and Settings\Claudio\Impostazioni locali\Temporary Internet Files\Content.IE5\0X2V012Z\b64_1[1].jpg deleted successfully.
File C:\Documents and Settings\Claudio\Impostazioni locali\Temporary Internet Files\Content.IE5\0X2V012Z\b64_31[1].jpg deleted successfully.
File C:\Documents and Settings\Claudio\Impostazioni locali\Temporary Internet Files\Content.IE5\OTUO9BHS\b64_1[1].jpg deleted successfully.
File C:\Documents and Settings\Claudio\Impostazioni locali\Temporary Internet Files\Content.IE5\EBUP25M1\b64_2[1].jpg deleted successfully.
File C:\Documents and Settings\Claudio\Impostazioni locali\Temporary Internet Files\Content.IE5\TL82SZLF\b64_2[1].jpg deleted successfully.
File C:\Documents and Settings\Claudio\Impostazioni locali\Temporary Internet Files\Content.IE5\OD4XARG9\b64_31[1].jpg deleted successfully.
File C:\Documents and Settings\Claudio\Impostazioni locali\Temporary Internet Files\Content.IE5\OD4XARG9\b64_1[1].jpg deleted successfully.
File C:\Documents and Settings\Claudio\Impostazioni locali\Temporary Internet Files\Content.IE5\OD4XARG9\b64_1[2].jpg deleted successfully.
File C:\Documents and Settings\Claudio\Impostazioni locali\Temporary Internet Files\Content.IE5\CXQZ8DA7\b64_2[1].jpg deleted successfully.
Folder C:\WINDOWS\system32\drivers\down deleted successfully.
Registry key HKLM\SYSTEM\CurrentControlSet\Services\srosa deleted successfully.
Registry key HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA deleted successfully.
Completed script processing.
*******************
Finished! Terminate.
Non esistono donne brutte... esistono solo uomini non abbastanza ubriachi...