Punto informatico Network
Login Esegui login | Non sei registrato? Iscriviti ora (è gratuito!)
Username: Password:
  • Annuncio Pubblicitario

infezioni varie

Un virus si è intromesso nel tuo computer? Vuoi navigare in tutta sicurezza? Sono sicure le transazione online? Come impedire a malintenzionati di intromettersi nel tuo pc? Come proteggere i tuoi dati? Qui trovi le risposte a queste ed altre domande

Rispondi al messaggio

infezioni varie

Messaggioda Sweetol » gio ott 16, 2008 4:41 pm

ciao ragazzi, ho bisogno del vostro aiuto. sul portatile di mia madre antivir ha rilevato qualcosa come 150 infezioni! rifacendo più volte la scansione pare che adesso non rilevi più nulla. vi posto i log:

prima scansione

Avira AntiVir Personal
Report file date: giovedì 16 ottobre 2008 11:16

Scanning for 1369550 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: Windows XP
Computer name: WINDOW-3D9BCA61

Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 12/08/2008 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 08:57:54
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:42
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:20
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:54
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 13:54:16
ANTIVIR2.VDF : 7.0.5.20 142336 Bytes 30/06/2008 05:20:54
ANTIVIR3.VDF : 7.0.5.23 17408 Bytes 30/06/2008 09:24:48
Engineversion : 8.1.1.19
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:22
AESCRIPT.DLL : 8.1.0.63 311673 Bytes 06/08/2008 13:13:48
AESCN.DLL : 8.1.0.23 119156 Bytes 10/07/2008 12:44:50
AERDL.DLL : 8.1.0.20 418165 Bytes 24/04/2008 12:37:50
AEPACK.DLL : 8.1.2.1 364917 Bytes 15/07/2008 12:58:36
AEOFFICE.DLL : 8.1.0.21 192891 Bytes 18/07/2008 06:35:22
AEHEUR.DLL : 8.1.0.47 1368437 Bytes 06/08/2008 13:13:48
AEHELP.DLL : 8.1.0.15 115063 Bytes 10/07/2008 12:44:50
AEGEN.DLL : 8.1.0.35 315764 Bytes 06/08/2008 14:38:48
AEEMU.DLL : 8.1.0.7 430452 Bytes 31/07/2008 08:33:22
AECORE.DLL : 8.1.1.8 172406 Bytes 31/07/2008 08:33:22
AEBB.DLL : 8.1.0.1 53617 Bytes 10/07/2008 12:44:50
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:06
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:02
AVREP.DLL : 7.0.0.1 155688 Bytes 30/06/2008 14:35:22
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:42
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:24
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:50
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:04
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:42
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:12
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:08
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:38

Configuration settings for the scan:
Jobname..........................: Windows System Directory
Configuration file...............: C:\Programmi\Avira\AntiVir PersonalEdition Classic\setupprf.dat
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: giovedì 16 ottobre 2008 11:16

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'MSIEXEC.EXE' - '1' Module(s) have been scanned
Scan process 'slp2.exe' - '1' Module(s) have been scanned
Scan process 'CMD.EXE' - '1' Module(s) have been scanned
Scan process 'CMD.EXE' - '1' Module(s) have been scanned
Scan process 'int2com.exe' - '1' Module(s) have been scanned
Module is infected -> 'C:\WINDOWS\Installer\24ha12\inet\int2com.exe'
Scan process 'insDr.exe' - '1' Module(s) have been scanned
Module is infected -> 'C:\WINDOWS\Installer\24ha12\cmp\insDr.exe'
Scan process 'rapimgr.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'Wcescomm.exe' - '1' Module(s) have been scanned
Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned
Scan process 'SERVIC~1.EXE' - '1' Module(s) have been scanned
Scan process 'TRAYAP~1.EXE' - '1' Module(s) have been scanned
Scan process 'DATALA~1.EXE' - '1' Module(s) have been scanned
Scan process 'hpztsb10.exe' - '1' Module(s) have been scanned
Scan process 'ATKOSD.EXE' - '1' Module(s) have been scanned
Scan process 'hpcmpmgr.exe' - '1' Module(s) have been scanned
Scan process 'Hcontrol.exe' - '1' Module(s) have been scanned
Scan process 'atiptaxx.exe' - '1' Module(s) have been scanned
Scan process 'EXPLORER.EXE' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'Ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'SMSS.EXE' - '1' Module(s) have been scanned
Process 'int2com.exe' has been terminated
Process 'insDr.exe' has been terminated
C:\WINDOWS\Installer\24ha12\inet\int2com.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.5 dropper
[NOTE] The file was deleted!
C:\WINDOWS\Installer\24ha12\cmp\insDr.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W dropper
[NOTE] The file was deleted!

41 processes with 39 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan the registry.
C:\WINDOWS\sys32_.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.2 dropper
[NOTE] The file was deleted!

The registry was scanned ( '57' files ).


Starting the file scan:

Begin scan in 'C:\WINDOWS\system32'
C:\WINDOWS\system32\N_prog.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.1 dropper
[NOTE] The file was deleted!


End of the scan: giovedì 16 ottobre 2008 11:20
Used time: 04:21 Minute(s)

The scan has been done completely.

180 Scanning directories
7491 Files were scanned
6 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
4 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
0 Files cannot be scanned
7485 Files not concerned
87 Archives were scanned
0 Warnings
4 Notes


seconda scansione

Avira AntiVir Personal
Report file date: giovedì 16 ottobre 2008 11:25

Scanning for 1369550 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: WINDOW-3D9BCA61

Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 12/08/2008 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 08:57:54
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:42
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:20
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:54
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 13:54:16
ANTIVIR2.VDF : 7.0.5.20 142336 Bytes 30/06/2008 05:20:54
ANTIVIR3.VDF : 7.0.5.23 17408 Bytes 30/06/2008 09:24:48
Engineversion : 8.1.1.19
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:22
AESCRIPT.DLL : 8.1.0.63 311673 Bytes 06/08/2008 13:13:48
AESCN.DLL : 8.1.0.23 119156 Bytes 10/07/2008 12:44:50
AERDL.DLL : 8.1.0.20 418165 Bytes 24/04/2008 12:37:50
AEPACK.DLL : 8.1.2.1 364917 Bytes 15/07/2008 12:58:36
AEOFFICE.DLL : 8.1.0.21 192891 Bytes 18/07/2008 06:35:22
AEHEUR.DLL : 8.1.0.47 1368437 Bytes 06/08/2008 13:13:48
AEHELP.DLL : 8.1.0.15 115063 Bytes 10/07/2008 12:44:50
AEGEN.DLL : 8.1.0.35 315764 Bytes 06/08/2008 14:38:48
AEEMU.DLL : 8.1.0.7 430452 Bytes 31/07/2008 08:33:22
AECORE.DLL : 8.1.1.8 172406 Bytes 31/07/2008 08:33:22
AEBB.DLL : 8.1.0.1 53617 Bytes 10/07/2008 12:44:50
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:06
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:02
AVREP.DLL : 7.0.0.1 155688 Bytes 30/06/2008 14:35:22
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:42
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:24
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:50
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:04
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:42
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:12
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:08
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:38

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\programmi\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: giovedì 16 ottobre 2008 11:25

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'msiexec.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'ATKOSD.EXE' - '1' Module(s) have been scanned
Scan process 'RAPIMGR.EXE' - '1' Module(s) have been scanned
Scan process 'ServiceLayer.exe' - '1' Module(s) have been scanned
Scan process 'WCESCOMM.EXE' - '1' Module(s) have been scanned
Scan process 'AVGNT.EXE' - '1' Module(s) have been scanned
Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned
Scan process 'TrayApplication.exe' - '1' Module(s) have been scanned
Scan process 'DataLayer.exe' - '1' Module(s) have been scanned
Scan process 'HPZTSB10.EXE' - '1' Module(s) have been scanned
Scan process 'HPCMPMGR.EXE' - '1' Module(s) have been scanned
Scan process 'Hcontrol.exe' - '1' Module(s) have been scanned
Scan process 'ATIPTAXX.EXE' - '1' Module(s) have been scanned
Scan process 'EXPLORER.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'ATI2EVXX.EXE' - '1' Module(s) have been scanned
Scan process 'AVGUARD.EXE' - '1' Module(s) have been scanned
Scan process 'SCHED.EXE' - '1' Module(s) have been scanned
Scan process 'SPOOLSV.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'LSASS.EXE' - '1' Module(s) have been scanned
Scan process 'SERVICES.EXE' - '1' Module(s) have been scanned
Scan process 'WINLOGON.EXE' - '1' Module(s) have been scanned
Scan process 'CSRSS.EXE' - '1' Module(s) have been scanned
Scan process 'SMSS.EXE' - '1' Module(s) have been scanned
36 processes with 36 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '57' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\WINDOWS\Installer\24ha12\drv\hvNrtUD.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.3 dropper
[NOTE] The file was deleted!
C:\Documents and Settings\Windows XP.WINDOW-3D9BCA61\Impostazioni locali\Temp\fliuqm.dll
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was deleted!
C:\Documents and Settings\Windows XP.WINDOW-3D9BCA61\Impostazioni locali\Dati applicazioni\hvNrtID.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.4 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP62\A0058643.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP62\A0058644.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.3 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP62\A0058645.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.5 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP62\A0058648.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.4 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP62\A0058654.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP62\A0058655.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.3 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP62\A0058656.EXE
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.5 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP62\A0058659.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.4 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP62\A0058665.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP62\A0058666.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.3 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP62\A0058667.EXE
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.5 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP63\A0058730.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP63\A0058731.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.3 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP63\A0058732.EXE
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.5 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP63\A0058752.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP63\A0058753.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.3 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP63\A0058754.EXE
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.5 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP63\A0058777.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP63\A0058778.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.3 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP63\A0058779.EXE
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.5 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP63\A0058787.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP63\A0058788.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.3 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP63\A0058789.EXE
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.5 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP63\A0058792.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.4 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP63\A0059787.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP63\A0059788.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.3 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP63\A0059789.EXE
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.5 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP63\A0059792.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.4 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP63\A0060787.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP63\A0060788.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.3 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP63\A0060789.EXE
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.5 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP63\A0060792.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.4 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP63\A0060802.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP63\A0060803.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.3 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP63\A0060804.EXE
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.5 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP63\A0060807.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.4 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP63\A0060813.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP63\A0060814.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.3 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP63\A0060815.EXE
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.5 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP63\A0060817.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.4 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP63\A0061813.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP63\A0061814.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.3 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP63\A0061815.EXE
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.5 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP63\A0061818.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.4 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP64\A0062813.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP64\A0062814.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.3 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP64\A0062815.EXE
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.5 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP64\A0062818.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.4 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP65\A0063812.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP65\A0063813.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.3 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP65\A0063814.EXE
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.5 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP65\A0064813.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP65\A0064814.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.3 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP65\A0064815.EXE
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.5 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP65\A0064818.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.4 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP65\A0065813.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP65\A0065814.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.3 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP65\A0065815.EXE
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.5 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP65\A0065818.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.4 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP65\A0065824.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP65\A0065825.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.3 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP65\A0065826.EXE
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.5 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP65\A0065829.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.4 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP65\A0066824.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP65\A0066825.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.3 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP65\A0066826.EXE
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.5 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP65\A0066829.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.4 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP66\A0067824.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP66\A0067825.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.3 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP66\A0067826.EXE
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.5 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP66\A0067829.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.4 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP66\A0068824.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP66\A0068826.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.3 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP66\A0068827.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.5 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP66\A0068830.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.4 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP66\A0069824.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP66\A0069825.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.3 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP66\A0069826.EXE
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.5 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP66\A0069836.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP66\A0069837.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.3 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP66\A0069838.EXE
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.5 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP67\A0070836.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP67\A0070837.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.3 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP67\A0070838.EXE
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.5 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP67\A0070841.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.4 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP67\A0071836.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP67\A0071837.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.3 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP67\A0071838.EXE
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.5 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP67\A0071840.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.4 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP67\A0071846.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP67\A0071847.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.3 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP67\A0071848.EXE
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.5 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP67\A0071851.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.4 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP67\A0072846.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP67\A0072847.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.3 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP67\A0072848.EXE
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.5 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP67\A0072851.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.4 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP67\A0073846.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP67\A0073847.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.3 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP67\A0073848.EXE
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.5 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP67\A0073851.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.4 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP67\A0074846.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP67\A0074847.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.3 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP67\A0074848.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.5 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP67\A0074851.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.4 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP67\A0075844.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP67\A0075845.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.3 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP67\A0075846.EXE
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.5 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP68\A0075869.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.4 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP68\A0075922.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP68\A0075923.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.3 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP68\A0075924.EXE
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.5 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP68\A0075942.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.4 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP70\A0076100.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.3 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP70\A0076101.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.5 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP70\A0076102.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.2 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP70\A0076103.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP70\A0076105.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP70\A0076106.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.3 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP70\A0076107.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.5 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP70\A0076110.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.4 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP70\A0076118.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP70\A0076119.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.3 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP70\A0076120.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.5 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP70\A0076123.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.4 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP70\A0077118.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP70\A0077119.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.3 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP70\A0077120.EXE
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.5 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP70\A0077123.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.4 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP71\A0077214.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP71\A0077215.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.3 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP71\A0077216.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.5 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP71\A0077219.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.4 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP72\A0077220.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.5 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP72\A0077221.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP72\A0077222.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.2 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP72\A0077223.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.1 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP72\A0077228.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.3 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP72\A0077229.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.4 dropper
[NOTE] The file was deleted!
C:\Recycled\Dc4\hvNrtID.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.4 dropper
[NOTE] The file was deleted!
C:\Recycled\Dc4\restore{C0AB7B96-992E-482C-93CB-F39B1876CAA1}\hvNrt_ins\hvNrtUD.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.3 dropper
[NOTE] The file was deleted!
C:\Recycled\Dc4\restore{C0AB7B96-992E-482C-93CB-F39B1876CAA1}\hvNrt_ins\N_prog.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.1 dropper
[NOTE] The file was deleted!


End of the scan: giovedì 16 ottobre 2008 11:55
Used time: 30:26 Minute(s)

The scan has been done completely.

2359 Scanning directories
98109 Files were scanned
145 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
145 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
97963 Files not concerned
1331 Archives were scanned
1 Warnings
145 Notes


terza scansione

Avira AntiVir Personal
Report file date: giovedì 16 ottobre 2008 12:02

Scanning for 1369550 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: Windows XP
Computer name: WINDOW-3D9BCA61

Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 12/08/2008 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 08:57:54
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:42
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:20
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:54
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 13:54:16
ANTIVIR2.VDF : 7.0.5.20 142336 Bytes 30/06/2008 05:20:54
ANTIVIR3.VDF : 7.0.5.23 17408 Bytes 30/06/2008 09:24:48
Engineversion : 8.1.1.19
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:22
AESCRIPT.DLL : 8.1.0.63 311673 Bytes 06/08/2008 13:13:48
AESCN.DLL : 8.1.0.23 119156 Bytes 10/07/2008 12:44:50
AERDL.DLL : 8.1.0.20 418165 Bytes 24/04/2008 12:37:50
AEPACK.DLL : 8.1.2.1 364917 Bytes 15/07/2008 12:58:36
AEOFFICE.DLL : 8.1.0.21 192891 Bytes 18/07/2008 06:35:22
AEHEUR.DLL : 8.1.0.47 1368437 Bytes 06/08/2008 13:13:48
AEHELP.DLL : 8.1.0.15 115063 Bytes 10/07/2008 12:44:50
AEGEN.DLL : 8.1.0.35 315764 Bytes 06/08/2008 14:38:48
AEEMU.DLL : 8.1.0.7 430452 Bytes 31/07/2008 08:33:22
AECORE.DLL : 8.1.1.8 172406 Bytes 31/07/2008 08:33:22
AEBB.DLL : 8.1.0.1 53617 Bytes 10/07/2008 12:44:50
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:06
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:02
AVREP.DLL : 7.0.0.1 155688 Bytes 30/06/2008 14:35:22
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:42
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:24
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:50
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:04
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:42
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:12
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:08
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:38

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\programmi\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: giovedì 16 ottobre 2008 12:02

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'msiexec.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'ATKOSD.EXE' - '1' Module(s) have been scanned
Scan process 'ServiceLayer.exe' - '1' Module(s) have been scanned
Scan process 'RAPIMGR.EXE' - '1' Module(s) have been scanned
Scan process 'WCESCOMM.EXE' - '1' Module(s) have been scanned
Scan process 'AVGNT.EXE' - '1' Module(s) have been scanned
Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned
Scan process 'TrayApplication.exe' - '1' Module(s) have been scanned
Scan process 'DataLayer.exe' - '1' Module(s) have been scanned
Scan process 'HPZTSB10.EXE' - '1' Module(s) have been scanned
Scan process 'HPCMPMGR.EXE' - '1' Module(s) have been scanned
Scan process 'Hcontrol.exe' - '1' Module(s) have been scanned
Scan process 'ATIPTAXX.EXE' - '1' Module(s) have been scanned
Scan process 'EXPLORER.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'ATI2EVXX.EXE' - '1' Module(s) have been scanned
Scan process 'AVGUARD.EXE' - '1' Module(s) have been scanned
Scan process 'SCHED.EXE' - '1' Module(s) have been scanned
Scan process 'SPOOLSV.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'LSASS.EXE' - '1' Module(s) have been scanned
Scan process 'SERVICES.EXE' - '1' Module(s) have been scanned
Scan process 'WINLOGON.EXE' - '1' Module(s) have been scanned
Scan process 'CSRSS.EXE' - '1' Module(s) have been scanned
Scan process 'SMSS.EXE' - '1' Module(s) have been scanned
35 processes with 35 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '56' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP72\A0077230.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.4 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP72\A0077231.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.3 dropper
[NOTE] The file was deleted!
C:\System Volume Information\_restore{E0957370-0151-409A-AC27-B119914FE017}\RP72\A0077232.exe
[DETECTION] Contains recognition pattern of the DR/AutoRun.W.1 dropper
[NOTE] The file was deleted!


End of the scan: giovedì 16 ottobre 2008 12:31
Used time: 29:05 Minute(s)

The scan has been done completely.

2359 Scanning directories
97975 Files were scanned
3 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
3 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
97971 Files not concerned
1331 Archives were scanned
1 Warnings
3 Notes


log hijackthis dopo le scansioni

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17.54.21, on 16/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\atiptaxx.exe
C:\WINDOWS\Hcontrol.exe
C:\Programmi\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
C:\PROGRA~1\FILECO~1\PCSuite\DATALA~1\DATALA~1.EXE
C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
C:\Programmi\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programmi\Microsoft ActiveSync\Wcescomm.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\PROGRA~1\FILECO~1\PCSuite\Services\SERVIC~1.EXE
C:\WINDOWS\ATKOSD.exe
C:\WINDOWS\system32\msiexec.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Programmi\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Programmi\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [Hcontrol] C:\WINDOWS\Hcontrol.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Programmi\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [DataLayer] C:\PROGRA~1\FILECO~1\PCSuite\DATALA~1\DATALA~1.EXE
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Programmi\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avgnt] "C:\Programmi\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programmi\Microsoft ActiveSync\Wcescomm.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Crea preferiti portatile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Programmi\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Programmi\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Programmi\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe

--
End of file - 4447 bytes

cos'è rimasto?
grazie del supporto [brindisi]
Avatar utente
Sweetol
Aficionado
Aficionado
 
Messaggi: 42
Iscritto il: gio apr 03, 2008 10:06 am
Top

Re: infezioni varie

Messaggioda ste_95 » gio ott 16, 2008 4:48 pm

Il log è pulito. Hai ancora problemi?
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am
Top

Re: infezioni varie

Messaggioda Sweetol » gio ott 16, 2008 4:51 pm

pare di no..per curiosità sto facendo un'ulteriore scansione con antivir. posso fare altre scansioni con altri programmmi per essere più sicuro? grazie ste
Avatar utente
Sweetol
Aficionado
Aficionado
 
Messaggi: 42
Iscritto il: gio apr 03, 2008 10:06 am
Top
Top

Re: infezioni varie

Messaggioda Max01 » gio ott 16, 2008 5:20 pm

Puoi utilizzare malwarebytes e superantispyware.
"Vederselo davanti è un’esperienza che non si dimentica. Il Maine Coon è davvero un gatto enorme, imponente e regale.
Avatar utente
Max01
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 1975
Iscritto il: sab feb 23, 2008 3:00 pm
Località: Firenze
Top

Re: infezioni varie

Messaggioda Sweetol » gio ott 16, 2008 6:23 pm

proverò, grazie a tutti
Avatar utente
Sweetol
Aficionado
Aficionado
 
Messaggi: 42
Iscritto il: gio apr 03, 2008 10:06 am
Top

Re: infezioni varie

Messaggioda enea83 » gio ott 16, 2008 6:45 pm

Max01 ha scritto:Puoi utilizzare malwarebytes e superantispyware.

eccellenti(soprattutto il primo [^] ) ciao [:)]
Nella vita gli esami non finiscono mai... e se finissero... preoccupati...
Avatar utente
enea83
Senior Member
Senior Member
 
Messaggi: 296
Iscritto il: sab ott 11, 2008 4:46 am
Località: lima
Top
Rispondi al messaggio

Torna a Sicurezza

Chi c’è in linea

Visitano il forum: Nessuno e 14 ospiti

Powered by phpBB © 2002, 2005, 2007, 2008 phpBB Group
Traduzione Italiana phpBB.it

megalab.it: testata telematica quotidiana registrata al Tribunale di Cosenza n. 22/09 del 13.08.2009, editore Master New Media S.r.l.; © Copyright 2008 Master New Media S.r.l. a socio unico - P.I. 02947530784. GRUPPO EDIZIONI MASTER Spa Tutti i diritti sono riservati. Per la pubblicità: Master Advertising