Punto informatico Network
Login Esegui login | Non sei registrato? Iscriviti ora (è gratuito!)
Username: Password:
  • Annuncio Pubblicitario

infected cab - messaggio kaspersky

Un virus si è intromesso nel tuo computer? Vuoi navigare in tutta sicurezza? Sono sicure le transazione online? Come impedire a malintenzionati di intromettersi nel tuo pc? Come proteggere i tuoi dati? Qui trovi le risposte a queste ed altre domande

infected cab - messaggio kaspersky

Messaggioda ilovejohnnies » lun nov 26, 2007 4:19 pm

salve a tutti,
è da ieri sera che ricevo da avast strani messaggi di allarme del tipo: "troppe email nell'intervallo di tempo selezionato". questi messaggi mi appaiono quando navigo su internet in gruppi di 15-20 ogni volta, insieme a indirizzi email di persone che non conosco.. x questo ho deciso di fare la scansione con kaspersky e ho trovato molti file infetti..questo è il log:


Scan Statistics
Total number of scanned objects 55455
Number of viruses found 2
Number of infected objects 21
Number of suspicious objects 0
Duration of the scan process 00:43:06

Infected Object Name Virus Name Last Action
C:\Documents and Settings\All Users\Dati applicazioni\Grisoft\Avg7Data\avg7log.log Object is locked skipped
C:\Documents and Settings\All Users\Dati applicazioni\Grisoft\Avg7Data\avg7log.log.lck Object is locked skipped
C:\Documents and Settings\Antonio\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Antonio\Dati applicazioni\Skype\enrica.romano266\call256.dbb Object is locked skipped
C:\Documents and Settings\Antonio\Dati applicazioni\Skype\enrica.romano266\callmember256.dbb Object is locked skipped
C:\Documents and Settings\Antonio\Dati applicazioni\Skype\enrica.romano266\chat512.dbb Object is locked skipped
C:\Documents and Settings\Antonio\Dati applicazioni\Skype\enrica.romano266\chatmember256.dbb Object is locked skipped
C:\Documents and Settings\Antonio\Dati applicazioni\Skype\enrica.romano266\chatmsg256.dbb Object is locked skipped
C:\Documents and Settings\Antonio\Dati applicazioni\Skype\enrica.romano266\chatmsg512.dbb Object is locked skipped
C:\Documents and Settings\Antonio\Dati applicazioni\Skype\enrica.romano266\contactgroup256.dbb Object is locked skipped
C:\Documents and Settings\Antonio\Dati applicazioni\Skype\enrica.romano266\dyncontent\bundle.dat Object is locked skipped
C:\Documents and Settings\Antonio\Dati applicazioni\Skype\enrica.romano266\index2.dat Object is locked skipped
C:\Documents and Settings\Antonio\Dati applicazioni\Skype\enrica.romano266\profile16384.dbb Object is locked skipped
C:\Documents and Settings\Antonio\Dati applicazioni\Skype\enrica.romano266\transfer512.dbb Object is locked skipped
C:\Documents and Settings\Antonio\Dati applicazioni\Skype\enrica.romano266\user1024.dbb Object is locked skipped
C:\Documents and Settings\Antonio\Dati applicazioni\Skype\enrica.romano266\user4096.dbb Object is locked skipped
C:\Documents and Settings\Antonio\Dati applicazioni\Skype\enrica.romano266\voicemail256.dbb Object is locked skipped
C:\Documents and Settings\Antonio\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Antonio\Impostazioni locali\Cronologia\History.IE5\MSHist012007112620071127\index.dat Object is locked skipped
C:\Documents and Settings\Antonio\Impostazioni locali\Dati applicazioni\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\Antonio\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Antonio\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Antonio\Impostazioni locali\Temp\~DFCA5B.tmp Object is locked skipped
C:\Documents and Settings\Antonio\Impostazioni locali\Temp\~DFCA61.tmp Object is locked skipped
C:\Documents and Settings\Antonio\Impostazioni locali\Temp\~DFCA67.tmp Object is locked skipped
C:\Documents and Settings\Antonio\Impostazioni locali\Temp\~DFCA71.tmp Object is locked skipped
C:\Documents and Settings\Antonio\Impostazioni locali\Temp\~DFDA8E.tmp Object is locked skipped
C:\Documents and Settings\Antonio\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Antonio\ntuser.dat Object is locked skipped
C:\Documents and Settings\Antonio\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Antonio\UserData\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Temporary Internet Files\Content.IE5\EJ2CQXZS\upgrade[1].cab/upgrade.exe/stream/data0002 Infected: not-a-virus:AdWare.Win32.OneStep.c skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Temporary Internet Files\Content.IE5\EJ2CQXZS\upgrade[1].cab/upgrade.exe/stream/data0003 Infected: not-a-virus:AdWare.Win32.OneStep.c skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Temporary Internet Files\Content.IE5\EJ2CQXZS\upgrade[1].cab/upgrade.exe/stream Infected: not-a-virus:AdWare.Win32.OneStep.c skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Temporary Internet Files\Content.IE5\EJ2CQXZS\upgrade[1].cab/upgrade.exe Infected: not-a-virus:AdWare.Win32.OneStep.c skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Temporary Internet Files\Content.IE5\EJ2CQXZS\upgrade[1].cab CAB: infected - 4 skipped

C:\Documents and Settings\LocalService\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Programmi\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped
C:\Programmi\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped
C:\Programmi\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped
C:\Programmi\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped
C:\Programmi\Alwil Software\Avast4\DATA\report\Protezione residente.txt Object is locked skipped
C:\Programmi\OneStepSearch\onestep.exe Infected: not-a-virus:AdWare.Win32.OneStep.c skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{6B48166A-C4A1-45CB-849F-AEFC7C21085D}\RP281\A0115848.exe Infected: not-a-virus:AdWare.Win32.OneStep.c skipped
C:\System Volume Information\_restore{6B48166A-C4A1-45CB-849F-AEFC7C21085D}\RP284\A0118113.exe Infected: not-a-virus:AdWare.Win32.OneStep.c skipped
C:\System Volume Information\_restore{6B48166A-C4A1-45CB-849F-AEFC7C21085D}\RP286\A0118394.exe Infected: not-a-virus:AdWare.Win32.OneStep.c skipped
C:\System Volume Information\_restore{6B48166A-C4A1-45CB-849F-AEFC7C21085D}\RP286\A0118420.exe Infected: not-a-virus:AdWare.Win32.OneStep.c skipped
C:\System Volume Information\_restore{6B48166A-C4A1-45CB-849F-AEFC7C21085D}\RP298\A0122500.exe Infected: Email-Worm.Win32.Agent.bm skipped
C:\System Volume Information\_restore{6B48166A-C4A1-45CB-849F-AEFC7C21085D}\RP298\A0122501.exe Infected: Email-Worm.Win32.Agent.bm skipped
C:\System Volume Information\_restore{6B48166A-C4A1-45CB-849F-AEFC7C21085D}\RP298\A0122502.exe Infected: Email-Worm.Win32.Agent.bm skipped
C:\System Volume Information\_restore{6B48166A-C4A1-45CB-849F-AEFC7C21085D}\RP298\A0122503.exe Infected: Email-Worm.Win32.Agent.bm skipped
C:\System Volume Information\_restore{6B48166A-C4A1-45CB-849F-AEFC7C21085D}\RP298\A0122504.exe Infected: Email-Worm.Win32.Agent.bm skipped
C:\System Volume Information\_restore{6B48166A-C4A1-45CB-849F-AEFC7C21085D}\RP298\A0122508.exe Infected: not-a-virus:AdWare.Win32.OneStep.c skipped

C:\System Volume Information\_restore{6B48166A-C4A1-45CB-849F-AEFC7C21085D}\RP298\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\DEFAULT Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SYSTEM Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\system32\wnrnqvg.exe Infected: Email-Worm.Win32.Agent.bm skipped
C:\WINDOWS\Temp\ONE1.tmp\upgrade.exe/stream/data0002 Infected: not-a-virus:AdWare.Win32.OneStep.c skipped
C:\WINDOWS\Temp\ONE1.tmp\upgrade.exe/stream/data0003 Infected: not-a-virus:AdWare.Win32.OneStep.c skipped
C:\WINDOWS\Temp\ONE1.tmp\upgrade.exe/stream Infected: not-a-virus:AdWare.Win32.OneStep.c skipped
C:\WINDOWS\Temp\ONE1.tmp\upgrade.exe NSIS: infected - 3 skipped

C:\WINDOWS\Temp\Perflib_Perfdata_1d0.dat Object is locked skipped
C:\WINDOWS\Temp\Perflib_Perfdata_238.dat Object is locked skipped
C:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
D:\System Volume Information\_restore{6B48166A-C4A1-45CB-849F-AEFC7C21085D}\RP298\change.log Object is locked skipped
Avatar utente
ilovejohnnies
Neo Iscritto
Neo Iscritto
 
Messaggi: 22
Iscritto il: lun giu 12, 2006 2:33 pm

Messaggioda ilovejohnnies » lun nov 26, 2007 4:28 pm

giacchè vi mando il log di gmer (autostart)..
grazie in anticipo




GMER 1.0.13.12551 - http://www.gmer.net
Autostart scan 2007-11-26 16:08:15
Windows 5.1.2600 Service Pack 2


HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems@Windows = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon@Userinit = C:\WINDOWS\system32\userinit.exe,

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ >>>
AtiExtEvent@DLLName = Ati2evxx.dll
IntelWireless@DLLName = C:\Programmi\Intel\Wireless\Bin\LgNotify.dll
WgaLogon@DLLName = WgaLogon.dll

HKLM\SYSTEM\CurrentControlSet\Services\ >>>
aswUpdSv /*avast! iAVS4 Control Service*/@ = "C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe"
Ati HotKey Poller@ = %SystemRoot%\system32\Ati2evxx.exe
avast! Antivirus /*avast! Antivirus*/@ = "C:\Programmi\Alwil Software\Avast4\ashServ.exe"
Avg7Alrt /*AVG7 Alert Manager Server*/@ = C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
Avg7UpdSvc /*AVG7 Update Service*/@ = C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
btwdins /*Bluetooth Service*/@ = C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
Diskeeper /*Diskeeper*/@ = "C:\Programmi\Diskeeper Corporation\Diskeeper\DkService.exe"
EvtEng /*EvtEng*/@ = C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
iioq6weyoou /*Print Spooler Service*/@ = C:\WINDOWS\system32\wnrnqvg.exe /service
MDM /*Machine Debug Manager*/@ = "C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE"
OneStep Search Service /*OneStep Search Service*/@ = "C:\Programmi\OneStepSearch\onestep.exe" "C:\Programmi\OneStepSearch\onestep.dll" Service
OwnershipProtocol /*OwnershipProtocol*/@ = C:\Programmi\Intel\Wireless\Bin\OProtSvc.exe
RegSrvc /*RegSrvc*/@ = C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
S24EventMonitor /*Spectrum24 Event Monitor*/@ = C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
Spooler /*Spooler di stampa*/@ = %SystemRoot%\system32\spoolsv.exe

HKLM\Software\Microsoft\Windows\CurrentVersion\Run >>>
@HControlC:\WINDOWS\ATK0100\HControl.exe = C:\WINDOWS\ATK0100\HControl.exe
@RTHDCPLRTHDCPL.EXE = RTHDCPL.EXE
@AlcmtrALCMTR.EXE = ALCMTR.EXE
@ASUS Live UpdateC:\Programmi\ASUS\ASUS Live Update\ALU.exe = C:\Programmi\ASUS\ASUS Live Update\ALU.exe
@Power_GearC:\Programmi\ASUS\Power4 Gear\BatteryLife.exe 1 /*file not found*/ = C:\Programmi\ASUS\Power4 Gear\BatteryLife.exe 1 /*file not found*/
@Wireless ConsoleC:\Programmi\ASUS\Wireless Console\wcourier.exe = C:\Programmi\ASUS\Wireless Console\wcourier.exe
@SynTPLprC:\Programmi\Synaptics\SynTP\SynTPLpr.exe = C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
@SynTPEnhC:\Programmi\Synaptics\SynTP\SynTPEnh.exe = C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
@ATIPTAC:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe = C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
@ /*file not found*/ = /*file not found*/
@IntelWirelessC:\Programmi\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless = C:\Programmi\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
@EOUAppC:\Programmi\Intel\Wireless\Bin\EOUWiz.exe = C:\Programmi\Intel\Wireless\Bin\EOUWiz.exe
@NeroFilterCheckC:\WINDOWS\system32\NeroCheck.exe = C:\WINDOWS\system32\NeroCheck.exe
@RemoteControlC:\Programmi\CyberLink\PowerDVD\PDVDServ.exe = C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
@BluetoothAuthenticationAgentrundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent = rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
@avast!C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe = C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
@SunJavaUpdateSched"C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe" = "C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe"
@RegistryMechanic /*file not found*/ = /*file not found*/
@DiskeeperSystray"C:\Programmi\Diskeeper Corporation\Diskeeper\DkIcon.exe" = "C:\Programmi\Diskeeper Corporation\Diskeeper\DkIcon.exe"
@DataLayerC:\PROGRA~1\FILECO~1\PCSuite\DATALA~1\DATALA~1.EXE = C:\PROGRA~1\FILECO~1\PCSuite\DATALA~1\DATALA~1.EXE
@PCSuiteTrayApplicationC:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE = C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
@SweetIMC:\Programmi\Macrogaming\SweetIM\SweetIM.exe = C:\Programmi\Macrogaming\SweetIM\SweetIM.exe
@QuickTime Task"C:\Programmi\QuickTime\QTTask.exe" -atboottime = "C:\Programmi\QuickTime\QTTask.exe" -atboottime
@wnrnqvgC:\WINDOWS\system32\wnrnqvg.exe = C:\WINDOWS\system32\wnrnqvg.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Run >>>
@CTFMON.EXEC:\WINDOWS\system32\ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe
@E06IXLRD_332515"C:\Programmi\Microsoft Encarta\Microsoft Encarta Enciclopedia DVD - 2006\EDICT.EXE" -m = "C:\Programmi\Microsoft Encarta\Microsoft Encarta Enciclopedia DVD - 2006\EDICT.EXE" -m
@Skype"C:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized = "C:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized
@RSD_HDDThermoC:\Programmi\HDD Thermometer\HDD Thermometer.exe = C:\Programmi\HDD Thermometer\HDD Thermometer.exe
@SweetIMC:\Programmi\Macrogaming\SweetIM\SweetIM.exe = C:\Programmi\Macrogaming\SweetIM\SweetIM.exe
@msnmsgr~"C:\Programmi\MSN Messenger\msnmsgr.exe" /background /*file not found*/ = ~"C:\Programmi\MSN Messenger\msnmsgr.exe" /background /*file not found*/

HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad@WPDShServiceObj = C:\WINDOWS\system32\WPDShServiceObj.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved >>>
@{42071714-76d4-11d1-8b24-00a0c9068ff3} /*Estensione panoramica video del Pannello di controllo*/deskpan.dll /*file not found*/ = deskpan.dll /*file not found*/
@{596AB062-B4D2-4215-9F74-E9109B0A8153} /*Pagina proprietà versioni precedenti*/%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll
@{9DB7A13C-F208-4981-8353-73CC61AE2783} /*Versioni precedenti*/%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll
@{30D02401-6A81-11d0-8274-00C04FD5AE38} /*IE Search Band*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{E7E4BC40-E76A-11CE-A9BB-00AA004AE837} /*Shell DocObject Viewer*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{FBF23B40-E3F0-101B-8488-00AA003E56F8} /*InternetShortcut*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{3C374A40-BAE4-11CF-BF7D-00AA006946EE} /*Microsoft Url History Service*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{FF393560-C2A7-11CF-BFF4-444553540000} /*History*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{7BD29E00-76C1-11CF-9DD0-00A0C9034933} /*Temporary Internet Files*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{7BD29E01-76C1-11CF-9DD0-00A0C9034933} /*Temporary Internet Files*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{CFBFAE00-17A6-11D0-99CB-00C04FD64497} /*Microsoft Url Search Hook*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{3DC7A020-0ACD-11CF-A9BB-00AA004AE837} /*The Internet*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{871C5380-42A0-1069-A2EA-08002B30309D} /*Internet Name Space*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} /*Autoplay for SlideShow*/(null) =
@{692F0339-CBAA-47e6-B5B5-3B84DB604E87} /*Extensions Manager Folder*/C:\WINDOWS\system32\extmgr.dll = C:\WINDOWS\system32\extmgr.dll
@{2F603045-309F-11CF-9774-0020AFD0CFF6} /*Synaptics Control Panel*/C:\Programmi\Synaptics\SynTP\SynTPCpl.dll = C:\Programmi\Synaptics\SynTP\SynTPCpl.dll
@{BDEADF00-C265-11D0-BCED-00A0C90AB50F} /*Cartelle Web*/C:\PROGRA~1\FILECO~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL = C:\PROGRA~1\FILECO~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
@{00020D75-0000-0000-C000-000000000046} /*Microsoft Office Outlook Desktop Icon Handler*/C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL = C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL
@{0006F045-0000-0000-C000-000000000046} /*Microsoft Office Outlook Custom Icon Handler*/C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL = C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL
@{42042206-2D85-11D3-8CFF-005004838597} /*Microsoft Office HTML Icon Handler*/C:\Programmi\Microsoft Office\OFFICE11\msohev.dll = C:\Programmi\Microsoft Office\OFFICE11\msohev.dll
@{E0D79304-84BE-11CE-9641-444553540000} /*WinZip*/C:\PROGRA~1\WinZip\WZSHLSTB.DLL = C:\PROGRA~1\WinZip\WZSHLSTB.DLL
@{E0D79305-84BE-11CE-9641-444553540000} /*WinZip*/C:\PROGRA~1\WinZip\WZSHLSTB.DLL = C:\PROGRA~1\WinZip\WZSHLSTB.DLL
@{E0D79306-84BE-11CE-9641-444553540000} /*WinZip*/C:\PROGRA~1\WinZip\WZSHLSTB.DLL = C:\PROGRA~1\WinZip\WZSHLSTB.DLL
@{B41DB860-8EE4-11D2-9906-E49FADC173CA} /*WinRAR shell extension*/C:\Programmi\WinRAR\rarext.dll = C:\Programmi\WinRAR\rarext.dll
@{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} /*AVG7 Shell Extension*/C:\Programmi\Grisoft\AVG Free\avgse.dll = C:\Programmi\Grisoft\AVG Free\avgse.dll
@{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} /*AVG7 Find Extension*/C:\Programmi\Grisoft\AVG Free\avgse.dll = C:\Programmi\Grisoft\AVG Free\avgse.dll
@{472083B0-C522-11CF-8763-00608CC02F24} /*avast*/C:\Programmi\Alwil Software\Avast4\ashShell.dll = C:\Programmi\Alwil Software\Avast4\ashShell.dll
@(null) =
@{6af09ec9-b429-11d4-a1fb-0090960218cb} /*My Bluetooth Places*/C:\WINDOWS\system32\btneighborhood.dll = C:\WINDOWS\system32\btneighborhood.dll
@{40950107-FEA6-4d53-A65F-B2DCBA57DD58} /*Nokia Phone Browser*/C:\Programmi\Nokia\Nokia PC Suite 6\PhoneBrowser.dll = C:\Programmi\Nokia\Nokia PC Suite 6\PhoneBrowser.dll
@{FBFE7864-D495-41f0-B7DC-4BB601CC295E} /*Contact View*/C:\Programmi\Nokia\Nokia PC Suite 6\ContactView.dll = C:\Programmi\Nokia\Nokia PC Suite 6\ContactView.dll
@{C0C4375A-5B72-4efe-929D-3B848C3A1E91} /*Message View*/C:\Programmi\Nokia\Nokia PC Suite 6\MessageView.dll = C:\Programmi\Nokia\Nokia PC Suite 6\MessageView.dll
@{07C45BB1-4A8C-4642-A1F5-237E7215FF66} /*IE Microsoft BrowserBand*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{1C1EDB47-CE22-4bbb-B608-77B48F83C823} /*IE Fade Task*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{205D7A97-F16D-4691-86EF-F3075DCCA57D} /*IE Menu Desk Bar*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{3028902F-6374-48b2-8DC6-9725E775B926} /*IE AutoComplete*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{43886CD5-6529-41c4-A707-7B3C92C05E68} /*IE Navigation Bar*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{44C76ECD-F7FA-411c-9929-1B77BA77F524} /*IE Menu Site*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{4B78D326-D922-44f9-AF2A-07805C2A3560} /*IE Menu Band*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{6038EF75-ABFC-4e59-AB6F-12D397F6568D} /*IE Microsoft History AutoComplete List*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{6B4ECC4F-16D1-4474-94AB-5A763F2A54AE} /*IE Tracking Shell Menu*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{6CF48EF8-44CD-45d2-8832-A16EA016311B} /*IE IShellFolderBand*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{73CFD649-CD48-4fd8-A272-2070EA56526B} /*IE BandProxy*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{98FF6D4B-6387-4b0a-8FBD-C5C4BB17B4F8} /*IE MRU AutoComplete List*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{9A096BB5-9DC3-4D1C-8526-C3CBF991EA4E} /*IE RSS Feeder Folder*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{9D958C62-3954-4b44-8FAB-C4670C1DB4C2} /*IE Microsoft Shell Folder AutoComplete List*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{B31C5FAE-961F-415b-BAF0-E697A5178B94} /*IE Microsoft Multiple AutoComplete List Container*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{BC476F4C-D9D7-4100-8D4E-E043F6DEC409} /*Microsoft Browser Architecture*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{BFAD62EE-9D54-4b2a-BF3B-76F90697BD2A} /*IE Shell Rebar BandSite*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{E6EE9AAC-F76B-4947-8260-A9F136138E11} /*IE Shell Band Site Menu*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{F2CF5485-4E02-4f68-819C-B92DE9277049} /*&Links*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{F83DAC1C-9BB9-4f2b-B619-09819DA81B0E} /*IE Registry Tree Options Utility*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} /*IE User Assist*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{FDE7673D-2E19-4145-8376-BBD58C4BC7BA} /*IE Custom MRU AutoCompleted List*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D} /*Messenger Sharing Folders*/C:\Programmi\MSN Messenger\fsshext.8.1.0178.00.dll = C:\Programmi\MSN Messenger\fsshext.8.1.0178.00.dll
@{35786D3C-B075-49b9-88DD-029876E11C01} /*Portable Devices*/%SystemRoot%\system32\wpdshext.dll = %SystemRoot%\system32\wpdshext.dll
@{D6791A63-E7E2-4fee-BF52-5DED8E86E9B8} /*Portable Devices Menu*/%SystemRoot%\system32\wpdshext.dll = %SystemRoot%\system32\wpdshext.dll

HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ >>>
avast@{472083B0-C522-11CF-8763-00608CC02F24} = C:\Programmi\Alwil Software\Avast4\ashShell.dll
AVG7 Shell Extension@{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} = C:\Programmi\Grisoft\AVG Free\avgse.dll
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Programmi\WinRAR\rarext.dll
WinZip@{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WinZip\WZSHLSTB.DLL

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ >>>
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Programmi\WinRAR\rarext.dll
WinZip@{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WinZip\WZSHLSTB.DLL

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ >>>
avast@{472083B0-C522-11CF-8763-00608CC02F24} = C:\Programmi\Alwil Software\Avast4\ashShell.dll
AVG7 Shell Extension@{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} = C:\Programmi\Grisoft\AVG Free\avgse.dll
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Programmi\WinRAR\rarext.dll
WinZip@{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WinZip\WZSHLSTB.DLL

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects >>>
@{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}c:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll = c:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
@{1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A}C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll = C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
@{22BF413B-C6D2-4d91-82A9-A0F997BA588C}C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll = C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
@{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll = C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
@{9030D464-4C02-4ABF-8ECC-5164760863C6}C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll = C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
@{955BE0B8-BC85-4CAF-856E-8E0D8B610560}C:\Programmi\File comuni\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL = C:\Programmi\File comuni\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL

HKCU\Control Panel\Desktop@SCRNSAVE.EXE = C:\WINDOWS\system32\ssstars.scr

HKLM\Software\Microsoft\Internet Explorer\Main >>>
@Default_Page_URLhttp://go.microsoft.com/fwlink/?LinkId=69157 = http://go.microsoft.com/fwlink/?LinkId=69157
@Start Pagehttp://go.microsoft.com/fwlink/?LinkId=69157 = http://go.microsoft.com/fwlink/?LinkId=69157
@Local Page%SystemRoot%\system32\blank.htm = %SystemRoot%\system32\blank.htm

HKCU\Software\Microsoft\Internet Explorer\Main >>>
@Start Pagehttp://www.google.it/ = http://www.google.it/
@Local PageC:\WINDOWS\system32\blank.htm = C:\WINDOWS\system32\blank.htm

HKLM\Software\Classes\PROTOCOLS\Filter\text/xml@CLSID = C:\Programmi\File comuni\Microsoft Shared\OFFICE11\MSOXMLMF.DLL

HKLM\Software\Classes\PROTOCOLS\Handler\ >>>
dvd@CLSID = C:\WINDOWS\system32\msvidctl.dll
its@CLSID = C:\WINDOWS\system32\itss.dll
livecall@CLSID = C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
mhtml@CLSID = %SystemRoot%\system32\inetcomm.dll
ms-its@CLSID = C:\WINDOWS\system32\itss.dll
ms-itss@CLSID = C:\Programmi\File comuni\Microsoft Shared\Information Retrieval\msitss.dll
msnim@CLSID = C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
mso-offdap@CLSID = C:\PROGRA~1\FILECO~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
mso-offdap11@CLSID = C:\PROGRA~1\FILECO~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
skype4com@CLSID = C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
tv@CLSID = C:\WINDOWS\system32\msvidctl.dll
wia@CLSID = C:\WINDOWS\system32\wiascr.dll

HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000004@LibraryPath = %SystemRoot%\system32\wshbth.dll

C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica >>>
Adobe Gamma Loader.lnk = Adobe Gamma Loader.lnk
Adobe Reader Speed Launch.lnk = Adobe Reader Speed Launch.lnk
ASUS ChkMail.lnk = ASUS ChkMail.lnk
Bluetooth Manager.lnk = Bluetooth Manager.lnk
BTTray.lnk = BTTray.lnk
Digisoft AntiDialer.lnk = Digisoft AntiDialer.lnk

---- EOF - GMER 1.0.13 ----
Avatar utente
ilovejohnnies
Neo Iscritto
Neo Iscritto
 
Messaggi: 22
Iscritto il: lun giu 12, 2006 2:33 pm

Messaggioda crazy.cat » lun nov 26, 2007 4:32 pm

Quello che ti spedisce le mail, direi che e' questo file
C:\WINDOWS\system32\wnrnqvg.exe Infected: Email-Worm.Win32.Agent.bm skipped
cancellalo dalla modalita' provvisoria, oppure se hai problemi usa Killbox o unlocker.

gli altri file sono degli adware, ti basta ccleaner per svuotare temp e temporanei di internet.
disattiva anche il ripristino della configurazione per rimuovere il resto degli adware.
Quando i molti governano, pensano solo a contentar sé stessi, si ha allora la tirannia più balorda e più odiosa: la tirannia mascherata da libertà.
Avatar utente
crazy.cat
MLI Hero
MLI Hero
 
Messaggi: 30959
Iscritto il: lun gen 12, 2004 1:38 pm
Località: Mestre


Messaggioda ilovejohnnies » lun nov 26, 2007 11:19 pm

ho cercato di cancellare manualmente alcuni file e ho rifatto + volte la scansione con kaspersky...adesso mi rimangono ancora questi file:

Total number of scanned objects 47039
Number of viruses found 1
Number of infected objects 5
Number of suspicious objects 0
Duration of the scan process 00:43:07

Infected Object Name Virus Name Last Action
C:\Documents and Settings\All Users\Dati applicazioni\Grisoft\Avg7Data\avg7log.log Object is locked skipped
C:\Documents and Settings\All Users\Dati applicazioni\Grisoft\Avg7Data\avg7log.log.lck Object is locked skipped
C:\Documents and Settings\Antonio\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Antonio\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Antonio\Impostazioni locali\Cronologia\History.IE5\MSHist012007112620071127\index.dat Object is locked skipped
C:\Documents and Settings\Antonio\Impostazioni locali\Dati applicazioni\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\Antonio\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Antonio\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Antonio\Impostazioni locali\Temp\~DFD954.tmp Object is locked skipped
C:\Documents and Settings\Antonio\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Antonio\ntuser.dat Object is locked skipped
C:\Documents and Settings\Antonio\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Antonio\UserData\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Temporary Internet Files\Content.IE5\EJ2CQXZS\upgrade[1].cab/upgrade.exe/stream/data0002 Infected: not-a-virus:AdWare.Win32.OneStep.c skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Temporary Internet Files\Content.IE5\EJ2CQXZS\upgrade[1].cab/upgrade.exe/stream/data0003 Infected: not-a-virus:AdWare.Win32.OneStep.c skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Temporary Internet Files\Content.IE5\EJ2CQXZS\upgrade[1].cab/upgrade.exe/stream Infected: not-a-virus:AdWare.Win32.OneStep.c skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Temporary Internet Files\Content.IE5\EJ2CQXZS\upgrade[1].cab/upgrade.exe Infected: not-a-virus:AdWare.Win32.OneStep.c skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Temporary Internet Files\Content.IE5\EJ2CQXZS\upgrade[1].cab CAB: infected - 4 skipped

C:\Documents and Settings\LocalService\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Programmi\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped
C:\Programmi\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped
C:\Programmi\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped
C:\Programmi\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped
C:\Programmi\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped
C:\Programmi\Alwil Software\Avast4\DATA\report\Protezione residente.txt Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{1FF00C0B-B629-488D-A393-20CD7174FADC}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\DEFAULT Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SYSTEM Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\Perflib_Perfdata_1f8.dat Object is locked skipped
C:\WINDOWS\Temp\Perflib_Perfdata_e8.dat Object is locked skipped
C:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
Avatar utente
ilovejohnnies
Neo Iscritto
Neo Iscritto
 
Messaggi: 22
Iscritto il: lun giu 12, 2006 2:33 pm

Messaggioda crazy.cat » mar nov 27, 2007 7:49 am

Usa ccleaner e svuota i temporanei di internet o vai a cancellare a mano quei file indicati.
Sono solo degli adware e non dei virus.
Quando i molti governano, pensano solo a contentar sé stessi, si ha allora la tirannia più balorda e più odiosa: la tirannia mascherata da libertà.
Avatar utente
crazy.cat
MLI Hero
MLI Hero
 
Messaggi: 30959
Iscritto il: lun gen 12, 2004 1:38 pm
Località: Mestre

Messaggioda ilovejohnnies » gio nov 29, 2007 11:11 am

ciao,purtroppo nn sono riuscita a collegarmi in questi giorni...
ho fatto come mi hai consigliato, anche + volte, ma rimangono sempre quei 5 file... anche se li ho cancellati, quando effettuo la scansione con kaspersky si ripresentano.. (ho fatto anche varie scansioni con altri antimalware)
però se non sono virus, non dovrei preoccuparmi vero?
grazie e mi scuso x il disturbo!

Scan Statistics
Total number of scanned objects 47585
Number of viruses found 1
Number of infected objects 5
Number of suspicious objects 0
Duration of the scan process 00:59:22

Infected Object Name Virus Name Last Action
Files\Content.IE5\EJ2CQXZS\upgrade[1].cab/upgrade.exe/stream/data0002 Infected: not-a-virus:AdWare.Win32.OneStep.c skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Temporary Internet Files\Content.IE5\EJ2CQXZS\upgrade[1].cab/upgrade.exe/stream/data0003 Infected: not-a-virus:AdWare.Win32.OneStep.c skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Temporary Internet Files\Content.IE5\EJ2CQXZS\upgrade[1].cab/upgrade.exe/stream Infected: not-a-virus:AdWare.Win32.OneStep.c skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Temporary Internet Files\Content.IE5\EJ2CQXZS\upgrade[1].cab/upgrade.exe Infected: not-a-virus:AdWare.Win32.OneStep.c skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Temporary Internet Files\Content.IE5\EJ2CQXZS\upgrade[1].cab CAB: infected - 4 skipped[/b]
Avatar utente
ilovejohnnies
Neo Iscritto
Neo Iscritto
 
Messaggi: 22
Iscritto il: lun giu 12, 2006 2:33 pm

Messaggioda ste_95 » gio nov 29, 2007 1:16 pm

Probabilmente sono dati da qualche sito che rivisiti e che salvano quei files... [uhm]
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am


Torna a Sicurezza

Chi c’è in linea

Visitano il forum: Nessuno e 2 ospiti

cron
Powered by phpBB © 2002, 2005, 2007, 2008 phpBB Group
Traduzione Italiana phpBB.it

megalab.it: testata telematica quotidiana registrata al Tribunale di Cosenza n. 22/09 del 13.08.2009, editore Master New Media S.r.l.; © Copyright 2008 Master New Media S.r.l. a socio unico - P.I. 02947530784. GRUPPO EDIZIONI MASTER Spa Tutti i diritti sono riservati. Per la pubblicità: Master Advertising