Punto informatico Network
Login Esegui login | Non sei registrato? Iscriviti ora (è gratuito!)
Username: Password:
  • Annuncio Pubblicitario

Bagle 3

Un virus si è intromesso nel tuo computer? Vuoi navigare in tutta sicurezza? Sono sicure le transazione online? Come impedire a malintenzionati di intromettersi nel tuo pc? Come proteggere i tuoi dati? Qui trovi le risposte a queste ed altre domande

Messaggioda misterxfiles » sab gen 12, 2008 1:59 am

Salve a tutti ...vi scrivo qui' perche il mio caso sembra essere incredibilmete identico a quello di sunt leone sia per il numero di pc infetti che per la concomitanza ( i giorni odierni) di questa infezione maledetta da parte di questo worm bagle..mi è sembrato di leggere in questo forum cio che mi sta capitando da ormai tre giorni..niente anti virus funzioni disabilitate sul portatile ecce ecc..ho dato una letta ai molti aiuti presenti e scaricato utility come avenger e gmer..la scansione con kasper ha dato esiti insufficienti il mio script non è idoneo..sono qui in cerca di un risolutivo script da inserire ..Non so se puo essere utile darvi comunque il report di kasper dato che poi ho cancellato alcune cartelle infette di mia iniziativa ( il pc ancora funziona!!!!)ad ogni modo potrebbe esservi utile lo stesso ..non mi intendo molto di queste cose ..spero possa servire a qualche cosa ..ovviamente mi riprometto di fare un altro scan con kaspersky ..il che richiedera' almeno 12 ore .. eccovi comunque di seguito il report kasperiano:


REPORT
Friday, January 11, 2008 8:58:31 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 11/01/2008
Kaspersky Anti-Virus database records: 507414


Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true

Scan Target My Computer
A:\
C:\
D:\
E:\
F:\

Scan Statistics
Total number of scanned objects 934882
Number of viruses found 16
Number of infected objects 97
Number of suspicious objects 0
Duration of the scan process 11:01:06

Infected Object Name Virus Name Last Action
C:\avenger\backup-08.01.2008-22.32.44,75.zip/avenger/wintems.exe-ren-886 Infected: Trojan-Downloader.Win32.Bagle.ho skipped

C:\avenger\backup-08.01.2008-22.32.44,75.zip ZIP: infected - 1 skipped

C:\avenger\backup-09.01.2008- 0.28.38,20.zip/avenger/wintems.exe Infected: Trojan-Downloader.Win32.Bagle.ho skipped

C:\avenger\backup-09.01.2008- 0.28.38,20.zip ZIP: infected - 1 skipped

C:\avenger\backup-10.01.2008-17.56.33,54.zip/avenger/hldrrr.exe Infected: Trojan-Downloader.Win32.Bagle.hn skipped

C:\avenger\backup-10.01.2008-17.56.33,54.zip/avenger/hldrrr.exe-ren-873 Infected: Trojan-Downloader.Win32.Bagle.hn skipped

C:\avenger\backup-10.01.2008-17.56.33,54.zip/avenger/srosa.sys Infected: Trojan-Downloader.Win32.Bagle.hq skipped

C:\avenger\backup-10.01.2008-17.56.33,54.zip/avenger/wintems.exe Infected: Trojan-Downloader.Win32.Bagle.ho skipped

C:\avenger\backup-10.01.2008-17.56.33,54.zip ZIP: infected - 4 skipped

C:\avenger\backup.zip/avenger/down/144078.exe Infected: Trojan.Win32.Pakes.bwy skipped

C:\avenger\backup.zip/avenger/hldrrr.exe Infected: Trojan-Downloader.Win32.Bagle.hn skipped

C:\avenger\backup.zip/avenger/srosa.sys Infected: Trojan-Downloader.Win32.Bagle.hq skipped

C:\avenger\backup.zip ZIP: infected - 3 skipped

C:\Documents and Settings\All Users\Dati applicazioni\Microsoft\Crypto\RSA\MachineKeys\95d86ab7c585af6429c8c49f93747ca5_991dd7a1-236d-4aa5-96f6-2c70d8ce8a4c Object is locked skipped

C:\Documents and Settings\Andrea\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\Andrea\Dati applicazioni\$_hpcst$.hpc Object is locked skipped

C:\Documents and Settings\Andrea\Dati applicazioni\Sun\Java\Deployment\cache\javapi\v1.0\jar\eRT.jar-41b68eed-75f4b077.zip/HiPointInstallShieldRT.class Infected: Trojan-Downloader.Java.OpenConnection.ap skipped

C:\Documents and Settings\Andrea\Dati applicazioni\Sun\Java\Deployment\cache\javapi\v1.0\jar\eRT.jar-41b68eed-75f4b077.zip ZIP: infected - 1 skipped

C:\Documents and Settings\Andrea\Dati applicazioni\VCMAILFACE\Bin Barb Bore.exe Infected: Trojan-Downloader.Win32.Bagle.hn skipped

C:\Documents and Settings\Andrea\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Andrea\Impostazioni locali\Cronologia\History.IE5\MSHist012008011120080112\index.dat Object is locked skipped

C:\Documents and Settings\Andrea\Impostazioni locali\Dati applicazioni\Microsoft\Feeds Cache\index.dat Object is locked skipped

C:\Documents and Settings\Andrea\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\Andrea\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\Andrea\Impostazioni locali\Temp\WCESLog.log Object is locked skipped

C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped

C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\3WRIA8Z0\b64_1[1].jpg Infected: Trojan-PSW.Win32.LdPinch.ewq skipped

C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\3WRIA8Z0\b64_2[1].jpg Infected: Trojan.Win32.Pakes.bwy skipped

C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\7GJS0HLZ\b64_1[1].jpg Infected: Trojan-PSW.Win32.LdPinch.ewq skipped

C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\7GJS0HLZ\b64_2[1].jpg Infected: Trojan.Win32.Pakes.bwy skipped

C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\9L8VVC94\b64_1[1].jpg Infected: Trojan-PSW.Win32.LdPinch.ewq skipped

C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\9L8VVC94\b64_1[2].jpg Infected: Trojan-PSW.Win32.LdPinch.ewq skipped

C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\9L8VVC94\b64_2[1].jpg Infected: Trojan.Win32.Pakes.bwy skipped

C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\9L8VVC94\b64_3[1].jpg Infected: Trojan-Downloader.Win32.Bagle.ho skipped

C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\AJP8L1CJ\b64_1[1].jpg Infected: Trojan-PSW.Win32.LdPinch.ewq skipped

C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\AJP8L1CJ\b64_2[1].jpg Infected: Trojan.Win32.Pakes.bwy skipped

C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\AJP8L1CJ\b64_2[2].jpg Infected: Trojan.Win32.Pakes.bwy skipped

C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\D8HZUOB3\b64_2[1].jpg Infected: Trojan.Win32.Pakes.bwy skipped

C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\D8HZUOB3\key-seca2[1].htm Infected: Trojan-Downloader.JS.Agent.ab skipped

C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\GG1RDIQC\b64_1[1].jpg Infected: Trojan-PSW.Win32.LdPinch.ewq skipped

C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\GG1RDIQC\b64_1[2].jpg Infected: Trojan-PSW.Win32.LdPinch.ewq skipped

C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\LSAS5SJ5\b64_1[1].jpg Infected: Trojan-PSW.Win32.LdPinch.ewq skipped

C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\LSAS5SJ5\b64_2[1].jpg Infected: Trojan.Win32.Pakes.bwy skipped

C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\LSAS5SJ5\b64_2[2].jpg Infected: Trojan.Win32.Pakes.bwy skipped

C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\MJFGY4WN\b64_3[1].jpg Infected: Trojan-Downloader.Win32.Bagle.ho skipped

C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\R130NE4Z\b64_1[1].jpg Infected: Trojan-PSW.Win32.LdPinch.ewq skipped

C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\R130NE4Z\b64_3[2].jpg Infected: Trojan-Downloader.Win32.Bagle.ho skipped

C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\R130NE4Z\b64_3[3].jpg Infected: Trojan-Downloader.Win32.Bagle.ho skipped

C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\R130NE4Z\b64_3[4].jpg Infected: Trojan-Downloader.Win32.Bagle.ho skipped

C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\UIZ6GGCC\b64_1[1].jpg Infected: Trojan-PSW.Win32.LdPinch.ewq skipped

C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\UIZ6GGCC\b64_2[1].jpg Infected: Trojan.Win32.Pakes.bwy skipped

C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\XR03M81C\b64_1[1].jpg Infected: Trojan-PSW.Win32.LdPinch.ewq skipped

C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\XYVUAVJA\b64_1[1].jpg Infected: Trojan-PSW.Win32.LdPinch.ewq skipped

C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\XYVUAVJA\b64_1[2].jpg Infected: Trojan-PSW.Win32.LdPinch.ewq skipped

C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\XYVUAVJA\b64_2[1].jpg Infected: Trojan.Win32.Pakes.bwy skipped

C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\XYVUAVJA\b64_2[2].jpg Infected: Trojan.Win32.Pakes.bwy skipped

C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\XYVUAVJA\b64_2[3].jpg Infected: Trojan.Win32.Pakes.bwy skipped

C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\XYVUAVJA\b64_2[4].jpg Infected: Trojan.Win32.Pakes.bwy skipped

C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\XYVUAVJA\b64_3[1].jpg Infected: Trojan-Downloader.Win32.Bagle.ho skipped

C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\XYVUAVJA\b64_3[2].jpg Infected: Trojan-Downloader.Win32.Bagle.ho skipped

C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\Y40VV7N6\b64_1[1].jpg Infected: Trojan-PSW.Win32.LdPinch.ewq skipped

C:\Documents and Settings\Andrea\ntuser.dat Object is locked skipped

C:\Documents and Settings\Andrea\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\Andrea\UserData\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\ntuser.dat Object is locked skipped

C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped

C:\Programmi\File comuni\Microsoft Shared\aBH.exe Object is locked skipped

C:\Programmi\File comuni\Microsoft Shared\Bih.exe Object is locked skipped

C:\Programmi\File comuni\Microsoft Shared\cmaJ.exe Object is locked skipped

C:\Programmi\File comuni\Microsoft Shared\Dnu.exe Object is locked skipped

C:\Programmi\File comuni\Microsoft Shared\GughAG.exe Object is locked skipped

C:\Programmi\File comuni\Microsoft Shared\hnGOHmw.exe Object is locked skipped

C:\Programmi\File comuni\Microsoft Shared\KZl.exe Object is locked skipped

C:\Programmi\File comuni\Microsoft Shared\Lfz.exe Object is locked skipped

C:\Programmi\File comuni\Microsoft Shared\LVIFw.exe Object is locked skipped

C:\Programmi\File comuni\Microsoft Shared\LYa.exe Object is locked skipped

C:\Programmi\File comuni\Microsoft Shared\pFv.exe Object is locked skipped

C:\Programmi\File comuni\Microsoft Shared\pmLN.exe Object is locked skipped

C:\Programmi\File comuni\Microsoft Shared\pPxRG.exe Object is locked skipped

C:\Programmi\File comuni\Microsoft Shared\qIJ.exe Object is locked skipped

C:\Programmi\File comuni\Microsoft Shared\qlb.exe Object is locked skipped

C:\Programmi\File comuni\Microsoft Shared\qpgVLP.exe Object is locked skipped

C:\Programmi\File comuni\Microsoft Shared\SgJWX.exe Object is locked skipped

C:\Programmi\File comuni\Microsoft Shared\snjEgK.exe Object is locked skipped

C:\Programmi\File comuni\Microsoft Shared\sTvCIDA.exe Object is locked skipped

C:\Programmi\File comuni\Microsoft Shared\tJojYDq.exe Object is locked skipped

C:\Programmi\File comuni\Microsoft Shared\vEhdZXl.exe Object is locked skipped

C:\Programmi\File comuni\Microsoft Shared\wAW.exe Object is locked skipped

C:\Programmi\File comuni\Microsoft Shared\XcNeNqh.exe Object is locked skipped

C:\Programmi\File comuni\Microsoft Shared\XtA.exe Object is locked skipped

C:\Programmi\File comuni\Microsoft Shared\xWoOgA.exe Object is locked skipped

C:\Programmi\File comuni\Microsoft Shared\YnJHTc.exe Object is locked skipped

C:\Programmi\File comuni\Services\AeOENNj.exe Object is locked skipped

C:\Programmi\File comuni\Services\AESUIA.exe Object is locked skipped

C:\Programmi\File comuni\Services\AlKOv.exe Object is locked skipped

C:\Programmi\File comuni\Services\aNcDz.exe Object is locked skipped

C:\Programmi\File comuni\Services\aOH.exe Object is locked skipped

C:\Programmi\File comuni\Services\BeJmyS.exe Object is locked skipped

C:\Programmi\File comuni\Services\btd.exe Object is locked skipped

C:\Programmi\File comuni\Services\Buk.exe Object is locked skipped

C:\Programmi\File comuni\Services\Cazm.exe Object is locked skipped

C:\Programmi\File comuni\Services\ckr.exe Object is locked skipped

C:\Programmi\File comuni\Services\Cqq.exe Object is locked skipped

C:\Programmi\File comuni\Services\CTNy.exe Object is locked skipped

C:\Programmi\File comuni\Services\cxd.exe Object is locked skipped

C:\Programmi\File comuni\Services\dfF.exe Object is locked skipped

C:\Programmi\File comuni\Services\DGLzNbb.exe Object is locked skipped

C:\Programmi\File comuni\Services\dlQ.exe Object is locked skipped

C:\Programmi\File comuni\Services\DnLFzyr.exe Object is locked skipped

C:\Programmi\File comuni\Services\DpP.exe Object is locked skipped

C:\Programmi\File comuni\Services\dVYndk.exe Object is locked skipped

C:\Programmi\File comuni\Services\dXIV.exe Object is locked skipped

C:\Programmi\File comuni\Services\eGP.exe Object is locked skipped

C:\Programmi\File comuni\Services\ElhN.exe Object is locked skipped

C:\Programmi\File comuni\Services\EMLD.exe Object is locked skipped

C:\Programmi\File comuni\Services\ENVjn.exe Object is locked skipped

C:\Programmi\File comuni\Services\EYk.exe Object is locked skipped

C:\Programmi\File comuni\Services\fAR.exe Object is locked skipped

C:\Programmi\File comuni\Services\FcS.exe Object is locked skipped

C:\Programmi\File comuni\Services\FgatBr.exe Object is locked skipped

C:\Programmi\File comuni\Services\FOHj.exe Object is locked skipped

C:\Programmi\File comuni\Services\FYh.exe Object is locked skipped

C:\Programmi\File comuni\Services\gJx.exe Object is locked skipped

C:\Programmi\File comuni\Services\GlmVTwD.exe Object is locked skipped

C:\Programmi\File comuni\Services\GYDNHu.exe Object is locked skipped

C:\Programmi\File comuni\Services\hHzfzn.exe Object is locked skipped

C:\Programmi\File comuni\Services\hsKmxJ.exe Object is locked skipped

C:\Programmi\File comuni\Services\hVa.exe Object is locked skipped

C:\Programmi\File comuni\Services\HVC.exe Object is locked skipped

C:\Programmi\File comuni\Services\iAUYs.exe Object is locked skipped

C:\Programmi\File comuni\Services\iDMFE.exe Object is locked skipped

C:\Programmi\File comuni\Services\igDeV.exe Object is locked skipped

C:\Programmi\File comuni\Services\Iud.exe Object is locked skipped

C:\Programmi\File comuni\Services\jAs.exe Object is locked skipped

C:\Programmi\File comuni\Services\JbS.exe Object is locked skipped

C:\Programmi\File comuni\Services\jhB.exe Object is locked skipped

C:\Programmi\File comuni\Services\KAG.exe Object is locked skipped

C:\Programmi\File comuni\Services\KrDFGpk.exe Object is locked skipped

C:\Programmi\File comuni\Services\kSaz.exe Object is locked skipped

C:\Programmi\File comuni\Services\lmcSL.exe Object is locked skipped

C:\Programmi\File comuni\Services\MkKDutZ.exe Object is locked skipped

C:\Programmi\File comuni\Services\MlqWG.exe Object is locked skipped

C:\Programmi\File comuni\Services\mMe.exe Object is locked skipped

C:\Programmi\File comuni\Services\MvV.exe Object is locked skipped

C:\Programmi\File comuni\Services\NdRXZiG.exe Object is locked skipped

C:\Programmi\File comuni\Services\NGxK.exe Object is locked skipped

C:\Programmi\File comuni\Services\nkNa.exe Object is locked skipped

C:\Programmi\File comuni\Services\nMQ.exe Object is locked skipped

C:\Programmi\File comuni\Services\NnqnLAt.exe Object is locked skipped

C:\Programmi\File comuni\Services\NtQGE.exe Object is locked skipped

C:\Programmi\File comuni\Services\nWcA.exe Object is locked skipped

C:\Programmi\File comuni\Services\NwR.exe Object is locked skipped

C:\Programmi\File comuni\Services\NWzEn.exe Object is locked skipped

C:\Programmi\File comuni\Services\nXx.exe Object is locked skipped

C:\Programmi\File comuni\Services\olbb.exe Object is locked skipped

C:\Programmi\File comuni\Services\oMLJw.exe Object is locked skipped

C:\Programmi\File comuni\Services\oQJEru.exe Object is locked skipped

C:\Programmi\File comuni\Services\OTr.exe Object is locked skipped

C:\Programmi\File comuni\Services\OzUj.exe Object is locked skipped

C:\Programmi\File comuni\Services\Pdb.exe Object is locked skipped

C:\Programmi\File comuni\Services\peXqk.exe Object is locked skipped

C:\Programmi\File comuni\Services\pGKWjY.exe Object is locked skipped

C:\Programmi\File comuni\Services\PHa.exe Object is locked skipped

C:\Programmi\File comuni\Services\pjv.exe Object is locked skipped

C:\Programmi\File comuni\Services\pKxYu.exe Object is locked skipped

C:\Programmi\File comuni\Services\ptA.exe Object is locked skipped

C:\Programmi\File comuni\Services\puTl.exe Object is locked skipped

C:\Programmi\File comuni\Services\PwhPGrV.exe Object is locked skipped

C:\Programmi\File comuni\Services\qPd.exe Object is locked skipped

C:\Programmi\File comuni\Services\QqnZtO.exe Object is locked skipped

C:\Programmi\File comuni\Services\rct.exe Object is locked skipped

C:\Programmi\File comuni\Services\rJe.exe Object is locked skipped

C:\Programmi\File comuni\Services\sHPAMU.exe Object is locked skipped

C:\Programmi\File comuni\Services\sLQ.exe Object is locked skipped

C:\Programmi\File comuni\Services\StCh.exe Object is locked skipped

C:\Programmi\File comuni\Services\tCy.exe Object is locked skipped

C:\Programmi\File comuni\Services\TOd.exe Object is locked skipped

C:\Programmi\File comuni\Services\txx.exe Object is locked skipped

C:\Programmi\File comuni\Services\UaFxp.exe Object is locked skipped

C:\Programmi\File comuni\Services\uOW.exe Object is locked skipped

C:\Programmi\File comuni\Services\UuR.exe Object is locked skipped

C:\Programmi\File comuni\Services\UWr.exe Object is locked skipped

C:\Programmi\File comuni\Services\vcAs.exe Object is locked skipped

C:\Programmi\File comuni\Services\VCZmt.exe Object is locked skipped

C:\Programmi\File comuni\Services\VnhipG.exe Object is locked skipped

C:\Programmi\File comuni\Services\vnNs.exe Object is locked skipped

C:\Programmi\File comuni\Services\VTN.exe Object is locked skipped

C:\Programmi\File comuni\Services\vyMU.exe Object is locked skipped

C:\Programmi\File comuni\Services\WdA.exe Object is locked skipped

C:\Programmi\File comuni\Services\WEX.exe Object is locked skipped

C:\Programmi\File comuni\Services\wMd.exe Object is locked skipped

C:\Programmi\File comuni\Services\XBbPmD.exe Object is locked skipped

C:\Programmi\File comuni\Services\Xco.exe Object is locked skipped

C:\Programmi\File comuni\Services\xFd.exe Object is locked skipped

C:\Programmi\File comuni\Services\xNwBuBO.exe Object is locked skipped

C:\Programmi\File comuni\Services\Xwp.exe Object is locked skipped

C:\Programmi\File comuni\Services\xZsTCgI.exe Object is locked skipped

C:\Programmi\File comuni\Services\yVC.exe Object is locked skipped

C:\Programmi\File comuni\Services\zasyZ.exe Object is locked skipped

C:\Programmi\File comuni\Services\zDgONC.exe Object is locked skipped

C:\Programmi\File comuni\Services\ZEr.exe Object is locked skipped

C:\Programmi\File comuni\Services\zzA.exe Object is locked skipped

C:\Programmi\File comuni\Services\zzG.exe Object is locked skipped

C:\Programmi\File comuni\System\AlHDUbm.exe Object is locked skipped

C:\Programmi\File comuni\System\BdwLrCE.exe Object is locked skipped

C:\Programmi\File comuni\System\bKB.exe Object is locked skipped

C:\Programmi\File comuni\System\bkIH.exe Object is locked skipped

C:\Programmi\File comuni\System\Blg.exe Object is locked skipped

C:\Programmi\File comuni\System\bzHU.exe Object is locked skipped

C:\Programmi\File comuni\System\cCClkgd.exe Object is locked skipped

C:\Programmi\File comuni\System\cGC.exe Object is locked skipped

C:\Programmi\File comuni\System\CPh.exe Object is locked skipped

C:\Programmi\File comuni\System\Crh.exe Object is locked skipped

C:\Programmi\File comuni\System\Dsd.exe Object is locked skipped

C:\Programmi\File comuni\System\Eia.exe Object is locked skipped

C:\Programmi\File comuni\System\EIMY.exe Object is locked skipped

C:\Programmi\File comuni\System\enC.exe Object is locked skipped

C:\Programmi\File comuni\System\ETimG.exe Object is locked skipped

C:\Programmi\File comuni\System\FcFaoN.exe Object is locked skipped

C:\Programmi\File comuni\System\FDTj.exe Object is locked skipped

C:\Programmi\File comuni\System\fiK.exe Object is locked skipped

C:\Programmi\File comuni\System\gJAf.exe Object is locked skipped

C:\Programmi\File comuni\System\gKO.exe Object is locked skipped

C:\Programmi\File comuni\System\gpV.exe Object is locked skipped

C:\Programmi\File comuni\System\Gvl.exe Object is locked skipped

C:\Programmi\File comuni\System\HJF.exe Object is locked skipped

C:\Programmi\File comuni\System\HjnBhwa.exe Object is locked skipped

C:\Programmi\File comuni\System\hvXpKI.exe Object is locked skipped

C:\Programmi\File comuni\System\iPOJf.exe Object is locked skipped

C:\Programmi\File comuni\System\jen.exe Object is locked skipped

C:\Programmi\File comuni\System\kcTJ.exe Object is locked skipped

C:\Programmi\File comuni\System\KQi.exe Object is locked skipped

C:\Programmi\File comuni\System\LKdA.exe Object is locked skipped

C:\Programmi\File comuni\System\lope.exe Object is locked skipped

C:\Programmi\File comuni\System\lyh.exe Object is locked skipped

C:\Programmi\File comuni\System\mCJ.exe Object is locked skipped

C:\Programmi\File comuni\System\MIeqO.exe Object is locked skipped

C:\Programmi\File comuni\System\mMY.exe Object is locked skipped

C:\Programmi\File comuni\System\mRZxtZ.exe Object is locked skipped

C:\Programmi\File comuni\System\NcK.exe Object is locked skipped

C:\Programmi\File comuni\System\niRaeEc.exe Object is locked skipped

C:\Programmi\File comuni\System\npT.exe Object is locked skipped

C:\Programmi\File comuni\System\oYWR.exe Object is locked skipped

C:\Programmi\File comuni\System\OzPgsiU.exe Object is locked skipped

C:\Programmi\File comuni\System\ozs.exe Object is locked skipped

C:\Programmi\File comuni\System\PBo.exe Object is locked skipped

C:\Programmi\File comuni\System\Pdhni.exe Object is locked skipped

C:\Programmi\File comuni\System\Pol.exe Object is locked skipped

C:\Programmi\File comuni\System\QaH.exe Object is locked skipped

C:\Programmi\File comuni\System\Qjy.exe Object is locked skipped

C:\Programmi\File comuni\System\QoLcI.exe Object is locked skipped

C:\Programmi\File comuni\System\QPtTK.exe Object is locked skipped

C:\Programmi\File comuni\System\qWckbDl.exe Object is locked skipped

C:\Programmi\File comuni\System\RDw.exe Object is locked skipped

C:\Programmi\File comuni\System\Rfqdx.exe Object is locked skipped

C:\Programmi\File comuni\System\rldWot.exe Object is locked skipped

C:\Programmi\File comuni\System\rmxNk.exe Object is locked skipped

C:\Programmi\File comuni\System\RngIH.exe Object is locked skipped

C:\Programmi\File comuni\System\RrN.exe Object is locked skipped

C:\Programmi\File comuni\System\RSAx.exe Object is locked skipped

C:\Programmi\File comuni\System\rwm.exe Object is locked skipped

C:\Programmi\File comuni\System\rzhmdP.exe Object is locked skipped

C:\Programmi\File comuni\System\sjgD.exe Object is locked skipped

C:\Programmi\File comuni\System\sjz.exe Object is locked skipped

C:\Programmi\File comuni\System\sMq.exe Object is locked skipped

C:\Programmi\File comuni\System\SOnIZQ.exe Object is locked skipped

C:\Programmi\File comuni\System\sUmZ.exe Object is locked skipped

C:\Programmi\File comuni\System\SWfaVt.exe Object is locked skipped

C:\Programmi\File comuni\System\tGHo.exe Object is locked skipped

C:\Programmi\File comuni\System\tGk.exe Object is locked skipped

C:\Programmi\File comuni\System\TJDf.exe Object is locked skipped

C:\Programmi\File comuni\System\TPUhQ.exe Object is locked skipped

C:\Programmi\File comuni\System\twhud.exe Object is locked skipped

C:\Programmi\File comuni\System\uvb.exe Object is locked skipped

C:\Programmi\File comuni\System\vRxi.exe Object is locked skipped

C:\Programmi\File comuni\System\vvp.exe Object is locked skipped

C:\Programmi\File comuni\System\vxa.exe Object is locked skipped

C:\Programmi\File comuni\System\WAv.exe Object is locked skipped

C:\Programmi\File comuni\System\wDLkG.exe Object is locked skipped

C:\Programmi\File comuni\System\Wgq.exe Object is locked skipped

C:\Programmi\File comuni\System\Whbhyb.exe Object is locked skipped

C:\Programmi\File comuni\System\WHZeO.exe Object is locked skipped

C:\Programmi\File comuni\System\WknY.exe Object is locked skipped

C:\Programmi\File comuni\System\wpo.exe Object is locked skipped

C:\Programmi\File comuni\System\xHvlV.exe Object is locked skipped

C:\Programmi\File comuni\System\Xpw.exe Object is locked skipped

C:\Programmi\File comuni\System\xRL.exe Object is locked skipped

C:\Programmi\File comuni\System\Xsa.exe Object is locked skipped

C:\Programmi\File comuni\System\xtviKcI.exe Object is locked skipped

C:\Programmi\File comuni\System\yvSGaSg.exe Object is locked skipped

C:\Programmi\File comuni\System\YYLF.exe Object is locked skipped

C:\Programmi\File comuni\System\ZBZ.exe Object is locked skipped

C:\Programmi\File comuni\System\zcy.exe Object is locked skipped

C:\Programmi\File comuni\System\zLVSqy.exe Object is locked skipped

C:\Programmi\LogMeIn\LMIinit.dll Infected: not-a-virus:RemoteAdmin.Win32.RemotelyAnywhere.a skipped

C:\Programmi\LogMeIn\ramaint.exe Infected: not-a-virus:RemoteAdmin.Win32.RemotelyAnywhere.a skipped

C:\Programmi\Ubisoft\Register\register.exe Object is locked skipped

C:\Programmi\Windows NT\BPk.exe Object is locked skipped

C:\Programmi\Windows NT\bWo.exe Object is locked skipped

C:\Programmi\Windows NT\COaqM.exe Object is locked skipped

C:\Programmi\Windows NT\cPzbjx.exe Object is locked skipped

C:\Programmi\Windows NT\CsTP.exe Object is locked skipped

C:\Programmi\Windows NT\CUPyr.exe Object is locked skipped

C:\Programmi\Windows NT\cyA.exe Object is locked skipped

C:\Programmi\Windows NT\czyFQq.exe Object is locked skipped

C:\Programmi\Windows NT\dFr.exe Object is locked skipped

C:\Programmi\Windows NT\DMm.exe Object is locked skipped

C:\Programmi\Windows NT\dsiF.exe Object is locked skipped

C:\Programmi\Windows NT\duf.exe Object is locked skipped

C:\Programmi\Windows NT\eAS.exe Object is locked skipped

C:\Programmi\Windows NT\ElD.exe Object is locked skipped

C:\Programmi\Windows NT\EnSlGhY.exe Object is locked skipped

C:\Programmi\Windows NT\eSDck.exe Object is locked skipped

C:\Programmi\Windows NT\fCf.exe Object is locked skipped

C:\Programmi\Windows NT\fiq.exe Object is locked skipped

C:\Programmi\Windows NT\FnY.exe Object is locked skipped

C:\Programmi\Windows NT\fsm.exe Object is locked skipped

C:\Programmi\Windows NT\gRZeRZ.exe Object is locked skipped

C:\Programmi\Windows NT\Gtx.exe Object is locked skipped

C:\Programmi\Windows NT\GWYmf.exe Object is locked skipped

C:\Programmi\Windows NT\GyXdx.exe Object is locked skipped

C:\Programmi\Windows NT\HLG.exe Object is locked skipped

C:\Programmi\Windows NT\hNc.exe Object is locked skipped

C:\Programmi\Windows NT\hrotDE.exe Object is locked skipped

C:\Programmi\Windows NT\hsA.exe Object is locked skipped

C:\Programmi\Windows NT\IRR.exe Object is locked skipped

C:\Programmi\Windows NT\iyLLvwt.exe Object is locked skipped

C:\Programmi\Windows NT\izbNb.exe Object is locked skipped

C:\Programmi\Windows NT\IzL.exe Object is locked skipped

C:\Programmi\Windows NT\kFr.exe Object is locked skipped

C:\Programmi\Windows NT\KNUQoO.exe Object is locked skipped

C:\Programmi\Windows NT\KpRjPJM.exe Object is locked skipped

C:\Programmi\Windows NT\kWxTt.exe Object is locked skipped

C:\Programmi\Windows NT\LsR.exe Object is locked skipped

C:\Programmi\Windows NT\MGy.exe Object is locked skipped

C:\Programmi\Windows NT\MTeUTKg.exe Object is locked skipped

C:\Programmi\Windows NT\myuLzw.exe Object is locked skipped

C:\Programmi\Windows NT\nRrpCe.exe Object is locked skipped

C:\Programmi\Windows NT\nUm.exe Object is locked skipped

C:\Programmi\Windows NT\nVuKulY.exe Object is locked skipped

C:\Programmi\Windows NT\oBhK.exe Object is locked skipped

C:\Programmi\Windows NT\OCKs.exe Object is locked skipped

C:\Programmi\Windows NT\OGN.exe Object is locked skipped

C:\Programmi\Windows NT\oOqvKEF.exe Object is locked skipped

C:\Programmi\Windows NT\Oql.exe Object is locked skipped

C:\Programmi\Windows NT\oRCZQlt.exe Object is locked skipped

C:\Programmi\Windows NT\oUQ.exe Object is locked skipped

C:\Programmi\Windows NT\ovFRCSl.exe Object is locked skipped

C:\Programmi\Windows NT\oxVdxC.exe Object is locked skipped

C:\Programmi\Windows NT\pnIQ.exe Object is locked skipped

C:\Programmi\Windows NT\pnygwl.exe Object is locked skipped

C:\Programmi\Windows NT\qAsc.exe Object is locked skipped

C:\Programmi\Windows NT\QkSrs.exe Object is locked skipped

C:\Programmi\Windows NT\qlT.exe Object is locked skipped

C:\Programmi\Windows NT\qPXDvI.exe Object is locked skipped

C:\Programmi\Windows NT\Qsq.exe Object is locked skipped

C:\Programmi\Windows NT\qUQy.exe Object is locked skipped

C:\Programmi\Windows NT\rAV.exe Object is locked skipped

C:\Programmi\Windows NT\RXIpE.exe Object is locked skipped

C:\Programmi\Windows NT\rZvcWz.exe Object is locked skipped

C:\Programmi\Windows NT\sdScVG.exe Object is locked skipped

C:\Programmi\Windows NT\SxOLzh.exe Object is locked skipped

C:\Programmi\Windows NT\SzauKbz.exe Object is locked skipped

C:\Programmi\Windows NT\tVwbm.exe Object is locked skipped

C:\Programmi\Windows NT\uLN.exe Object is locked skipped

C:\Programmi\Windows NT\uQMe.exe Object is locked skipped

C:\Programmi\Windows NT\uvzJccj.exe Object is locked skipped

C:\Programmi\Windows NT\Vns.exe Object is locked skipped

C:\Programmi\Windows NT\Wdus.exe Object is locked skipped

C:\Programmi\Windows NT\WFlt.exe Object is locked skipped

C:\Programmi\Windows NT\WkriP.exe Object is locked skipped

C:\Programmi\Windows NT\wsb.exe Object is locked skipped

C:\Programmi\Windows NT\XMoK.exe Object is locked skipped

C:\Programmi\Windows NT\xuq.exe Object is locked skipped

C:\Programmi\Windows NT\xzB.exe Object is locked skipped

C:\Programmi\Windows NT\YBKpoga.exe Object is locked skipped

C:\Programmi\Windows NT\Ymtz.exe Object is locked skipped

C:\Programmi\Windows NT\YZGlB.exe Object is locked skipped

C:\Programmi\Windows NT\ZBax.exe Object is locked skipped

C:\Programmi\Windows NT\zGw.exe Object is locked skipped

C:\Programmi\Windows NT\zHG.exe Object is locked skipped

C:\Programmi\Windows NT\ZnBA.exe Object is locked skipped

C:\RECYCLER\S-1-5-21-839522115-963894560-2147200963-1003\Dc1.rar/wintems.exe Infected: Trojan-Downloader.Win32.Bagle.ho skipped

C:\RECYCLER\S-1-5-21-839522115-963894560-2147200963-1003\Dc1.rar RAR: infected - 1 skipped

C:\RECYCLER\S-1-5-21-839522115-963894560-2147200963-1003\Dc2\122687.exe Infected: Trojan.Win32.Pakes.bwy skipped

C:\RECYCLER\S-1-5-21-839522115-963894560-2147200963-1003\Dc2\158828.exe Infected: Trojan.Win32.Pakes.bwy skipped

C:\RECYCLER\S-1-5-21-839522115-963894560-2147200963-1003\Dc2\159875.exe Infected: Trojan.Win32.Pakes.bwy skipped

C:\RECYCLER\S-1-5-21-839522115-963894560-2147200963-1003\Dc2\161156.exe Infected: Trojan.Win32.Pakes.bwy skipped

C:\RECYCLER\S-1-5-21-839522115-963894560-2147200963-1003\Dc2\164578.exe Infected: Trojan.Win32.Pakes.bwy skipped

C:\RECYCLER\S-1-5-21-839522115-963894560-2147200963-1003\Dc2\167250.exe Infected: Trojan.Win32.Pakes.bwy skipped

C:\RECYCLER\S-1-5-21-839522115-963894560-2147200963-1003\Dc2\169156.exe Infected: Trojan.Win32.Pakes.bwy skipped

C:\RECYCLER\S-1-5-21-839522115-963894560-2147200963-1003\Dc2\229343.exe Infected: Trojan.Win32.Pakes.bwy skipped

C:\RECYCLER\S-1-5-21-839522115-963894560-2147200963-1003\Dc2\3584156.exe Infected: Trojan.Win32.Pakes.bwy skipped

C:\RECYCLER\S-1-5-21-839522115-963894560-2147200963-1003\Dc2\78171.exe Infected: Trojan.Win32.Pakes.bwy skipped

C:\RECYCLER\S-1-5-21-839522115-963894560-2147200963-1003\Dc2\92187.exe Infected: Trojan.Win32.Pakes.bwy skipped

C:\RECYCLER\S-1-5-21-839522115-963894560-2147200963-1003\Dc5.exe Infected: Trojan.Win32.Pakes.bwy skipped

C:\RTHDCPL.EXE Infected: Trojan-Downloader.Win32.Bagle.hn skipped

C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

C:\WINDOWS\Downloaded Program Files\CONFLICT.1\FreeAccess.ocx Infected: Trojan.Win32.Pakes skipped

C:\WINDOWS\Downloaded Program Files\CONFLICT.2\FreeAccess.ocx Infected: Trojan.Win32.Pakes skipped

C:\WINDOWS\Downloaded Program Files\CONFLICT.3\FreeAccess.ocx Infected: Trojan.Win32.Pakes skipped

C:\WINDOWS\Downloaded Program Files\FreeAccess.ocx Infected: Trojan.Win32.Pakes skipped

C:\WINDOWS\SchedLgU.Txt Object is locked skipped

C:\WINDOWS\Sti_Trace.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped

C:\WINDOWS\system32\config\ACEEvent.evt Object is locked skipped

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\default Object is locked skipped

C:\WINDOWS\system32\config\default.LOG Object is locked skipped

C:\WINDOWS\system32\config\Internet.evt Object is locked skipped

C:\WINDOWS\system32\config\SAM Object is locked skipped

C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SECURITY Object is locked skipped

C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

C:\WINDOWS\system32\config\software Object is locked skipped

C:\WINDOWS\system32\config\software.LOG Object is locked skipped

C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\system Object is locked skipped

C:\WINDOWS\system32\config\system.LOG Object is locked skipped

C:\WINDOWS\system32\djdbby.exe Infected: Backdoor.Win32.Agent.dez skipped

C:\WINDOWS\system32\drivers\down\121203.exe Infected: Trojan-Downloader.Win32.Bagle.ho skipped

C:\WINDOWS\system32\h323log.txt Object is locked skipped

C:\WINDOWS\system32\LMIinit.dll Infected: not-a-virus:RemoteAdmin.Win32.RemotelyAnywhere.a skipped

C:\WINDOWS\system32\lpt9.ebb Object is locked skipped

C:\WINDOWS\system32\ou.exe Infected: Backdoor.Win32.Agent.dez skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped

C:\WINDOWS\wiadebug.log Object is locked skipped

C:\WINDOWS\wiaservc.log Object is locked skipped

D:\Documents and Settings\All Users\Dati applicazioni\Microsoft\Dr Watson\user.dmp Object is locked skipped

D:\Programmi\BitDownload\ZM\minime.exe Infected: Trojan.Win32.Inject.ba skipped

D:\RECYCLER\S-1-5-21-220523388-1417001333-725345543-500\Df2\Avast4\DATA\chest\00000004 Infected: Net-Worm.Win32.Lovesan.a skipped

D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

D:\System Volume Information\_restore{C1DDB692-FAC9-4ECB-952D-0AFEB23BE7B6}\RP11\A0001767.exe Infected: Net-Worm.Win32.Lovesan.a skipped

D:\System Volume Information\_restore{C1DDB692-FAC9-4ECB-952D-0AFEB23BE7B6}\RP11\A0001777.exe Infected: Net-Worm.Win32.Lovesan.a skipped

D:\System Volume Information\_restore{C1DDB692-FAC9-4ECB-952D-0AFEB23BE7B6}\RP6\A0000198.exe Object is locked skipped

D:\System Volume Information\_restore{C1DDB692-FAC9-4ECB-952D-0AFEB23BE7B6}\RP6\A0000199.dll Object is locked skipped

D:\trasbordo emule\Incoming\Incoming\Download_caa vfr_with_the_fastest_BitTorrent_downloader.exe/file12 Infected: Trojan.Win32.Inject.ba skipped

D:\trasbordo emule\Incoming\Incoming\Download_caa vfr_with_the_fastest_BitTorrent_downloader.exe Inno: infected - 1 skipped

D:\trasbordo emule\Incoming\Incoming\Flight1 New Loader,3.03 cracker Flight 1 F1 f1 Cracker Wrapper Bypass updated-fixed Release 02-2007.zip/Setup.exe Infected: P2P-Worm.Win32.Kapucen.ac skipped

D:\trasbordo emule\Incoming\Incoming\Flight1 New Loader,3.03 cracker Flight 1 F1 f1 Cracker Wrapper Bypass updated-fixed Release 02-2007.zip ZIP: infected - 1 skipped

D:\trasbordo emule\Incoming\Incoming\FS2004 - FreeFD Pack - same as Project Magenta but free ! updated-fixed 06-2006.rar/setup.exe Infected: P2P-Worm.Win32.Kapucen.b skipped

D:\trasbordo emule\Incoming\Incoming\FS2004 - FreeFD Pack - same as Project Magenta but free ! updated-fixed 06-2006.rar RAR: infected - 1 skipped

D:\trasbordo emule\Incoming\Incoming\Mappe TomTom ver. 6.5 - Italia (plus) updated-fixed 10-2006.rar/setup.exe Infected: P2P-Worm.Win32.Kapucen.b skipped

D:\trasbordo emule\Incoming\Incoming\Mappe TomTom ver. 6.5 - Italia (plus) updated-fixed 10-2006.rar RAR: infected - 1 skipped

D:\trasbordo emule\Incoming\Incoming\NavGPS PRO fastest BitTorrent downloader.zip/BitDownload-3.0-setup.exe/file12 Infected: Trojan.Win32.Inject.ba skipped

D:\trasbordo emule\Incoming\Incoming\NavGPS PRO fastest BitTorrent downloader.zip/BitDownload-3.0-setup.exe Infected: Trojan.Win32.Inject.ba skipped

D:\trasbordo emule\Incoming\Incoming\NavGPS PRO fastest BitTorrent downloader.zip ZIP: infected - 2 skipped

D:\trasbordo emule\Incoming\Incoming\View quiz ppl with the ultimate player.zip/PlayerToolSetup05.exe/WISE0007.BIN/file8 Infected: Trojan.Win32.Obfuscated.en skipped

D:\trasbordo emule\Incoming\Incoming\View quiz ppl with the ultimate player.zip/PlayerToolSetup05.exe/WISE0007.BIN Infected: Trojan.Win32.Obfuscated.en skipped

D:\trasbordo emule\Incoming\Incoming\View quiz ppl with the ultimate player.zip/PlayerToolSetup05.exe Infected: Trojan.Win32.Obfuscated.en skipped

D:\trasbordo emule\Incoming\Incoming\View quiz ppl with the ultimate player.zip ZIP: infected - 3 skipped

D:\ZAMPOGNA\DIVXPR~1.EXE/Gain_Trickler.exe Infected: not-a-virus:AdWare.Win32.Gator.3202 skipped

D:\ZAMPOGNA\DIVXPR~1.EXE Vise: infected - 1 skipped
Avatar utente
misterxfiles
Aficionado
Aficionado
 
Messaggi: 25
Iscritto il: gio gen 10, 2008 3:52 pm
Località: roma

Messaggioda ste_95 » sab gen 12, 2008 8:23 am

Esegui i seguenti passaggi:

Svuota il ripristino configurazione di sistema.

Svuota il cestino.

Scarica Avenger
Estrailo in una cartella a tua scelta
Esegui il file avenger.exe con la figura di una spada
Metti il pallino su input script manually
Quindi scegli la lente e cliccaci
Ora incolla queste righe nella box bianca che si è aperta:

Files to delete:
C:\WINDOWS\system32\drivers\hidr.exe
C:\WINDOWS\system32\drivers\srosa.sys
C:\WINDOWS\system32\wintems.exe
C:\WINDOWS\system32\hldrrr.exe
C:\WINDOWS\system32\trusted.exe
C:\WINDOWS\system32\drivers\pci32.sys
C:\windows\system32\drivers\hldrrr.exe
C:\WINDOWS\system32\drivers\hldrrr.ex_
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\3WRIA8Z0\b64_1[1].jpg
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\3WRIA8Z0\b64_2[1].jpg
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\7GJS0HLZ\b64_1[1].jpg
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\7GJS0HLZ\b64_2[1].jpg
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\9L8VVC94\b64_1[1].jpg
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\9L8VVC94\b64_1[2].jpg
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\9L8VVC94\b64_2[1].jpg
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\9L8VVC94\b64_3[1].jpg
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\AJP8L1CJ\b64_1[1].jpg
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\AJP8L1CJ\b64_2[1].jpg
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\AJP8L1CJ\b64_2[2].jpg
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\D8HZUOB3\b64_2[1].jpg
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\D8HZUOB3\key-seca2[1].htm
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\GG1RDIQC\b64_1[1].jpg
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\GG1RDIQC\b64_1[2].jpg
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\LSAS5SJ5\b64_1[1].jpg
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\LSAS5SJ5\b64_2[1].jpg
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\LSAS5SJ5\b64_2[2].jpg
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\MJFGY4WN\b64_3[1].jpg
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\R130NE4Z\b64_1[1].jpg
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\R130NE4Z\b64_3[2].jpg
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\R130NE4Z\b64_3[3].jpg
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\R130NE4Z\b64_3[4].jpg
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\UIZ6GGCC\b64_1[1].jpg
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\UIZ6GGCC\b64_2[1].jpg
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\XR03M81C\b64_1[1].jpg
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\XYVUAVJA\b64_1[1].jpg
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\XYVUAVJA\b64_1[2].jpg
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\XYVUAVJA\b64_2[1].jpg
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\XYVUAVJA\b64_2[2].jpg
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\XYVUAVJA\b64_2[3].jpg
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\XYVUAVJA\b64_2[4].jpg
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\XYVUAVJA\b64_3[1].jpg
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\XYVUAVJA\b64_3[2].jpg
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\Y40VV7N6\b64_1[1].jpg
C:\avenger\backup-08.01.2008-22.32.44,75.zip
C:\Documents and Settings\Andrea\Dati applicazioni\Sun\Java\Deployment\cache\javapi\v1.0\jar\eRT.jar-41b68eed-75f4b077.zip
C:\Documents and Settings\Andrea\Dati applicazioni\VCMAILFACE
C:\RTHDCPL.EXE
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\FreeAccess.ocx
C:\WINDOWS\Downloaded Program Files\CONFLICT.2\FreeAccess.ocx
C:\WINDOWS\Downloaded Program Files\CONFLICT.3\FreeAccess.ocx
C:\WINDOWS\Downloaded Program Files\FreeAccess.ocx
C:\WINDOWS\system32\ou.exe
D:\Programmi\BitDownload\ZM\minime.exe
D:\trasbordo emule\Incoming\Incoming\Download_caa vfr_with_the_fastest_BitTorrent_downloader.exe
D:\trasbordo emule\Incoming\Incoming\Flight1 New Loader,3.03 cracker Flight 1 F1 f1 Cracker Wrapper Bypass updated-fixed Release 02-2007.zip
D:\trasbordo emule\Incoming\Incoming\FS2004 - FreeFD Pack - same as Project Magenta but free ! updated-fixed 06-2006.rar
D:\trasbordo emule\Incoming\Incoming\FS2004 - FreeFD Pack - same as Project Magenta but free ! updated-fixed 06-2006.rar
D:\trasbordo emule\Incoming\Incoming\NavGPS PRO fastest BitTorrent downloader.zip
D:\trasbordo emule\Incoming\Incoming\View quiz ppl with the ultimate player.zip
D:\ZAMPOGNA\DIVXPR~1.EXE

folders to delete:
C:\WINDOWS\exefnd
C:\WINDOWS\exefld
C:\WINDOWS\system32\drivers\down

registry keys to delete:
HKLM\SYSTEM\CurrentControlSet\Services\srosa
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
HKLM\SYSTEM\CurrentControlSet\Services\pci32
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_PCI32


Adesso devi cliccare su Done in basso nella box
Seleziona il semaforino in alto a destra
Rispondi di Si alle due richieste di Avenger
Adesso il tuo computer dovrebbe riavviarsi, nel caso non succedesse, riavvialo tu manualmente
Al riavvio del computer, copia e incolla qui il contenuto del blocco note che apparirà.

Scansiona i seguenti file su www.virustotal.com

C:\Programmi\LogMeIn\ramaint.exe
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am

Messaggioda misterxfiles » sab gen 12, 2008 11:01 am

come svuoto il ripristino della configurazione di sistema....? forse disattivando la casella di ripristino della configurazione di sistema?
Avatar utente
misterxfiles
Aficionado
Aficionado
 
Messaggi: 25
Iscritto il: gio gen 10, 2008 3:52 pm
Località: roma


Messaggioda ste_95 » sab gen 12, 2008 11:03 am

«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am

Messaggioda misterxfiles » sab gen 12, 2008 11:14 am

ecco il contenuto del blocco note:

Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\aakjtmgk

*******************

Script file located at: \??\C:\Documents and Settings\ittmacge.txt
Script file opened successfully.

Script file read successfully

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:



File C:\WINDOWS\system32\drivers\hidr.exe not found!
Deletion of file C:\WINDOWS\system32\drivers\hidr.exe failed!

Could not process line:
C:\WINDOWS\system32\drivers\hidr.exe
Status: 0xc0000034

File C:\WINDOWS\system32\drivers\srosa.sys deleted successfully.
File C:\WINDOWS\system32\wintems.exe deleted successfully.


File C:\WINDOWS\system32\hldrrr.exe not found!
Deletion of file C:\WINDOWS\system32\hldrrr.exe failed!

Could not process line:
C:\WINDOWS\system32\hldrrr.exe
Status: 0xc0000034



File C:\WINDOWS\system32\trusted.exe not found!
Deletion of file C:\WINDOWS\system32\trusted.exe failed!

Could not process line:
C:\WINDOWS\system32\trusted.exe
Status: 0xc0000034



File C:\WINDOWS\system32\drivers\pci32.sys not found!
Deletion of file C:\WINDOWS\system32\drivers\pci32.sys failed!

Could not process line:
C:\WINDOWS\system32\drivers\pci32.sys
Status: 0xc0000034

File C:\windows\system32\drivers\hldrrr.exe deleted successfully.


File C:\WINDOWS\system32\drivers\hldrrr.ex_ not found!
Deletion of file C:\WINDOWS\system32\drivers\hldrrr.ex_ failed!

Could not process line:
C:\WINDOWS\system32\drivers\hldrrr.ex_
Status: 0xc0000034



File C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\3WRIA8Z0\b64_1[1].jpg not found!
Deletion of file C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\3WRIA8Z0\b64_1[1].jpg failed!

Could not process line:
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\3WRIA8Z0\b64_1[1].jpg
Status: 0xc0000034

File C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\3WRIA8Z0\b64_2[1].jpg deleted successfully.


File C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\7GJS0HLZ\b64_1[1].jpg not found!
Deletion of file C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\7GJS0HLZ\b64_1[1].jpg failed!

Could not process line:
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\7GJS0HLZ\b64_1[1].jpg
Status: 0xc0000034



File C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\7GJS0HLZ\b64_2[1].jpg not found!
Deletion of file C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\7GJS0HLZ\b64_2[1].jpg failed!

Could not process line:
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\7GJS0HLZ\b64_2[1].jpg
Status: 0xc0000034



File C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\9L8VVC94\b64_1[1].jpg not found!
Deletion of file C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\9L8VVC94\b64_1[1].jpg failed!

Could not process line:
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\9L8VVC94\b64_1[1].jpg
Status: 0xc0000034



File C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\9L8VVC94\b64_1[2].jpg not found!
Deletion of file C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\9L8VVC94\b64_1[2].jpg failed!

Could not process line:
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\9L8VVC94\b64_1[2].jpg
Status: 0xc0000034



File C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\9L8VVC94\b64_2[1].jpg not found!
Deletion of file C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\9L8VVC94\b64_2[1].jpg failed!

Could not process line:
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\9L8VVC94\b64_2[1].jpg
Status: 0xc0000034



File C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\9L8VVC94\b64_3[1].jpg not found!
Deletion of file C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\9L8VVC94\b64_3[1].jpg failed!

Could not process line:
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\9L8VVC94\b64_3[1].jpg
Status: 0xc0000034



File C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\AJP8L1CJ\b64_1[1].jpg not found!
Deletion of file C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\AJP8L1CJ\b64_1[1].jpg failed!

Could not process line:
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\AJP8L1CJ\b64_1[1].jpg
Status: 0xc0000034



File C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\AJP8L1CJ\b64_2[1].jpg not found!
Deletion of file C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\AJP8L1CJ\b64_2[1].jpg failed!

Could not process line:
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\AJP8L1CJ\b64_2[1].jpg
Status: 0xc0000034



File C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\AJP8L1CJ\b64_2[2].jpg not found!
Deletion of file C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\AJP8L1CJ\b64_2[2].jpg failed!

Could not process line:
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\AJP8L1CJ\b64_2[2].jpg
Status: 0xc0000034



File C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\D8HZUOB3\b64_2[1].jpg not found!
Deletion of file C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\D8HZUOB3\b64_2[1].jpg failed!

Could not process line:
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\D8HZUOB3\b64_2[1].jpg
Status: 0xc0000034



File C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\D8HZUOB3\key-seca2[1].htm not found!
Deletion of file C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\D8HZUOB3\key-seca2[1].htm failed!

Could not process line:
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\D8HZUOB3\key-seca2[1].htm
Status: 0xc0000034

File C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\GG1RDIQC\b64_1[1].jpg deleted successfully.


File C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\GG1RDIQC\b64_1[2].jpg not found!
Deletion of file C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\GG1RDIQC\b64_1[2].jpg failed!

Could not process line:
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\GG1RDIQC\b64_1[2].jpg
Status: 0xc0000034



File C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\LSAS5SJ5\b64_1[1].jpg not found!
Deletion of file C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\LSAS5SJ5\b64_1[1].jpg failed!

Could not process line:
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\LSAS5SJ5\b64_1[1].jpg
Status: 0xc0000034



File C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\LSAS5SJ5\b64_2[1].jpg not found!
Deletion of file C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\LSAS5SJ5\b64_2[1].jpg failed!

Could not process line:
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\LSAS5SJ5\b64_2[1].jpg
Status: 0xc0000034



File C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\LSAS5SJ5\b64_2[2].jpg not found!
Deletion of file C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\LSAS5SJ5\b64_2[2].jpg failed!

Could not process line:
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\LSAS5SJ5\b64_2[2].jpg
Status: 0xc0000034



File C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\MJFGY4WN\b64_3[1].jpg not found!
Deletion of file C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\MJFGY4WN\b64_3[1].jpg failed!

Could not process line:
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\MJFGY4WN\b64_3[1].jpg
Status: 0xc0000034



File C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\R130NE4Z\b64_1[1].jpg not found!
Deletion of file C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\R130NE4Z\b64_1[1].jpg failed!

Could not process line:
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\R130NE4Z\b64_1[1].jpg
Status: 0xc0000034



File C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\R130NE4Z\b64_3[2].jpg not found!
Deletion of file C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\R130NE4Z\b64_3[2].jpg failed!

Could not process line:
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\R130NE4Z\b64_3[2].jpg
Status: 0xc0000034



File C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\R130NE4Z\b64_3[3].jpg not found!
Deletion of file C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\R130NE4Z\b64_3[3].jpg failed!

Could not process line:
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\R130NE4Z\b64_3[3].jpg
Status: 0xc0000034



File C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\R130NE4Z\b64_3[4].jpg not found!
Deletion of file C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\R130NE4Z\b64_3[4].jpg failed!

Could not process line:
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\R130NE4Z\b64_3[4].jpg
Status: 0xc0000034



File C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\UIZ6GGCC\b64_1[1].jpg not found!
Deletion of file C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\UIZ6GGCC\b64_1[1].jpg failed!

Could not process line:
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\UIZ6GGCC\b64_1[1].jpg
Status: 0xc0000034



File C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\UIZ6GGCC\b64_2[1].jpg not found!
Deletion of file C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\UIZ6GGCC\b64_2[1].jpg failed!

Could not process line:
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\UIZ6GGCC\b64_2[1].jpg
Status: 0xc0000034



File C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\XR03M81C\b64_1[1].jpg not found!
Deletion of file C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\XR03M81C\b64_1[1].jpg failed!

Could not process line:
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\XR03M81C\b64_1[1].jpg
Status: 0xc0000034



File C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\XYVUAVJA\b64_1[1].jpg not found!
Deletion of file C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\XYVUAVJA\b64_1[1].jpg failed!

Could not process line:
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\XYVUAVJA\b64_1[1].jpg
Status: 0xc0000034



File C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\XYVUAVJA\b64_1[2].jpg not found!
Deletion of file C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\XYVUAVJA\b64_1[2].jpg failed!

Could not process line:
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\XYVUAVJA\b64_1[2].jpg
Status: 0xc0000034



File C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\XYVUAVJA\b64_2[1].jpg not found!
Deletion of file C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\XYVUAVJA\b64_2[1].jpg failed!

Could not process line:
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\XYVUAVJA\b64_2[1].jpg
Status: 0xc0000034



File C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\XYVUAVJA\b64_2[2].jpg not found!
Deletion of file C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\XYVUAVJA\b64_2[2].jpg failed!

Could not process line:
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\XYVUAVJA\b64_2[2].jpg
Status: 0xc0000034



File C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\XYVUAVJA\b64_2[3].jpg not found!
Deletion of file C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\XYVUAVJA\b64_2[3].jpg failed!

Could not process line:
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\XYVUAVJA\b64_2[3].jpg
Status: 0xc0000034



File C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\XYVUAVJA\b64_2[4].jpg not found!
Deletion of file C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\XYVUAVJA\b64_2[4].jpg failed!

Could not process line:
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\XYVUAVJA\b64_2[4].jpg
Status: 0xc0000034



File C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\XYVUAVJA\b64_3[1].jpg not found!
Deletion of file C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\XYVUAVJA\b64_3[1].jpg failed!

Could not process line:
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\XYVUAVJA\b64_3[1].jpg
Status: 0xc0000034



File C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\XYVUAVJA\b64_3[2].jpg not found!
Deletion of file C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\XYVUAVJA\b64_3[2].jpg failed!

Could not process line:
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\XYVUAVJA\b64_3[2].jpg
Status: 0xc0000034

File C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\Y40VV7N6\b64_1[1].jpg deleted successfully.


File C:\avenger\backup-08.01.2008-22.32.44,75.zip not found!
Deletion of file C:\avenger\backup-08.01.2008-22.32.44,75.zip failed!

Could not process line:
C:\avenger\backup-08.01.2008-22.32.44,75.zip
Status: 0xc0000034



File C:\Documents and Settings\Andrea\Dati applicazioni\Sun\Java\Deployment\cache\javapi\v1.0\jar\eRT.jar-41b68eed-75f4b077.zip not found!
Deletion of file C:\Documents and Settings\Andrea\Dati applicazioni\Sun\Java\Deployment\cache\javapi\v1.0\jar\eRT.jar-41b68eed-75f4b077.zip failed!

Could not process line:
C:\Documents and Settings\Andrea\Dati applicazioni\Sun\Java\Deployment\cache\javapi\v1.0\jar\eRT.jar-41b68eed-75f4b077.zip
Status: 0xc0000034



Error: C:\Documents and Settings\Andrea\Dati applicazioni\VCMAILFACE is a folder, not a file!
Deletion of file C:\Documents and Settings\Andrea\Dati applicazioni\VCMAILFACE failed!

Could not process line:
C:\Documents and Settings\Andrea\Dati applicazioni\VCMAILFACE
Status: 0xc00000ba



File C:\RTHDCPL.EXE not found!
Deletion of file C:\RTHDCPL.EXE failed!

Could not process line:
C:\RTHDCPL.EXE
Status: 0xc0000034



File C:\WINDOWS\Downloaded Program Files\CONFLICT.1\FreeAccess.ocx not found!
Deletion of file C:\WINDOWS\Downloaded Program Files\CONFLICT.1\FreeAccess.ocx failed!

Could not process line:
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\FreeAccess.ocx
Status: 0xc0000034

File C:\WINDOWS\Downloaded Program Files\CONFLICT.2\FreeAccess.ocx deleted successfully.
File C:\WINDOWS\Downloaded Program Files\CONFLICT.3\FreeAccess.ocx deleted successfully.
File C:\WINDOWS\Downloaded Program Files\FreeAccess.ocx deleted successfully.


File C:\WINDOWS\system32\ou.exe not found!
Deletion of file C:\WINDOWS\system32\ou.exe failed!

Could not process line:
C:\WINDOWS\system32\ou.exe
Status: 0xc0000034



File D:\Programmi\BitDownload\ZM\minime.exe not found!
Deletion of file D:\Programmi\BitDownload\ZM\minime.exe failed!

Could not process line:
D:\Programmi\BitDownload\ZM\minime.exe
Status: 0xc0000034



File D:\trasbordo emule\Incoming\Incoming\Download_caa vfr_with_the_fastest_BitTorrent_downloader.exe not found!
Deletion of file D:\trasbordo emule\Incoming\Incoming\Download_caa vfr_with_the_fastest_BitTorrent_downloader.exe failed!

Could not process line:
D:\trasbordo emule\Incoming\Incoming\Download_caa vfr_with_the_fastest_BitTorrent_downloader.exe
Status: 0xc0000034



File D:\trasbordo emule\Incoming\Incoming\Flight1 New Loader,3.03 cracker Flight 1 F1 f1 Cracker Wrapper Bypass updated-fixed Release 02-2007.zip not found!
Deletion of file D:\trasbordo emule\Incoming\Incoming\Flight1 New Loader,3.03 cracker Flight 1 F1 f1 Cracker Wrapper Bypass updated-fixed Release 02-2007.zip failed!

Could not process line:
D:\trasbordo emule\Incoming\Incoming\Flight1 New Loader,3.03 cracker Flight 1 F1 f1 Cracker Wrapper Bypass updated-fixed Release 02-2007.zip
Status: 0xc0000034



File D:\trasbordo emule\Incoming\Incoming\FS2004 - FreeFD Pack - same as Project Magenta but free ! updated-fixed 06-2006.rar not found!
Deletion of file D:\trasbordo emule\Incoming\Incoming\FS2004 - FreeFD Pack - same as Project Magenta but free ! updated-fixed 06-2006.rar failed!

Could not process line:
D:\trasbordo emule\Incoming\Incoming\FS2004 - FreeFD Pack - same as Project Magenta but free ! updated-fixed 06-2006.rar
Status: 0xc0000034



File D:\trasbordo emule\Incoming\Incoming\FS2004 - FreeFD Pack - same as Project Magenta but free ! updated-fixed 06-2006.rar not found!
Deletion of file D:\trasbordo emule\Incoming\Incoming\FS2004 - FreeFD Pack - same as Project Magenta but free ! updated-fixed 06-2006.rar failed!

Could not process line:
D:\trasbordo emule\Incoming\Incoming\FS2004 - FreeFD Pack - same as Project Magenta but free ! updated-fixed 06-2006.rar
Status: 0xc0000034



File D:\trasbordo emule\Incoming\Incoming\NavGPS PRO fastest BitTorrent downloader.zip not found!
Deletion of file D:\trasbordo emule\Incoming\Incoming\NavGPS PRO fastest BitTorrent downloader.zip failed!

Could not process line:
D:\trasbordo emule\Incoming\Incoming\NavGPS PRO fastest BitTorrent downloader.zip
Status: 0xc0000034



File D:\trasbordo emule\Incoming\Incoming\View quiz ppl with the ultimate player.zip not found!
Deletion of file D:\trasbordo emule\Incoming\Incoming\View quiz ppl with the ultimate player.zip failed!

Could not process line:
D:\trasbordo emule\Incoming\Incoming\View quiz ppl with the ultimate player.zip
Status: 0xc0000034



File D:\ZAMPOGNA\DIVXPR~1.EXE not found!
Deletion of file D:\ZAMPOGNA\DIVXPR~1.EXE failed!

Could not process line:
D:\ZAMPOGNA\DIVXPR~1.EXE
Status: 0xc0000034



Folder C:\WINDOWS\exefnd not found!
Deletion of folder C:\WINDOWS\exefnd failed!

Could not process line:
C:\WINDOWS\exefnd
Status: 0xc0000034



Folder C:\WINDOWS\exefld not found!
Deletion of folder C:\WINDOWS\exefld failed!

Could not process line:
C:\WINDOWS\exefld
Status: 0xc0000034

Folder C:\WINDOWS\system32\drivers\down deleted successfully.
Registry key HKLM\SYSTEM\CurrentControlSet\Services\srosa deleted successfully.
Registry key HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA deleted successfully.


Registry key HKLM\SYSTEM\CurrentControlSet\Services\pci32 not found!
Deletion of registry key HKLM\SYSTEM\CurrentControlSet\Services\pci32 failed!

Could not process line:
HKLM\SYSTEM\CurrentControlSet\Services\pci32
Status: 0xc0000034



Registry key HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_PCI32 not found!
Deletion of registry key HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_PCI32 failed!

Could not process line:
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_PCI32
Status: 0xc0000034


Completed script processing.

*******************

Finished! Terminate.
Avatar utente
misterxfiles
Aficionado
Aficionado
 
Messaggi: 25
Iscritto il: gio gen 10, 2008 3:52 pm
Località: roma

Messaggioda ste_95 » sab gen 12, 2008 11:17 am

Hai provato a reinstallare l'antivirus?
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am

Messaggioda misterxfiles » sab gen 12, 2008 11:37 am

pare riesca ad istallare l'antivirus...non ho parole sei un rappresentante delle forze del bene...!!!!
Avatar utente
misterxfiles
Aficionado
Aficionado
 
Messaggi: 25
Iscritto il: gio gen 10, 2008 3:52 pm
Località: roma

Messaggioda misterxfiles » sab gen 12, 2008 12:37 pm

ora sto scansionando con l'antivirus installato il pc fisso mentre sto scansionando da web il portatile....ci sono altre azioni da intraprendere per debellare l'infezione..? Detto per inciso devo dirti che era tre giorni che tentavo di fare qualcosa senza riuscirre a fare nulla se non sapevo della tua esistenza non so come avrei fatto ...grazie..grazie molte ...invieero comunque dopo l'altro report kasperiano del portatile ..visto che i miei script sono inefficaci spero ancora nella tua disponibilita'..
Avatar utente
misterxfiles
Aficionado
Aficionado
 
Messaggi: 25
Iscritto il: gio gen 10, 2008 3:52 pm
Località: roma

Messaggioda ste_95 » sab gen 12, 2008 12:55 pm

L'infezione dovrebbe essere stata debellata, ma se hai ancora problemi, noi siamo qui [;)]
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am

Messaggioda misterxfiles » sab gen 12, 2008 6:51 pm

Ecco il secondo report di kasperski, questa volta dell'altro pc, l'altro pc appunto, dato che ho una epidemia nella rete di questo bagle. Spero in un tuo script miracoloso script che ha gia resuscitato il computer principale della mia piccola rete...ste_95 aspetto tue indicazioni



Saturday, January 12, 2008 6:38:14 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 12/01/2008
Kaspersky Anti-Virus database records: 508736
Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
C:\
D:\
F:\
G:\
Scan Statistics
Total number of scanned objects 435300
Number of viruses found 14
Number of infected objects 102
Number of suspicious objects 0
Duration of the scan process 03:51:16

Infected Object Name Virus Name Last Action
C:\Documents and Settings\Alex\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Alex\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Alex\Impostazioni locali\Cronologia\History.IE5\MSHist012008011220080113\index.dat Object is locked skipped
C:\Documents and Settings\Alex\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Alex\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temp\40000060004550fd802a\cleaner.exe Object is locked skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temp\IH2FF.tmp Infected: Trojan-Downloader.Win32.Tiny.eu skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temp\jar_cache28765.tmp/DialerMiniComando.exe Infected: Trojan.Win32.Diamin.jm skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temp\jar_cache28765.tmp ZIP: infected - 1 skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\0XY7WXQN\advertizing[1].htm Infected: Trojan-Downloader.JS.Agent.ab skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\2CLPFZV3\4886578[1].txt Infected: Trojan.Win32.Dialer.tl skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\2CLPFZV3\4902578[1].txt Infected: Trojan.Win32.Dialer.tl skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\2CLPFZV3\b64_2[1].jpg Infected: Trojan.Win32.Pakes.bwy skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\2CLPFZV3\b64_3[1].jpg Infected: Email-Worm.Win32.Bagle.of skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\3HQR4X6J\5990687[1].txt Infected: Trojan.Win32.Dialer.tl skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\3HQR4X6J\844437[1].txt Infected: Trojan.Win32.Dialer.tl skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\3HQR4X6J\847890[1].txt Infected: Trojan.Win32.Dialer.tl skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\3HQR4X6J\adult[1].exe Infected: not-a-virus:Porn-Dialer.Win32.Agent.aj skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\4DMF2ZC1\9312046[1].txt Infected: Trojan.Win32.Dialer.tl skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\4DMF2ZC1\9323828[1].txt Infected: Trojan.Win32.Dialer.tl skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\4DMF2ZC1\b64_3[1].jpg Infected: Email-Worm.Win32.Bagle.of skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\7F1JR1GW\u[1].dat Infected: Trojan-Downloader.Win32.Nurech.bd skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\8HMVO5QZ\b64_1[1].jpg Infected: Trojan-PSW.Win32.LdPinch.ewq skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\8HMVO5QZ\b64_1[2].jpg Infected: Trojan-PSW.Win32.LdPinch.ewq skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\GDQZ8HQN\837390[1].txt Infected: Trojan.Win32.Dialer.tl skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\IPNWH8RM\b64_3[1].jpg Infected: Trojan-Downloader.Win32.Bagle.ho skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\K5YZW5YR\u[1].exe Infected: Trojan-Downloader.Win32.Nurech.bd skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\KBV36O11\u[1].exe Infected: Trojan-Downloader.Win32.Nurech.bd skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\OLENG9EJ\835093[1].txt Infected: Trojan.Win32.Dialer.tl skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\OLENG9EJ\838125[1].txt Infected: Trojan.Win32.Dialer.tl skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\OLU781MV\Galaxy[1].htm Infected: Trojan-Downloader.JS.Agent.ann skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\10073187[1].txt Infected: Trojan.Win32.Dialer.tl skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\4875046[1].txt Infected: Trojan.Win32.Dialer.tl skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\4898421[1].txt Infected: Trojan.Win32.Dialer.tl skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\4902140[1].txt Infected: Trojan.Win32.Dialer.tl skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\4947921[1].txt Infected: Trojan.Win32.Dialer.tl skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\5050468[1].txt Infected: Trojan.Win32.Dialer.tl skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\5078093[1].txt Infected: Trojan.Win32.Dialer.tl skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\5247468[1].txt Infected: Trojan.Win32.Dialer.tl skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\833859[1].txt Infected: Trojan.Win32.Dialer.tl skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\838265[1].txt Infected: Trojan.Win32.Dialer.tl skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\842265[1].txt Infected: Trojan.Win32.Dialer.tl skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\842828[1].txt Infected: Trojan.Win32.Dialer.tl skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\842859[1].txt Infected: Trojan.Win32.Dialer.tl skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\843453[1].txt Infected: Trojan.Win32.Dialer.tl skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\844531[1].txt Infected: Trojan.Win32.Dialer.tl skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\845312[1].txt Infected: Trojan.Win32.Dialer.tl skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\845875[1].txt Infected: Trojan.Win32.Dialer.tl skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\846062[1].txt Infected: Trojan.Win32.Dialer.tl skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\9037328[1].txt Infected: Trojan.Win32.Dialer.tl skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\9385234[1].txt Infected: Trojan.Win32.Dialer.tl skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\b64_1[1].jpg Infected: Trojan-PSW.Win32.LdPinch.ewq skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\index[1].htm Infected: Trojan-Downloader.JS.Psyme.gy skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\UT7CH47A\u[1].dat Infected: Trojan-Downloader.Win32.Nurech.bd skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\W9MZ0LMR\l[1].exe Infected: Trojan-Downloader.Win32.Nurech.bd skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\WZ2J2PA5\839406[1].txt Infected: Trojan.Win32.Dialer.tl skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\WZ2J2PA5\841750[1].txt Infected: Trojan.Win32.Dialer.tl skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\WZ2J2PA5\843234[1].txt Infected: Trojan.Win32.Dialer.tl skipped
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\WZ2J2PA5\844562[1].txt Infected: Trojan.Win32.Dialer.tl skipped
C:\Documents and Settings\Alex\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Alex\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Alex\UserData\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Programmi\intelliScore Polyphonic WAV to MIDI Converter Demo\Intelliscore Polyphonic WAV to MIDI Converter 7.1 Patch.exe Infected: Trojan-Downloader.Win32.Bagle.hn skipped
C:\Programmi\Synaptics\SynTP\SynTPLpr.exe Infected: Trojan-Downloader.Win32.Bagle.hn skipped
C:\RECYCLER\S-1-5-21-790525478-1604221776-1417001333-1003\Dc10.exe Infected: Trojan.Win32.Dialer.tl skipped
C:\RECYCLER\S-1-5-21-790525478-1604221776-1417001333-1003\Dc9.exe Infected: Trojan.Win32.Dialer.tl skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\WINDOWS\10073187.exe Infected: Trojan.Win32.Dialer.tl skipped
C:\WINDOWS\4875046.exe Infected: Trojan.Win32.Dialer.tl skipped
C:\WINDOWS\4886578.exe Infected: Trojan.Win32.Dialer.tl skipped
C:\WINDOWS\4898421.exe Infected: Trojan.Win32.Dialer.tl skipped
C:\WINDOWS\4902140.exe Infected: Trojan.Win32.Dialer.tl skipped
C:\WINDOWS\4902578.exe Infected: Trojan.Win32.Dialer.tl skipped
C:\WINDOWS\4912015.exe Infected: Trojan.Win32.Dialer.tl skipped
C:\WINDOWS\4947921.exe Infected: Trojan.Win32.Dialer.tl skipped
C:\WINDOWS\5050468.exe Infected: Trojan.Win32.Dialer.tl skipped
C:\WINDOWS\5078093.exe Infected: Trojan.Win32.Dialer.tl skipped
C:\WINDOWS\5247468.exe Infected: Trojan.Win32.Dialer.tl skipped
C:\WINDOWS\5990687.exe Infected: Trojan.Win32.Dialer.tl skipped
C:\WINDOWS\833859.exe Infected: Trojan.Win32.Dialer.tl skipped
C:\WINDOWS\834375.exe Infected: Trojan.Win32.Dialer.tl skipped
C:\WINDOWS\835093.exe Infected: Trojan.Win32.Dialer.tl skipped
C:\WINDOWS\837390.exe Infected: Trojan.Win32.Dialer.tl skipped
C:\WINDOWS\838125.exe Infected: Trojan.Win32.Dialer.tl skipped
C:\WINDOWS\838265.exe Infected: Trojan.Win32.Dialer.tl skipped
C:\WINDOWS\839406.exe Infected: Trojan.Win32.Dialer.tl skipped
C:\WINDOWS\840234.exe Infected: Trojan.Win32.Dialer.tl skipped
C:\WINDOWS\841750.exe Infected: Trojan.Win32.Dialer.tl skipped
C:\WINDOWS\842265.exe Infected: Trojan.Win32.Dialer.tl skipped
C:\WINDOWS\842828.exe Infected: Trojan.Win32.Dialer.tl skipped
C:\WINDOWS\842859.exe Infected: Trojan.Win32.Dialer.tl skipped
C:\WINDOWS\843234.exe Infected: Trojan.Win32.Dialer.tl skipped
C:\WINDOWS\843453.exe Infected: Trojan.Win32.Dialer.tl skipped
C:\WINDOWS\843500.exe Infected: Trojan.Win32.Dialer.tl skipped
C:\WINDOWS\844531.exe Infected: Trojan.Win32.Dialer.tl skipped
C:\WINDOWS\844562.exe Infected: Trojan.Win32.Dialer.tl skipped
C:\WINDOWS\845218.exe Infected: Trojan.Win32.Dialer.tl skipped
C:\WINDOWS\845312.exe Infected: Trojan.Win32.Dialer.tl skipped
C:\WINDOWS\845875.exe Infected: Trojan.Win32.Dialer.tl skipped
C:\WINDOWS\846062.exe Infected: Trojan.Win32.Dialer.tl skipped
C:\WINDOWS\846953.exe Infected: Trojan.Win32.Dialer.tl skipped
C:\WINDOWS\847734.exe Infected: Trojan.Win32.Dialer.tl skipped
C:\WINDOWS\848609.exe Infected: Trojan.Win32.Dialer.tl skipped
C:\WINDOWS\9037328.exe Infected: Trojan.Win32.Dialer.tl skipped
C:\WINDOWS\9312046.exe Infected: Trojan.Win32.Dialer.tl skipped
C:\WINDOWS\9323828.exe Infected: Trojan.Win32.Dialer.tl skipped
C:\WINDOWS\9385234.exe Infected: Trojan.Win32.Dialer.tl skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\drivers\down\172296.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\WINDOWS\system32\drivers\down\3438171.exe Infected: Trojan-PSW.Win32.LdPinch.ewq skipped
C:\WINDOWS\system32\drivers\down\613093.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\WINDOWS\system32\drivers\etc\hosts Infected: Trojan.Win32.Qhost.kk skipped
C:\WINDOWS\system32\drivers\etc\hosts.msn Infected: Trojan.Win32.Qhost.kk skipped
C:\WINDOWS\system32\GoogleHelper.exe Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\monedmyi.exe Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Tasks\abezih.job Object is locked skipped
C:\WINDOWS\Tasks\acynm.job Object is locked skipped
C:\WINDOWS\Tasks\afwrp.job Object is locked skipped
C:\WINDOWS\Tasks\aix.job Object is locked skipped
C:\WINDOWS\Tasks\aiz.job Object is locked skipped
C:\WINDOWS\Tasks\ajncoi.job Object is locked skipped
C:\WINDOWS\Tasks\akijnad.job Object is locked skipped
C:\WINDOWS\Tasks\akvq.job Object is locked skipped
C:\WINDOWS\Tasks\amryohe.job Object is locked skipped
C:\WINDOWS\Tasks\arggkxu.job Object is locked skipped
C:\WINDOWS\Tasks\arqas.job Object is locked skipped
C:\WINDOWS\Tasks\aszhadx.job Object is locked skipped
C:\WINDOWS\Tasks\axr.job Object is locked skipped
C:\WINDOWS\Tasks\bbfbimbh.job Object is locked skipped
C:\WINDOWS\Tasks\bdzuziu.job Object is locked skipped
C:\WINDOWS\Tasks\bgjcwgys.job Object is locked skipped
C:\WINDOWS\Tasks\bhske.job Object is locked skipped
C:\WINDOWS\Tasks\bhzj.job Object is locked skipped
C:\WINDOWS\Tasks\bnvt.job Object is locked skipped
C:\WINDOWS\Tasks\bnynfu.job Object is locked skipped
C:\WINDOWS\Tasks\bpbzmyf.job Object is locked skipped
C:\WINDOWS\Tasks\bsl.job Object is locked skipped
C:\WINDOWS\Tasks\btajkstf.job Object is locked skipped
C:\WINDOWS\Tasks\buba.job Object is locked skipped
C:\WINDOWS\Tasks\caqd.job Object is locked skipped
C:\WINDOWS\Tasks\cdjmlxj.job Object is locked skipped
C:\WINDOWS\Tasks\cjbxxs.job Object is locked skipped
C:\WINDOWS\Tasks\cjhg.job Object is locked skipped
C:\WINDOWS\Tasks\cutfjdyy.job Object is locked skipped
C:\WINDOWS\Tasks\czeztls.job Object is locked skipped
C:\WINDOWS\Tasks\dal.job Object is locked skipped
C:\WINDOWS\Tasks\daox.job Object is locked skipped
C:\WINDOWS\Tasks\dewclf.job Object is locked skipped
C:\WINDOWS\Tasks\dfx.job Object is locked skipped
C:\WINDOWS\Tasks\dgmw.job Object is locked skipped
C:\WINDOWS\Tasks\dhaqn.job Object is locked skipped
C:\WINDOWS\Tasks\dnz.job Object is locked skipped
C:\WINDOWS\Tasks\dpzxt.job Object is locked skipped
C:\WINDOWS\Tasks\dqmcbeyp.job Object is locked skipped
C:\WINDOWS\Tasks\dqygh.job Object is locked skipped
C:\WINDOWS\Tasks\drgvqi.job Object is locked skipped
C:\WINDOWS\Tasks\drqz.job Object is locked skipped
C:\WINDOWS\Tasks\drsl.job Object is locked skipped
C:\WINDOWS\Tasks\drxdtzt.job Object is locked skipped
C:\WINDOWS\Tasks\dsukfvt.job Object is locked skipped
C:\WINDOWS\Tasks\dux.job Object is locked skipped
C:\WINDOWS\Tasks\dwlyjsex.job Object is locked skipped
C:\WINDOWS\Tasks\dylsptts.job Object is locked skipped
C:\WINDOWS\Tasks\dztpldkz.job Object is locked skipped
C:\WINDOWS\Tasks\ebiahtsx.job Object is locked skipped
C:\WINDOWS\Tasks\ecsugli.job Object is locked skipped
C:\WINDOWS\Tasks\ecv.job Object is locked skipped
C:\WINDOWS\Tasks\ehccinp.job Object is locked skipped
C:\WINDOWS\Tasks\ejol.job Object is locked skipped
C:\WINDOWS\Tasks\emkowca.job Object is locked skipped
C:\WINDOWS\Tasks\esl.job Object is locked skipped
C:\WINDOWS\Tasks\evejmt.job Object is locked skipped
C:\WINDOWS\Tasks\eyoru.job Object is locked skipped
C:\WINDOWS\Tasks\ezvgja.job Object is locked skipped
C:\WINDOWS\Tasks\ezxee.job Object is locked skipped
C:\WINDOWS\Tasks\fbphj.job Object is locked skipped
C:\WINDOWS\Tasks\fegtnlby.job Object is locked skipped
C:\WINDOWS\Tasks\ffmlvdu.job Object is locked skipped
C:\WINDOWS\Tasks\fhz.job Object is locked skipped
C:\WINDOWS\Tasks\fnslaolw.job Object is locked skipped
C:\WINDOWS\Tasks\focf.job Object is locked skipped
C:\WINDOWS\Tasks\fooylyqp.job Object is locked skipped
C:\WINDOWS\Tasks\fqz.job Object is locked skipped
C:\WINDOWS\Tasks\fsy.job Object is locked skipped
C:\WINDOWS\Tasks\ftlsnv.job Object is locked skipped
C:\WINDOWS\Tasks\ggtnslxk.job Object is locked skipped
C:\WINDOWS\Tasks\gjx.job Object is locked skipped
C:\WINDOWS\Tasks\gnxjv.job Object is locked skipped
C:\WINDOWS\Tasks\gpd.job Object is locked skipped
C:\WINDOWS\Tasks\gptfoq.job Object is locked skipped
C:\WINDOWS\Tasks\gwhpuh.job Object is locked skipped
C:\WINDOWS\Tasks\gxic.job Object is locked skipped
C:\WINDOWS\Tasks\hafv.job Object is locked skipped
C:\WINDOWS\Tasks\hezoshu.job Object is locked skipped
C:\WINDOWS\Tasks\hfghc.job Object is locked skipped
C:\WINDOWS\Tasks\hftjj.job Object is locked skipped
C:\WINDOWS\Tasks\hgvwix.job Object is locked skipped
C:\WINDOWS\Tasks\hjfsb.job Object is locked skipped
C:\WINDOWS\Tasks\hkiixqb.job Object is locked skipped
C:\WINDOWS\Tasks\hocwpufo.job Object is locked skipped
C:\WINDOWS\Tasks\homsummv.job Object is locked skipped
C:\WINDOWS\Tasks\hopzgqq.job Object is locked skipped
C:\WINDOWS\Tasks\hqesnii.job Object is locked skipped
C:\WINDOWS\Tasks\hric.job Object is locked skipped
C:\WINDOWS\Tasks\hrk.job Object is locked skipped
C:\WINDOWS\Tasks\hvfrjp.job Object is locked skipped
C:\WINDOWS\Tasks\hwfsb.job Object is locked skipped
C:\WINDOWS\Tasks\hxdzq.job Object is locked skipped
C:\WINDOWS\Tasks\iczsh.job Object is locked skipped
C:\WINDOWS\Tasks\ikmjr.job Object is locked skipped
C:\WINDOWS\Tasks\itygfudg.job Object is locked skipped
C:\WINDOWS\Tasks\itzm.job Object is locked skipped
C:\WINDOWS\Tasks\iywcgy.job Object is locked skipped
C:\WINDOWS\Tasks\jddt.job Object is locked skipped
C:\WINDOWS\Tasks\jdmn.job Object is locked skipped
C:\WINDOWS\Tasks\jlnz.job Object is locked skipped
C:\WINDOWS\Tasks\jmee.job Object is locked skipped
C:\WINDOWS\Tasks\jqn.job Object is locked skipped
C:\WINDOWS\Tasks\jryv.job Object is locked skipped
C:\WINDOWS\Tasks\jvuslrke.job Object is locked skipped
C:\WINDOWS\Tasks\jxoqltwo.job Object is locked skipped
C:\WINDOWS\Tasks\kgcnudz.job Object is locked skipped
C:\WINDOWS\Tasks\kkam.job Object is locked skipped
C:\WINDOWS\Tasks\ksshj.job Object is locked skipped
C:\WINDOWS\Tasks\kxujgaq.job Object is locked skipped
C:\WINDOWS\Tasks\ldbyqeax.job Object is locked skipped
C:\WINDOWS\Tasks\ldyk.job Object is locked skipped
C:\WINDOWS\Tasks\lezyp.job Object is locked skipped
C:\WINDOWS\Tasks\lgnpn.job Object is locked skipped
C:\WINDOWS\Tasks\lmdz.job Object is locked skipped
C:\WINDOWS\Tasks\lmp.job Object is locked skipped
C:\WINDOWS\Tasks\lnvap.job Object is locked skipped
C:\WINDOWS\Tasks\lpfhjwzy.job Object is locked skipped
C:\WINDOWS\Tasks\lpfrjx.job Object is locked skipped
C:\WINDOWS\Tasks\ltcocq.job Object is locked skipped
C:\WINDOWS\Tasks\lvdcgcpu.job Object is locked skipped
C:\WINDOWS\Tasks\mgkdnp.job Object is locked skipped
C:\WINDOWS\Tasks\mgptvcr.job Object is locked skipped
C:\WINDOWS\Tasks\mivwqcc.job Object is locked skipped
C:\WINDOWS\Tasks\mltpxmdp.job Object is locked skipped
C:\WINDOWS\Tasks\mmb.job Object is locked skipped
C:\WINDOWS\Tasks\mpna.job Object is locked skipped
C:\WINDOWS\Tasks\mvsxtfnp.job Object is locked skipped
C:\WINDOWS\Tasks\mxhqh.job Object is locked skipped
C:\WINDOWS\Tasks\nbm.job Object is locked skipped
C:\WINDOWS\Tasks\ndo.job Object is locked skipped
C:\WINDOWS\Tasks\neirv.job Object is locked skipped
C:\WINDOWS\Tasks\nkyj.job Object is locked skipped
C:\WINDOWS\Tasks\nmjwwzg.job Object is locked skipped
C:\WINDOWS\Tasks\nmv.job Object is locked skipped
C:\WINDOWS\Tasks\nntr.job Object is locked skipped
C:\WINDOWS\Tasks\nsw.job Object is locked skipped
C:\WINDOWS\Tasks\ntzo.job Object is locked skipped
C:\WINDOWS\Tasks\nyqrmq.job Object is locked skipped
C:\WINDOWS\Tasks\nzdmr.job Object is locked skipped
C:\WINDOWS\Tasks\oiaruk.job Object is locked skipped
C:\WINDOWS\Tasks\ojbvgt.job Object is locked skipped
C:\WINDOWS\Tasks\ojmtukr.job Object is locked skipped
C:\WINDOWS\Tasks\omyt.job Object is locked skipped
C:\WINDOWS\Tasks\oxpvola.job Object is locked skipped
C:\WINDOWS\Tasks\oztxxif.job Object is locked skipped
C:\WINDOWS\Tasks\pcnyr.job Object is locked skipped
C:\WINDOWS\Tasks\pdcqc.job Object is locked skipped
C:\WINDOWS\Tasks\phpcd.job Object is locked skipped
C:\WINDOWS\Tasks\phx.job Object is locked skipped
C:\WINDOWS\Tasks\pidb.job Object is locked skipped
C:\WINDOWS\Tasks\pkgysfce.job Object is locked skipped
C:\WINDOWS\Tasks\plk.job Object is locked skipped
C:\WINDOWS\Tasks\pnhiilr.job Object is locked skipped
C:\WINDOWS\Tasks\ppq.job Object is locked skipped
C:\WINDOWS\Tasks\psk.job Object is locked skipped
C:\WINDOWS\Tasks\ptjkbrqs.job Object is locked skipped
C:\WINDOWS\Tasks\ptql.job Object is locked skipped
C:\WINDOWS\Tasks\puow.job Object is locked skipped
C:\WINDOWS\Tasks\pxn.job Object is locked skipped
C:\WINDOWS\Tasks\qcr.job Object is locked skipped
C:\WINDOWS\Tasks\qgbzr.job Object is locked skipped
C:\WINDOWS\Tasks\qhdndj.job Object is locked skipped
C:\WINDOWS\Tasks\qojqx.job Object is locked skipped
C:\WINDOWS\Tasks\qygj.job Object is locked skipped
C:\WINDOWS\Tasks\rdadxkr.job Object is locked skipped
C:\WINDOWS\Tasks\reqhclar.job Object is locked skipped
C:\WINDOWS\Tasks\rfborn.job Object is locked skipped
C:\WINDOWS\Tasks\rhde.job Object is locked skipped
C:\WINDOWS\Tasks\rmkanmm.job Object is locked skipped
C:\WINDOWS\Tasks\rnwhcvq.job Object is locked skipped
C:\WINDOWS\Tasks\rpjze.job Object is locked skipped
C:\WINDOWS\Tasks\rrjq.job Object is locked skipped
C:\WINDOWS\Tasks\rrxeb.job Object is locked skipped
C:\WINDOWS\Tasks\rtkzkup.job Object is locked skipped
C:\WINDOWS\Tasks\rvptvhy.job Object is locked skipped
C:\WINDOWS\Tasks\rzjbzrne.job Object is locked skipped
C:\WINDOWS\Tasks\scg.job Object is locked skipped
C:\WINDOWS\Tasks\shqcb.job Object is locked skipped
C:\WINDOWS\Tasks\shxasg.job Object is locked skipped
C:\WINDOWS\Tasks\siio.job Object is locked skipped
C:\WINDOWS\Tasks\sjsoqzv.job Object is locked skipped
C:\WINDOWS\Tasks\skhdsiap.job Object is locked skipped
C:\WINDOWS\Tasks\slmd.job Object is locked skipped
C:\WINDOWS\Tasks\smpsqlb.job Object is locked skipped
C:\WINDOWS\Tasks\sscqrfk.job Object is locked skipped
C:\WINDOWS\Tasks\stz.job Object is locked skipped
C:\WINDOWS\Tasks\suk.job Object is locked skipped
C:\WINDOWS\Tasks\swsjtlk.job Object is locked skipped
C:\WINDOWS\Tasks\sxrxtu.job Object is locked skipped
C:\WINDOWS\Tasks\tbvgs.job Object is locked skipped
C:\WINDOWS\Tasks\tef.job Object is locked skipped
C:\WINDOWS\Tasks\tfkwqhy.job Object is locked skipped
C:\WINDOWS\Tasks\tfuc.job Object is locked skipped
C:\WINDOWS\Tasks\tgjca.job Object is locked skipped
C:\WINDOWS\Tasks\thpddrd.job Object is locked skipped
C:\WINDOWS\Tasks\tib.job Object is locked skipped
C:\WINDOWS\Tasks\tmjrt.job Object is locked skipped
C:\WINDOWS\Tasks\trtasq.job Object is locked skipped
C:\WINDOWS\Tasks\uao.job Object is locked skipped
C:\WINDOWS\Tasks\ubh.job Object is locked skipped
C:\WINDOWS\Tasks\ubqfvmn.job Object is locked skipped
C:\WINDOWS\Tasks\uhhnbss.job Object is locked skipped
C:\WINDOWS\Tasks\umtzg.job Object is locked skipped
C:\WINDOWS\Tasks\uofuz.job Object is locked skipped
C:\WINDOWS\Tasks\uov.job Object is locked skipped
C:\WINDOWS\Tasks\upzq.job Object is locked skipped
C:\WINDOWS\Tasks\uqcynsqe.job Object is locked skipped
C:\WINDOWS\Tasks\utgrh.job Object is locked skipped
C:\WINDOWS\Tasks\utnles.job Object is locked skipped
C:\WINDOWS\Tasks\uvh.job Object is locked skipped
C:\WINDOWS\Tasks\uvrkl.job Object is locked skipped
C:\WINDOWS\Tasks\uxpfx.job Object is locked skipped
C:\WINDOWS\Tasks\vaf.job Object is locked skipped
C:\WINDOWS\Tasks\vapk.job Object is locked skipped
C:\WINDOWS\Tasks\vaztsl.job Object is locked skipped
C:\WINDOWS\Tasks\vfly.job Object is locked skipped
C:\WINDOWS\Tasks\vgtxrlee.job Object is locked skipped
C:\WINDOWS\Tasks\vig.job Object is locked skipped
C:\WINDOWS\Tasks\vspyqw.job Object is locked skipped
C:\WINDOWS\Tasks\vwaitrr.job Object is locked skipped
C:\WINDOWS\Tasks\vyfjsizj.job Object is locked skipped
C:\WINDOWS\Tasks\wgwz.job Object is locked skipped
C:\WINDOWS\Tasks\whkpxrj.job Object is locked skipped
C:\WINDOWS\Tasks\whqe.job Object is locked skipped
C:\WINDOWS\Tasks\wivqqx.job Object is locked skipped
C:\WINDOWS\Tasks\wjzub.job Object is locked skipped
C:\WINDOWS\Tasks\wmgwlmnc.job Object is locked skipped
C:\WINDOWS\Tasks\wudf.job Object is locked skipped
C:\WINDOWS\Tasks\wxhe.job Object is locked skipped
C:\WINDOWS\Tasks\xcpdmkdf.job Object is locked skipped
C:\WINDOWS\Tasks\xfzjupwh.job Object is locked skipped
C:\WINDOWS\Tasks\xgitzr.job Object is locked skipped
C:\WINDOWS\Tasks\xlj.job Object is locked skipped
C:\WINDOWS\Tasks\xnw.job Object is locked skipped
C:\WINDOWS\Tasks\xrwzrs.job Object is locked skipped
C:\WINDOWS\Tasks\xwn.job Object is locked skipped
C:\WINDOWS\Tasks\xyep.job Object is locked skipped
C:\WINDOWS\Tasks\xyglz.job Object is locked skipped
C:\WINDOWS\Tasks\xzqydpix.job Object is locked skipped
C:\WINDOWS\Tasks\xzwigjhm.job Object is locked skipped
C:\WINDOWS\Tasks\ydlz.job Object is locked skipped
C:\WINDOWS\Tasks\ygh.job Object is locked skipped
C:\WINDOWS\Tasks\ylllt.job Object is locked skipped
C:\WINDOWS\Tasks\yllqceud.job Object is locked skipped
C:\WINDOWS\Tasks\ymrb.job Object is locked skipped
C:\WINDOWS\Tasks\yovye.job Object is locked skipped
C:\WINDOWS\Tasks\yrg.job Object is locked skipped
C:\WINDOWS\Tasks\yurdbdr.job Object is locked skipped
C:\WINDOWS\Tasks\yutvntnu.job Object is locked skipped
C:\WINDOWS\Tasks\yxq.job Object is locked skipped
C:\WINDOWS\Tasks\zaqfleb.job Object is locked skipped
C:\WINDOWS\Tasks\zcqrmryp.job Object is locked skipped
C:\WINDOWS\Tasks\zfwyjeeq.job Object is locked skipped
C:\WINDOWS\Tasks\zhsbfwo.job Object is locked skipped
C:\WINDOWS\Tasks\zjev.job Object is locked skipped
C:\WINDOWS\Tasks\zjyvydb.job Object is locked skipped
C:\WINDOWS\Tasks\zmk.job Object is locked skipped
C:\WINDOWS\Tasks\zqltkby.job Object is locked skipped
C:\WINDOWS\Tasks\ztck.job Object is locked skipped
C:\WINDOWS\Tasks\ztl.job Object is locked skipped
C:\WINDOWS\Tasks\ztytf.job Object is locked skipped
C:\WINDOWS\Tasks\zwadwck.job Object is locked skipped
C:\WINDOWS\Tasks\zxpl.job Object is locked skipped
C:\WINDOWS\Tasks\zzf.job Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
Scan process completed.
Avatar utente
misterxfiles
Aficionado
Aficionado
 
Messaggi: 25
Iscritto il: gio gen 10, 2008 3:52 pm
Località: roma

Messaggioda ste_95 » sab gen 12, 2008 7:15 pm

Be anche lui è ben infetto...

Disattiva il ripristino configurazione di sistema.

Scarica Avenger
Estrailo in una cartella a tua scelta
Esegui il file avenger.exe con la figura di una spada
Metti il pallino su input script manually
Quindi scegli la lente e cliccaci
Ora incolla queste righe nella box bianca che si è aperta:

Files to delete:
C:\WINDOWS\system32\drivers\hidr.exe
C:\WINDOWS\system32\drivers\srosa.sys
C:\WINDOWS\system32\wintems.exe
C:\WINDOWS\system32\hldrrr.exe
C:\WINDOWS\system32\trusted.exe
C:\WINDOWS\system32\drivers\pci32.sys
C:\windows\system32\drivers\hldrrr.exe
C:\WINDOWS\system32\drivers\hldrrr.ex_
C:\Documents and Settings\Alex\Impostazioni locali\Temp\IH2FF.tmp
C:\Documents and Settings\Alex\Impostazioni locali\Temp\jar_cache28765.tmp
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\0XY7WXQN\advertizing[1].htm
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\2CLPFZV3\4886578[1].txt
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\2CLPFZV3\4902578[1].txt
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\2CLPFZV3\b64_2[1].jpg
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\2CLPFZV3\b64_3[1].jpg
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\3HQR4X6J\5990687[1].txt
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\3HQR4X6J\844437[1].txt
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\3HQR4X6J\847890[1].txt
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\3HQR4X6J\adult[1].exe
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\4DMF2ZC1\9312046[1].txt
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\4DMF2ZC1\9323828[1].txt
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\4DMF2ZC1\b64_3[1].jpg
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\7F1JR1GW\u[1].dat
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\8HMVO5QZ\b64_1[1].jpg
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\8HMVO5QZ\b64_1[2].jpg
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\GDQZ8HQN\837390[1].txt
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\IPNWH8RM\b64_3[1].jpg
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\K5YZW5YR\u[1].exe
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\KBV36O11\u[1].exe
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\OLENG9EJ\835093[1].txt
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\OLENG9EJ\838125[1].txt
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\OLU781MV\Galaxy[1].htm
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\10073187[1].txt
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\4875046[1].txt
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\4898421[1].txt
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\4902140[1].txt
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\4947921[1].txt
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\5050468[1].txt
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\5078093[1].txt
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\5247468[1].txt
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\833859[1].txt
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\838265[1].txt
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\842265[1].txt
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\842828[1].txt
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\842859[1].txt
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\843453[1].txt
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\844531[1].txt
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\845312[1].txt
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\845875[1].txt
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\846062[1].txt
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\9037328[1].txt
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\9385234[1].txt
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\b64_1[1].jpg
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\index[1].htm
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\UT7CH47A\u[1].dat
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\W9MZ0LMR\l[1].exe
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\WZ2J2PA5\839406[1].txt
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\WZ2J2PA5\841750[1].txt
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\WZ2J2PA5\843234[1].txt
C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\WZ2J2PA5\844562[1].txt
C:\Programmi\intelliScore Polyphonic WAV to MIDI Converter Demo\Intelliscore Polyphonic WAV to MIDI Converter 7.1 Patch.exe
C:\RECYCLER\S-1-5-21-790525478-1604221776-1417001333-1003\Dc10.exe
C:\RECYCLER\S-1-5-21-790525478-1604221776-1417001333-1003\Dc9.exe
C:\WINDOWS\10073187.exe
C:\WINDOWS\4875046.exe
C:\WINDOWS\4886578.exe
C:\WINDOWS\4898421.exe
C:\WINDOWS\4902140.exe
C:\WINDOWS\4902578.exe
C:\WINDOWS\4912015.exe
C:\WINDOWS\4947921.exe
C:\WINDOWS\5050468.exe
C:\WINDOWS\5078093.exe
C:\WINDOWS\5247468.exe
C:\WINDOWS\5990687.exe
C:\WINDOWS\833859.exe
C:\WINDOWS\834375.exe
C:\WINDOWS\835093.exe
C:\WINDOWS\837390.exe
C:\WINDOWS\838125.exe
C:\WINDOWS\838265.exe
C:\WINDOWS\839406.exe
C:\WINDOWS\840234.exe
C:\WINDOWS\841750.exe
C:\WINDOWS\842265.exe
C:\WINDOWS\842828.exe
C:\WINDOWS\842859.exe
C:\WINDOWS\843234.exe
C:\WINDOWS\843453.exe
C:\WINDOWS\843500.exe
C:\WINDOWS\844531.exe
C:\WINDOWS\844562.exe
C:\WINDOWS\845218.exe
C:\WINDOWS\845312.exe
C:\WINDOWS\845875.exe
C:\WINDOWS\846062.exe
C:\WINDOWS\846953.exe
C:\WINDOWS\847734.exe
C:\WINDOWS\848609.exe
C:\WINDOWS\9037328.exe
C:\WINDOWS\9312046.exe
C:\WINDOWS\9323828.exe
C:\WINDOWS\9385234.exe
C:\WINDOWS\system32\drivers\etc\hosts.msn

folders to delete:
C:\WINDOWS\exefnd
C:\WINDOWS\exefld
C:\WINDOWS\system32\drivers\down

registry keys to delete:
HKLM\SYSTEM\CurrentControlSet\Services\srosa
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
HKLM\SYSTEM\CurrentControlSet\Services\pci32
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_PCI32


Adesso devi cliccare su Done in basso nella box
Seleziona il semaforino in alto a destra
Rispondi di Si alle due richieste di Avenger
Adesso il tuo computer dovrebbe riavviarsi, nel caso non succedesse, riavvialo tu manualmente
Al riavvio del computer, copia e incolla qui il contenuto del blocco note che apparirà.

Poi posta il contenuto del file C:\WINDOWS\system32\drivers\etc\hosts
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am

Messaggioda misterxfiles » sab gen 12, 2008 7:37 pm

intanto ti posto il contenuto del blocco note ...pensavo volessi questo...per l'altro contenuto devo aprire la cartella che mi ha indicato?


Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\geyhruuc

*******************

Script file located at: \??\C:\WINDOWS\reoqdqhd.txt
Script file opened successfully.

Script file read successfully

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:



File C:\WINDOWS\system32\drivers\hidr.exe not found!
Deletion of file C:\WINDOWS\system32\drivers\hidr.exe failed!

Could not process line:
C:\WINDOWS\system32\drivers\hidr.exe
Status: 0xc0000034

File C:\WINDOWS\system32\drivers\srosa.sys deleted successfully.
File C:\WINDOWS\system32\wintems.exe deleted successfully.


File C:\WINDOWS\system32\hldrrr.exe not found!
Deletion of file C:\WINDOWS\system32\hldrrr.exe failed!

Could not process line:
C:\WINDOWS\system32\hldrrr.exe
Status: 0xc0000034



File C:\WINDOWS\system32\trusted.exe not found!
Deletion of file C:\WINDOWS\system32\trusted.exe failed!

Could not process line:
C:\WINDOWS\system32\trusted.exe
Status: 0xc0000034



File C:\WINDOWS\system32\drivers\pci32.sys not found!
Deletion of file C:\WINDOWS\system32\drivers\pci32.sys failed!

Could not process line:
C:\WINDOWS\system32\drivers\pci32.sys
Status: 0xc0000034

File C:\windows\system32\drivers\hldrrr.exe deleted successfully.


File C:\WINDOWS\system32\drivers\hldrrr.ex_ not found!
Deletion of file C:\WINDOWS\system32\drivers\hldrrr.ex_ failed!

Could not process line:
C:\WINDOWS\system32\drivers\hldrrr.ex_
Status: 0xc0000034

File C:\Documents and Settings\Alex\Impostazioni locali\Temp\IH2FF.tmp deleted successfully.
File C:\Documents and Settings\Alex\Impostazioni locali\Temp\jar_cache28765.tmp deleted successfully.
File C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\0XY7WXQN\advertizing[1].htm deleted successfully.
File C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\2CLPFZV3\4886578[1].txt deleted successfully.
File C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\2CLPFZV3\4902578[1].txt deleted successfully.
File C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\2CLPFZV3\b64_2[1].jpg deleted successfully.
File C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\2CLPFZV3\b64_3[1].jpg deleted successfully.
File C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\3HQR4X6J\5990687[1].txt deleted successfully.
File C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\3HQR4X6J\844437[1].txt deleted successfully.
File C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\3HQR4X6J\847890[1].txt deleted successfully.
File C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\3HQR4X6J\adult[1].exe deleted successfully.
File C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\4DMF2ZC1\9312046[1].txt deleted successfully.
File C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\4DMF2ZC1\9323828[1].txt deleted successfully.
File C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\4DMF2ZC1\b64_3[1].jpg deleted successfully.
File C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\7F1JR1GW\u[1].dat deleted successfully.
File C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\8HMVO5QZ\b64_1[1].jpg deleted successfully.
File C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\8HMVO5QZ\b64_1[2].jpg deleted successfully.
File C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\GDQZ8HQN\837390[1].txt deleted successfully.
File C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\IPNWH8RM\b64_3[1].jpg deleted successfully.
File C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\K5YZW5YR\u[1].exe deleted successfully.
File C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\KBV36O11\u[1].exe deleted successfully.
File C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\OLENG9EJ\835093[1].txt deleted successfully.
File C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\OLENG9EJ\838125[1].txt deleted successfully.
File C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\OLU781MV\Galaxy[1].htm deleted successfully.
File C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\10073187[1].txt deleted successfully.
File C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\4875046[1].txt deleted successfully.
File C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\4898421[1].txt deleted successfully.
File C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\4902140[1].txt deleted successfully.
File C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\4947921[1].txt deleted successfully.
File C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\5050468[1].txt deleted successfully.
File C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\5078093[1].txt deleted successfully.
File C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\5247468[1].txt deleted successfully.
File C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\833859[1].txt deleted successfully.
File C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\838265[1].txt deleted successfully.
File C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\842265[1].txt deleted successfully.
File C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\842828[1].txt deleted successfully.
File C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\842859[1].txt deleted successfully.
File C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\843453[1].txt deleted successfully.
File C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\844531[1].txt deleted successfully.
File C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\845312[1].txt deleted successfully.
File C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\845875[1].txt deleted successfully.
File C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\846062[1].txt deleted successfully.
File C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\9037328[1].txt deleted successfully.
File C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\9385234[1].txt deleted successfully.
File C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\b64_1[1].jpg deleted successfully.
File C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\POS79T89\index[1].htm deleted successfully.
File C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\UT7CH47A\u[1].dat deleted successfully.
File C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\W9MZ0LMR\l[1].exe deleted successfully.
File C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\WZ2J2PA5\839406[1].txt deleted successfully.
File C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\WZ2J2PA5\841750[1].txt deleted successfully.
File C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\WZ2J2PA5\843234[1].txt deleted successfully.
File C:\Documents and Settings\Alex\Impostazioni locali\Temporary Internet Files\Content.IE5\WZ2J2PA5\844562[1].txt deleted successfully.
File C:\Programmi\intelliScore Polyphonic WAV to MIDI Converter Demo\Intelliscore Polyphonic WAV to MIDI Converter 7.1 Patch.exe deleted successfully.
File C:\RECYCLER\S-1-5-21-790525478-1604221776-1417001333-1003\Dc10.exe deleted successfully.
File C:\RECYCLER\S-1-5-21-790525478-1604221776-1417001333-1003\Dc9.exe deleted successfully.
File C:\WINDOWS\10073187.exe deleted successfully.
File C:\WINDOWS\4875046.exe deleted successfully.
File C:\WINDOWS\4886578.exe deleted successfully.
File C:\WINDOWS\4898421.exe deleted successfully.
File C:\WINDOWS\4902140.exe deleted successfully.
File C:\WINDOWS\4902578.exe deleted successfully.
File C:\WINDOWS\4912015.exe deleted successfully.
File C:\WINDOWS\4947921.exe deleted successfully.
File C:\WINDOWS\5050468.exe deleted successfully.
File C:\WINDOWS\5078093.exe deleted successfully.
File C:\WINDOWS\5247468.exe deleted successfully.
File C:\WINDOWS\5990687.exe deleted successfully.
File C:\WINDOWS\833859.exe deleted successfully.
File C:\WINDOWS\834375.exe deleted successfully.
File C:\WINDOWS\835093.exe deleted successfully.
File C:\WINDOWS\837390.exe deleted successfully.
File C:\WINDOWS\838125.exe deleted successfully.
File C:\WINDOWS\838265.exe deleted successfully.
File C:\WINDOWS\839406.exe deleted successfully.
File C:\WINDOWS\840234.exe deleted successfully.
File C:\WINDOWS\841750.exe deleted successfully.
File C:\WINDOWS\842265.exe deleted successfully.
File C:\WINDOWS\842828.exe deleted successfully.
File C:\WINDOWS\842859.exe deleted successfully.
File C:\WINDOWS\843234.exe deleted successfully.
File C:\WINDOWS\843453.exe deleted successfully.
File C:\WINDOWS\843500.exe deleted successfully.
File C:\WINDOWS\844531.exe deleted successfully.
File C:\WINDOWS\844562.exe deleted successfully.
File C:\WINDOWS\845218.exe deleted successfully.
File C:\WINDOWS\845312.exe deleted successfully.
File C:\WINDOWS\845875.exe deleted successfully.
File C:\WINDOWS\846062.exe deleted successfully.
File C:\WINDOWS\846953.exe deleted successfully.
File C:\WINDOWS\847734.exe deleted successfully.
File C:\WINDOWS\848609.exe deleted successfully.
File C:\WINDOWS\9037328.exe deleted successfully.
File C:\WINDOWS\9312046.exe deleted successfully.
File C:\WINDOWS\9323828.exe deleted successfully.
File C:\WINDOWS\9385234.exe deleted successfully.
File C:\WINDOWS\system32\drivers\etc\hosts.msn deleted successfully.


Folder C:\WINDOWS\exefnd not found!
Deletion of folder C:\WINDOWS\exefnd failed!

Could not process line:
C:\WINDOWS\exefnd
Status: 0xc0000034



Folder C:\WINDOWS\exefld not found!
Deletion of folder C:\WINDOWS\exefld failed!

Could not process line:
C:\WINDOWS\exefld
Status: 0xc0000034

Folder C:\WINDOWS\system32\drivers\down deleted successfully.
Registry key HKLM\SYSTEM\CurrentControlSet\Services\srosa deleted successfully.
Registry key HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA deleted successfully.


Registry key HKLM\SYSTEM\CurrentControlSet\Services\pci32 not found!
Deletion of registry key HKLM\SYSTEM\CurrentControlSet\Services\pci32 failed!

Could not process line:
HKLM\SYSTEM\CurrentControlSet\Services\pci32
Status: 0xc0000034



Registry key HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_PCI32 not found!
Deletion of registry key HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_PCI32 failed!

Could not process line:
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_PCI32
Status: 0xc0000034


Completed script processing.

*******************

Finished! Terminate.
Avatar utente
misterxfiles
Aficionado
Aficionado
 
Messaggi: 25
Iscritto il: gio gen 10, 2008 3:52 pm
Località: roma

Messaggioda ste_95 » sab gen 12, 2008 7:41 pm

Esatto, metti il file indicato su www.freefilehosting.net e postane il link.

Quindi elimina tutti i file contenuti nella cartella C:\WINDOWS\Tasks
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am

Messaggioda misterxfiles » sab gen 12, 2008 7:58 pm

ho fatto come mi hai detto inserendo il link da tto e indicatomi...ma che sto facendo...? che succede ora?
Avatar utente
misterxfiles
Aficionado
Aficionado
 
Messaggi: 25
Iscritto il: gio gen 10, 2008 3:52 pm
Località: roma

Messaggioda ste_95 » sab gen 12, 2008 8:00 pm

Kaspersky segnalava un'infezione nel file hosts, invece di eliminarlo, volevo ripulirlo...
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am

Messaggioda misterxfiles » sab gen 12, 2008 8:02 pm

forse ho capito ..nella finestrella direct link si legge questo:

http://www.freefilehosting.net/download/3aaae
Avatar utente
misterxfiles
Aficionado
Aficionado
 
Messaggi: 25
Iscritto il: gio gen 10, 2008 3:52 pm
Località: roma

Messaggioda misterxfiles » sab gen 12, 2008 8:14 pm

Mi hai indicato con queste tue parole scritte:Poi posta il contenuto del file C:\WINDOWS\system32\drivers\etc\hosts

non so ...ho aperto il contenuto del file che tu mi hai indicato con il blocco note ti invio cio che viene fuori...


# Copyright (c) 1993-1999 Microsoft Corp.
#
# Questo è un esempio di file HOSTS usato da Microsoft TCP/IP per Windows.
#
# Questo file contiene la mappatura degli indirizzi IP ai nomi host.
# Ogni voce dovrebbe occupare una singola riga. L'indirizzo IP dovrebbe
# trovarsi nella prima colonna seguito dal nome host corrispondente.
# L'indirizzo e il nome host dovrebbero essere separati da almeno uno spazio
# o punto di tabulazione.
#
# È inoltre possibile inserire commenti (come questi) nelle singole righe
# o dopo il nome del computer caratterizzato da un simbolo '#'.
#
# Per esempio:
#
# 102.54.94.97 rhino.acme.com # server origine
# 38.25.63.10 x.acme.com # client host x

127.0.0.1 localhost

160.128.161.153 bute2ieh.com
98.142.154.12 catolcwxcav.com
164.105.11.128 ukjp9mn2.com
26.61.135.9 vkipqugtsx.com
74.155.15.232 wvdimh98zhq.com
21.43.177.216 zobcslgff.com
217.65.130.117 fullows.com
0.0.0.0 shiptrop.com
7.19.148.180 thumbstring.net
46.227.219.28 wschooler.com
237.198.174.168 addwjf6zoy.com
42.9.237.234 itqoipyqsq.com
Avatar utente
misterxfiles
Aficionado
Aficionado
 
Messaggi: 25
Iscritto il: gio gen 10, 2008 3:52 pm
Località: roma

Messaggioda ste_95 » sab gen 12, 2008 9:23 pm

Scusa l'attesa:

Elimina queste righe:

160.128.161.153 bute2ieh.com
98.142.154.12 catolcwxcav.com
164.105.11.128 ukjp9mn2.com
26.61.135.9 vkipqugtsx.com
74.155.15.232 wvdimh98zhq.com
21.43.177.216 zobcslgff.com
217.65.130.117 fullows.com
0.0.0.0 shiptrop.com
7.19.148.180 thumbstring.net
46.227.219.28 wschooler.com
237.198.174.168 addwjf6zoy.com
42.9.237.234 itqoipyqsq.com

PS: Hai svuotato la cartella Tasks?
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am

Messaggioda misterxfiles » sab gen 12, 2008 10:27 pm

Si ho svuotato la cartella tasks ..ma per togliere quelle righe le cancello come se fossero delle righe di testo lette da blocknotes?
Avatar utente
misterxfiles
Aficionado
Aficionado
 
Messaggi: 25
Iscritto il: gio gen 10, 2008 3:52 pm
Località: roma

Messaggioda misterxfiles » dom gen 13, 2008 12:47 am

il link del file sarebbe questo:

http://www.freefilehosting.net/download/3aad3
Avatar utente
misterxfiles
Aficionado
Aficionado
 
Messaggi: 25
Iscritto il: gio gen 10, 2008 3:52 pm
Località: roma

Prossimo

Torna a Sicurezza

Chi c’è in linea

Visitano il forum: Nessuno e 6 ospiti

Powered by phpBB © 2002, 2005, 2007, 2008 phpBB Group
Traduzione Italiana phpBB.it

megalab.it: testata telematica quotidiana registrata al Tribunale di Cosenza n. 22/09 del 13.08.2009, editore Master New Media S.r.l.; © Copyright 2008 Master New Media S.r.l. a socio unico - P.I. 02947530784. GRUPPO EDIZIONI MASTER Spa Tutti i diritti sono riservati. Per la pubblicità: Master Advertising