Punto informatico Network
Login Esegui login | Non sei registrato? Iscriviti ora (è gratuito!)
Username: Password:
  • Annuncio Pubblicitario

Bagle (Aiuto per Script in Avanger)...

Un virus si è intromesso nel tuo computer? Vuoi navigare in tutta sicurezza? Sono sicure le transazione online? Come impedire a malintenzionati di intromettersi nel tuo pc? Come proteggere i tuoi dati? Qui trovi le risposte a queste ed altre domande

Bagle (Aiuto per Script in Avanger)...

Messaggioda fransfc » mer gen 16, 2008 12:33 am

Salve a tutti...
Anche io sono stato vittima del BAGLE [acc2] e ho trovato in voi la miglior soluzione al mio problema [^]

Come viene suggerito ho eseguito lo scan OnLine con Kaspersky e il risultato è questo:

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Dati applicazioni\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Dati applicazioni\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\Francesco\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Francesco\Dati applicazioni\Mozilla\Firefox\Profiles\84szj9tu.default\cert8.db Object is locked skipped
C:\Documents and Settings\Francesco\Dati applicazioni\Mozilla\Firefox\Profiles\84szj9tu.default\formhistory.dat Object is locked skipped
C:\Documents and Settings\Francesco\Dati applicazioni\Mozilla\Firefox\Profiles\84szj9tu.default\history.dat Object is locked skipped
C:\Documents and Settings\Francesco\Dati applicazioni\Mozilla\Firefox\Profiles\84szj9tu.default\key3.db Object is locked skipped
C:\Documents and Settings\Francesco\Dati applicazioni\Mozilla\Firefox\Profiles\84szj9tu.default\parent.lock Object is locked skipped
C:\Documents and Settings\Francesco\Dati applicazioni\Mozilla\Firefox\Profiles\84szj9tu.default\search.sqlite Object is locked skipped
C:\Documents and Settings\Francesco\Dati applicazioni\Mozilla\Firefox\Profiles\84szj9tu.default\urlclassifier2.sqlite Object is locked skipped
C:\Documents and Settings\Francesco\Dati applicazioni\Thunderbird\Profiles\z3dvztz9.default\cert8.db Object is locked skipped
C:\Documents and Settings\Francesco\Dati applicazioni\Thunderbird\Profiles\z3dvztz9.default\key3.db Object is locked skipped
C:\Documents and Settings\Francesco\Dati applicazioni\Thunderbird\Profiles\z3dvztz9.default\Mail\Local Folders\Inbox.msf Object is locked skipped
C:\Documents and Settings\Francesco\Dati applicazioni\Thunderbird\Profiles\z3dvztz9.default\panacea.dat Object is locked skipped
C:\Documents and Settings\Francesco\Dati applicazioni\Thunderbird\Profiles\z3dvztz9.default\parent.lock Object is locked skipped
C:\Documents and Settings\Francesco\Dati applicazioni\Thunderbird\Profiles\z3dvztz9.default\urlclassifier2.sqlite Object is locked skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Dati applicazioni\Mozilla\Firefox\Profiles\84szj9tu.default\Cache\_CACHE_001_ Object is locked skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Dati applicazioni\Mozilla\Firefox\Profiles\84szj9tu.default\Cache\_CACHE_002_ Object is locked skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Dati applicazioni\Mozilla\Firefox\Profiles\84szj9tu.default\Cache\_CACHE_003_ Object is locked skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Dati applicazioni\Mozilla\Firefox\Profiles\84szj9tu.default\Cache\_CACHE_MAP_ Object is locked skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\EK026XSK\b64_1[1].jpg Infected: Trojan-PSW.Win32.LdPinch.ewq skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\EK026XSK\b64_1[2].jpg Infected: Trojan-PSW.Win32.LdPinch.ewq skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\EK026XSK\b64_1[3].jpg Infected: Trojan-PSW.Win32.LdPinch.ewq skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\EK026XSK\b64_1[4].jpg Infected: Trojan-PSW.Win32.LdPinch.ewq skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\EK026XSK\b64_2[1].jpg Infected: Trojan.Win32.Pakes.bwy skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\EK026XSK\b64_2[2].jpg Infected: Trojan.Win32.Pakes.bwy skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\EK026XSK\b64_2[3].jpg Infected: Trojan.Win32.Pakes.bwy skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\EK026XSK\b64_3[1].jpg Infected: Trojan-Downloader.Win32.Bagle.ho skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\EK026XSK\b64_3[2].jpg Infected: Trojan-Downloader.Win32.Bagle.ho skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\EK026XSK\b64_3[3].jpg Infected: Email-Worm.Win32.Bagle.of skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\EK026XSK\b64_3[4].jpg Infected: Trojan-Downloader.Win32.Bagle.ho skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\EK026XSK\b64_3[6].jpg Infected: Email-Worm.Win32.Bagle.of skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\MKFLG0Z6\b64_1[1].jpg Infected: Trojan-PSW.Win32.LdPinch.ewq skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\MKFLG0Z6\b64_1[2].jpg Infected: Trojan-PSW.Win32.LdPinch.ewq skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\MKFLG0Z6\b64_1[3].jpg Infected: Trojan-PSW.Win32.LdPinch.ewq skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\MKFLG0Z6\b64_2[1].jpg Infected: Trojan.Win32.Pakes.bwy skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\MKFLG0Z6\b64_2[2].jpg Infected: Trojan.Win32.Pakes.bwy skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\MKFLG0Z6\b64_2[3].jpg Infected: Trojan.Win32.Pakes.bwy skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\MKFLG0Z6\b64_2[4].jpg Infected: Trojan.Win32.Pakes.bwy skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\MKFLG0Z6\b64_3[1].jpg Infected: Email-Worm.Win32.Bagle.of skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\MKFLG0Z6\b64_3[2].jpg Infected: Email-Worm.Win32.Bagle.of skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\MKFLG0Z6\b64_3[4].jpg Infected: Trojan-Downloader.Win32.Bagle.ho skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\MKFLG0Z6\b64_3[5].jpg Infected: Email-Worm.Win32.Bagle.of skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\MKFLG0Z6\b64_3[6].jpg Infected: Trojan-Downloader.Win32.Bagle.ho skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\MKFLG0Z6\b64_3[7].jpg Infected: Trojan-Downloader.Win32.Bagle.ho skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\MKFLG0Z6\b64_3[8].jpg Infected: Email-Worm.Win32.Bagle.of skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\MKFLG0Z6\b64_3[9].jpg Infected: Email-Worm.Win32.Bagle.of skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\PW35W0BV\b64_1[1].jpg Infected: Trojan-PSW.Win32.LdPinch.ewq skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\PW35W0BV\b64_1[2].jpg Infected: Trojan-PSW.Win32.LdPinch.ewq skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\PW35W0BV\b64_1[3].jpg Infected: Trojan-PSW.Win32.LdPinch.ewq skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\PW35W0BV\b64_1[5].jpg Infected: Trojan-PSW.Win32.LdPinch.ewq skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\PW35W0BV\b64_2[1].jpg Infected: Trojan.Win32.Pakes.bwy skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\PW35W0BV\b64_2[2].jpg Infected: Trojan.Win32.Pakes.bwy skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\PW35W0BV\b64_2[3].jpg Infected: Trojan.Win32.Pakes.bwy skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\PW35W0BV\b64_2[4].jpg Infected: Trojan.Win32.Pakes.bwy skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\PW35W0BV\b64_3[1].jpg Infected: Email-Worm.Win32.Bagle.of skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\PW35W0BV\b64_3[2].jpg Infected: Trojan-Downloader.Win32.Bagle.ho skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\PW35W0BV\b64_3[3].jpg Infected: Email-Worm.Win32.Bagle.of skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\PW35W0BV\b64_3[4].jpg Infected: Trojan-Downloader.Win32.Bagle.ho skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\PW35W0BV\b64_3[5].jpg Infected: Trojan-Downloader.Win32.Bagle.ho skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\PW35W0BV\b64_3[6].jpg Infected: Email-Worm.Win32.Bagle.of skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\PW35W0BV\b64_3[7].jpg Infected: Email-Worm.Win32.Bagle.of skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\PW35W0BV\b64_3[8].jpg Infected: Email-Worm.Win32.Bagle.of skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\PW35W0BV\b64_3[9].jpg Infected: Email-Worm.Win32.Bagle.of skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\VYNHHB5Q\b64_1[1].jpg Infected: Trojan-PSW.Win32.LdPinch.ewq skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\VYNHHB5Q\b64_2[1].jpg Infected: Trojan.Win32.Pakes.bwy skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\VYNHHB5Q\b64_2[2].jpg Infected: Trojan.Win32.Pakes.bwy skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\VYNHHB5Q\b64_2[3].jpg Infected: Trojan.Win32.Pakes.bwy skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\VYNHHB5Q\b64_2[4].jpg Infected: Trojan.Win32.Pakes.bwy skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\VYNHHB5Q\b64_2[5].jpg Infected: Trojan.Win32.Pakes.bwy skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\VYNHHB5Q\b64_2[6].jpg Infected: Trojan.Win32.Pakes.bwy skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\VYNHHB5Q\b64_2[7].jpg Infected: Trojan.Win32.Pakes.bwy skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\VYNHHB5Q\b64_2[8].jpg Infected: Trojan.Win32.Pakes.bwy skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\VYNHHB5Q\b64_3[1].jpg Infected: Trojan-Downloader.Win32.Bagle.ho skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\VYNHHB5Q\b64_3[2].jpg Infected: Trojan-Downloader.Win32.Bagle.ho skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\VYNHHB5Q\b64_3[3].jpg Infected: Email-Worm.Win32.Bagle.of skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\VYNHHB5Q\b64_3[4].jpg Infected: Trojan-Downloader.Win32.Bagle.ho skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\VYNHHB5Q\b64_3[5].jpg Infected: Email-Worm.Win32.Bagle.of skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\VYNHHB5Q\b64_3[6].jpg Infected: Email-Worm.Win32.Bagle.of skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\VYNHHB5Q\b64_3[7].jpg Infected: Email-Worm.Win32.Bagle.of skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\VYNHHB5Q\b64_3[8].jpg Infected: Email-Worm.Win32.Bagle.of skipped
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\VYNHHB5Q\b64_3[9].jpg Infected: Email-Worm.Win32.Bagle.of skipped
C:\Documents and Settings\Francesco\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Francesco\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Programmi\AdunanzA\Incoming\Collector's Gateway-(MTG) 1.2.0 (With Crack).zip/Collector's Gateway-(MTG) 1.2.0 (With Crack).exe Infected: Trojan-Downloader.Win32.Bagle.hi skipped
C:\Programmi\AdunanzA\Incoming\Collector's Gateway-(MTG) 1.2.0 (With Crack).zip ZIP: infected - 1 skipped
C:\Programmi\AdunanzA\Incoming\Collector's Gateway-(Yugioh) 1.2.0 Crack.zip/Collector's Gateway-(Yugioh) 1.2.0 Crack.exe Infected: Trojan-Downloader.Win32.Bagle.hi skipped
C:\Programmi\AdunanzA\Incoming\Collector's Gateway-(Yugioh) 1.2.0 Crack.zip ZIP: infected - 1 skipped
C:\Programmi\AdunanzA\Incoming\kav.key.checker.rar/KAVblackList.exe Infected: HackTool.Win32.Agent.cx skipped
C:\Programmi\AdunanzA\Incoming\kav.key.checker.rar/KeyMon.exe Infected: HackTool.Win32.Agent.cx skipped
C:\Programmi\AdunanzA\Incoming\kav.key.checker.rar/KeyMon_nonUPX.exe Infected: HackTool.Win32.Agent.cx skipped
C:\Programmi\AdunanzA\Incoming\kav.key.checker.rar RAR: infected - 3 skipped
C:\Programmi\FreePOPs\log.txt Object is locked skipped
C:\Programmi\FreePOPs\stderr.txt Object is locked skipped
C:\Programmi\FreePOPs\stdout.txt Object is locked skipped
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe Infected: Trojan-Downloader.Win32.Bagle.hi skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\drivers\down\1291000.exe Infected: Trojan-Downloader.Win32.Bagle.ho skipped
C:\WINDOWS\system32\drivers\down\14429437.exe Infected: Trojan-Downloader.Win32.Bagle.ho skipped
C:\WINDOWS\system32\drivers\down\14521093.exe Infected: Trojan-Downloader.Win32.Bagle.ho skipped
C:\WINDOWS\system32\drivers\down\14531515.exe Infected: Trojan-Downloader.Win32.Bagle.ho skipped
C:\WINDOWS\system32\drivers\down\14539187.exe Infected: Trojan-Downloader.Win32.Bagle.ho skipped
C:\WINDOWS\system32\drivers\down\14545468.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\WINDOWS\system32\drivers\down\14549750.exe Infected: Trojan-Downloader.Win32.Bagle.ho skipped
C:\WINDOWS\system32\drivers\down\14555312.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\WINDOWS\system32\drivers\down\14563890.exe Infected: Trojan-Downloader.Win32.Bagle.ho skipped
C:\WINDOWS\system32\drivers\down\14596843.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\WINDOWS\system32\drivers\down\14602890.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\WINDOWS\system32\drivers\down\14607015.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\WINDOWS\system32\drivers\down\14607875.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\WINDOWS\system32\drivers\down\14626921.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\WINDOWS\system32\drivers\down\14656250.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\WINDOWS\system32\drivers\down\15877453.exe Infected: Trojan-Downloader.Win32.Bagle.ho skipped
C:\WINDOWS\system32\drivers\down\28924828.exe Infected: Trojan-Downloader.Win32.Bagle.ho skipped
C:\WINDOWS\system32\drivers\down\29067750.exe Infected: Trojan-Downloader.Win32.Bagle.ho skipped
C:\WINDOWS\system32\drivers\down\29125125.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\WINDOWS\system32\drivers\down\29140656.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\WINDOWS\system32\drivers\down\30501718.exe Infected: Trojan-Downloader.Win32.Bagle.ho skipped
C:\WINDOWS\system32\drivers\down\30510828.exe Infected: Trojan.Win32.Pakes.bwy skipped
C:\WINDOWS\system32\drivers\down\323125.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\WINDOWS\system32\drivers\down\34180078.exe Infected: Trojan-Downloader.Win32.Bagle.ho skipped
C:\WINDOWS\system32\drivers\down\35093.exe Infected: Trojan-Downloader.Win32.Bagle.ho skipped
C:\WINDOWS\system32\drivers\down\36718.exe Infected: Trojan-Downloader.Win32.Bagle.ho skipped
C:\WINDOWS\system32\drivers\down\36750.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\WINDOWS\system32\drivers\down\37578.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\WINDOWS\system32\drivers\down\39421.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\WINDOWS\system32\drivers\down\39578.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\WINDOWS\system32\drivers\down\3960265.exe Infected: Trojan-Downloader.Win32.Bagle.ho skipped
C:\WINDOWS\system32\drivers\down\39875.exe Infected: Trojan-Downloader.Win32.Bagle.ho skipped
C:\WINDOWS\system32\drivers\down\40406.exe Infected: Trojan-Downloader.Win32.Bagle.ho skipped
C:\WINDOWS\system32\drivers\down\41031.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\WINDOWS\system32\drivers\down\41937.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\WINDOWS\system32\drivers\down\42593.exe Infected: Trojan-Downloader.Win32.Bagle.ho skipped
C:\WINDOWS\system32\drivers\down\42640.exe Infected: Trojan-Downloader.Win32.Bagle.ho skipped
C:\WINDOWS\system32\drivers\down\42812.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\WINDOWS\system32\drivers\down\43203.exe Infected: Trojan-Downloader.Win32.Bagle.ho skipped
C:\WINDOWS\system32\drivers\down\43679609.exe Infected: Trojan-Downloader.Win32.Bagle.ho skipped
C:\WINDOWS\system32\drivers\down\46171.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\WINDOWS\system32\drivers\down\46375.exe Infected: Trojan-Downloader.Win32.Bagle.ho skipped
C:\WINDOWS\system32\drivers\down\47062.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\WINDOWS\system32\drivers\down\48715968.exe Infected: Trojan-Downloader.Win32.Bagle.ho skipped
C:\WINDOWS\system32\drivers\down\48727171.exe Infected: Trojan-Downloader.Win32.Bagle.ho skipped
C:\WINDOWS\system32\drivers\down\50046.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\WINDOWS\system32\drivers\down\54375.exe Infected: Trojan-Downloader.Win32.Bagle.ho skipped
C:\WINDOWS\system32\drivers\down\54718.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\WINDOWS\system32\drivers\down\56453.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\WINDOWS\system32\drivers\down\58238750.exe Infected: Trojan-Downloader.Win32.Bagle.ho skipped
C:\WINDOWS\system32\drivers\down\58640.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\WINDOWS\system32\drivers\down\59593.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\WINDOWS\system32\drivers\down\72882781.exe Infected: Trojan-Downloader.Win32.Bagle.ho skipped
C:\WINDOWS\system32\drivers\down\72891984.exe Infected: Trojan-Downloader.Win32.Bagle.ho skipped
C:\WINDOWS\system32\drivers\down\87460218.exe Infected: Trojan-Downloader.Win32.Bagle.ho skipped
C:\WINDOWS\system32\drivers\hldrrr.exe Infected: Trojan-Downloader.Win32.Bagle.hi skipped
C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\mdelk.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.


Qualcuno può indicarmi lo script da inserire in Avanger?

Vi rigrazio fin d'ora.
Avatar utente
fransfc
Neo Iscritto
Neo Iscritto
 
Messaggi: 3
Iscritto il: mar gen 15, 2008 11:23 pm

Messaggioda ste_95 » mer gen 16, 2008 7:05 am

[ciao]

Scarica Avenger
Estrailo in una cartella a tua scelta
Esegui il file avenger.exe con la figura di una spada
Metti il pallino su input script manually
Quindi scegli la lente e cliccaci
Ora incolla queste righe nella box bianca che si è aperta:

Files to delete:
C:\WINDOWS\system32\drivers\hidr.exe
C:\WINDOWS\system32\drivers\srosa.sys
C:\WINDOWS\system32\wintems.exe
C:\WINDOWS\system32\hldrrr.exe
C:\WINDOWS\system32\trusted.exe
C:\WINDOWS\system32\drivers\pci32.sys
C:\windows\system32\drivers\hldrrr.exe
C:\WINDOWS\system32\drivers\hldrrr.ex_
C:\Programmi\AdunanzA\Incoming\Collector's Gateway-(MTG) 1.2.0 (With Crack).zip
C:\Programmi\AdunanzA\Incoming\Collector's Gateway-(Yugioh) 1.2.0 Crack.zip
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

folders to delete:
C:\WINDOWS\exefnd
C:\WINDOWS\exefld
C:\WINDOWS\system32\drivers\down
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\EK026XSK
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\MKFLG0Z6
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\PW35W0BV
C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\VYNHHB5Q

registry keys to delete:
HKLM\SYSTEM\CurrentControlSet\Services\srosa
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
HKLM\SYSTEM\CurrentControlSet\Services\pci32
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_PCI32


Adesso devi cliccare su Done in basso nella box
Seleziona il semaforino in alto a destra
Rispondi di Si alle due richieste di Avenger
Adesso il tuo computer dovrebbe riavviarsi, nel caso non succedesse, riavvialo tu manualmente
Al riavvio del computer, copia e incolla qui il contenuto del blocco note che apparirà.
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am

Messaggioda fransfc » mer gen 16, 2008 9:15 am

Grazie per l'aiuto tempestivo!
Ho fatto come tu mi hai detto ed ecco il risultato di Avanger:

Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\bjbxjctk

*******************

Script file located at: \??\C:\WINDOWS\system32\tyyfrkhr.txt
Script file opened successfully.

Script file read successfully

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:



File C:\WINDOWS\system32\drivers\hidr.exe not found!
Deletion of file C:\WINDOWS\system32\drivers\hidr.exe failed!

Could not process line:
C:\WINDOWS\system32\drivers\hidr.exe
Status: 0xc0000034

File C:\WINDOWS\system32\drivers\srosa.sys deleted successfully.
File C:\WINDOWS\system32\wintems.exe deleted successfully.


File C:\WINDOWS\system32\hldrrr.exe not found!
Deletion of file C:\WINDOWS\system32\hldrrr.exe failed!

Could not process line:
C:\WINDOWS\system32\hldrrr.exe
Status: 0xc0000034



File C:\WINDOWS\system32\trusted.exe not found!
Deletion of file C:\WINDOWS\system32\trusted.exe failed!

Could not process line:
C:\WINDOWS\system32\trusted.exe
Status: 0xc0000034



File C:\WINDOWS\system32\drivers\pci32.sys not found!
Deletion of file C:\WINDOWS\system32\drivers\pci32.sys failed!

Could not process line:
C:\WINDOWS\system32\drivers\pci32.sys
Status: 0xc0000034

File C:\windows\system32\drivers\hldrrr.exe deleted successfully.


File C:\WINDOWS\system32\drivers\hldrrr.ex_ not found!
Deletion of file C:\WINDOWS\system32\drivers\hldrrr.ex_ failed!

Could not process line:
C:\WINDOWS\system32\drivers\hldrrr.ex_
Status: 0xc0000034

File C:\Programmi\AdunanzA\Incoming\Collector's Gateway-(MTG) 1.2.0 (With Crack).zip deleted successfully.
File C:\Programmi\AdunanzA\Incoming\Collector's Gateway-(Yugioh) 1.2.0 Crack.zip deleted successfully.
File C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe deleted successfully.


Folder C:\WINDOWS\exefnd not found!
Deletion of folder C:\WINDOWS\exefnd failed!

Could not process line:
C:\WINDOWS\exefnd
Status: 0xc0000034



Folder C:\WINDOWS\exefld not found!
Deletion of folder C:\WINDOWS\exefld failed!

Could not process line:
C:\WINDOWS\exefld
Status: 0xc0000034

Folder C:\WINDOWS\system32\drivers\down deleted successfully.
Folder C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\EK026XSK deleted successfully.
Folder C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\MKFLG0Z6 deleted successfully.
Folder C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\PW35W0BV deleted successfully.
Folder C:\Documents and Settings\Francesco\Impostazioni locali\Temporary Internet Files\Content.IE5\VYNHHB5Q deleted successfully.
Registry key HKLM\SYSTEM\CurrentControlSet\Services\srosa deleted successfully.
Registry key HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA deleted successfully.


Registry key HKLM\SYSTEM\CurrentControlSet\Services\pci32 not found!
Deletion of registry key HKLM\SYSTEM\CurrentControlSet\Services\pci32 failed!

Could not process line:
HKLM\SYSTEM\CurrentControlSet\Services\pci32
Status: 0xc0000034



Registry key HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_PCI32 not found!
Deletion of registry key HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_PCI32 failed!

Could not process line:
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_PCI32
Status: 0xc0000034


Completed script processing.


E adesso? [boh]
Avatar utente
fransfc
Neo Iscritto
Neo Iscritto
 
Messaggi: 3
Iscritto il: mar gen 15, 2008 11:23 pm


Messaggioda crazy.cat » mer gen 16, 2008 9:44 am

Prova a reinstallare l'antivirus.
Quando i molti governano, pensano solo a contentar sé stessi, si ha allora la tirannia più balorda e più odiosa: la tirannia mascherata da libertà.
Avatar utente
crazy.cat
MLI Hero
MLI Hero
 
Messaggi: 30959
Iscritto il: lun gen 12, 2004 1:38 pm
Località: Mestre

Messaggioda fransfc » mer gen 16, 2008 10:12 am

Ok funziona!!!

Siete grandi... Vi ringrazio per la vostra disponibilità!!!

ps. devo riattivarlo il ripristino di configurazione sistema?
Avatar utente
fransfc
Neo Iscritto
Neo Iscritto
 
Messaggi: 3
Iscritto il: mar gen 15, 2008 11:23 pm

Messaggioda crazy.cat » mer gen 16, 2008 10:43 am

fransfc ha scritto:ps. devo riattivarlo il ripristino di configurazione sistema?

Se lo usavi, riabilitalo.
Quando i molti governano, pensano solo a contentar sé stessi, si ha allora la tirannia più balorda e più odiosa: la tirannia mascherata da libertà.
Avatar utente
crazy.cat
MLI Hero
MLI Hero
 
Messaggi: 30959
Iscritto il: lun gen 12, 2004 1:38 pm
Località: Mestre


Torna a Sicurezza

Chi c’è in linea

Visitano il forum: Bing [Bot] e 1 ospite

cron
Powered by phpBB © 2002, 2005, 2007, 2008 phpBB Group
Traduzione Italiana phpBB.it

megalab.it: testata telematica quotidiana registrata al Tribunale di Cosenza n. 22/09 del 13.08.2009, editore Master New Media S.r.l.; © Copyright 2008 Master New Media S.r.l. a socio unico - P.I. 02947530784. GRUPPO EDIZIONI MASTER Spa Tutti i diritti sono riservati. Per la pubblicità: Master Advertising