Punto informatico Network
Login Esegui login | Non sei registrato? Iscriviti ora (è gratuito!)
Username: Password:
  • Annuncio Pubblicitario

Bagle 13

Un virus si è intromesso nel tuo computer? Vuoi navigare in tutta sicurezza? Sono sicure le transazione online? Come impedire a malintenzionati di intromettersi nel tuo pc? Come proteggere i tuoi dati? Qui trovi le risposte a queste ed altre domande

Messaggioda giu73 » sab gen 26, 2008 2:51 pm

ciao
ragazzi, anche sul mio pc bagle blocca avenger.
c'è qualche altra soluzione per eliminarlo?
Avatar utente
giu73
Neo Iscritto
Neo Iscritto
 
Messaggi: 10
Iscritto il: sab gen 26, 2008 2:24 pm

Messaggioda ste_95 » sab gen 26, 2008 2:53 pm

Per prima cosa devi fare la scansione online con kaspersky.
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am

Messaggioda giu73 » sab gen 26, 2008 2:57 pm

posso usare il pc tranquillamente o rischio di peggiorare la situazione?
Avatar utente
giu73
Neo Iscritto
Neo Iscritto
 
Messaggi: 10
Iscritto il: sab gen 26, 2008 2:24 pm


Messaggioda ste_95 » sab gen 26, 2008 3:00 pm

Puoi usarlo, ma rischi di infettarti ulteriormente.
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am

Messaggioda giu73 » dom gen 27, 2008 10:54 am

Buongiorno Ste,
finalmente, dopo ore, ecco i risultati della scansione fatta con kaspersky.
Grazie!
Avatar utente
giu73
Neo Iscritto
Neo Iscritto
 
Messaggi: 10
Iscritto il: sab gen 26, 2008 2:24 pm

Messaggioda crazy.cat » dom gen 27, 2008 11:01 am

giu73 ha scritto:ecco i risultati della scansione fatta con kaspersky.

Dove sono ???

Per i problemi con avenger
http://www.MegaLab.it/forum/viewtopic.p ... 172#325172
Quando i molti governano, pensano solo a contentar sé stessi, si ha allora la tirannia più balorda e più odiosa: la tirannia mascherata da libertà.
Avatar utente
crazy.cat
MLI Hero
MLI Hero
 
Messaggi: 30959
Iscritto il: lun gen 12, 2004 1:38 pm
Località: Mestre

Messaggioda giu73 » dom gen 27, 2008 11:10 am

ciao crazy
volevo dire che non riesco ad allegare il file per caricarli sul forum
Avatar utente
giu73
Neo Iscritto
Neo Iscritto
 
Messaggi: 10
Iscritto il: sab gen 26, 2008 2:24 pm

Messaggioda giu73 » dom gen 27, 2008 11:19 am

ecco i risultati della scansione


Infected Object Name Virus Name Last Action
C:\1416fb153a190f6d34825ea120\mxfilerelatedcache.mxc2 Object is locked skipped

C:\99819e6c7f7dd1deea6c\mxfilerelatedcache.mxc2 Object is locked skipped

C:\Documents and Settings\All Users\Dati applicazioni\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped

C:\Documents and Settings\All Users\Dati applicazioni\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped

C:\Documents and Settings\Giuseppe\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\Giuseppe\Desktop\Giochi\Gotic\gothic-patch109.exe Infected: Backdoor.Win32.Ciadoor.gn skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Cronologia\History.IE5\MSHist012008012620080127\index.dat Object is locked skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Dati applicazioni\ApplicationHistory\cli.exe.af01e8cc.ini.inuse Object is locked skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Dati applicazioni\ApplicationHistory\hpqimzone.exe.fd734169.ini.inuse Object is locked skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Dati applicazioni\HP\Digital Imaging\db\administrativeInfo.dbf Object is locked skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Dati applicazioni\HP\Digital Imaging\db\albumImagesTable.cdx Object is locked skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Dati applicazioni\HP\Digital Imaging\db\albumImagesTable.dbf Object is locked skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Dati applicazioni\HP\Digital Imaging\db\albumTable.cdx Object is locked skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Dati applicazioni\HP\Digital Imaging\db\albumTable.dbf Object is locked skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Dati applicazioni\HP\Digital Imaging\db\CB_Server_Errors.txt Object is locked skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Dati applicazioni\HP\Digital Imaging\db\EXIFTable.cdx Object is locked skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Dati applicazioni\HP\Digital Imaging\db\EXIFTable.dbf Object is locked skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Dati applicazioni\HP\Digital Imaging\db\imageTable.cdx Object is locked skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Dati applicazioni\HP\Digital Imaging\db\imageTable.dbf Object is locked skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Dati applicazioni\HP\Digital Imaging\db\imageTable.fpt Object is locked skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Dati applicazioni\HP\Digital Imaging\db\keywordImagesTable.cdx Object is locked skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Dati applicazioni\HP\Digital Imaging\db\keywordImagesTable.dbf Object is locked skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Dati applicazioni\HP\Digital Imaging\db\keywordTable.cdx Object is locked skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Dati applicazioni\HP\Digital Imaging\db\keywordTable.dbf Object is locked skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Dati applicazioni\HP\Digital Imaging\db\managedFolderTable.dbf Object is locked skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Dati applicazioni\HP\Digital Imaging\db\pathnameTable.cdx Object is locked skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Dati applicazioni\HP\Digital Imaging\db\pathnameTable.dbf Object is locked skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Dati applicazioni\HP\Digital Imaging\db\propertiesTable.cdx Object is locked skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Dati applicazioni\HP\Digital Imaging\db\propertiesTable.dbf Object is locked skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Dati applicazioni\HP\Digital Imaging\db\ROFImagesTable.cdx Object is locked skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Dati applicazioni\HP\Digital Imaging\db\ROFImagesTable.dbf Object is locked skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Dati applicazioni\HP\Digital Imaging\db\ROFTable.cdx Object is locked skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Dati applicazioni\HP\Digital Imaging\db\ROFTable.dbf Object is locked skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Temp\hpodvd09.log Object is locked skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Temp\Perflib_Perfdata_1b8.dat Object is locked skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Temp\Perflib_Perfdata_d28.dat Object is locked skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Temp\Perflib_Perfdata_d30.dat Object is locked skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Temp\Rar$EX00.625\Pax Romana patch 1.02.exe Infected: Trojan-Downloader.Win32.Bagle.hi skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Temp\~DFDC16.tmp Object is locked skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\C5UFG1QN\b64_31[1].jpg Infected: Email-Worm.Win32.Bagle.of skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\F31BJTOW\b64_31[1].jpg Infected: Email-Worm.Win32.Bagle.of skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\F31BJTOW\b64_31[2].jpg Infected: Email-Worm.Win32.Bagle.of skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\G9WLAZ49\b64_31[1].jpg Infected: Email-Worm.Win32.Bagle.of skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\GLMNKDER\b64_1[1].jpg Infected: Trojan-PSW.Win32.Agent.xd skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\GLMNKDER\b64_2[1].jpg Infected: Trojan.Win32.Pakes.bwy skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\GLMNKDER\b64_31[1].jpg Infected: Email-Worm.Win32.Bagle.of skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\K1S9INWP\b64_31[1].jpg Infected: Email-Worm.Win32.Bagle.of skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\OP2NK1QR\b64_2[1].jpg Infected: Trojan.Win32.Pakes.bwy skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\OP2NK1QR\b64_31[1].jpg Infected: Email-Worm.Win32.Bagle.of skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\RM0N3POX\b64_31[1].jpg Infected: Email-Worm.Win32.Bagle.of skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SHANODQB\b64_31[1].jpg Infected: Email-Worm.Win32.Bagle.of skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SLIVWHU3\b64_1[1].jpg Infected: Trojan-PSW.Win32.Agent.xd skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SLIVWHU3\b64_31[1].jpg Infected: Email-Worm.Win32.Bagle.of skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SNNNIG59\b64_31[1].jpg Infected: Email-Worm.Win32.Bagle.of skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SNNNIG59\b64_31[2].jpg Infected: Email-Worm.Win32.Bagle.of skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SNNNIG59\b64_31[3].jpg Infected: Email-Worm.Win32.Bagle.of skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SZRNIGX9\b64_31[1].jpg Infected: Email-Worm.Win32.Bagle.of skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SZRNIGX9\b64_31[2].jpg Infected: Email-Worm.Win32.Bagle.of skipped

C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\WHWRC70V\b64_31[1].jpg Infected: Email-Worm.Win32.Bagle.of skipped

C:\Documents and Settings\Giuseppe\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\Giuseppe\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped

C:\Programmi\Ahead\Nero PhotoShow\data\Xtras\mssysmgr.exe Infected: Trojan-Downloader.Win32.Bagle.hi skipped

C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\logs\starwind.2008-01-26.16-50-38.log Object is locked skipped

C:\Programmi\eMule\Incoming\Pax Romana patch 1.01.zip/Pax Romana patch 1.01.exe Infected: Trojan-Downloader.Win32.Bagle.hi skipped

C:\Programmi\eMule\Incoming\Pax Romana patch 1.01.zip ZIP: infected - 1 skipped

C:\Programmi\eMule\Incoming\Pax Romana patch 1.02.zip/Pax Romana patch 1.02.exe Infected: Trojan-Downloader.Win32.Bagle.hi skipped

C:\Programmi\eMule\Incoming\Pax Romana patch 1.02.zip ZIP: infected - 1 skipped

C:\Programmi\Symantec\WinFax\Dati\Status.WFD Object is locked skipped

C:\Programmi\Symantec\WinFax\Dati\Status.WFF Object is locked skipped

C:\Programmi\Symantec\WinFax\Dati\Status.WFG Object is locked skipped

C:\Programmi\Symantec\WinFax\Dati\Status.WFR Object is locked skipped

C:\Programmi\Symantec\WinFax\Dati\Status.WFX Object is locked skipped

C:\Programmi\Symantec\WinFax\Dati\Status2.WFD Object is locked skipped

C:\Programmi\Symantec\WinFax\Dati\Status2.WFG Object is locked skipped

C:\Programmi\Symantec\WinFax\Dati\Status2.WFX Object is locked skipped

C:\Programmi\Symantec\WinFax\Dati\Status3.WFD Object is locked skipped

C:\Programmi\Symantec\WinFax\Dati\Status3.WFG Object is locked skipped

C:\Programmi\Symantec\WinFax\Dati\Status3.WFX Object is locked skipped

C:\Programmi\Symantec\WinFax\Dati\StatusS.WFD Object is locked skipped

C:\Programmi\Symantec\WinFax\Dati\StatusS.WFG Object is locked skipped

C:\Programmi\Symantec\WinFax\Dati\StatusS.WFX Object is locked skipped

C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe Object is locked skipped

C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe Object is locked skipped

C:\WINDOWS\$NtUninstallKB890859$\ntkrnlpa.exe Object is locked skipped

C:\WINDOWS\$NtUninstallKB931784$\ntkrnlpa.exe Object is locked skipped

C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

C:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe Object is locked skipped

C:\WINDOWS\SchedLgU.Txt Object is locked skipped

C:\WINDOWS\Sti_Trace.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped

C:\WINDOWS\system32\config\ACEEvent.evt Object is locked skipped

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\default Object is locked skipped

C:\WINDOWS\system32\config\default.LOG Object is locked skipped

C:\WINDOWS\system32\config\SAM Object is locked skipped

C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SECURITY Object is locked skipped

C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

C:\WINDOWS\system32\config\software Object is locked skipped

C:\WINDOWS\system32\config\software.LOG Object is locked skipped

C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\system Object is locked skipped

C:\WINDOWS\system32\config\system.LOG Object is locked skipped

C:\WINDOWS\system32\h323log.txt Object is locked skipped

C:\WINDOWS\system32\mdelk.exe Infected: Email-Worm.Win32.Bagle.of skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped

C:\WINDOWS\system32\wintems_exe.vir Infected: Email-Worm.Win32.Bagle.of skipped

C:\WINDOWS\Temp\ASHeuristic\mdelk.exe Infected: Email-Worm.Win32.Bagle.of skipped

C:\WINDOWS\Temp\Perflib_Perfdata_768.dat Object is locked skipped

C:\WINDOWS\wiadebug.log Object is locked skipped

C:\WINDOWS\wiaservc.log Object is locked skipped

Scan process completed.
Avatar utente
giu73
Neo Iscritto
Neo Iscritto
 
Messaggi: 10
Iscritto il: sab gen 26, 2008 2:24 pm

Messaggioda crazy.cat » dom gen 27, 2008 11:36 am

Disattiva il ripristino della configurazione su tutti i dischi poi riavvia il pc
http://www.MegaLab.it/2330

Scarica Avenger dal link che ti ho dato prima.

Estrailo in una cartella a tua scelta
Esegui il file avenger.exe con la figura di una spada
Metti il pallino su input script manually
Quindi scegli la lente e cliccaci
Ora incolla queste righe nel box bianco che si è aperto:

Codice: Seleziona tutto
Files to delete:
C:\WINDOWS\system32\drivers\hidr.exe
C:\WINDOWS\system32\drivers\srosa.sys
C:\WINDOWS\system32\wintems.exe
C:\WINDOWS\system32\hldrrr.exe
C:\WINDOWS\system32\trusted.exe
C:\WINDOWS\system32\drivers\pci32.sys
C:\windows\system32\drivers\hldrrr.exe
C:\WINDOWS\system32\mdelk.exeC:\Documents and Settings\Giuseppe\Desktop\Giochi\Gotic\gothic-patch109.exe
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temp\Rar$EX00.625\Pax Romana patch 1.02.exe
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\C5UFG1QN\b64_31[1].jpg
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\F31BJTOW\b64_31[1].jpg
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\F31BJTOW\b64_31[2].jpg
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\G9WLAZ49\b64_31[1].jpg
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\GLMNKDER\b64_1[1].jpg
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\GLMNKDER\b64_2[1].jpg
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\GLMNKDER\b64_31[1].jpg
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\K1S9INWP\b64_31[1].jpg
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\OP2NK1QR\b64_2[1].jpg
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\OP2NK1QR\b64_31[1].jpg
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\RM0N3POX\b64_31[1].jpg
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SHANODQB\b64_31[1].jpg
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SLIVWHU3\b64_1[1].jpg
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SLIVWHU3\b64_31[1].jpg
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SNNNIG59\b64_31[1].jpg
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SNNNIG59\b64_31[2].jpg
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SNNNIG59\b64_31[3].jpg
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SZRNIGX9\b64_31[1].jpg
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SZRNIGX9\b64_31[2].jpg
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\WHWRC70V\b64_31[1].jpg
C:\Programmi\Ahead\Nero PhotoShow\data\Xtras\mssysmgr.exe
C:\Programmi\eMule\Incoming\Pax Romana patch 1.02.zip
C:\WINDOWS\system32\wintems_exe.vir
C:\WINDOWS\Temp\ASHeuristic\mdelk.exe

folders to delete:
c:\WINDOWS\system32\drivers\down

registry keys to delete:
HKLM\SYSTEM\CurrentControlSet\Services\srosa
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA



Adesso devi cliccare su Done in basso nella box
Seleziona il semaforino in alto a destra
Rispondi di Si alle due richieste di Avenger
Adesso il tuo computer dovrebbe riavviarsi, nel caso non succedesse, riavvialo tu manualmente
Al riavvio del computer, copia e incolla qui il contenuto del blocco note che apparirà e prova a reinstallare subito l'antivirus.
Quando i molti governano, pensano solo a contentar sé stessi, si ha allora la tirannia più balorda e più odiosa: la tirannia mascherata da libertà.
Avatar utente
crazy.cat
MLI Hero
MLI Hero
 
Messaggi: 30959
Iscritto il: lun gen 12, 2004 1:38 pm
Località: Mestre

Messaggioda giu73 » dom gen 27, 2008 11:57 am

ho gia provato con avenger ma il virus lo blocca, mi da lo stesso messaggio di quando prova ad installare un antivirus
Avatar utente
giu73
Neo Iscritto
Neo Iscritto
 
Messaggi: 10
Iscritto il: sab gen 26, 2008 2:24 pm

Messaggioda crazy.cat » dom gen 27, 2008 12:16 pm

giu73 ha scritto:ho gia provato con avenger ma il virus lo blocca, mi da lo stesso messaggio di quando prova ad installare un antivirus

Anche con questi avenger?
http://www.MegaLab.it/forum/viewtopic.p ... 172#325172

Che messaggio ti da di preciso?
Quando i molti governano, pensano solo a contentar sé stessi, si ha allora la tirannia più balorda e più odiosa: la tirannia mascherata da libertà.
Avatar utente
crazy.cat
MLI Hero
MLI Hero
 
Messaggi: 30959
Iscritto il: lun gen 12, 2004 1:38 pm
Località: Mestre

Messaggioda giu73 » dom gen 27, 2008 10:29 pm

ecco i risultati del blocco note
ora provo a reinstallare l'antivirus
grazie grazie grazie
Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\aossfvmt

*******************

Script file located at: \??\C:\Program Files\reprpvib.txt
Script file opened successfully.

Script file read successfully

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:



File C:\WINDOWS\system32\drivers\hidr.exe not found!
Deletion of file C:\WINDOWS\system32\drivers\hidr.exe failed!

Could not process line:
C:\WINDOWS\system32\drivers\hidr.exe
Status: 0xc0000034

File C:\WINDOWS\system32\drivers\srosa.sys deleted successfully.
File C:\WINDOWS\system32\wintems.exe deleted successfully.


File C:\WINDOWS\system32\hldrrr.exe not found!
Deletion of file C:\WINDOWS\system32\hldrrr.exe failed!

Could not process line:
C:\WINDOWS\system32\hldrrr.exe
Status: 0xc0000034



File C:\WINDOWS\system32\trusted.exe not found!
Deletion of file C:\WINDOWS\system32\trusted.exe failed!

Could not process line:
C:\WINDOWS\system32\trusted.exe
Status: 0xc0000034



File C:\WINDOWS\system32\drivers\pci32.sys not found!
Deletion of file C:\WINDOWS\system32\drivers\pci32.sys failed!

Could not process line:
C:\WINDOWS\system32\drivers\pci32.sys
Status: 0xc0000034

File C:\windows\system32\drivers\hldrrr.exe deleted successfully.


Could not open file C:\WINDOWS\system32\mdelk.exeC:\Documents and Settings\Giuseppe\Desktop\Giochi\Gotic\gothic-patch109.exe for deletion
Deletion of file C:\WINDOWS\system32\mdelk.exeC:\Documents and Settings\Giuseppe\Desktop\Giochi\Gotic\gothic-patch109.exe failed!

Could not process line:
C:\WINDOWS\system32\mdelk.exeC:\Documents and Settings\Giuseppe\Desktop\Giochi\Gotic\gothic-patch109.exe
Status: 0xc0000033

File C:\Documents and Settings\Giuseppe\Impostazioni locali\Temp\Rar$EX00.625\Pax Romana patch 1.02.exe deleted successfully.
File C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\C5UFG1QN\b64_31[1].jpg deleted successfully.
File C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\F31BJTOW\b64_31[1].jpg deleted successfully.
File C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\F31BJTOW\b64_31[2].jpg deleted successfully.
File C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\G9WLAZ49\b64_31[1].jpg deleted successfully.
File C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\GLMNKDER\b64_1[1].jpg deleted successfully.
File C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\GLMNKDER\b64_2[1].jpg deleted successfully.
File C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\GLMNKDER\b64_31[1].jpg deleted successfully.
File C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\K1S9INWP\b64_31[1].jpg deleted successfully.
File C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\OP2NK1QR\b64_2[1].jpg deleted successfully.
File C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\OP2NK1QR\b64_31[1].jpg deleted successfully.
File C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\RM0N3POX\b64_31[1].jpg deleted successfully.


File C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SHANODQB\b64_31[1].jpg not found!
Deletion of file C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SHANODQB\b64_31[1].jpg failed!

Could not process line:
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SHANODQB\b64_31[1].jpg
Status: 0xc0000034

File C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SLIVWHU3\b64_1[1].jpg deleted successfully.
File C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SLIVWHU3\b64_31[1].jpg deleted successfully.
File C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SNNNIG59\b64_31[1].jpg deleted successfully.
File C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SNNNIG59\b64_31[2].jpg deleted successfully.
File C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SNNNIG59\b64_31[3].jpg deleted successfully.
File C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SZRNIGX9\b64_31[1].jpg deleted successfully.
File C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SZRNIGX9\b64_31[2].jpg deleted successfully.
File C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\WHWRC70V\b64_31[1].jpg deleted successfully.
File C:\Programmi\Ahead\Nero PhotoShow\data\Xtras\mssysmgr.exe deleted successfully.
File C:\Programmi\eMule\Incoming\Pax Romana patch 1.02.zip deleted successfully.
File C:\WINDOWS\system32\wintems_exe.vir deleted successfully.
File C:\WINDOWS\Temp\ASHeuristic\mdelk.exe deleted successfully.
Folder c:\WINDOWS\system32\drivers\down deleted successfully.
Registry key HKLM\SYSTEM\CurrentControlSet\Services\srosa deleted successfully.
Registry key HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA deleted successfully.

Completed script processing.

*******************

Finished! Terminate.
Avatar utente
giu73
Neo Iscritto
Neo Iscritto
 
Messaggi: 10
Iscritto il: sab gen 26, 2008 2:24 pm

Messaggioda ste_95 » lun gen 28, 2008 6:58 am

Piccolo erroruccio nello script, reinserisci questo al più presto:

Codice: Seleziona tutto
Files to delete:
C:\WINDOWS\system32\drivers\srosa.sys
C:\WINDOWS\system32\wintems.exe
C:\windows\system32\drivers\hldrrr.exe
C:\WINDOWS\system32\mdelk.exe
C:\Documents and Settings\Giuseppe\Desktop\Giochi\Gotic\gothic-patch109.exe
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temp\Rar$EX00.625\Pax Romana patch 1.02.exe
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\C5UFG1QN\b64_31[1].jpg
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\F31BJTOW\b64_31[1].jpg
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\F31BJTOW\b64_31[2].jpg
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\G9WLAZ49\b64_31[1].jpg
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\GLMNKDER\b64_1[1].jpg
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\GLMNKDER\b64_2[1].jpg
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\GLMNKDER\b64_31[1].jpg
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\K1S9INWP\b64_31[1].jpg
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\OP2NK1QR\b64_2[1].jpg
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\OP2NK1QR\b64_31[1].jpg
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\RM0N3POX\b64_31[1].jpg
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SHANODQB\b64_31[1].jpg
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SLIVWHU3\b64_1[1].jpg
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SLIVWHU3\b64_31[1].jpg
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SNNNIG59\b64_31[1].jpg
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SNNNIG59\b64_31[2].jpg
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SNNNIG59\b64_31[3].jpg
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SZRNIGX9\b64_31[1].jpg
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SZRNIGX9\b64_31[2].jpg
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\WHWRC70V\b64_31[1].jpg
C:\Programmi\Ahead\Nero PhotoShow\data\Xtras\mssysmgr.exe
C:\Programmi\eMule\Incoming\Pax Romana patch 1.02.zip
C:\WINDOWS\system32\wintems_exe.vir

folders to delete:
c:\WINDOWS\system32\drivers\down
C:\WINDOWS\Temp\ASHeuristic

registry keys to delete:
HKLM\SYSTEM\CurrentControlSet\Services\srosa
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am

Messaggioda giu73 » lun gen 28, 2008 7:34 pm

Ciao Ste
ho fatto come mi hai detto e ora ti allego i risultati di avenger.
Però io avevo già fatto tutto il processo con l'altro script e installato antivir e fatto pulizia, ho danneggiato qualcosa?? ho eliminato qualche file che non dovevo?


Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\nyggfusv

*******************

Script file located at: \??\C:\Documents and Settings\xendiwcv.txt
Script file opened successfully.

Script file read successfully

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:



File C:\WINDOWS\system32\drivers\srosa.sys not found!
Deletion of file C:\WINDOWS\system32\drivers\srosa.sys failed!

Could not process line:
C:\WINDOWS\system32\drivers\srosa.sys
Status: 0xc0000034



File C:\WINDOWS\system32\wintems.exe not found!
Deletion of file C:\WINDOWS\system32\wintems.exe failed!

Could not process line:
C:\WINDOWS\system32\wintems.exe
Status: 0xc0000034



File C:\windows\system32\drivers\hldrrr.exe not found!
Deletion of file C:\windows\system32\drivers\hldrrr.exe failed!

Could not process line:
C:\windows\system32\drivers\hldrrr.exe
Status: 0xc0000034



File C:\WINDOWS\system32\mdelk.exe not found!
Deletion of file C:\WINDOWS\system32\mdelk.exe failed!

Could not process line:
C:\WINDOWS\system32\mdelk.exe
Status: 0xc0000034



File C:\Documents and Settings\Giuseppe\Desktop\Giochi\Gotic\gothic-patch109.exe not found!
Deletion of file C:\Documents and Settings\Giuseppe\Desktop\Giochi\Gotic\gothic-patch109.exe failed!

Could not process line:
C:\Documents and Settings\Giuseppe\Desktop\Giochi\Gotic\gothic-patch109.exe
Status: 0xc0000034



Could not open file C:\Documents and Settings\Giuseppe\Impostazioni locali\Temp\Rar$EX00.625\Pax Romana patch 1.02.exe for deletion
Deletion of file C:\Documents and Settings\Giuseppe\Impostazioni locali\Temp\Rar$EX00.625\Pax Romana patch 1.02.exe failed!

Could not process line:
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temp\Rar$EX00.625\Pax Romana patch 1.02.exe
Status: 0xc000003a



File C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\C5UFG1QN\b64_31[1].jpg not found!
Deletion of file C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\C5UFG1QN\b64_31[1].jpg failed!

Could not process line:
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\C5UFG1QN\b64_31[1].jpg
Status: 0xc0000034



File C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\F31BJTOW\b64_31[1].jpg not found!
Deletion of file C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\F31BJTOW\b64_31[1].jpg failed!

Could not process line:
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\F31BJTOW\b64_31[1].jpg
Status: 0xc0000034



File C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\F31BJTOW\b64_31[2].jpg not found!
Deletion of file C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\F31BJTOW\b64_31[2].jpg failed!

Could not process line:
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\F31BJTOW\b64_31[2].jpg
Status: 0xc0000034



File C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\G9WLAZ49\b64_31[1].jpg not found!
Deletion of file C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\G9WLAZ49\b64_31[1].jpg failed!

Could not process line:
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\G9WLAZ49\b64_31[1].jpg
Status: 0xc0000034



File C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\GLMNKDER\b64_1[1].jpg not found!
Deletion of file C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\GLMNKDER\b64_1[1].jpg failed!

Could not process line:
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\GLMNKDER\b64_1[1].jpg
Status: 0xc0000034



File C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\GLMNKDER\b64_2[1].jpg not found!
Deletion of file C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\GLMNKDER\b64_2[1].jpg failed!

Could not process line:
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\GLMNKDER\b64_2[1].jpg
Status: 0xc0000034



File C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\GLMNKDER\b64_31[1].jpg not found!
Deletion of file C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\GLMNKDER\b64_31[1].jpg failed!

Could not process line:
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\GLMNKDER\b64_31[1].jpg
Status: 0xc0000034



File C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\K1S9INWP\b64_31[1].jpg not found!
Deletion of file C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\K1S9INWP\b64_31[1].jpg failed!

Could not process line:
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\K1S9INWP\b64_31[1].jpg
Status: 0xc0000034



File C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\OP2NK1QR\b64_2[1].jpg not found!
Deletion of file C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\OP2NK1QR\b64_2[1].jpg failed!

Could not process line:
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\OP2NK1QR\b64_2[1].jpg
Status: 0xc0000034



File C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\OP2NK1QR\b64_31[1].jpg not found!
Deletion of file C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\OP2NK1QR\b64_31[1].jpg failed!

Could not process line:
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\OP2NK1QR\b64_31[1].jpg
Status: 0xc0000034



File C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\RM0N3POX\b64_31[1].jpg not found!
Deletion of file C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\RM0N3POX\b64_31[1].jpg failed!

Could not process line:
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\RM0N3POX\b64_31[1].jpg
Status: 0xc0000034



File C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SHANODQB\b64_31[1].jpg not found!
Deletion of file C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SHANODQB\b64_31[1].jpg failed!

Could not process line:
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SHANODQB\b64_31[1].jpg
Status: 0xc0000034



File C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SLIVWHU3\b64_1[1].jpg not found!
Deletion of file C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SLIVWHU3\b64_1[1].jpg failed!

Could not process line:
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SLIVWHU3\b64_1[1].jpg
Status: 0xc0000034



File C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SLIVWHU3\b64_31[1].jpg not found!
Deletion of file C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SLIVWHU3\b64_31[1].jpg failed!

Could not process line:
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SLIVWHU3\b64_31[1].jpg
Status: 0xc0000034



File C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SNNNIG59\b64_31[1].jpg not found!
Deletion of file C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SNNNIG59\b64_31[1].jpg failed!

Could not process line:
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SNNNIG59\b64_31[1].jpg
Status: 0xc0000034



File C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SNNNIG59\b64_31[2].jpg not found!
Deletion of file C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SNNNIG59\b64_31[2].jpg failed!

Could not process line:
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SNNNIG59\b64_31[2].jpg
Status: 0xc0000034



File C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SNNNIG59\b64_31[3].jpg not found!
Deletion of file C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SNNNIG59\b64_31[3].jpg failed!

Could not process line:
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SNNNIG59\b64_31[3].jpg
Status: 0xc0000034



File C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SZRNIGX9\b64_31[1].jpg not found!
Deletion of file C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SZRNIGX9\b64_31[1].jpg failed!

Could not process line:
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SZRNIGX9\b64_31[1].jpg
Status: 0xc0000034



File C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SZRNIGX9\b64_31[2].jpg not found!
Deletion of file C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SZRNIGX9\b64_31[2].jpg failed!

Could not process line:
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\SZRNIGX9\b64_31[2].jpg
Status: 0xc0000034



File C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\WHWRC70V\b64_31[1].jpg not found!
Deletion of file C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\WHWRC70V\b64_31[1].jpg failed!

Could not process line:
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\Content.IE5\WHWRC70V\b64_31[1].jpg
Status: 0xc0000034



File C:\Programmi\Ahead\Nero PhotoShow\data\Xtras\mssysmgr.exe not found!
Deletion of file C:\Programmi\Ahead\Nero PhotoShow\data\Xtras\mssysmgr.exe failed!

Could not process line:
C:\Programmi\Ahead\Nero PhotoShow\data\Xtras\mssysmgr.exe
Status: 0xc0000034



File C:\Programmi\eMule\Incoming\Pax Romana patch 1.02.zip not found!
Deletion of file C:\Programmi\eMule\Incoming\Pax Romana patch 1.02.zip failed!

Could not process line:
C:\Programmi\eMule\Incoming\Pax Romana patch 1.02.zip
Status: 0xc0000034



File C:\WINDOWS\system32\wintems_exe.vir not found!
Deletion of file C:\WINDOWS\system32\wintems_exe.vir failed!

Could not process line:
C:\WINDOWS\system32\wintems_exe.vir
Status: 0xc0000034



Folder c:\WINDOWS\system32\drivers\down not found!
Deletion of folder c:\WINDOWS\system32\drivers\down failed!

Could not process line:
c:\WINDOWS\system32\drivers\down
Status: 0xc0000034

Folder C:\WINDOWS\Temp\ASHeuristic deleted successfully.


Registry key HKLM\SYSTEM\CurrentControlSet\Services\srosa not found!
Deletion of registry key HKLM\SYSTEM\CurrentControlSet\Services\srosa failed!

Could not process line:
HKLM\SYSTEM\CurrentControlSet\Services\srosa
Status: 0xc0000034



Registry key HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA not found!
Deletion of registry key HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA failed!

Could not process line:
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Status: 0xc0000034


Completed script processing.

*******************

Finished! Terminate.
Avatar utente
giu73
Neo Iscritto
Neo Iscritto
 
Messaggi: 10
Iscritto il: sab gen 26, 2008 2:24 pm

Messaggioda ste_95 » lun gen 28, 2008 9:07 pm

Era solo rimasto un file che avrebbe potuto rigenerare l'infezione, ora dovrebbe essere tutto a posto.
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am

Messaggioda giu73 » lun gen 28, 2008 11:26 pm

grazie siete stati gentilissimi!! [;)]
Avatar utente
giu73
Neo Iscritto
Neo Iscritto
 
Messaggi: 10
Iscritto il: sab gen 26, 2008 2:24 pm


Torna a Sicurezza

Chi c’è in linea

Visitano il forum: Bing [Bot] e 5 ospiti

cron
Powered by phpBB © 2002, 2005, 2007, 2008 phpBB Group
Traduzione Italiana phpBB.it

megalab.it: testata telematica quotidiana registrata al Tribunale di Cosenza n. 22/09 del 13.08.2009, editore Master New Media S.r.l.; © Copyright 2008 Master New Media S.r.l. a socio unico - P.I. 02947530784. GRUPPO EDIZIONI MASTER Spa Tutti i diritti sono riservati. Per la pubblicità: Master Advertising