Punto informatico Network
Login Esegui login | Non sei registrato? Iscriviti ora (è gratuito!)
Username: Password:
  • Annuncio Pubblicitario

aiuto problema bagle credo log di gmer

Un virus si è intromesso nel tuo computer? Vuoi navigare in tutta sicurezza? Sono sicure le transazione online? Come impedire a malintenzionati di intromettersi nel tuo pc? Come proteggere i tuoi dati? Qui trovi le risposte a queste ed altre domande

aiuto problema bagle credo log di gmer

Messaggioda alexmaudit » mar apr 22, 2008 5:54 pm

penso proprio di aver fatto un errore nell'aver postato prima un mio messaggio, adesso dovrebbe andare bene, scusatemi ancora, vi chiedo umilmente di aiutarmi!!! GRAZIE!!!

questo è il log:

http://www.mediafire.com/?rmgjtc2n1c1
fatti non foste a viver come bruti, ma per seguir virtute e canoscenza!
Avatar utente
alexmaudit
Aficionado
Aficionado
 
Messaggi: 83
Iscritto il: mar apr 22, 2008 4:35 pm
Località: Caccamo (PA)

Messaggioda ste_95 » mar apr 22, 2008 6:06 pm

Devi, come ti ho detto nell'altro topic, fare la scansione online con Kaspersky.

Esegui la scansione on-line estesa con Kaspersky come descritto qui e postane il log seguendo queste indicazioni.
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am

Aiuto!!! COSA DEVO FARE CON QUESTO rEPORT DI kASPERSKY?

Messaggioda alexmaudit » mer apr 23, 2008 10:05 am

ECCO IL REPORT DI KASPERSY:

http://www.mediafire.com/?gxo1uudyexm
fatti non foste a viver come bruti, ma per seguir virtute e canoscenza!
Avatar utente
alexmaudit
Aficionado
Aficionado
 
Messaggi: 83
Iscritto il: mar apr 22, 2008 4:35 pm
Località: Caccamo (PA)


Messaggioda crazy.cat » mer apr 23, 2008 11:20 am

Che antivirus utilizzi?
Avast o Norton?

Disattiva il ripristino della configurazione su tutti i dischi poi riavvia il pc
http://www.MegaLab.it/2330

Scarica Avenger nuova versione http://swandog46.geekstogo.com/avenger.zip

Se non dovesse funzionare (Applicazione non valida) utilizzate questi
http://www.MegaLab.it/forum/viewtopic.p ... 172#325172

Estrailo in una cartella a tua scelta
Esegui il file avenger.exe con la figura di una spada
Ora incolla queste righe nella box bianca che si è aperta:

Codice: Seleziona tutto
Files to delete:
C:\WINDOWS\system32\drivers\srosa.sys
C:\WINDOWS\system32\wintems.exe
C:\WINDOWS\system32\trusted.exe
C:\windows\system32\drivers\hldrrr.exe
C:\WINDOWS\system32\mdelk.exe
C:\WINDOWS\system32\1.exe
C:\WINDOWS\system32\drivers\mdelk.exe
C:\WINDOWS\system32\drivers\1.exe
C:\WINDOWS\system32\drivers\Twa58.sys    
C:\WINDOWS\system32\drivers\Osv03.sys    
C:\WINDOWS\system32\drivers\Jnq47.sys    
C:\WINDOWS\system32\drivers\Hmp47.sys    
C:\WINDOWS\system32\drivers\Rxb37.sys    
C:\WINDOWS\system32\drivers\Dhk60.sys    
C:\WINDOWS\system32\drivers\Kor60.sys    
C:\WINDOWS\system32\drivers\Vad14.sys    
C:\WINDOWS\system32\drivers\Lps14.sys    
C:\WINDOWS\system32\drivers\Afi03.sys    
C:\WINDOWS\system32\drivers\Xbe71.sys    
C:\WINDOWS\system32\drivers\Txb71.sys    
C:\WINDOWS\system32\drivers\Qux58.sys    
C:\WINDOWS\system32\drivers\Rwa47.sys    
C:\WINDOWS\system32\drivers\Uyc14.sys    
C:\WINDOWS\system32\drivers\Vbe58.sys    
C:\WINDOWS\system32\drivers\Lor14.sys    
C:\WINDOWS\system32\drivers\Xdg03.sys    
C:\WINDOWS\system32\drivers\Wbe82.sys    
C:\WINDOWS\system32\drivers\Bfi14.sys    
C:\WINDOWS\system32\drivers\Bgj35.sys    
C:\WINDOWS\system32\drivers\Xcf60.sys    
C:\WINDOWS\system32\hldrrr.exe
C:\WINDOWS\system32\SocksA.exe    
C:\WINDOWS\system32\FileKan.exe    
C:\WINDOWS\Temp\BN2.tmp    
C:\WINDOWS\Temp\BN3.tmp    
C:\WINDOWS\Temp\BN3D.tmp    
C:\WINDOWS\Temp\BN4.tmp    
C:\WINDOWS\Temp\BN5.tmp    
C:\WINDOWS\Temp\BN6.tmp    
C:\WINDOWS\Temp\BN7.tmp    
C:\WINDOWS\Temp\BN8.tmp    
C:\WINDOWS\Temp\BN29.tmp    
C:\WINDOWS\Temp\BN9.tmp    
C:\WINDOWS\Temp\BNA.tmp    
C:\WINDOWS\Temp\BN2E.tmp    
C:\WINDOWS\Temp\BNB.tmp    
C:\WINDOWS\Temp\BNC.tmp    
C:\WINDOWS\Temp\BND.tmp    
C:\WINDOWS\Temp\BN38.tmp    
C:\WINDOWS\Temp\BNE.tmp    
C:\WINDOWS\Temp\BNF.tmp    
C:\WINDOWS\Temp\BN10.tmp    
C:\WINDOWS\Temp\BN11.tmp    
C:\WINDOWS\Temp\BN12.tmp    
C:\WINDOWS\Temp\BN13.tmp    
C:\WINDOWS\MS32DLL.dll.vbs    
C:\WINDOWS\BACKINF.TAB
C:\WINDOWS\Session.exe
C:\Documents and Settings\Standard\Impostazioni locali\Temp\BN9A.tmp
C:\Documents and Settings\Standard\Dati applicazioni\m\flec006.exe
C:\Documents and Settings\Standard\Dati applicazioni\m\data.oct
C:\Documents and Settings\Standard\.jpi_cache\jar\1.0\crtdcghcn.jar-4710de4f-77e45132.zip
C:\FOUND.024\FILE0001.CHK
C:\FOUND.004\FILE0002.CHK
C:\FOUND.004\FILE0003.CHK
C:\FOUND.004\FILE0008.CHK    
C:\tel.xls.exe
C:\MS32DLL.dll.vbs
C:\FOUND.023\FILE0005.CHK
C:\FOUND.025\FILE0000.CHK
D:\tel.xls.exe
D:\MS32DLL.dll.vbs
D:\FOUND.001\FILE0000.CHK
D:\FOUND.001\FILE0001.CHK

folders to delete:
C:\WINDOWS\system32\drivers\downld
c:\WINDOWS\system32\drivers\down
C:\WINDOWS\exefnd

registry keys to delete:
HKLM\SYSTEM\CurrentControlSet\Services\srosa
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA



Togli il segno di spunta dalla voce Scan for Rootkits
Premi il pulsante Execute
Rispondi di Si alle due richieste di Avenger
Adesso il tuo computer dovrebbe riavviarsi, nel caso non succedesse, riavvialo tu manualmente
Al riavvio del computer, copia e incolla qui il contenuto del blocco note che apparirà.

Dopo prova a reinstallare subito l'antivirus e cancella la cartella c:\avenger.

Dovrai, quasi sicuramente, riscaricare i file d'installazione dei programmi di sicurezza perché danneggiati dal virus
Quando i molti governano, pensano solo a contentar sé stessi, si ha allora la tirannia più balorda e più odiosa: la tirannia mascherata da libertà.
Avatar utente
crazy.cat
MLI Hero
MLI Hero
 
Messaggi: 30959
Iscritto il: lun gen 12, 2004 1:38 pm
Località: Mestre

Messaggioda alexmaudit » mer apr 23, 2008 11:33 am

ecco il contenuto del blocco note:

Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

File "C:\WINDOWS\system32\drivers\srosa.sys" deleted successfully.
File "C:\WINDOWS\system32\wintems.exe" deleted successfully.
File "C:\WINDOWS\system32\trusted.exe" deleted successfully.

Error: file "C:\windows\system32\drivers\hldrrr.exe" not found!
Deletion of file "C:\windows\system32\drivers\hldrrr.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

File "C:\WINDOWS\system32\mdelk.exe" deleted successfully.

Error: file "C:\WINDOWS\system32\1.exe" not found!
Deletion of file "C:\WINDOWS\system32\1.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "C:\WINDOWS\system32\drivers\mdelk.exe" not found!
Deletion of file "C:\WINDOWS\system32\drivers\mdelk.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "C:\WINDOWS\system32\drivers\1.exe" not found!
Deletion of file "C:\WINDOWS\system32\drivers\1.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

File "C:\WINDOWS\system32\drivers\Twa58.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\Osv03.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\Jnq47.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\Hmp47.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\Rxb37.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\Dhk60.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\Kor60.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\Vad14.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\Lps14.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\Afi03.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\Xbe71.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\Txb71.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\Qux58.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\Rwa47.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\Uyc14.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\Vbe58.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\Lor14.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\Xdg03.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\Wbe82.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\Bfi14.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\Bgj35.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\Xcf60.sys" deleted successfully.
File "C:\WINDOWS\system32\hldrrr.exe" deleted successfully.
File "C:\WINDOWS\system32\SocksA.exe" deleted successfully.
File "C:\WINDOWS\system32\FileKan.exe" deleted successfully.
File "C:\WINDOWS\Temp\BN2.tmp" deleted successfully.
File "C:\WINDOWS\Temp\BN3.tmp" deleted successfully.
File "C:\WINDOWS\Temp\BN3D.tmp" deleted successfully.
File "C:\WINDOWS\Temp\BN4.tmp" deleted successfully.
File "C:\WINDOWS\Temp\BN5.tmp" deleted successfully.
File "C:\WINDOWS\Temp\BN6.tmp" deleted successfully.
File "C:\WINDOWS\Temp\BN7.tmp" deleted successfully.
File "C:\WINDOWS\Temp\BN8.tmp" deleted successfully.
File "C:\WINDOWS\Temp\BN29.tmp" deleted successfully.
File "C:\WINDOWS\Temp\BN9.tmp" deleted successfully.
File "C:\WINDOWS\Temp\BNA.tmp" deleted successfully.
File "C:\WINDOWS\Temp\BN2E.tmp" deleted successfully.
File "C:\WINDOWS\Temp\BNB.tmp" deleted successfully.
File "C:\WINDOWS\Temp\BNC.tmp" deleted successfully.
File "C:\WINDOWS\Temp\BND.tmp" deleted successfully.
File "C:\WINDOWS\Temp\BN38.tmp" deleted successfully.
File "C:\WINDOWS\Temp\BNE.tmp" deleted successfully.
File "C:\WINDOWS\Temp\BNF.tmp" deleted successfully.
File "C:\WINDOWS\Temp\BN10.tmp" deleted successfully.
File "C:\WINDOWS\Temp\BN11.tmp" deleted successfully.
File "C:\WINDOWS\Temp\BN12.tmp" deleted successfully.
File "C:\WINDOWS\Temp\BN13.tmp" deleted successfully.
File "C:\WINDOWS\MS32DLL.dll.vbs" deleted successfully.
File "C:\WINDOWS\BACKINF.TAB" deleted successfully.
File "C:\WINDOWS\Session.exe" deleted successfully.
File "C:\Documents and Settings\Standard\Impostazioni locali\Temp\BN9A.tmp" deleted successfully.
File "C:\Documents and Settings\Standard\Dati applicazioni\m\flec006.exe" deleted successfully.
File "C:\Documents and Settings\Standard\Dati applicazioni\m\data.oct" deleted successfully.
File "C:\Documents and Settings\Standard\.jpi_cache\jar\1.0\crtdcghcn.jar-4710de4f-77e45132.zip" deleted successfully.
File "C:\FOUND.024\FILE0001.CHK" deleted successfully.
File "C:\FOUND.004\FILE0002.CHK" deleted successfully.
File "C:\FOUND.004\FILE0003.CHK" deleted successfully.
File "C:\FOUND.004\FILE0008.CHK" deleted successfully.
File "C:\tel.xls.exe" deleted successfully.
File "C:\MS32DLL.dll.vbs" deleted successfully.
File "C:\FOUND.023\FILE0005.CHK" deleted successfully.
File "C:\FOUND.025\FILE0000.CHK" deleted successfully.
File "D:\tel.xls.exe" deleted successfully.
File "D:\MS32DLL.dll.vbs" deleted successfully.
File "D:\FOUND.001\FILE0000.CHK" deleted successfully.
File "D:\FOUND.001\FILE0001.CHK" deleted successfully.

Error: folder "C:\WINDOWS\system32\drivers\downld" not found!
Deletion of folder "C:\WINDOWS\system32\drivers\downld" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: folder "c:\WINDOWS\system32\drivers\down" not found!
Deletion of folder "c:\WINDOWS\system32\drivers\down" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

Folder "C:\WINDOWS\exefnd" deleted successfully.
Registry key "HKLM\SYSTEM\CurrentControlSet\Services\srosa" deleted successfully.
Registry key "HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA" deleted successfully.

Completed script processing.

*******************

Finished! Terminate.
fatti non foste a viver come bruti, ma per seguir virtute e canoscenza!
Avatar utente
alexmaudit
Aficionado
Aficionado
 
Messaggi: 83
Iscritto il: mar apr 22, 2008 4:35 pm
Località: Caccamo (PA)

Messaggioda alexmaudit » mer apr 23, 2008 11:34 am

non mi fa installare nessun antivirus!!!!
fatti non foste a viver come bruti, ma per seguir virtute e canoscenza!
Avatar utente
alexmaudit
Aficionado
Aficionado
 
Messaggi: 83
Iscritto il: mar apr 22, 2008 4:35 pm
Località: Caccamo (PA)

Messaggioda crazy.cat » mer apr 23, 2008 11:45 am

alexmaudit ha scritto:non mi fa installare nessun antivirus!!!!

Lo hai riscaricato nuovamente?
I vecchi file si sono danneggiati.
Quando i molti governano, pensano solo a contentar sé stessi, si ha allora la tirannia più balorda e più odiosa: la tirannia mascherata da libertà.
Avatar utente
crazy.cat
MLI Hero
MLI Hero
 
Messaggi: 30959
Iscritto il: lun gen 12, 2004 1:38 pm
Località: Mestre

Messaggioda alexmaudit » mer apr 23, 2008 3:06 pm

porca miseria!!! ma come devo fare??? niente niente niente!! ho scaricato nuovamente addirittura un altro programma (Panda) nenche questo mi fa installare!!!
fatti non foste a viver come bruti, ma per seguir virtute e canoscenza!
Avatar utente
alexmaudit
Aficionado
Aficionado
 
Messaggi: 83
Iscritto il: mar apr 22, 2008 4:35 pm
Località: Caccamo (PA)

Messaggioda ste_95 » mer apr 23, 2008 3:14 pm

Esegui una nuova scansione on-line estesa con Kaspersky come descritto qui e postane il log seguendo queste indicazioni.
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am

seconda scansione

Messaggioda alexmaudit » mer apr 23, 2008 4:16 pm

ho fatto la seconda scansione, stavolta me ne ha trovati di meno virus e meno file infetti... (GRAZIE DAVVERO PER L'AIUTO CHE MI STATE DANDO!!!!)

ecco il link:

http://www.mediafire.com/?zppzwmg9ozy
fatti non foste a viver come bruti, ma per seguir virtute e canoscenza!
Avatar utente
alexmaudit
Aficionado
Aficionado
 
Messaggi: 83
Iscritto il: mar apr 22, 2008 4:35 pm
Località: Caccamo (PA)

Messaggioda ste_95 » mer apr 23, 2008 5:12 pm

Disabilita il ripristino configurazione di sistema.

Scarica la nuova versione di Avenger
Estrailo in una cartella a tua scelta
Esegui il file avenger.exe con la figura di una spada. Se ti restituisce un errore di Applicazione WIN32 non valida usa questa versione.
Ora incolla queste righe nella box bianca che si è aperta:

Codice: Seleziona tutto
Files to delete:
C:\WINDOWS\system32\drivers\srosa.sys
C:\WINDOWS\system32\wintems.exe
C:\windows\system32\drivers\hldrrr.exe
C:\WINDOWS\system32\mdelk.exe
C:\WINDOWS\system32\1.exe
C:\WINDOWS\system32\drivers\mdelk.exe
C:\WINDOWS\system32\drivers\1.exe
C:\WINDOWS\system32\drivers\Wbe47.sys
C:\WINDOWS\system32\drivers\Ptw82.sys
C:\WINDOWS\system32\drivers\Txb25.sys
C:\WINDOWS\system32\WLCtrl32.dl_

Folders to delete:
C:\WINDOWS\system32\drivers\downld
C:\WINDOWS\system32\drivers\down
C:\WINDOWS\Temp

Registry keys to delete:
HKLM\SYSTEM\CurrentControlSet\Services\srosa
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA


Togli il segno di spunta dalla voce Scan for Rootkits
Premi il pulsante Execute
Rispondi di Si alle due richieste di Avenger
Adesso il tuo computer dovrebbe riavviarsi, nel caso non succedesse, riavvialo tu manualmente
Al riavvio del computer, copia e incolla qui il contenuto del blocco note che apparirà.

Se Avenger ti dice che lo script non è valido (Invalid script), riscrivi manualmente il primo comando (Files to delete:) senza dimenticare i due punti finali.

Fai scansionare il file C:\Acer\Empowering Technology\eRecovery\NtiAspi.dll su www.virustotal.com e postane i risultati.
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am

link scansione VirusTotal

Messaggioda alexmaudit » mer apr 23, 2008 5:27 pm

fatti non foste a viver come bruti, ma per seguir virtute e canoscenza!
Avatar utente
alexmaudit
Aficionado
Aficionado
 
Messaggi: 83
Iscritto il: mar apr 22, 2008 4:35 pm
Località: Caccamo (PA)

Messaggioda ste_95 » mer apr 23, 2008 5:29 pm

Sospetto un falso positivo, lasciamolo stare.
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am

contenuto blocco note

Messaggioda alexmaudit » mer apr 23, 2008 5:40 pm

//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////

Platform: Windows XP (build 2600, Service Pack 2)
Tue Apr 22 17:32:34 2008

17:32:34: Error: Invalid script. A valid script must begin with a command directive.
Aborting execution!


//////////////////////////////////////////


//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////

Platform: Windows XP (build 2600, Service Pack 2)
Tue Apr 22 17:32:40 2008

17:32:40: Error: Invalid script. A valid script must begin with a command directive.
Aborting execution!


//////////////////////////////////////////


//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////

Platform: Windows XP (build 2600, Service Pack 2)
Tue Apr 22 17:32:56 2008

17:32:56: Error: Invalid script. A valid script must begin with a command directive.
Aborting execution!


//////////////////////////////////////////


//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////

Platform: Windows XP (build 2600, Service Pack 2)
Tue Apr 22 17:33:28 2008

17:33:28: Error: Invalid script. A valid script must begin with a command directive.
Aborting execution!


//////////////////////////////////////////


//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////

Platform: Windows XP (build 2600, Service Pack 2)
Tue Apr 22 17:33:35 2008

17:33:35: Error: Invalid script. A valid script must begin with a command directive.
Aborting execution!


//////////////////////////////////////////


Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

File "C:\WINDOWS\system32\drivers\srosa.sys" deleted successfully.
File "C:\WINDOWS\system32\wintems.exe" deleted successfully.

Error: file "C:\windows\system32\drivers\hldrrr.exe" not found!
Deletion of file "C:\windows\system32\drivers\hldrrr.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "C:\WINDOWS\system32\mdelk.exe" not found!
Deletion of file "C:\WINDOWS\system32\mdelk.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "C:\WINDOWS\system32\1.exe" not found!
Deletion of file "C:\WINDOWS\system32\1.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "C:\WINDOWS\system32\drivers\mdelk.exe" not found!
Deletion of file "C:\WINDOWS\system32\drivers\mdelk.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "C:\WINDOWS\system32\drivers\1.exe" not found!
Deletion of file "C:\WINDOWS\system32\drivers\1.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "C:\avenger\backup-30.10.2007-12.11.00,90.zip" not found!
Deletion of file "C:\avenger\backup-30.10.2007-12.11.00,90.zip" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "C:\avenger\backup-30.10.2007-13.09.38,07.zip" not found!
Deletion of file "C:\avenger\backup-30.10.2007-13.09.38,07.zip" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "C:\avenger\backup.zip" not found!
Deletion of file "C:\avenger\backup.zip" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "C:\WINDOWS\system32\rlvknlg.exe" not found!
Deletion of file "C:\WINDOWS\system32\rlvknlg.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "C:\WINDOWS\system32\rlai.dll" not found!
Deletion of file "C:\WINDOWS\system32\rlai.dll" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "C:\WINDOWS\system32\f3PSSavr.scr" not found!
Deletion of file "C:\WINDOWS\system32\f3PSSavr.scr" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: folder "C:\WINDOWS\system32\drivers\downld" not found!
Deletion of folder "C:\WINDOWS\system32\drivers\downld" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: could not open folder "C:\Documents and Settings\Flavio 1\Dati applicazioni\m"
Deletion of folder "C:\Documents and Settings\Flavio 1\Dati applicazioni\m" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: folder "C:\Muestras" not found!
Deletion of folder "C:\Muestras" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

Registry key "HKLM\SYSTEM\CurrentControlSet\Services\srosa" deleted successfully.
Registry key "HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA" deleted successfully.

Completed script processing.

*******************

Finished! Terminate.



//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////

Platform: Windows XP (build 2600, Service Pack 2)
Wed Apr 23 12:00:14 2008

12:00:14: Error: Invalid script. A valid script must begin with a command directive.
Aborting execution!


//////////////////////////////////////////


Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

File "C:\WINDOWS\system32\drivers\srosa.sys" deleted successfully.
File "C:\WINDOWS\system32\wintems.exe" deleted successfully.

Error: file "C:\windows\system32\drivers\hldrrr.exe" not found!
Deletion of file "C:\windows\system32\drivers\hldrrr.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

File "C:\WINDOWS\system32\mdelk.exe" deleted successfully.

Error: file "C:\WINDOWS\system32\1.exe" not found!
Deletion of file "C:\WINDOWS\system32\1.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "C:\WINDOWS\system32\drivers\mdelk.exe" not found!
Deletion of file "C:\WINDOWS\system32\drivers\mdelk.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "C:\WINDOWS\system32\drivers\1.exe" not found!
Deletion of file "C:\WINDOWS\system32\drivers\1.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "C:\avenger\backup-30.10.2007-12.11.00,90.zip" not found!
Deletion of file "C:\avenger\backup-30.10.2007-12.11.00,90.zip" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "C:\avenger\backup-30.10.2007-13.09.38,07.zip" not found!
Deletion of file "C:\avenger\backup-30.10.2007-13.09.38,07.zip" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

File "C:\avenger\backup.zip" deleted successfully.

Error: file "C:\WINDOWS\system32\rlvknlg.exe" not found!
Deletion of file "C:\WINDOWS\system32\rlvknlg.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "C:\WINDOWS\system32\rlai.dll" not found!
Deletion of file "C:\WINDOWS\system32\rlai.dll" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "C:\WINDOWS\system32\f3PSSavr.scr" not found!
Deletion of file "C:\WINDOWS\system32\f3PSSavr.scr" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: folder "C:\WINDOWS\system32\drivers\downld" not found!
Deletion of folder "C:\WINDOWS\system32\drivers\downld" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: could not open folder "C:\Documents and Settings\Flavio 1\Dati applicazioni\m"
Deletion of folder "C:\Documents and Settings\Flavio 1\Dati applicazioni\m" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: folder "C:\Muestras" not found!
Deletion of folder "C:\Muestras" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

Registry key "HKLM\SYSTEM\CurrentControlSet\Services\srosa" deleted successfully.
Registry key "HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA" deleted successfully.

Completed script processing.

*******************

Finished! Terminate.



//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////

Platform: Windows XP (build 2600, Service Pack 2)
Wed Apr 23 12:31:37 2008

12:31:37: Error: Invalid script. A valid script must begin with a command directive.
Aborting execution!


//////////////////////////////////////////


Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

File "C:\WINDOWS\system32\drivers\srosa.sys" deleted successfully.
File "C:\WINDOWS\system32\wintems.exe" deleted successfully.
File "C:\WINDOWS\system32\trusted.exe" deleted successfully.

Error: file "C:\windows\system32\drivers\hldrrr.exe" not found!
Deletion of file "C:\windows\system32\drivers\hldrrr.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

File "C:\WINDOWS\system32\mdelk.exe" deleted successfully.

Error: file "C:\WINDOWS\system32\1.exe" not found!
Deletion of file "C:\WINDOWS\system32\1.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "C:\WINDOWS\system32\drivers\mdelk.exe" not found!
Deletion of file "C:\WINDOWS\system32\drivers\mdelk.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "C:\WINDOWS\system32\drivers\1.exe" not found!
Deletion of file "C:\WINDOWS\system32\drivers\1.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

File "C:\WINDOWS\system32\drivers\Twa58.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\Osv03.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\Jnq47.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\Hmp47.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\Rxb37.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\Dhk60.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\Kor60.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\Vad14.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\Lps14.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\Afi03.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\Xbe71.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\Txb71.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\Qux58.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\Rwa47.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\Uyc14.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\Vbe58.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\Lor14.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\Xdg03.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\Wbe82.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\Bfi14.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\Bgj35.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\Xcf60.sys" deleted successfully.
File "C:\WINDOWS\system32\hldrrr.exe" deleted successfully.
File "C:\WINDOWS\system32\SocksA.exe" deleted successfully.
File "C:\WINDOWS\system32\FileKan.exe" deleted successfully.
File "C:\WINDOWS\Temp\BN2.tmp" deleted successfully.
File "C:\WINDOWS\Temp\BN3.tmp" deleted successfully.
File "C:\WINDOWS\Temp\BN3D.tmp" deleted successfully.
File "C:\WINDOWS\Temp\BN4.tmp" deleted successfully.
File "C:\WINDOWS\Temp\BN5.tmp" deleted successfully.
File "C:\WINDOWS\Temp\BN6.tmp" deleted successfully.
File "C:\WINDOWS\Temp\BN7.tmp" deleted successfully.
File "C:\WINDOWS\Temp\BN8.tmp" deleted successfully.
File "C:\WINDOWS\Temp\BN29.tmp" deleted successfully.
File "C:\WINDOWS\Temp\BN9.tmp" deleted successfully.
File "C:\WINDOWS\Temp\BNA.tmp" deleted successfully.
File "C:\WINDOWS\Temp\BN2E.tmp" deleted successfully.
File "C:\WINDOWS\Temp\BNB.tmp" deleted successfully.
File "C:\WINDOWS\Temp\BNC.tmp" deleted successfully.
File "C:\WINDOWS\Temp\BND.tmp" deleted successfully.
File "C:\WINDOWS\Temp\BN38.tmp" deleted successfully.
File "C:\WINDOWS\Temp\BNE.tmp" deleted successfully.
File "C:\WINDOWS\Temp\BNF.tmp" deleted successfully.
File "C:\WINDOWS\Temp\BN10.tmp" deleted successfully.
File "C:\WINDOWS\Temp\BN11.tmp" deleted successfully.
File "C:\WINDOWS\Temp\BN12.tmp" deleted successfully.
File "C:\WINDOWS\Temp\BN13.tmp" deleted successfully.
File "C:\WINDOWS\MS32DLL.dll.vbs" deleted successfully.
File "C:\WINDOWS\BACKINF.TAB" deleted successfully.
File "C:\WINDOWS\Session.exe" deleted successfully.
File "C:\Documents and Settings\Standard\Impostazioni locali\Temp\BN9A.tmp" deleted successfully.
File "C:\Documents and Settings\Standard\Dati applicazioni\m\flec006.exe" deleted successfully.
File "C:\Documents and Settings\Standard\Dati applicazioni\m\data.oct" deleted successfully.
File "C:\Documents and Settings\Standard\.jpi_cache\jar\1.0\crtdcghcn.jar-4710de4f-77e45132.zip" deleted successfully.
File "C:\FOUND.024\FILE0001.CHK" deleted successfully.
File "C:\FOUND.004\FILE0002.CHK" deleted successfully.
File "C:\FOUND.004\FILE0003.CHK" deleted successfully.
File "C:\FOUND.004\FILE0008.CHK" deleted successfully.
File "C:\tel.xls.exe" deleted successfully.
File "C:\MS32DLL.dll.vbs" deleted successfully.
File "C:\FOUND.023\FILE0005.CHK" deleted successfully.
File "C:\FOUND.025\FILE0000.CHK" deleted successfully.
File "D:\tel.xls.exe" deleted successfully.
File "D:\MS32DLL.dll.vbs" deleted successfully.
File "D:\FOUND.001\FILE0000.CHK" deleted successfully.
File "D:\FOUND.001\FILE0001.CHK" deleted successfully.

Error: folder "C:\WINDOWS\system32\drivers\downld" not found!
Deletion of folder "C:\WINDOWS\system32\drivers\downld" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: folder "c:\WINDOWS\system32\drivers\down" not found!
Deletion of folder "c:\WINDOWS\system32\drivers\down" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

Folder "C:\WINDOWS\exefnd" deleted successfully.
Registry key "HKLM\SYSTEM\CurrentControlSet\Services\srosa" deleted successfully.
Registry key "HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA" deleted successfully.

Completed script processing.

*******************

Finished! Terminate.



//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////

Platform: Windows XP (build 2600, Service Pack 2)
Wed Apr 23 18:31:55 2008

18:31:55: Error: Invalid script. A valid script must begin with a command directive.
Aborting execution!


//////////////////////////////////////////


Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

File "C:\WINDOWS\system32\drivers\srosa.sys" deleted successfully.

Error: file "C:\WINDOWS\system32\wintems.exe" not found!
Deletion of file "C:\WINDOWS\system32\wintems.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "C:\windows\system32\drivers\hldrrr.exe" not found!
Deletion of file "C:\windows\system32\drivers\hldrrr.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "C:\WINDOWS\system32\mdelk.exe" not found!
Deletion of file "C:\WINDOWS\system32\mdelk.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "C:\WINDOWS\system32\1.exe" not found!
Deletion of file "C:\WINDOWS\system32\1.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "C:\WINDOWS\system32\drivers\mdelk.exe" not found!
Deletion of file "C:\WINDOWS\system32\drivers\mdelk.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "C:\WINDOWS\system32\drivers\1.exe" not found!
Deletion of file "C:\WINDOWS\system32\drivers\1.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

File "C:\WINDOWS\system32\drivers\Wbe47.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\Ptw82.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\Txb25.sys" deleted successfully.
File "C:\WINDOWS\system32\WLCtrl32.dl_" deleted successfully.

Error: folder "C:\WINDOWS\system32\drivers\downld" not found!
Deletion of folder "C:\WINDOWS\system32\drivers\downld" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: folder "C:\WINDOWS\system32\drivers\down" not found!
Deletion of folder "C:\WINDOWS\system32\drivers\down" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

Folder "C:\WINDOWS\Temp" deleted successfully.
Registry key "HKLM\SYSTEM\CurrentControlSet\Services\srosa" deleted successfully.
Registry key "HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA" deleted successfully.

Completed script processing.

*******************

Finished! Terminate.
fatti non foste a viver come bruti, ma per seguir virtute e canoscenza!
Avatar utente
alexmaudit
Aficionado
Aficionado
 
Messaggi: 83
Iscritto il: mar apr 22, 2008 4:35 pm
Località: Caccamo (PA)

Messaggioda ste_95 » mer apr 23, 2008 5:44 pm

Prova a reinstallare un antivirus.
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am

consiglio?

Messaggioda alexmaudit » mer apr 23, 2008 5:47 pm

quale mi consigli?
fatti non foste a viver come bruti, ma per seguir virtute e canoscenza!
Avatar utente
alexmaudit
Aficionado
Aficionado
 
Messaggi: 83
Iscritto il: mar apr 22, 2008 4:35 pm
Località: Caccamo (PA)

Re: consiglio?

Messaggioda alexmaudit » mer apr 23, 2008 5:48 pm

alexmaudit ha scritto:quale mi consigli?


devo scaricarlo nuovamente?
fatti non foste a viver come bruti, ma per seguir virtute e canoscenza!
Avatar utente
alexmaudit
Aficionado
Aficionado
 
Messaggi: 83
Iscritto il: mar apr 22, 2008 4:35 pm
Località: Caccamo (PA)

Messaggioda ste_95 » mer apr 23, 2008 5:52 pm

«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am

niente da fare

Messaggioda alexmaudit » mer apr 23, 2008 6:04 pm

disperazione più totale!!! niente non me lo fa installare!!!
fatti non foste a viver come bruti, ma per seguir virtute e canoscenza!
Avatar utente
alexmaudit
Aficionado
Aficionado
 
Messaggi: 83
Iscritto il: mar apr 22, 2008 4:35 pm
Località: Caccamo (PA)

Messaggioda ste_95 » mer apr 23, 2008 6:21 pm

Scarica GMER, poi segui i seguenti passaggi:

--- 1° passaggio ---
Avviamo gmer
clicchiamo su > > >
Clicchiamo su Autostart
mettiamo il segno di spunta a Show All
clicchiamo su Scan
al termine della scansione, clicchiamo su Copy
Apriamo il blocco note e premiamo CTRL+V (oppure clicchiamo su Modifica e poi su Incolla).
Salviamo il file e carichiamolo su FreeFileHosting
Postiamo qui il link che ci viene assegnato.

--- 2° passaggio ---
Sempre nel programma appena scaricato (gmer),
clicchiamo su Rootkit
clicchiamo su Scan
al termine della scansione, clicchiamo su Copy
Apriamo il blocco note e premiamo CTRL+V (oppure clicchiamo su Modifica e poi su Incolla).
Salviamo il file e carichiamolo su FreeFileHosting
Postiamo qui il link che ci viene assegnato.
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am

Prossimo

Torna a Sicurezza

Chi c’è in linea

Visitano il forum: Nessuno e 4 ospiti

Powered by phpBB © 2002, 2005, 2007, 2008 phpBB Group
Traduzione Italiana phpBB.it

megalab.it: testata telematica quotidiana registrata al Tribunale di Cosenza n. 22/09 del 13.08.2009, editore Master New Media S.r.l.; © Copyright 2008 Master New Media S.r.l. a socio unico - P.I. 02947530784. GRUPPO EDIZIONI MASTER Spa Tutti i diritti sono riservati. Per la pubblicità: Master Advertising