Punto informatico Network
Login Esegui login | Non sei registrato? Iscriviti ora (è gratuito!)
Username: Password:
  • Annuncio Pubblicitario

Script da eseguire con The Avenger

Un virus si è intromesso nel tuo computer? Vuoi navigare in tutta sicurezza? Sono sicure le transazione online? Come impedire a malintenzionati di intromettersi nel tuo pc? Come proteggere i tuoi dati? Qui trovi le risposte a queste ed altre domande

Script da eseguire con The Avenger

Messaggioda sole75 » mer set 10, 2008 2:20 pm

Buongiorno,
ho eseguito una scansione con Gmer e avrei bisogno di aiuto per conoscere lo script da eseguire con The Avenger.
Vi riporto il log di Gmer:

GMER 1.0.14.14205 - http://www.gmer.net
Rootkit scan 2008-09-10 14:52:22
Windows 5.1.2600 Service Pack 2


---- System - GMER 1.0.14 ----

SSDT sptd.sys ZwCreateKey [0xF74B50B0]
SSDT sptd.sys ZwEnumerateKey [0xF74BAA92]
SSDT sptd.sys ZwEnumerateValueKey [0xF74BAE20]
SSDT sptd.sys ZwOpenKey [0xF74B5090]
SSDT sptd.sys ZwQueryKey [0xF74BAEF8]
SSDT sptd.sys ZwQueryValueKey [0xF74BAD78]
SSDT sptd.sys ZwSetValueKey [0xF74BAF8A]
SSDT \??\C:\Programmi\SUPERAntiSpyware\SASKUTIL.sys (SASKUTIL.SYS/SUPERAdBlocker.com and SUPERAntiSpyware.com) ZwTerminateProcess [0xBAEC9F20]

---- Kernel code sections - GMER 1.0.14 ----

? C:\WINDOWS\system32\drivers\sptd.sys Impossibile accedere al file. Il file è utilizzato da un altro processo.
.text USBPORT.SYS!DllUnload F720762C 5 Bytes JMP 86E4E1C8
? System32\Drivers\azyf5bo0.SYS Impossibile trovare il percorso specificato. !

---- User code sections - GMER 1.0.14 ----

.text C:\Programmi\Internet Explorer\IEXPLORE.EXE[3968] USER32.dll!DialogBoxParamW 7E3A555F 5 Bytes JMP 435FF301 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programmi\Internet Explorer\IEXPLORE.EXE[3968] USER32.dll!DialogBoxIndirectParamW 7E3B2032 5 Bytes JMP 43791667 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programmi\Internet Explorer\IEXPLORE.EXE[3968] USER32.dll!MessageBoxIndirectA 7E3BA04A 5 Bytes JMP 437915E8 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programmi\Internet Explorer\IEXPLORE.EXE[3968] USER32.dll!DialogBoxParamA 7E3BB10C 5 Bytes JMP 4379162C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programmi\Internet Explorer\IEXPLORE.EXE[3968] USER32.dll!MessageBoxExW 7E3D05D8 5 Bytes JMP 43791574 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programmi\Internet Explorer\IEXPLORE.EXE[3968] USER32.dll!MessageBoxExA 7E3D05FC 5 Bytes JMP 437915AE C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programmi\Internet Explorer\IEXPLORE.EXE[3968] USER32.dll!DialogBoxIndirectParamA 7E3D6B50 5 Bytes JMP 437916A2 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programmi\Internet Explorer\IEXPLORE.EXE[3968] USER32.dll!MessageBoxIndirectW 7E3E62AB 5 Bytes JMP 436216B6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

---- Kernel IAT/EAT - GMER 1.0.14 ----

IAT \WINDOWS\System32\Drivers\SCSIPORT.SYS[ntoskrnl.exe!IoConnectInterrupt] [F74C997E] sptd.sys
IAT pci.sys[ntoskrnl.exe!IoDetachDevice] [F74C992A] sptd.sys
IAT pci.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack] [F74E4B4E] sptd.sys
IAT atapi.sys[ntoskrnl.exe!IoConnectInterrupt] [F74C997E] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F74B5AB4] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F74B5BFA] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F74B5B7C] sptd.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F74B6728] sptd.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F74B65FE] sptd.sys
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [F74C8C5A] sptd.sys

---- Devices - GMER 1.0.14 ----

Device \FileSystem\Ntfs \Ntfs 873D01E8

AttachedDevice \FileSystem\Ntfs \Ntfs amon.sys (Amon monitor/Eset )

Device \FileSystem\Fastfat \FatCdrom 84C181E8
Device \Driver\usbohci \Device\USBPDO-0 86E51608
Device \Driver\usbohci \Device\USBPDO-1 86E51608
Device \Driver\dmio \Device\DmControl\DmIoDaemon 873D31E8
Device \Driver\dmio \Device\DmControl\DmConfig 873D31E8
Device \Driver\dmio \Device\DmControl\DmPnP 873D31E8
Device \Driver\dmio \Device\DmControl\DmInfo 873D31E8
Device \Driver\PCI_NTPNP8124 \Device\00000053 sptd.sys
Device \Driver\usbehci \Device\USBPDO-2 872E1980
Device \Driver\Ftdisk \Device\HarddiskVolume1 873641E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 873641E8
Device \Driver\Ftdisk \Device\HarddiskVolume3 873641E8
Device \Driver\NetBT \Device\NetBt_Wins_Export 8660F578
Device \Driver\NetBT \Device\NetbiosSmb 8660F578
Device \Driver\NetBT \Device\NetBT_Tcpip_{FD1BF187-259B-408A-9D35-63BBC62B7CE8} 8660F578
Device \Driver\usbohci \Device\USBFDO-0 86E51608
Device \Driver\usbohci \Device\USBFDO-1 86E51608
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 8660A980
Device \Driver\usbehci \Device\USBFDO-2 872E1980
Device \FileSystem\MRxSmb \Device\LanmanRedirector 8660A980
Device \Driver\Ftdisk \Device\FtControl 873641E8
Device \Driver\si3112r \Device\Scsi\si3112r1Port0Path0Target0Lun0 873D21E8
Device \Driver\azyf5bo0 \Device\Scsi\azyf5bo01 86E181E8
Device \Driver\azyf5bo0 \Device\Scsi\azyf5bo01Port2Path0Target0Lun0 86E181E8
Device \Driver\si3112r \Device\Scsi\si3112r1 873D21E8
Device \FileSystem\Fastfat \Fat 84C181E8

AttachedDevice \FileSystem\Fastfat \Fat 873D11E8
AttachedDevice \FileSystem\Fastfat \Fat amon.sys (Amon monitor/Eset )

Device \FileSystem\Cdfs \Cdfs 865B17C0

---- Registry - GMER 1.0.14 ----

Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Programmi\DAEMON Tools\
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xBD 0x2B 0xA4 0x98 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x59 0xB7 0x9D 0x8A ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xE9 0x47 0xAC 0x12 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Programmi\DAEMON Tools\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xBD 0x2B 0xA4 0x98 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x59 0xB7 0x9D 0x8A ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xE9 0x47 0xAC 0x12 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Programmi\DAEMON Tools\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xBD 0x2B 0xA4 0x98 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x59 0xB7 0x9D 0x8A ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xE9 0x47 0xAC 0x12 ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Programmi\DAEMON Tools\
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xBD 0x2B 0xA4 0x98 ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x59 0xB7 0x9D 0x8A ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xE9 0x47 0xAC 0x12 ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Programmi\DAEMON Tools\
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xBD 0x2B 0xA4 0x98 ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x59 0xB7 0x9D 0x8A ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xE9 0x47 0xAC 0x12 ...
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Programmi\DAEMON Tools\
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xBD 0x2B 0xA4 0x98 ...
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x59 0xB7 0x9D 0x8A ...
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xE9 0x47 0xAC 0x12 ...
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Programmi\DAEMON Tools\
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xBD 0x2B 0xA4 0x98 ...
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x59 0xB7 0x9D 0x8A ...
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xE9 0x47 0xAC 0x12 ...
Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Programmi\DAEMON Tools\
Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xBD 0x2B 0xA4 0x98 ...
Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x59 0xB7 0x9D 0x8A ...
Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xE9 0x47 0xAC 0x12 ...
Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Programmi\DAEMON Tools\
Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xBD 0x2B 0xA4 0x98 ...
Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x59 0xB7 0x9D 0x8A ...
Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xE9 0x47 0xAC 0x12 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 1951275977
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 -2016761223
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Programmi\DAEMON Tools\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xBD 0x2B 0xA4 0x98 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x59 0xB7 0x9D 0x8A ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x62 0xE8 0x94 0xF6 ...
Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Programmi\DAEMON Tools\
Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xBD 0x2B 0xA4 0x98 ...
Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x59 0xB7 0x9D 0x8A ...
Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x62 0xE8 0x94 0xF6 ...

---- EOF - GMER 1.0.14 ----
Avatar utente
sole75
Neo Iscritto
Neo Iscritto
 
Messaggi: 3
Iscritto il: mer set 10, 2008 1:59 pm

Re: Script da eseguire con The Avenger

Messaggioda sole75 » mer set 10, 2008 2:41 pm

Ho effettuato una scansione anche con Kaspersky dal momento in cui è considerata più efficace.
Vi invio il risultato della scansione di Kaspersky.
Vorrei essere sicura di come si scrive lo script da eseguire con The Avenger per evitare cancellazioni dannose.

Grazie

Wednesday, September 10, 2008
Operating System: Microsoft Windows XP Professional Service Pack 2 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Wednesday, September 10, 2008 09:50:08
Records in database: 1206538


Scan settings
Scan using the following database extended
Scan archives yes
Scan mail databases yes

Scan area My Computer
A:\
C:\
D:\
E:\
F:\
G:\
S:\

Scan statistics
Files scanned 98189
Threat name 22
Infected objects 273
Suspicious objects 0
Duration of the scan 02:00:55

File name Threat name Threats count
C:\Documents and Settings\All Users\Dati applicazioni\vmxqzolq\zahybmni.exe Infected: Trojan.Win32.Obfuscated.gx 1

C:\Documents and Settings\All Users\Dati applicazioni\xmdapwlq\zexobuby.exe Infected: Trojan-Downloader.Win32.Obfuscated.dpe 1

C:\Documents and Settings\Renzo\Dati applicazioni\Sun\Java\Deployment\cache\javapi\v1.0\jar\Java.jar-1ccd4057-3c9b1042.zip Infected: Trojan-Downloader.Java.OpenConnection.aq 1

C:\Documents and Settings\Renzo\Dati applicazioni\Sun\Java\Deployment\cache\javapi\v1.0\jar\Java.jar-21859ece-632e857a.zip Infected: Trojan-Downloader.Java.OpenConnection.aq 1

C:\Documents and Settings\Renzo\Dati applicazioni\Sun\Java\Deployment\cache\javapi\v1.0\jar\Java.jar-54a3eec0-49e1bb0d.zip Infected: Trojan-Downloader.Java.OpenConnection.aq 1

C:\Documents and Settings\Renzo\Dati applicazioni\Sun\Java\Deployment\cache\javapi\v1.0\jar\Java2SE.jar-31c0f983-70dad79a.zip Infected: Trojan-Downloader.Java.OpenConnection.ar 1

C:\Documents and Settings\Renzo\Dati applicazioni\Sun\Java\Deployment\cache\javapi\v1.0\jar\OP.jar-55b46c5-48c655cc.zip Infected: Trojan-Downloader.Java.OpenStream.ac 1

C:\Documents and Settings\Renzo\Local Settings\Application Data\Identities\{B0EC6655-77F0-4F09-9E9C-831E414CE8B6}\Microsoft\Outlook Express\renzo.claut (katamail).dbx Infected: Worm.Win32.AutoRun.luy 1

C:\Documents and Settings\Silvia\.housecall6.6\Quarantine\backup-20080905-173115-425.dll.bac_a03136 Infected: Trojan.Win32.FraudPack.gen 1

C:\Documents and Settings\Silvia\.housecall6.6\Quarantine\Robert Rodriguez & Graeme Revell Planet Terror-Grindhouse score bso ost bof soundtrack updated-fixed 04-2007.rar.bac_a03676 Infected: P2P-Worm.Win32.Kapucen.b 1

C:\Documents and Settings\Silvia\Desktop\muori bas***do\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f 1

C:\Documents and Settings\Silvia\Desktop\muori bas***do\SmitfraudFix.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f 1

C:\Documents and Settings\Silvia\Impostazioni locali\Dati applicazioni\Identities\{626F68D6-46DD-420C-A8D6-A1700C9EC357}\Microsoft\Outlook Express\da silvia.kia (1).dbx Infected: not-virus:BadJoke.Win32.Zappa 1

C:\Documents and Settings\Silvia\Impostazioni locali\Dati applicazioni\Identities\{626F68D6-46DD-420C-A8D6-A1700C9EC357}\Microsoft\Outlook Express\da silvia.kia.dbx Infected: not-virus:BadJoke.Win32.Zappa 1

C:\Documents and Settings\Silvia\Impostazioni locali\Dati applicazioni\Identities\{626F68D6-46DD-420C-A8D6-A1700C9EC357}\Microsoft\Outlook Express\Silvia Gmail.dbx Infected: not-a-virus:PSWTool.Win32.RAS.g 1

C:\Documents and Settings\Silvia\Impostazioni locali\Dati applicazioni\Identities\{626F68D6-46DD-420C-A8D6-A1700C9EC357}\Microsoft\Outlook Express\Silvia Gmail.dbx Infected: not-a-virus:PSWTool.Win32.RAS.a 1

C:\Programmi\ESET\cache\FND4.NFI Infected: Trojan.Win32.Obfuscated.gx 1

C:\Programmi\ESET\cache\FND5.NFI Infected: Trojan.Win32.Obfuscated.gx 1

C:\Programmi\ESET\infected\02OF4YBA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\0AQOW4CA.NQF Infected: Trojan.Win32.Obfuscated.gx 1

C:\Programmi\ESET\infected\0FXF3PBA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\0OYIUPAA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\0SFGB2AA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\10ATS3BA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\10GP34DA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\1CZEU5AA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\1GIDZECA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\1I0Q4TDA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\1IU4OQBA.NQF Infected: Rootkit.Win32.Podnuha.tw 1

C:\Programmi\ESET\infected\1OKHAZAA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\1QNUBNDA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\1XEIS5AA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\2ADDS2AA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\2BUX3ZDA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\2EYPIIBA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\2HTUMWBA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\2NPA4KCA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\2XOOZAAA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\2YASCSDA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\34APVHCA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\35TMADCA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\35XDPXAA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\3BU2ACDA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\3FVQEBAA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\3G10BSCA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\3KAEGLCA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\3T2ZTEDA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\3YJFUBCA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\4042PEAA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\42QB5UAA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\4GR1IMCA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\4GYMMEDA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\4HIE3UBA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\4OQRVUDA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\54OE1NCA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\5BBDOXBA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\5GNW4ZBA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\5JJTIZBA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\5NGFHOAA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\5PDH2YCA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\5TQL31DA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\5URUSOAA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\5V2GETDA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\5W2DKFAA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\A5GSZSCA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\A5NXIJAA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\AHQW5GBA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\AU4YAODA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\AVX4KNDA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\AWAMCDDA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\AXKWSQAA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\AXLVCDCA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\B1ZBI3DA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\BA1M3YAA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\BDJXXXAA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\BDSI30BA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\BJI2XNCA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\BN1JXKCA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\BOZK4LAA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\CDN0NYBA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\CG52XZDA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\CGQJWLBA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\CJPMSUBA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\CN0IARBA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\CONILLCA.NQF Infected: Packed.Win32.PolyCrypt.m 1

C:\Programmi\ESET\infected\CUY21SDA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\CWNIPFAA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\CXDDQMBA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\D14EJWCA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\D3EAVECA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\DB1NJ4DA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\DBOCYJCA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\DGUHX5AA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\DILHC5AA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\DOJR50AA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\DXTPZKCA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\E3JQQCDA.NQF Infected: P2P-Worm.Win32.Kapucen.b 1

C:\Programmi\ESET\infected\E43HPVDA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\ECTBENBA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\EDHIMZBA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\EOMYN4AA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\EPYQUVBA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\ESE1EMAA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\EUCJP3DA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\EV3UHCBA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\EYYNIYCA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\F5LCQGBA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\FBT4TGDA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\FQJOWKBA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\FU4TRSDA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\FXTDZGCA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\G4V14CCA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\GAWUF4DA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\GJZBNKCA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\GPPIAHDA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\GVEM4LDA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\GXKFTFAA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\H0II2KCA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\H5Q5RCBA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\HC5RI2CA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\HLVRYFBA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\HUQSS4BA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\HVYCZFBA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\I4WANNCA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\IA1HDBBA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\IDP5AKAA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\IKRGOGDA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\ILQEP4AA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\IOE0KVBA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\IZ2LS2AA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\J1TARRBA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\J4MWJKBA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\JAQ15ZCA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\JBXJGNDA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\JEHFNECA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\JFMVQAAA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\JGRCGIBA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\JJECBNBA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\JL5TWFBA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\JO25S4DA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\JOO0C5CA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\JVCFODAA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\K3BYHMCA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\K500PEBA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\KAWKYIBA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\KHFNQMDA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\KIXGRUCA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\KMS2QZDA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\KNIQHXDA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\KP0CWZBA.NQF Infected: Backdoor.Win32.Frauder.dk 6

C:\Programmi\ESET\infected\KP0CWZBA.NQF Infected: not-a-virus:FraudTool.Win32.MSAntivirus.t 1

C:\Programmi\ESET\infected\KP0CWZBA.NQF Infected: not-a-virus:FraudTool.Win32.MSAntivirus.r 1

C:\Programmi\ESET\infected\L3HBSSCA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\LMLTS1BA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\LR3K20BA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\LUFLGEBA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\LW1X0OAA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\M1GQQ1CA.NQF Infected: Backdoor.Win32.Frauder.bu 1

C:\Programmi\ESET\infected\M5MZMFCA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\MFRLXZDA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\MOX5NXCA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\MPR5O3AA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\MSMGILDA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\MSUSM2BA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\N1XMSDDA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\NGKEOTBA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\NI3BTMAA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\NIWGYWCA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\NLEH1JCA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\NQGQ4ZDA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\NWGDEYBA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\OELATPAA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\OOORF0BA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\OUSMLEAA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\P2H3KZAA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\P322NODA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\PADJUKBA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\PIB0CPDA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\PJWSBRDA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\PNFQUOAA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\POJLDHCA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\PSKHERDA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\PVF1B3DA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\PXVQYLCA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\Q0J2GMDA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\QL5GHCCA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\QR5TMEAA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\QRIPKXAA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\R43IBVCA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\RE4V2VAA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\RHHPR2AA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\RNHH5MDA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\RO3CJIDA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\RONM0OBA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\RVIYJLDA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\RXVN3HAA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\S1F501CA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\S3L0URDA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\SEMOQVDA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\SGT3RNBA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\SIIZGMBA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\SLQ3BCBA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\SRML1ZCA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\SU30CZAA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\SVHC12AA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\SVPCB5CA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\SWPWUMCA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\T0CWQRAA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\T3N4WKCA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\TBV2Q2CA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\TGJLMNBA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\TJO2FPDA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\TQP1KEBA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\TWDHLVAA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\TXKJPRAA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\TY4SJMAA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\UBA1JABA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\UJV20XDA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\URVFU3CA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\UVETEBAA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\UZ1O3HDA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\V1TI3CDA.NQF Infected: Trojan.Win32.Obfuscated.gx 1

C:\Programmi\ESET\infected\V1YOKFBA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\VAACH2DA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\VDJBRVCA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\VF2VMPBA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\VIMWHVCA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\VMB1T5BA.NQF Infected: Trojan.Win32.Obfuscated.gx 1

C:\Programmi\ESET\infected\VOUDCDBA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\VPV2AUDA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\VTRTF0CA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\VUPH2SDA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\VUVER0AA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\VXKVKOCA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\VY2HVZDA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\W0XEX1CA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\W1KV1TAA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\WAUMJBAA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\WBYPJUBA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\WCNZWMBA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\WSSBPJCA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\WV14A5DA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\WWD1H2DA.NQF Infected: Trojan.Win32.DNSChanger.awy 1

C:\Programmi\ESET\infected\WYX1FOBA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\X1FBGFAA.NQF Infected: Trojan.Win32.Agent.dxh 1

C:\Programmi\ESET\infected\XCFYUVAA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\XFD1KPCA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\XFQI5ZAA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\XII4NZCA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\XJE353AA.NQF Infected: Packed.Win32.PolyCrypt.m 1

C:\Programmi\ESET\infected\XJL4FDAA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\XTICTTDA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\XVQW1KCA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\YE4Q4LDA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\YMF4MJDA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\YOPGR0BA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\YPDOPYDA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\YTOYZCCA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\YV3MWYBA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\YVLVTGBA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\YYHUZ3AA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\ZC14CPAA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\ZCGAN3DA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\ZGQXDNAA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\ZPASVBBA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\ZROBTAAA.NQF Infected: Trojan.Win32.KillAV.pb 1

C:\Programmi\ESET\infected\ZSPAF3BA.NQF Infected: Trojan.Win32.KillAV.pb 1

D:\Documenti Silvia\Immagini\Humor\Fumetti\DareDevil\Daredevil09.jpg Infected: Trojan-Clicker.HTML.IFrame.rp 1

The selected area was scanned.
Avatar utente
sole75
Neo Iscritto
Neo Iscritto
 
Messaggi: 3
Iscritto il: mer set 10, 2008 1:59 pm

Re: Script da eseguire con The Avenger

Messaggioda ste_95 » mer set 10, 2008 2:52 pm

Per piacere applica subito il tag log a entrambi i log secondo queste indicazioni.

Questo è il tuo script:
Codice: Seleziona tutto
Files to delete:
C:\Documents and Settings\Renzo\Dati applicazioni\Sun\Java\Deployment\cache\javapi\v1.0\jar\Java.jar-1ccd4057-3c9b1042.zip
C:\Documents and Settings\Renzo\Dati applicazioni\Sun\Java\Deployment\cache\javapi\v1.0\jar\Java.jar-21859ece-632e857a.zip
C:\Documents and Settings\Renzo\Dati applicazioni\Sun\Java\Deployment\cache\javapi\v1.0\jar\Java.jar-54a3eec0-49e1bb0d.zip
C:\Documents and Settings\Renzo\Dati applicazioni\Sun\Java\Deployment\cache\javapi\v1.0\jar\Java2SE.jar-31c0f983-70dad79a.zip
C:\Documents and Settings\Renzo\Dati applicazioni\Sun\Java\Deployment\cache\javapi\v1.0\jar\OP.jar-55b46c5-48c655cc.zip
D:\Documenti Silvia\Immagini\Humor\Fumetti\DareDevil\Daredevil09.jpg

Folders to delete:
C:\Documents and Settings\All Users\Dati applicazioni\vmxqzolq
C:\Programmi\ESET\cache
C:\Programmi\ESET\infected
C:\Documents and Settings\Silvia\.housecall6.6\Quarantine


Ci sono anche molti messaggi di posta infetti nel tuo computer.
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am

Re: Script da eseguire con The Avenger

Messaggioda sole75 » mer set 10, 2008 8:03 pm

Ciao, grazie dell'aiuto e scusami per il mio "barbaro" inserimento del log.
Mi hai scritto che ho molti messaggi di posta infetti, come devo procedere? Rischiano di contaminare ulteriormente il sistema?

Grazie
Avatar utente
sole75
Neo Iscritto
Neo Iscritto
 
Messaggi: 3
Iscritto il: mer set 10, 2008 1:59 pm

Re: Script da eseguire con The Avenger

Messaggioda ste_95 » gio set 11, 2008 6:26 am

Correggi i log, cortesemente.

Per le e-mail, in linea generale di consiglierei di cancellare tutte quelle con allegato, a meno che non siano davvero pulite.
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am


Torna a Sicurezza

Chi c’è in linea

Visitano il forum: Nessuno e 2 ospiti

Powered by phpBB © 2002, 2005, 2007, 2008 phpBB Group
Traduzione Italiana phpBB.it

megalab.it: testata telematica quotidiana registrata al Tribunale di Cosenza n. 22/09 del 13.08.2009, editore Master New Media S.r.l.; © Copyright 2008 Master New Media S.r.l. a socio unico - P.I. 02947530784. GRUPPO EDIZIONI MASTER Spa Tutti i diritti sono riservati. Per la pubblicità: Master Advertising