Punto informatico Network
Login Esegui login | Non sei registrato? Iscriviti ora (è gratuito!)
Username: Password:
  • Annuncio Pubblicitario

Aiuto !!! Gromozon!

Un virus si è intromesso nel tuo computer? Vuoi navigare in tutta sicurezza? Sono sicure le transazione online? Come impedire a malintenzionati di intromettersi nel tuo pc? Come proteggere i tuoi dati? Qui trovi le risposte a queste ed altre domande

Aiuto !!! Gromozon!

Messaggioda tyger » gio ott 23, 2008 10:27 pm

Suppongo di essere stato invaso da 'Gromozon' ! [XX(]
Mi sono ampliamente informato, leggendo tutte le notizie e i servizi, al riguardo, di MegaLab e seguendo passo-passo le istruzioni
per la rimozione, nell'articolo 2615, sono arrivato al punto in cui ci vuole l'intervento di qualche anima buona, che mi suggerisca lo script per 'The Avenger'. I log di 'GMER' li ho postati ai seguenti indirizzi:
[url="http://freefilehosting.net/download/417c2"]gmer_autostart_tyger.txt[/url]
[url="http://freefilehosting.net/download/417c4"]gmer_rootkit_tyger.txt[/url]
Ultima nota: sono riuscito a fare lo scan con 'PrevX', perché era nei tools che ho trovato nel sito ospite (art.1222) ma non 'Virit' il cui sito
(http://www.tgsoft.it/italy/index_ita.html) è per me inaccessibile.
[V] [V] [V]
Avatar utente
tyger
Aficionado
Aficionado
 
Messaggi: 74
Iscritto il: mar ago 05, 2008 5:09 pm
Località: Andora

Re: Aiuto !!! Gromozon!

Messaggioda Amantide » gio ott 23, 2008 11:09 pm

Scusa, mi dici da dove hai dedotto di avere il Gromozon? [uhm]

I log di Gmer sono pulitissimi [boh]

Cerca nella cartella di PrevX il file di log e postalo qui (tramite il tag LOG e non freehosting), così almeno vediamo se il pc era infetto davvero o no.
...per volare alto, bisogna saper cadere...
Avatar utente
Amantide
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 8126
Iscritto il: lun feb 06, 2006 4:13 pm
Località: Abruzzo

Re: Aiuto !!! Gromozon!

Messaggioda tyger » ven ott 24, 2008 6:28 pm

.... come dicevo prima, ho supposto di avere 'Gromozon', non ne sono sicuro;
il fatto di non riuscire ad entrare in alcuni siti (tgsoft,swzone, ecc.) mi ha fatto pensare a 'LinkOptomizer'.
Addirittura in alcuni, Firefox 3.0 e IE 8 beta, si chiudono. Può darsi che mi sbagli, ci deve comunque essere qualcosa che non và.
Ti invio qui il log di PrevX e quello di HiJackThis e ti ringrazio molto per il tuo interessamento:
[grazie] [grazie]

Removal tool loaded into memory
------------------------------------
Executing rootkit removal engine....
------------------------------------
Disabling rootkit file: C:\WINDOWS\kb9188uq.log
Resetting file permissions...
Clearing attributes...
Accesso negato - C:\_cleaned.tmp
Removing file...
Rootkit removed! Cleaning up...

Removing temp files...
Scanning: C:\WINDOWS
Scanning: C:\Programmi\File comuni
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\AAja.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\abW.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\abWA.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\aGB.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\aiA.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\aJR.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\aLaA.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\aLdHN.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\aLo.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\aRSFB.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Asu.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\aVfNE.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\AVl.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\aWw.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\awwu.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\axGAze.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\AxR.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\AZL.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\AZWQb.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\BAMeo.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\BBG.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\bBY.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\bcg.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\BEeQ.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Ber.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\bEv.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\bGd.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\BGNuYY.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\bhx.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\bKrAr.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\BkV.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\bLmLRH.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\bmjr.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\BmnUm.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\BNy.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\BPm.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\bpU.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\BqK.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\bQKw.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\BrY.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\bxDW.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\bZO.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\BZtbKa.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\caDbR.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\cAN.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\cBa.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\CBi.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\CDs.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\CEQ.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\cEyYt.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\CeZ.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\ChWXN.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Ciq.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\ciSL.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\cJu.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\comunque.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\CNG.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\COGOUN.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\CoQ.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\cPEgp.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\CRe.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Cry.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\csT.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\cTQ.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\cWket.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\CxR.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\CYy.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\ddefhp.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\deaBsD.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\DeJfCL.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\DGD.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\DghI.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\DhXAz.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Dlf.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\DMoIf.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\DMv.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\dMwwcd.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\dnC.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\DNi.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\DpA.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\DPo.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\DpQZFi.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\dTe.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\dTK.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\dtS.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\DUcSFM.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\DvKu.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\dYh.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\dYjSq.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\DylXrP.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\DysTfr.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\EAG.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\EBi.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\ECj.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\eDK.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\EdzH.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\eEEL.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\EeJmVL.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\EFUK.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\efW.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\eGin.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\eGu.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\ehMnO.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Eij.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Ejbm.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\EJJ.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\eKomft.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\EmdnHw.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\enZ.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\eoD.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\eOM.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\EpI.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\EQb.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Ess.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\eUx.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\EuyMd.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\eVye.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\EWNkK.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\eXD.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\exy.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\eYWuoR.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\ezvR.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\FaPR.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\fBOg.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\FcGba.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\fdO.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\feP.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\fgPqzi.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\FHn.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\fHnr.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\fiU.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\FKvL.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\fLcHYR.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\fOQqyt.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\FrT.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\fSFQ.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\ftclsR.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\fUdZ.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\FuI.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Fva.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\fXn.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\fZxmjZ.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\gckBz.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\GcmOUQ.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Gdb.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Gdny.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\GfEgGl.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\gHW.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\gIu.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\GJOHcf.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\GKamp.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\GksR.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\gLop.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\gna.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\GQt.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\GTW.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\GvU.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Gwz.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\GxTd.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\gzABhS.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\gzk.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\gZLPsc.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\GZy.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\hBF.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\HbkX.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\HbR.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Hcw.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\hea.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\HFlUbP.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\HFRDBN.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\hghvM.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\hGO.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\hgonzv.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\hKq.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\HkV.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Hky.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\hLc.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\HMfTxM.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\HnouD.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\HOeLZB.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\HOw.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\hpbiya.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\hQC.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\hRA.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\hrK.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\HRl.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\hRQy.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\HSkwUW.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\hTu.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\HvA.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\hVg.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Hwga.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\hxBIng.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\HYPc.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\IAw.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\ibn.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\ibP.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\ibT.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\iDXC.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\iFYEK.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\IgF.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\ihd.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\IHr.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\ILESf.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\ILZ.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\ING.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Ioh.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Iqm.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\iTb.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Itx.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\IUq.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\IutmYl.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\ivj.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\IxL.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\ixo.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\IYU.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\jAnfwF.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\JAx.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\jbz.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\jDAaoT.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\JDmo.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\jDt.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Jed.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\JEf.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\jeM.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\jgH.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\jGk.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\jHURIo.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\jkb.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\jkp.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\JKu.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\JllI.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\jlPcCE.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\JOciO.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\jQiiUZ.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\jsnLbb.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\jST.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\jWAf.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Jwv.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\jXAKFG.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\jXRxX.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\JyIuSJ.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\jZLsb.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Jzp.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\KAN.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\keN.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Kfg.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\KfgqW.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\khF.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\kiGi.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\KJS.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\kJvrNy.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\KjXxCQ.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\klg.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\kLu.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Knd.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\kNYwXv.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\KOQIxm.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\KORW.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\KPu.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\KrI.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\KRs.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\kRX.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\krxQdi.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\kSDLx.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\KSS.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\KsT.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\kTMXG.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\KUG.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\kWDA.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\LBi.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\LbKh.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\LdH.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\lEgyEY.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\LfDwku.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\LgZ.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\lhIz.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Lhm.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\LIH.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\LIHabx.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Lil.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\lLx.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\LMO.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\LnOE.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\lOY.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\LoyCxY.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\LPU.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\lrq.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\LrW.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Lsj.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\lSW.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\LTo.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Lviq.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\LYNe.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\lZp.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\maO.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\MaUHOU.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\mCS.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Mdz.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\MEJn.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\meM.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\MfI.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\mhR.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\mkl.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\mlm.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Mlt.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\MmxP.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\moe.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\MPJ.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\mPsZn.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\MRR.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\mSM.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\mTK.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\MUbtnh.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\MUnu.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\mxv.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\ncQo.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\NCsN.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\NdCccs.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\ndr.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\NFNrah.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\NFy.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\NHBmLK.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Nii.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\nImI.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\nQj.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\NslR.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\NSP.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\nTk.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\NtYtri.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\nUf.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\nuI.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\NUuZQZ.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\nwt.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\NzpquE.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\oAkaIa.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\oBg.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\oBW.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\oETHYL.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\OeXTVh.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\oFa.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\ogh.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\OGU.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\ohJn.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\oImc.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Oku.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\ONYC.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\OOVNS.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\OPG.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\oqP.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\OQqt.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\oWwxi.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\oYI.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\OYk.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\oyUVaq.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\PaquA.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\PblqXQ.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\pCp.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\PcT.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\PEdhWm.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\PEPbet.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\pfTj.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\pgQ.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\pGS.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\pJk.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\pkPrN.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\PmBxY.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\PMjl.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\PMt.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Poa.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\POpqzr.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\poR.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\pQQ.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\PRaOit.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\pRO.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\PTWR.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\PuG.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Pvh.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\pvW.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\pXbcnS.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\PXm.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\pZt.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\qAd.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\qaHXl.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\QBpRy.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\qbx.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\qbzwVM.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\QCH.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Qfr.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Qfyo.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\QgkTh.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\qGZ.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\qjQkv.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\QJZ.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\qKh.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\qkM.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\qkMM.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\QLZ.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\qMMzh.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\qPEoc.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\qqPAL.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\qsn.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\qtgtXw.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\QWGAW.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\qWv.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\qYxyAd.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\qZM.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\RBIIIv.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\RcV.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Repv.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\rEtP.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\RfLG.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\rhG.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Ril.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\riq.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\RJKK.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Rknuxv.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\rldu.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\RMx.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\rpgBWL.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\rpu.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\rQJv.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\rqo.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\rRu.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\rRv.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\RTa.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\rVT.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\rxv.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\rzK.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\rZKyK.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\SaQps.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Sbb.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\SbgbUV.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\sbT.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\scK.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\scY.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\sDi.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\SDKqs.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\SilY.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\ske.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\sKuzF.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Sla.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\SlF.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\SmBeA.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Smp.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\SnpM.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Spj.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\sQLLtm.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\SSBOr.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Svm.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\SvWUHt.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\SWf.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\SWtUQ.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\SwU.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\sxI.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\syar.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\syOInS.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\SYTR.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\SzRHY.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\TdAX.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\tek.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\TEo.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\tfaGw.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\TgOZ.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\tHa.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Thb.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\tiDTA.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\TJqjVe.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\tKUS.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\tnO.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\tQqu.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\TSiYw.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\tvo.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\tVt.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\tweN.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\tWR.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\tXTmrf.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Tzs.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\UAF.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\uAI.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\ubF.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\UbQGZa.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\UgK.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\UGKZv.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\UiXgYP.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\UiZ.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\UkKOmC.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\UKOXj.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\UKY.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\UlRna.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\uMv.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\UpB.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\UqG.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\uqS.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\urC.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\UvB.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\uXQyKG.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Uzz.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\VBhylN.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\VCL.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\vCw.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\vdBywc.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\VDO.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\VfJ.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\VFUvr.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\VGt.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\VGV.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Vhowx.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\VHpcFZ.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\vITerH.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\VKzOBb.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\vLm.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\vLx.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\VmJS.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\vNLPf.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\voVuD.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\vpXmW.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\VPz.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\vTL.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Vtu.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\VVHI.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\vvV.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\vWO.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\vWZDtX.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\vyE.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\VYo.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\WAbKAN.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Wav.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\wbb.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\wbD.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\wBg.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\wbh.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\wBU.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\wcKj.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\wfD.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\wgM.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Wixnr.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\WkE.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\WkL.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Wmw.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\woyBHq.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\wpiz.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\wRc.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\wrZ.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Wtf.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\wvc.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\wWA.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\WWnlT.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Wwx.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\WYf.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\WygW.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\wZm.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Wzu.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\wZUyQ.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\xbeRx.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\XbjMD.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\xFIYTV.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\xFv.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Xif.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\XJp.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\xkU.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\XnpW.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\XNt.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\xOa.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\XsIL.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\XTA.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\xTT.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Xug.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\xvI.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Xxb.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\YAd.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\yBF.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\YbN.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\yBP.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\ycX.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\yetC.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\ygi.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\yGISa.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\YhC.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\YHF.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\YIIjeR.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\yiWnl.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\yJMAx.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\ykA.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\YlX.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\YmcfsJ.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\yMi.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\ymx.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\YNI.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\YnTI.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\YoM.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\YOwK.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\YrzR.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\yTBm.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Ytr.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\YYR.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\yzsrRk.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\zACG.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\zCd.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\ZCXCP.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\zeYm.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\zfIw.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Zir.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\ZJf.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\zjuh.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\zlhNaK.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\ZnJ.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Znon.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\znz.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\Zod.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\zPg.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\zPS.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\ZPwl.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\ZrM.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\ZSoeFQ.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\ZSVz.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\ztu.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\zVu.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\zVVQ.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\zXnv.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\ZZMes.exe
Removing protected file: C:\Programmi\File comuni\Microsoft Shared\zzTY.exe


Trojan.Gromozon Removed!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18.24.39, on 23/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
C:\WINDOWS\system32\crypserv.exe
C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
C:\Programmi\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
C:\Programmi\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Photodex\ProShowGold\ScsiAccess.exe
C:\PROGRA~1\SPYWAR~1\sp_rsser.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\RealVNC\VNC4\WinVNC4.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Programmi\Analog Devices\SoundMAX\SMax4PNP.exe
C:\WINDOWS\system32\USBPlug.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe
C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe
C:\Programmi\Microsoft IntelliPoint\ipoint.exe
C:\WINDOWS\TWAIN_32\D66U\D066UUTY.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\File comuni\Nero\Lib\NMIndexStoreSvr.exe
C:\Programmi\File comuni\Nero\Lib\NMIndexingService.exe
C:\Programmi\Power Translator\LogoMedia TranslateDotNet Server.exe
C:\Programmi\Mozilla Firefox\firefox.exe
I:\Trojan_Bagle\Troyan_Bagle_Nuovo\MegaLab.it_H_i_J_a_C_k_T_h_I_s.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.yahoo.it/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar1.dll (file missing)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll (file missing)
O3 - Toolbar: LEC - {1DBAB667-A486-421e-AFE4-CF07DD0088E5} - C:\Programmi\Power Translator\Applications\LEC IE Translation Extension.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programmi\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [EssSpkPhone] essspk.exe
O4 - HKLM\..\Run: [dscService] C:\WINDOWS\system32\USBPlug.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [SpywareTerminator] "C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Programmi\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Programmi\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [D066UUtility] C:\WINDOWS\TWAIN_32\D66U\D066UUTY.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: LEC TranslateDotNet Server - Language Engineering Corporation, LLC - C:\Programmi\Power Translator\LogoMedia TranslateDotNet Server.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Programmi\File comuni\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - C:\Programmi\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Programmi\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmi\File comuni\Nero\Lib\NMIndexingService.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Programmi\Photodex\ProShowGold\ScsiAccess.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\PROGRA~1\SPYWAR~1\sp_rsser.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Programmi\RealVNC\VNC4\WinVNC4.exe

--
End of file - 9013 bytes
Avatar utente
tyger
Aficionado
Aficionado
 
Messaggi: 74
Iscritto il: mar ago 05, 2008 5:09 pm
Località: Andora


Re: Aiuto !!! Gromozon!

Messaggioda Amantide » ven ott 24, 2008 7:00 pm

Hai ragione [acc2] Ce l'avevi davvero questo trojan preistorico [:D]

Dopo aver eseguito la scansione con PrevX, non hai risolto la situazione?

Intanto scarica il ComboFix da qui ed esegui la scansione seguendo queste istruzioni (giù in fondo). Al termine della scansione verrà creato il file di report C:\combofix.txt, copia qui il suo contenuto.
...per volare alto, bisogna saper cadere...
Avatar utente
Amantide
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 8126
Iscritto il: lun feb 06, 2006 4:13 pm
Località: Abruzzo

Re: Aiuto !!! Gromozon!

Messaggioda tyger » ven ott 24, 2008 8:12 pm

...con PrevX non ho risolto il problema però ho visto che qualcosa aveva eliminato.
Allego il log di Combofix come mi hai suggerito:

ComboFix 08-10-17.01 - Giuseppe 2008-10-24 20.18.16.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1040.18.2276 [GMT 2:00]
Eseguito da: C:\pincopallino.exe
* Creato nuovo punto di ripristino

ATENÇÃO - ESTA MAQUINA NAO TEM A CONSOLE DE RECUPERAÇÃO INSTALADA !!
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Ernesto\Impostazioni locali\Temporary Internet Files\temp1.htm
C:\Documents and Settings\Giuseppe\Dati applicazioni\inst.exe
C:\Documents and Settings\Giuseppe\Impostazioni locali\Temporary Internet Files\SuggestedSites.dat
C:\WINDOWS\hosts
C:\WINDOWS\system32\dao350.dll
C:\WINDOWS\winhelp.ini
I:\autorun.inf
I:\nideiect.com

.
((((((((((((((((((((((((( Files Creati Da 2008-09-24 al 2008-10-24 )))))))))))))))))))))))))))))))))))
.

2008-10-24 20:14 . 2008-10-24 20:14 2,991,454 -ra------ C:\pincopallino.exe
2008-10-23 22:13 . 2008-10-23 22:13 250 --a------ C:\WINDOWS\gmer.ini
2008-10-17 21:56 . 2007-07-26 16:15 53,248 --a------ C:\WINDOWS\system32\CSVer.dll
2008-10-16 20:19 . 2008-10-16 20:19 <DIR> d-------- C:\Intel
2008-10-14 19:06 . 2008-10-14 19:06 <DIR> d-------- C:\Documents and Settings\Giuseppe\Dati applicazioni\AdobeUM
2008-10-13 22:14 . 2008-10-13 22:19 <DIR> d-------- C:\Programmi\NetMeter
2008-10-07 19:42 . 2008-10-07 19:42 <DIR> d-------- C:\Programmi\EASEUS
2008-10-07 11:03 . 2008-10-07 11:03 <DIR> d--hs---- C:\Documents and Settings\Ernesto\PrivacIE
2008-10-06 17:27 . 2008-10-24 20:44 <DIR> d-------- C:\WINDOWS\system32\.
2008-10-05 22:44 . 2008-10-05 22:44 6,898 --a------ C:\WINDOWS\system32\lgmbonmi.exe
2008-10-05 11:08 . <DIR> C:\WINDOWS\system32\??|??
2008-10-04 23:41 . 2008-10-04 23:41 1,680 --a------ C:\WINDOWS\system32\esnecil.nlp
2008-10-04 23:41 . 2008-10-05 11:08 1,680 --a------ C:\WINDOWS\system32\esnecil.ind
2008-10-04 23:41 . 2008-10-04 23:41 4 --a------ C:\WINDOWS\vx86036.dat
2008-10-04 23:40 . 2008-10-07 19:22 <DIR> d-------- C:\Programmi\Stellar Phoenix Windows Data Recovery
2008-10-04 23:40 . 1998-06-24 00:00 260,920 --a------ C:\WINDOWS\system32\MSDATGRD.OCX
2008-10-04 23:40 . 1999-06-18 23:49 165,888 --a------ C:\WINDOWS\Ckconfig.exe
2008-10-04 23:40 . 2006-03-01 03:10 69,632 --a------ C:\WINDOWS\system32\Crypserv.exe
2008-10-04 23:40 . 2006-01-10 04:47 31,846 --a------ C:\WINDOWS\system32\Ckldrv.sys
2008-10-04 23:40 . 1996-05-03 19:21 27,648 -ra------ C:\WINDOWS\Setup_ck.exe
2008-10-04 23:40 . 1996-05-03 17:36 18,432 --a------ C:\WINDOWS\Setup_ck.dll
2008-10-04 23:40 . 1995-07-04 20:33 11,776 --a------ C:\WINDOWS\Ckrfresh.exe
2008-10-04 23:40 . 2008-10-04 23:40 67 --a------ C:\WINDOWS\Crypkey.ini
2008-10-02 18:02 . 2008-10-02 18:02 546 --a------ C:\WINDOWS\EvvivaRG.ini
2008-10-02 18:02 . 2008-10-02 18:02 502 --a------ C:\WINDOWS\NEXTRG.INI
2008-10-01 11:16 . 2008-10-01 11:16 <DIR> d--hs---- C:\$RECYCLE.BIN
2008-09-30 15:03 . 2008-09-30 15:03 <DIR> dr-h----- C:\MSOCache

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-24 18:03 --------- d-----w C:\Programmi\Zoom Player
2008-10-24 17:36 --------- d-----w C:\Programmi\AdunanzA
2008-10-23 19:41 --------- d---a-w C:\Documents and Settings\All Users\Dati applicazioni\TEMP
2008-10-22 18:18 1,620 ----a-w C:\Programmi\LavasoftAdAware event.log
2008-10-22 18:18 --------- d-----w C:\Programmi\Lavasoft
2008-10-20 21:44 --------- d-----w C:\Documents and Settings\Giuseppe\Dati applicazioni\mIRC
2008-10-20 18:35 --------- d-----w C:\Programmi\mIRC
2008-10-17 19:41 --------- d-----w C:\Programmi\DriverGuide Toolkit
2008-10-17 17:39 --------- d--h--w C:\Programmi\InstallShield Installation Information
2008-10-14 17:13 --------- d-----w C:\Programmi\FreePOPs
2008-10-12 20:19 2,568 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
2008-10-02 16:50 --------- d-----w C:\Documents and Settings\Giuseppe\Dati applicazioni\Canon
2008-10-02 16:42 --------- d-----w C:\Documents and Settings\Giuseppe\Dati applicazioni\Corel
2008-09-27 20:00 --------- d-----w C:\Programmi\Spyware Terminator
2008-09-24 17:54 --------- d-----w C:\Programmi\Elaborate Bytes
2008-09-23 20:24 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Office Genuine Advantage
2008-09-22 16:29 96,384 ----a-w C:\WINDOWS\system32\drivers\sptd1773.sys
2008-09-18 18:42 28,256 ----a-w C:\WINDOWS\system32\drivers\MxlW2k.sys
2008-09-14 09:23 --------- d-----w C:\Programmi\Microsoft IntelliPoint
2008-09-07 13:47 --------- d-----w C:\Programmi\RealVNC
2008-08-28 17:17 --------- d-----w C:\Programmi\Win Magazine
2008-08-25 17:57 --------- d-----w C:\Programmi\Power Translator
2008-08-25 17:36 --------- d-----w C:\Programmi\BVRP Software
2008-08-22 01:08 878,592 ----a-w C:\WINDOWS\system32\wininet.dll
2008-08-22 01:08 43,008 ----a-w C:\WINDOWS\system32\licmgr10.dll
2008-08-22 01:07 18,944 ----a-w C:\WINDOWS\system32\corpol.dll
2008-08-22 01:06 72,704 ----a-w C:\WINDOWS\system32\admparse.dll
2008-08-22 01:06 71,680 ----a-w C:\WINDOWS\system32\iesetup.dll
2008-08-22 01:06 434,176 ----a-w C:\WINDOWS\system32\vbscript.dll
2008-08-22 01:05 48,640 ------w C:\WINDOWS\system32\PrivacIE.dll
2008-08-22 01:05 48,128 ----a-w C:\WINDOWS\system32\mshtmler.dll
2008-08-22 01:05 35,840 ----a-w C:\WINDOWS\system32\imgutil.dll
2008-08-22 01:04 45,568 ----a-w C:\WINDOWS\system32\mshta.exe
2008-08-22 00:57 156,160 ----a-w C:\WINDOWS\system32\msls31.dll
2008-08-05 15:55 265,720 ----a-w C:\WINDOWS\system32\msdbg2.dll
2008-03-10 18:35 47,360 ----a-w C:\Documents and Settings\Giuseppe\Dati applicazioni\pcouffin.sys
2007-07-07 11:39 75,928 ----a-w C:\Documents and Settings\Ernesto\Dati applicazioni\GDIPFONTCACHEV1.DAT
2007-06-03 18:30 75,928 ----a-w C:\Documents and Settings\Giuseppe\Dati applicazioni\GDIPFONTCACHEV1.DAT
2005-07-09 02:44 777 ----a-w C:\Programmi\trial_setup.ini
2005-07-09 02:44 5,137,920 ----a-w C:\Programmi\trial_setup.msi
2005-07-09 02:44 40,448 ----a-w C:\Programmi\trial_setup.exe
2005-04-26 10:20 49,992 ----a-w C:\Documents and Settings\Alessia\Dati applicazioni\GDIPFONTCACHEV1.DAT
2007-03-13 20:09 88 --sh--r C:\WINDOWS\system32\9AFB51B278.sys
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-13 15360]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Programmi\File comuni\Nero\Lib\NMIndexStoreSvr.exe" [2007-12-13 1688872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="C:\Programmi\Analog Devices\SoundMAX\SMax4PNP.exe" [2003-05-29 790528]
"dscService"="C:\WINDOWS\system32\USBPlug.exe" [2005-03-01 278528]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 79224]
"ISUSScheduler"="C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]
"SpywareTerminator"="C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe" [2008-01-04 2834432]
"NeroFilterCheck"="C:\Programmi\File comuni\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"NBKeyScan"="C:\Programmi\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-12-03 2213160]
"IntelliPoint"="C:\Programmi\Microsoft IntelliPoint\ipoint.exe" [2007-02-06 849280]
"D066UUtility"="C:\WINDOWS\TWAIN_32\D66U\D066UUTY.EXE" [2000-07-06 32768]
"Ptipbmf"="ptipbmf.dll" [2003-06-20 C:\WINDOWS\system32\ptipbmf.dll]
"EssSpkPhone"="essspk.exe" [2001-10-19 C:\WINDOWS\essspk.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2008-04-13 15360]

C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Microsoft Office.lnk - C:\Programmi\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.MPG4"= C:\PROGRA~1\K-LITE~1\codecs\Mpg4c32.dll
"VIDC.MP42"= C:\PROGRA~1\K-LITE~1\codecs\Mpg4c32.dll
"VIDC.GJPG"= GJPG.DLL
"vidc.MP43"= C:\PROGRA~1\K-LITE~1\codecs\Mpg4c32.dll
"msacm.ac3acm"= C:\PROGRA~1\K-LITE~1\codecs\ac3acm.acm
"VIDC.DIV3"= C:\PROGRA~1\K-LITE~1\codecs\DivXc32.dll
"VIDC.DIV4"= C:\PROGRA~1\K-LITE~1\codecs\DivXc32f.dll
"VIDC.3iv2"= C:\PROGRA~1\K-LITE~1\codecs\3IVXVF~1.DLL
"VIDC.HFYU"= C:\PROGRA~1\K-LITE~1\codecs\huffyuv.dll
"vidc.i263"= i263_32.drv
"VIDC.VP60"= C:\PROGRA~1\K-LITE~1\codecs\vp6vfw.dll
"VIDC.VP61"= C:\PROGRA~1\K-LITE~1\codecs\vp6vfw.dll
"VIDC.VP62"= C:\PROGRA~1\K-LITE~1\codecs\vp6vfw.dll
"VIDC.VP70"= C:\PROGRA~1\K-LITE~1\codecs\vp7vfw.dll
"VIDC.VP31"= C:\PROGRA~1\K-LITE~1\codecs\vp31vfw.dll
"VIDC.FFDS"= C:\PROGRA~1\K-LITE~1\ffdshow\ff_vfw.dll
"msacm.lameacm"= C:\PROGRA~1\K-LITE~1\codecs\lameACM.acm
"msacm.l3fhg"= C:\PROGRA~1\K-LITE~1\codecs\l3codecp.acm
"msacm.divxa32"= C:\PROGRA~1\K-LITE~1\codecs\divxa32.acm
"msacm.imc"= imc32.acm
"msacm.avis"= C:\PROGRA~1\K-LITE~1\ffdshow\ff_acm.acm
"msacm.dvacm"= dvacm.acm
"VIDC.ACDV"= ACDV.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Programmi\\DVD2one V2\\dvd2one2.exe"=
"C:\\Programmi\\Messenger\\msmsgs.exe"=
"C:\\Programmi\\Autodesk\\Backburner\\monitor.exe"=
"C:\\Programmi\\Autodesk\\Backburner\\manager.exe"=
"C:\\Programmi\\Autodesk\\Backburner\\server.exe"=
"C:\\Programmi\\Autodesk\\3ds Max 9\\3dsmax.exe"=
"C:\\Programmi\\Bonjour\\mDNSResponder.exe"=
"C:\\Programmi\\iTunes\\iTunes.exe"=
"C:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Programmi\\AdunanzA\\eMule_AdnzA.exe"=
"C:\\Programmi\\mIRC\\mirc.exe"=
"C:\\Programmi\\RealVNC\\VNC4\\vncviewer.exe"=
"C:\\Programmi\\Mozilla Firefox\\firefox.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundRouterRequest"= 0 (0x0)

R0 Achernar;Achernar - SCSI Command Filters;C:\WINDOWS\system32\Drivers\Achernar.sys [2004-02-11 16855]
R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [2008-01-04 138752]
R3 Aldebaran;Aldebaran - SCSI Command Filters;C:\WINDOWS\system32\Drivers\Aldebaran.sys [2004-02-11 21808]
R3 Bonifay;Bonifay;C:\WINDOWS\system32\DRIVERS\Bonifay.sys [2005-11-28 12160]
S0 ElbyVCD;ElbyVCD;C:\WINDOWS\system32\DRIVERS\ElbyVCD.sys [ ]
S2 SysPsr;SysPsr;C:\Programmi\File comuni\Microsoft Shared\Spj.exe [ ]
S3 Asushwio;Asushwio;C:\WINDOWS\system32\drivers\Asushwio.sys [2000-03-29 5824]
S3 DCamUSBGT892x;iX-30 PC Camera;C:\WINDOWS\system32\Drivers\GT892xV.SYS [2001-12-04 336504]
S3 Gonzales;Gonzales;C:\WINDOWS\system32\DRIVERS\Gonzales.sys [2005-12-13 7040]
S3 SetupSys;Conexant Setup API;C:\WINDOWS\system32\drivers\SetupSys.sys [2001-01-09 8811]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4b51ea05-df69-11db-b164-0017c2505edc}]
\Shell\AutoRun\command - G:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{701c4e6f-1deb-11dd-b4bd-00112fd8f7db}]
\Shell\AutoRun\command - G:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e70e0992-f64a-11db-b198-00112fd8f7db}]
\Shell\AutoRun\command - G:\load.exe /CDROM

*Newly Created Service* - PROCEXP90
.
Contenuto della cartella 'Scheduled Tasks'

2008-09-23 C:\WINDOWS\Tasks\User_Feed_Synchronization-{CE55FE35-574F-4D64-9674-EF95DA9ABEB4}.job
- C:\WINDOWS\system32\msfeedssync.exe [2008-08-22 03:05]
.
- - - - ORFÃOS REMOVIDOS - - - -

HKU-Default-Run-Symantec NetDriver Warning - C:\PROGRA~1\SYMNET~1\SNDWarn.exe
Notify-WgaLogon - (no file)


.
------- Supplementare di scansione -------
.
FireFox -: Profile - C:\Documents and Settings\Giuseppe\Dati applicazioni\Mozilla\Firefox\Profiles\oc64k6rd.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://it.yahoo.it
FF -: plugin - C:\Documents and Settings\Giuseppe\Dati applicazioni\Mozilla\plugins\npPxPlay.dll
FF -: plugin - C:\Programmi\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll
FF -: plugin - C:\Programmi\iTunes\Mozilla Plugins\npitunes.dll
FF -: plugin - C:\Programmi\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF -: plugin - C:\Programmi\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-24 20:45:59
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SysPsr]
"ImagePath"="\"C:\Programmi\File comuni\Microsoft Shared\Spj.exe\""
.
Ora fine scansione: 2008-10-24 20.47.43
ComboFix-quarantined-files.txt 2008-10-24 18:47:23

Pre-Run: 43.202.777.088 byte disponibili
Post-Run: 43,489,583,104 byte disponibili

219 --- E O F --- 2008-09-23 16:55:53
Avatar utente
tyger
Aficionado
Aficionado
 
Messaggi: 74
Iscritto il: mar ago 05, 2008 5:09 pm
Località: Andora

Re: Aiuto !!! Gromozon!

Messaggioda Amantide » ven ott 24, 2008 8:49 pm

Scarica OtMoveIt3, avvialo ed assicurati che la voce Unregister Dll's and Ocx's sia spuntata.
Nello spazio bianco sotto alla voce Paste Instructions for items to be Moved incolla seguente script e clicca su MoveIt!:

Codice: Seleziona tutto
:processes
explorer.exe

:services
SysPsr

:files
C:\WINDOWS\system32\.
C:\WINDOWS\system32\??|??
C:\WINDOWS\system32\lgmbonmi.exe
C:\WINDOWS\system32\9AFB51B278.sys
C:\Programmi\File comuni\Microsoft Shared\Spj.exe

:reg
[-HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SysPsr]

:commands
[purity]
[emptytemp]
[start explorer]
[Reboot]


Il log dell'operazione verrà salvato nella cartella C:\_OtMoveIt\MovedFiles sotto la forma del file [nome_e_data].LOG
Copia il suo contenuto ed inseriscilo qui.
...per volare alto, bisogna saper cadere...
Avatar utente
Amantide
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 8126
Iscritto il: lun feb 06, 2006 4:13 pm
Località: Abruzzo

Re: Aiuto !!! Gromozon!

Messaggioda tyger » ven ott 24, 2008 9:46 pm

Grande !!!!! Amantide ! avevo già la soluzione dopo la scansione con ComboFix.
I browser navigavano tranquilli; non ho fatto in tempo ad avvisarti e ho effettuato anche la scansione con 'OTMoveIt'.
Ti posto il log ma penso che tutto sia tornato a posto. [grazie]
[applauso+] [applauso+] [applauso+] [applauso+] [applauso+]

========== PROCESSES ==========
Process explorer.exe killed successfully.
========== SERVICES/DRIVERS ==========
Unable to stop service SysPsr .
========== FILES ==========
File/Folder C:\WINDOWS\system32\. not found.
File/Folder C:\WINDOWS\system32\??|?? not found.
File/Folder C:\WINDOWS\system32\lgmbonmi.exe not found.
File/Folder C:\WINDOWS\system32\9AFB51B278.sys not found.
File/Folder C:\Programmi\File comuni\Microsoft Shared\Spj.exe not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SysPsr\\ not found.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\Giuseppe\IMPOST~1\Temp\etilqs_Q0ictl606flyeuIkCDE6 scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Giuseppe\IMPOST~1\Temp\PXR129.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Giuseppe\IMPOST~1\Temp\PXR1A2.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Giuseppe\IMPOST~1\Temp\PXR1C1.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Giuseppe\IMPOST~1\Temp\PXR1DD.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Giuseppe\IMPOST~1\Temp\PXR20E.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Giuseppe\IMPOST~1\Temp\PXR225.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Giuseppe\IMPOST~1\Temp\PXR262.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Giuseppe\IMPOST~1\Temp\PXR4E.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Giuseppe\IMPOST~1\Temp\PXR9D.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Giuseppe\IMPOST~1\Temp\PXRA0.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Giuseppe\IMPOST~1\Temp\PXRF1.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Giuseppe\IMPOST~1\Temp\~DFBADC.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Giuseppe\IMPOST~1\Temp\~DFCD3D.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_630.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\Giuseppe\Impostazioni locali\Dati applicazioni\Mozilla\Firefox\Profiles\oc64k6rd.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Giuseppe\Impostazioni locali\Dati applicazioni\Mozilla\Firefox\Profiles\oc64k6rd.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Giuseppe\Impostazioni locali\Dati applicazioni\Mozilla\Firefox\Profiles\oc64k6rd.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Giuseppe\Impostazioni locali\Dati applicazioni\Mozilla\Firefox\Profiles\oc64k6rd.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Giuseppe\Impostazioni locali\Dati applicazioni\Mozilla\Firefox\Profiles\oc64k6rd.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Giuseppe\Impostazioni locali\Dati applicazioni\Mozilla\Firefox\Profiles\oc64k6rd.default\XUL.mfl scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.5.0 log created on 10242008_222308
Avatar utente
tyger
Aficionado
Aficionado
 
Messaggi: 74
Iscritto il: mar ago 05, 2008 5:09 pm
Località: Andora

Re: Aiuto !!! Gromozon!

Messaggioda Amantide » ven ott 24, 2008 9:53 pm

Almeno con l'aiuto di OtMoveIt abbiamo rimossi i vari file temporanei che potevano rigenerare l'infezione. [^]
...per volare alto, bisogna saper cadere...
Avatar utente
Amantide
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 8126
Iscritto il: lun feb 06, 2006 4:13 pm
Località: Abruzzo


Torna a Sicurezza

Chi c’è in linea

Visitano il forum: Nessuno e 2 ospiti

cron
Powered by phpBB © 2002, 2005, 2007, 2008 phpBB Group
Traduzione Italiana phpBB.it

megalab.it: testata telematica quotidiana registrata al Tribunale di Cosenza n. 22/09 del 13.08.2009, editore Master New Media S.r.l.; © Copyright 2008 Master New Media S.r.l. a socio unico - P.I. 02947530784. GRUPPO EDIZIONI MASTER Spa Tutti i diritti sono riservati. Per la pubblicità: Master Advertising