virus bagle nel pc aiuto

[lukinhowsm]

c'ho sto visur bagle che mi impedisce di utilizzare i programmi antivirus e robe del genere,ho il log hijackthis e ve lo posto.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20.34.03, on 01/05/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16546)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Powercinema\PCMService.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Luca\Desktop\Tools-Anti-Bagle\MegaLab.it_HiJack.exe
C:\Windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://format.packardbell.com/cgi-bi...=8&key=IESTART
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [PCMService] "c:\Program Files\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\System32\msconfig.exe" /auto
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIZIO DI RETE')
O8 - Extra context menu item: Scarica tutti i video usando BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Scarica tutto usando BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Scarica usando &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing)
O13 - Gopher Prefix:
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/par...an_unicode.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/S...in/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\Program Files\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\Program Files\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 6660 bytes


aiutatemi

[lukinhowsm]

ho fatto anche la scansione on line con kapersky e salvato il log dei file infetti..

aiutatemi

se avete bisogno copio e incollo,è abbastanza lungo

[lukinhowsm]

ecco il risultato della scansione fatta con kapersky

Infected Object Name Virus Name Last Action C:\$Recycle.Bin\S-1-5-21-1854912235-3058797260-2997382250-1002\$RZVQR3R\Digital_TV_2050_Pro_4.exe Infected: Trojan-Downloader.Win32.Bagle.nz skipped
C:\boot\BCD Object is locked skipped
C:\boot\BCD.LOG Object is locked skipped
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe Infected: Trojan-Downloader.Win32.Bagle.nz skipped
C:\ProgramData\CyberLink\TinyDB\CurEPGEpisode Object is locked skipped
C:\ProgramData\CyberLink\TinyDB\EPGSignal Object is locked skipped
C:\ProgramData\CyberLink\TinyDB\iEPGChInfo Object is locked skipped
C:\ProgramData\CyberLink\TinyDB\RecEpisode Object is locked skipped
C:\ProgramData\CyberLink\TinyDB\Schedule Object is locked skipped
C:\ProgramData\CyberLink\TinyDB\Series Object is locked skipped
C:\ProgramData\Microsoft\Network\Downloader\qmgr0. dat Object is locked skipped
C:\ProgramData\Microsoft\Network\Downloader\qmgr1. dat Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\ Windows\GatherLogs\SystemIndex\SystemIndex.6.Crwl Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\ Windows\GatherLogs\SystemIndex\SystemIndex.6.gthr Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\ Windows\MSS.log Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\ Windows\MSStmp.log Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\ Windows\Projects\SystemIndex\Indexer\CiFiles\00010 001.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\ Windows\Projects\SystemIndex\Indexer\CiFiles\00010 002.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\ Windows\Projects\SystemIndex\Indexer\CiFiles\00010 003.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\ Windows\Projects\SystemIndex\Indexer\CiFiles\00010 004.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\ Windows\Projects\SystemIndex\Indexer\CiFiles\00010 005.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\ Windows\Projects\SystemIndex\Indexer\CiFiles\00010 006.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\ Windows\Projects\SystemIndex\Indexer\CiFiles\00010 009.ci Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\ Windows\Projects\SystemIndex\Indexer\CiFiles\00010 009.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\ Windows\Projects\SystemIndex\Indexer\CiFiles\00010 009.wsb Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\ Windows\Projects\SystemIndex\Indexer\CiFiles\00010 00A.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\ Windows\Projects\SystemIndex\Indexer\CiFiles\00010 00C.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\ Windows\Projects\SystemIndex\Indexer\CiFiles\00010 014.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\ Windows\Projects\SystemIndex\Indexer\CiFiles\00010 019.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\ Windows\Projects\SystemIndex\Indexer\CiFiles\00010 01C.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\ Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX .000 Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\ Windows\Projects\SystemIndex\PropMap\CiPT0000.000 Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\ Windows\Projects\SystemIndex\PropMap\Used0000.000 Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\ Windows\Projects\SystemIndex\SecStore\CiST0000.000 Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\ Windows\Projects\SystemIndex\SystemIndex.chk1.gthr Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\ Windows\Projects\SystemIndex\SystemIndex.chk2.gthr Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\ Windows\Projects\SystemIndex\SystemIndex.Ntfy100.g thr Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\ Windows\tmp.edb Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\ Windows\Windows.edb Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsv c\Ntf73F6.tmp Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsv c\Ntf73F7.tmp Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\Users\Luca\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT Object is locked skipped
C:\Users\Luca\AppData\Local\Microsoft\Windows\Expl orer\thumbcache_1024.db Object is locked skipped
C:\Users\Luca\AppData\Local\Microsoft\Windows\Expl orer\thumbcache_256.db Object is locked skipped
C:\Users\Luca\AppData\Local\Microsoft\Windows\Expl orer\thumbcache_32.db Object is locked skipped
C:\Users\Luca\AppData\Local\Microsoft\Windows\Expl orer\thumbcache_96.db Object is locked skipped
C:\Users\Luca\AppData\Local\Microsoft\Windows\Expl orer\thumbcache_idx.db Object is locked skipped
C:\Users\Luca\AppData\Local\Microsoft\Windows\Expl orer\thumbcache_sr.db Object is locked skipped
C:\Users\Luca\AppData\Local\Microsoft\Windows\Hist ory\History.IE5\index.dat Object is locked skipped
C:\Users\Luca\AppData\Local\Microsoft\Windows\Temp orary Internet Files\Content.IE5\6H752P03\b64_2[1].jpg Infected: Email-Worm.Win32.Bagle.vr skipped
C:\Users\Luca\AppData\Local\Microsoft\Windows\Temp orary Internet Files\Content.IE5\6H752P03\b64_3[1].jpg Infected: Email-Worm.Win32.Bagle.of skipped
C:\Users\Luca\AppData\Local\Microsoft\Windows\Temp orary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Users\Luca\AppData\Local\Microsoft\Windows\Temp orary Internet Files\Content.IE5\RT3P2AO9\b64_2[1].jpg Infected: Email-Worm.Win32.Bagle.vr skipped
C:\Users\Luca\AppData\Local\Microsoft\Windows\Temp orary Internet Files\Content.IE5\RT3P2AO9\b64_3[1].jpg Infected: Email-Worm.Win32.Bagle.of skipped
C:\Users\Luca\AppData\Local\Microsoft\Windows\Temp orary Internet Files\Content.IE5\TG52Y63Q\b64_3[1].jpg Infected: Email-Worm.Win32.Bagle.of skipped
C:\Users\Luca\AppData\Local\Microsoft\Windows\Temp orary Internet Files\Content.IE5\V76CIAMQ\b64_2[1].jpg Infected: Email-Worm.Win32.Bagle.vr skipped
C:\Users\Luca\AppData\Local\Microsoft\Windows\Temp orary Internet Files\Content.IE5\V76CIAMQ\b64_3[1].jpg

[lukinhowsm]

C:\Users\Luca\AppData\Local\Microsoft\Windows\UsrC lass.dat Object is locked skipped
C:\Users\Luca\AppData\Local\Microsoft\Windows\UsrC lass.dat.LOG1 Object is locked skipped
C:\Users\Luca\AppData\Local\Microsoft\Windows\UsrC lass.dat.LOG2 Object is locked skipped
C:\Users\Luca\AppData\Local\Microsoft\Windows\UsrC lass.dat{18712926-12c1-11dd-9bd9-001bb9e39a6d}.TM.blf Object is locked skipped
C:\Users\Luca\AppData\Local\Microsoft\Windows\UsrC lass.dat{18712926-12c1-11dd-9bd9-001bb9e39a6d}.TMContainer00000000000000000001.regt rans-ms Object is locked skipped
C:\Users\Luca\AppData\Local\Microsoft\Windows\UsrC lass.dat{18712926-12c1-11dd-9bd9-001bb9e39a6d}.TMContainer00000000000000000002.regt rans-ms Object is locked skipped
C:\Users\Luca\AppData\Local\Microsoft\Windows Sidebar\Settings.ini Object is locked skipped
C:\Users\Luca\AppData\Local\Mozilla\Firefox\Profil es\5i8oc0fc.default\Cache\_CACHE_001_ Object is locked skipped
C:\Users\Luca\AppData\Local\Mozilla\Firefox\Profil es\5i8oc0fc.default\Cache\_CACHE_002_ Object is locked skipped
C:\Users\Luca\AppData\Local\Mozilla\Firefox\Profil es\5i8oc0fc.default\Cache\_CACHE_003_ Object is locked skipped
C:\Users\Luca\AppData\Local\Mozilla\Firefox\Profil es\5i8oc0fc.default\Cache\_CACHE_MAP_ Object is locked skipped
C:\Users\Luca\AppData\Local\Mozilla\Firefox\Profil es\5i8oc0fc.default\XPC.mfl Object is locked skipped
C:\Users\Luca\AppData\Local\Temp\~DF49DF.tmp Object is locked skipped
C:\Users\Luca\AppData\Local\Temp\~DF49E9.tmp Object is locked skipped
C:\Users\Luca\AppData\Local\Temp\~ROMFN_000001B4 Object is locked skipped
C:\Users\Luca\AppData\Roaming\Microsoft\Windows\Co okies\index.dat Object is locked skipped
C:\Users\Luca\AppData\Roaming\Mozilla\Firefox\Prof iles\5i8oc0fc.default\cert8.db Object is locked skipped
C:\Users\Luca\AppData\Roaming\Mozilla\Firefox\Prof iles\5i8oc0fc.default\formhistory.dat Object is locked skipped
C:\Users\Luca\AppData\Roaming\Mozilla\Firefox\Prof iles\5i8oc0fc.default\history.dat Object is locked skipped
C:\Users\Luca\AppData\Roaming\Mozilla\Firefox\Prof iles\5i8oc0fc.default\key3.db Object is locked skipped
C:\Users\Luca\AppData\Roaming\Mozilla\Firefox\Prof iles\5i8oc0fc.default\parent.lock Object is locked skipped
C:\Users\Luca\AppData\Roaming\Mozilla\Firefox\Prof iles\5i8oc0fc.default\search.sqlite Object is locked skipped
C:\Users\Luca\AppData\Roaming\Mozilla\Firefox\Prof iles\5i8oc0fc.default\urlclassifier2.sqlite Object is locked skipped
C:\Users\Luca\AppData\Roaming\Roxio\MediaManager9\ Album.ldb Object is locked skipped
C:\Users\Luca\AppData\Roaming\Roxio\MediaManager9\ Album.psod Object is locked skipped
C:\Users\Luca\NTUSER.DAT Object is locked skipped
C:\Users\Luca\ntuser.dat.LOG1 Object is locked skipped
C:\Users\Luca\ntuser.dat.LOG2 Object is locked skipped
C:\Users\Luca\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TM.blf Object is locked skipped
C:\Users\Luca\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000001.regt rans-ms Object is locked skipped
C:\Users\Luca\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000002.regt rans-ms Object is locked skipped
C:\Windows\Debug\PASSWD.LOG Object is locked skipped
C:\Windows\Debug\sam.log Object is locked skipped
C:\Windows\Debug\WIA\wiatrace.log Object is locked skipped
C:\Windows\ServiceProfiles\LocalService\AppData\Lo cal\lastalive0.dat Object is locked skipped
C:\Windows\ServiceProfiles\LocalService\AppData\Lo cal\lastalive1.dat Object is locked skipped
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT Object is locked skipped
C:\Windows\ServiceProfiles\LocalService\ntuser.dat .LOG1 Object is locked skipped
C:\Windows\ServiceProfiles\LocalService\ntuser.dat .LOG2 Object is locked skipped
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT {d8932e65-6a6f-11db-b6ab-a038f15a5785}.TM.blf Object is locked skipped
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT {d8932e65-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000001.regt rans-ms Object is locked skipped
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT {d8932e65-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000002.regt rans-ms Object is locked skipped
C:\Windows\ServiceProfiles\NetworkService\NTUSER.D AT Object is locked skipped
C:\Windows\ServiceProfiles\NetworkService\ntuser.d at.LOG1 Object is locked skipped
C:\Windows\ServiceProfiles\NetworkService\ntuser.d at.LOG2 Object is locked skipped
C:\Windows\ServiceProfiles\NetworkService\NTUSER.D AT{d8932e61-6a6f-11db-b6ab-a038f15a5785}.TM.blf Object is locked skipped
C:\Windows\ServiceProfiles\NetworkService\NTUSER.D AT{d8932e61-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000001.regt rans-ms Object is locked skipped
C:\Windows\ServiceProfiles\NetworkService\NTUSER.D AT{d8932e61-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000002.regt rans-ms Object is locked skipped
C:\Windows\SoftwareDistribution\Download\60e6daf19 c87b7a5e55e9ee6475fc732\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16575_none_6a0373 12b730c69a\ntkrnlpa.exe Object is locked skipped
C:\Windows\SoftwareDistribution\Download\60e6daf19 c87b7a5e55e9ee6475fc732\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20697_none_6a7970 99d05cd0f4\ntkrnlpa.exe Object is locked skipped
C:\Windows\SoftwareDistribution\Download\c0a17eb89 d8e2d806cdee4a2d05890b4\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16584_none_69f7a2 dcb739c934\ntkrnlpa.exe Object is locked skipped
C:\Windows\SoftwareDistribution\Download\c0a17eb89 d8e2d806cdee4a2d05890b4\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20707_none_6adac1 cbd013d2a2\ntkrnlpa.exe Object is locked skipped
C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 Object is locked skipped
C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 Object is locked skipped
C:\Windows\System32\catroot2\edb.log Object is locked skipped
C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb Object is locked skipped
C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb Object is locked skipped
C:\Windows\System32\config\COMPONENTS Object is locked skipped
C:\Windows\System32\config\COMPONENTS.LOG1 Object is locked skipped
C:\Windows\System32\config\COMPONENTS.LOG2 Object is locked skipped
C:\Windows\System32\config\DEFAULT Object is locked skipped
C:\Windows\System32\config\DEFAULT.LOG1 Object is locked skipped
C:\Windows\System32\config\DEFAULT.LOG2 Object is locked skipped
C:\Windows\System32\config\RegBack\COMPONENTS Object is locked skipped
C:\Windows\System32\config\RegBack\DEFAULT Object is locked skipped
C:\Windows\System32\config\RegBack\SAM Object is locked skipped
C:\Windows\System32\config\RegBack\SECURITY Object is locked skipped
C:\Windows\System32\config\RegBack\SOFTWARE Object is locked skipped
C:\Windows\System32\config\RegBack\SYSTEM Object is locked skipped
C:\Windows\System32\config\SAM Object is locked skipped
C:\Windows\System32\config\SAM.LOG1 Object is locked skipped
C:\Windows\System32\config\SAM.LOG2 Object is locked skipped
C:\Windows\System32\config\SECURITY Object is locked skipped
C:\Windows\System32\config\SECURITY.LOG1 Object is locked skipped
C:\Windows\System32\config\SECURITY.LOG2 Object is locked skipped
C:\Windows\System32\config\SOFTWARE Object is locked skipped
C:\Windows\System32\config\SOFTWARE.LOG1 Object is locked skipped
C:\Windows\System32\config\SOFTWARE.LOG2 Object is locked skipped
C:\Windows\System32\config\SYSTEM Object is locked skipped
C:\Windows\System32\config\SYSTEM.LOG1 Object is locked skipped
C:\Windows\System32\config\SYSTEM.LOG2 Object is locked skipped
C:\Windows\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.0.regtrans-ms Object is locked skipped
C:\Windows\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.1.regtrans-ms Object is locked skipped
C:\Windows\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.2.regtrans-ms Object is locked skipped
C:\Windows\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.blf Object is locked skipped
C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TM.blf Object is locked skipped
C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000001.regt rans-ms Object is locked skipped
C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000002.regt rans-ms Object is locked skipped
C:\Windows\System32\LogFiles\Scm\SCM.EVM Object is locked skipped
C:\Windows\System32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped
C:\Windows\System32\Msdtc\KtmRmTm.blf Object is locked skipped
C:\Windows\System32\Msdtc\KtmRmTmContainer00000000 000000000001 Object is locked skipped
C:\Windows\System32\Msdtc\KtmRmTmContainer00000000 000000000002 Object is locked skipped
C:\Windows\System32\spool\SpoolerETW.etl Object is locked skipped
C:\Windows\System32\wbem\Logs\WMITracing.log Object is locked skipped
C:\Windows\System32\wbem\Repository\INDEX.BTR Object is locked skipped
C:\Windows\System32\wbem\Repository\MAPPING1.MAP Object is locked skipped
C:\Windows\System32\wbem\Repository\MAPPING2.MAP Object is locked skipped
C:\Windows\System32\wbem\Repository\OBJECTS.DATA Object is locked skipped
C:\Windows\System32\WDI\LogFiles\WdiContextLog.etl .002 Object is locked skipped
C:\Windows\System32\wfp\wfpdiag.etl Object is locked skipped
C:\Windows\System32\winevt\Logs\Application.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\DFS Replication.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\HardwareEvents.evt x Object is locked skipped
C:\Windows\System32\winevt\Logs\Internet Explorer.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Key Management Service.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Bits-Client%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-CodeIntegrity%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-DPS%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnostics-Performance%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-DriverFrameworks-UserMode%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-GroupPolicy%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-International%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-WHEA.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-LanguagePackSetup%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-NetworkAccessProtection%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReadyBoost%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReliabilityAnalysisComponent%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Detector%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Resolver%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-TaskScheduler%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Security.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\System.evtx Object is locked skipped
C:\Windows\Tasks\SCHEDLGU.TXT Object is locked skipped
C:\Windows\Temp\JETD27A.tmp Object is locked skipped
C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16386_none_69f99f a4b7380194\ntkrnlpa.exe Object is locked skipped
C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16514_none_6a4352 50b701059d\ntkrnlpa.exe Object is locked skipped
C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16551_none_6a1511 c2b724295c\ntkrnlpa.exe Object is locked skipped
C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20629_none_6ac720 a1d022400b\ntkrnlpa.exe Object is locked skipped
C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20670_none_6a880e 6bd052e7b1\ntkrnlpa.exe Object is locked skipped
Scan process completed.

[Dark_Limit]

scarica elibagla e fai una scansione - riavvia il pc quando finisce. Posta il rapporto (C:\Infosat.txt)

Scarica SystemScan, disconnetti il pc da internet => disattiva l'antivirus => esegui systemscan => clicca su "Scan Now". Finita la scansione, riattiva l'antivirus, carica il rapporto che trovi sul desktop su Freefilehosting e posta il link ottenuto.

[Deifobe]

ok..

x lukinhowsm: esattamente.. elibagla, SystemScan ... e ... Freefilehosting