Ciao, utilizzo da un pò ClamWin come antivirus su macchine con Win XP SP3.
Finora nessun problema ma oggi ho notato questo log:
codice:Scan Started Tue Dec 15 12:30:00 2009 ------------------------------------------------------------------------------- *** Scanning Programs in Computer Memory *** *** Memory Scan: using ToolHelp *** *** Scanned 22 processes - 437 modules *** *** Computer Memory Scan Completed *** C:\Documents and Settings\user02\Dati applicazioni\Skype\nuovimedia2\dc.db: Permission denied C:\Documents and Settings\user02\Dati applicazioni\Skype\nuovimedia2\dc.db-journal: Permission denied C:\Documents and Settings\user02\Dati applicazioni\Skype\nuovimedia2\etilqs_aQIqBzuVZSwICyQ0GApf: Permission denied C:\Documents and Settings\user02\Dati applicazioni\Skype\nuovimedia2\etilqs_GyZbmOqusJotejjb46pe: Permission denied C:\Documents and Settings\user02\Dati applicazioni\Skype\nuovimedia2\main.db: Permission denied C:\Documents and Settings\user02\Dati applicazioni\Skype\nuovimedia2\main.db-journal: Permission denied C:\Documents and Settings\user02\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Archived History-journal: Permission denied C:\Documents and Settings\user02\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Current Session: Permission denied C:\Documents and Settings\user02\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Current Tabs: Permission denied C:\Documents and Settings\user02\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\History Index 2009-12-journal: Permission denied C:\Documents and Settings\user02\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\History-journal: Permission denied C:\Documents and Settings\user02\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Thumbnails-journal: Permission denied C:\Documents and Settings\user02\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Visited Links: Permission denied C:\Documents and Settings\user02\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Web Data-journal: Permission denied C:\Documents and Settings\user02\Impostazioni locali\Temp\etilqs_QbBgrbfNJXLxQhsCzrPO: Permission denied C:\Documents and Settings\user02\Impostazioni locali\Temp\etilqs_QPvgmA61kIpJObQuXdCI: Permission denied C:\Documents and Settings\user02\Impostazioni locali\Temp\tmp3.tmp: Permission denied C:\Documents and Settings\user02\Impostazioni locali\Temp\tmp50.tmp: Permission denied C:\Documents and Settings\user02\Impostazioni locali\Temp\~DF9AF2.tmp: Permission denied C:\Documents and Settings\user02\Impostazioni locali\Temporary Internet Files\Content.Word\~WRS0000.tmp: Permission denied C:\pagefile.sys: Permission denied C:\WINDOWS\Driver Cache\i386\sp3.cab: Trojan.Rootkit-1835 FOUND C:\WINDOWS\ServicePackFiles\i386\atapi.sys: Trojan.Rootkit-1835 FOUND C:\WINDOWS\ServicePackFiles\i386\sp3.cab: Trojan.Rootkit-1835 FOUND C:\WINDOWS\system32\config\default: Permission denied C:\WINDOWS\system32\config\SAM: Permission denied C:\WINDOWS\system32\config\SECURITY: Permission denied C:\WINDOWS\system32\config\software: Permission denied C:\WINDOWS\system32\config\system: Permission denied C:\WINDOWS\system32\drivers\atapi.sys: Trojan.Rootkit-1835 FOUND ----------- SCAN SUMMARY ----------- Known viruses: 670315 Engine version: 0.95.3 Scanned directories: 3045 Scanned files: 27537 Infected files: 4 Data scanned: 7225.98 MB Data read: 7250.48 MB (ratio 1.00:1) Time: 4989.438 sec (83 m 9 s)
A parte i permission denied che ci stanno, mi insospettisce il
Trojan.Rootkit
trovato in atapi.sys, sp3.cab, ecc.
Sono falsi positivi o può essere che siano infetti?
E in questo caso cosa dovrei fare? Rimuoverli? Ma non danneggerebbe il sistema fare questa operazione?
Grazie
Ciao
Rispondi quotando