AVS e trojan aux.afq [era:problema con AVS]

[Giuliotresauri]

Ho fatto i passi da te consigliati.

Quando il pc riparte,AVS mi segnala che il trojan e' stato neutralizzato (e percio' non mi da' piu' che e' presente il trojan).

Mi compare una finestrella msdos dell'esecuzione dell'avenger in questo modo:

C:\avenger\1.reg

C:\avenger\2.reg

C:\avenger\3.reg


1 file copiati:

Impossibile cambiare l'attributo - C:\avenger\aux.afq

Accesso negato - C:\avenger\xGD.exe

Accesso negato - C:\avenger\XXmR.exe

zip warning: C:/backup.zip not found or empty
adding : avenger/aux.afq <140 bytes security>
--------------------------------------------------------------------------------------

Ecco qui invece il log avenger.txt

Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Service s\vacevmhr

*******************

Script file located at: \??\C:\WINDOWS\system32\wdvwvyhi.txt
Script file opened successfully.

Script file read successfully

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Folder C:\Documents and settings\iUPhhRrQgBchglek deleted successfully.


Folder C:\Programmi\E-nrgyPlus not found!
Deletion of folder C:\Programmi\E-nrgyPlus failed!

Could not process line:
C:\Programmi\E-nrgyPlus
Status: 0xc0000034

File C:\WINDOWS\system32\aux.afq deleted successfully.
File C:\Programmi\File comuni\System\CxL.exe deleted successfully.
File C:\Programmi\File comuni\System\DDQ.exe deleted successfully.
File C:\Programmi\File comuni\System\MPIV.exe deleted successfully.
File C:\Programmi\File comuni\System\ngE.exe deleted successfully.
File C:\Programmi\File comuni\System\pIbXq.exe deleted successfully.
File C:\Programmi\File comuni\System\SZTa.exe deleted successfully.
File C:\Programmi\File comuni\System\WPeIUP.exe deleted successfully.
File C:\Programmi\File comuni\System\xGD.exe deleted successfully.
File C:\Programmi\File comuni\System\XXmR.exe deleted successfully.


File C:\Programmi\File comuni\System\XmR.exe not found!
Deletion of file C:\Programmi\File comuni\System\XmR.exe failed!

Could not process line:
C:\Programmi\File comuni\System\XmR.exe
Status: 0xc0000034

File C:\WINDOWS\fedid1.dll deleted successfully.
File C:\WINDOWS\fedid1.upd deleted successfully.


File c:\windows\system32\nortonspeed.exe not found!
Deletion of file c:\windows\system32\nortonspeed.exe failed!

Could not process line:
c:\windows\system32\nortonspeed.exe
Status: 0xc0000034



File c:\windows\system32\lotusnetwork.exe not found!
Deletion of file c:\windows\system32\lotusnetwork.exe failed!

Could not process line:
c:\windows\system32\lotusnetwork.exe
Status: 0xc0000034

Registry key HKEY_LOCAL_MACHINE\system\controlset003\services\N etWqm deleted successfully.
Registry key HKEY_LOCAL_MACHINE\system\controlset002\services\N etWqm deleted successfully.
Registry key HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\NetWqm deleted successfully.
Registry value HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserLis t|iUPhhRrQgBchglek deleted successfully.
Registry value HKLM\Software\Microsoft\Windows\CurrentVersion\Run |E-nrgyPlus deleted successfully.
Registry value HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs replaced with dummy successfully.

Completed script processing.

*******************

Finished! Terminate.