Utility
Home Messaggi odierni FAQ Ricerca avanzata Lo staff del forum Regolamento Utenti Archivio
Visualizzazione dei risultati da 1 a 4 su 4
  1. 13-05-2009, 19:22 #1
    notturlabio
    notturlabio non è in linea
    Utente di HTML.it
    Registrato dal
    Jan 2007
    Messaggi
    78

    Serie Di Virus Apparsi Improvvisamente!!

    Ragazzi, per favore.. per l'ennesima volta chiedo il vostro fondamentale aiuto per tentare di eliminare questi virus... non so proprio che fare.. Vi posto il log di Hijackthis.. sperando che voi potiate aiutarmi presto.
    Pur eliminandoli manualmente.. alcuni riappaiono, magari sotto altro nome. altri virus invece sono ineliminabili. A breve tenterò di accendere il computer in modalità provvisoria, ma prima vorrei un vostro parere.. o paura se alla riaccensione ci sono problemi più gravi. Aspetto una risposta con ansia.. granzie ancora infinitamente.




    Logfile of HijackThis v1.99.1
    Scan saved at 19.20.13, on 13/05/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    C:\Programmi\Java\jre6\bin\jqs.exe
    C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\system32\svchost.exe
    C:\VEXPLITE\viritsvc.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer2.exe
    C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
    C:\VEXPLITE\MONLITE.EXE
    C:\Programmi\iTunes\iTunesHelper.exe
    C:\Programmi\3 Internet\3 Internet.exe
    C:\Programmi\Google\GoogleToolbarNotifier\GoogleTo olbarNotifier.exe
    C:\Programmi\DAEMON Tools Lite\daemon.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Programmi\iPod\bin\iPodService.exe
    C:\Programmi\MSN Messenger\usnsvc.exe
    C:\WINDOWS\system32\WISPTIS.EXE
    C:\Programmi\eMule\emule.exe
    C:\Programmi\MSN Messenger\msnmsgr.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\DOCUME~1\Paolo\IMPOST~1\Temp\sas54B.tmp
    C:\WINDOWS\system32\prnet.tmp
    C:\Programmi\Grisoft\AVG7\avgwb.dat
    C:\WINDOWS\system32\net.net
    C:\WINDOWS\system32\spoolsv.exe
    C:\Programmi\Internet Explorer\iexplore.exe
    C:\Documents and Settings\Paolo\Desktop\Senio\Programmi\HijackThis. exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.googleskin.net/engine.php...t=Senio&color=
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://gw.aliceadsl.it/home
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fornito da Alice
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
    R3 - URLSearchHook: Yahoo! Toolbar con blocco Pop-Up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    F2 - REG:system.ini: Shell=Explorer2.exe
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {1cf84d0b-2758-4813-b3bc-10e97edad24e} - C:\WINDOWS\system32\nowamore.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programmi\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\5.1.1309 .3572\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programmi\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugi n.dll
    O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Programmi\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
    O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programmi\DAEMON Tools Toolbar\DTToolbar.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programmi\Google\Google Toolbar\GoogleToolbar.dll
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [VIRIT LITE MONITOR] C:\VEXPLITE\MONLITE.EXE
    O4 - HKLM\..\Run: [EPSON Stylus Photo R320 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9 XE.EXE /P30 "EPSON Stylus Photo R320 Series" /O6 "USB001" /M "Stylus Photo R320"
    O4 - HKLM\..\Run: [EPSON Stylus Photo R320 Series (Copia 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9 XE.EXE /P40 "EPSON Stylus Photo R320 Series (Copia 1)" /O6 "USB001" /M "Stylus Photo R320"
    O4 - HKLM\..\Run: [EPSON Stylus Photo R320 Series (Copia 2)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9 XE.EXE /P40 "EPSON Stylus Photo R320 Series (Copia 2)" /O5 "LPT1:" /M "Stylus Photo R320"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [kasesorogo] Rundll32.exe "C:\WINDOWS\system32\kotuvito.dll",s
    O4 - HKLM\..\Run: [prnet] "C:\WINDOWS\system32\prnet.tmp"
    O4 - HKLM\..\Run: [d0f90c44] rundll32.exe "C:\WINDOWS\system32\yuduvofa.dll",b
    O4 - HKLM\..\Run: [CPMd3ca3fd8] Rundll32.exe "C:\WINDOWS\system32\dadalehi.dll",a
    O4 - HKLM\..\Run: [net] "C:\WINDOWS\system32\net.net"
    O4 - HKCU\..\Run: [Veoh] "C:\Programmi\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
    O4 - HKCU\..\Run: [EPSON Stylus D120 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIC CE.EXE /FU "C:\WINDOWS\TEMP\E_S86.tmp" /EF "HKCU"
    O4 - HKCU\..\Run: [Mobile Partner] "C:\Programmi\3 Internet\3 Internet.exe"
    O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\GoogleTo olbarNotifier.exe
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programmi\DAEMON Tools Lite\daemon.exe" -autorun
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [prnet] "C:\WINDOWS\system32\prnet.tmp"
    O4 - HKCU\..\Run: [net] "C:\WINDOWS\system32\net.net"
    O4 - HKCU\..\Run: [ptidle] "C:\Documents and Settings\Paolo\Dati applicazioni\ptidle\ptidle.exe" 61A847B5BBF728173599284503996897C881250221C8670836 AC4FA7C8833201749139
    O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~2.EXE -Update -1103471 -"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; GTB6; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; .NET CLR 2.0.50727)" -"http://www.mafia5.com/index.php"
    O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://gw.aliceadsl.it/home
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Programmi\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://classetrentaquattro.spaces.li...d/MsnPUpld.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
    O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://classetrentaquattro.spaces.li...d/MsnPUpld.cab
    O16 - DPF: {C1B7E532-3ECB-4E9E-BB3A-2951FFE67C61} (DownloaderActiveX Control) - http://c6.community.alice.it/downloa...derActiveX.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{074DC5E4-71B3-46D3-AA7D-BE3DD071A4AB}: NameServer = 85.37.17.39 85.38.28.71
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
    O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Programmi\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O20 - AppInit_DLLs: C:\WINDOWS\system32\heriyeyo.dll c:\windows\system32\dadalehi.dll
    O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\dadalehi.dll
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Programmi\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Programmi\Java\jre6\bin\jqs.exe" -service -config "C:\Programmi\Java\jre6\lib\deploy\jqs\jqs.con f (file missing)
    O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: Virit eXplorer Lite (viritsvclite) - TG Soft Sas www.tgsoft.it - C:\VEXPLITE\viritsvc.exe
    Rispondi quotando Rispondi quotando
  2. 13-05-2009, 20:02 #2
    Deifobe
    Deifobe non è in linea
    Utente di HTML.it L'avatar di Deifobe
    Registrato dal
    Oct 2007
    Messaggi
    6,072
    ciao,
    Scarica e installa malwarebytes.
    Aggiornalo: clicca sulla scheda "aggiornamenti" => "controlla aggiornamenti"
    Esegui una "scansione completa" (seleziona l'opzione)
    A scansione completata, posta i risultati.
    per oar non rimuovere nulla.

    ciao
    ...
    :x:_::_:*:_::_: )(:_:*:_:*:__::_:°FM°:_: )(:_:*:_:x:___
    Rispondi quotando Rispondi quotando
  3. 14-05-2009, 00:20 #3
    notturlabio
    notturlabio non è in linea
    Utente di HTML.it
    Registrato dal
    Jan 2007
    Messaggi
    78

    ECCO QUI IL RISULTATO DEL MALWAREBYTES, GRAZIE

    Malwarebytes' Anti-Malware 1.36
    Versione del database: 2126
    Windows 5.1.2600 Service Pack 2

    14/05/2009 0.00.39
    mbam-log-2009-05-14 (00-00-34).txt

    Tipo di scansione: Scansione completa (C:\|)
    Elementi scansionati: 137344
    Tempo trascorso: 48 minute(s), 52 second(s)

    Processi delle memoria infetti: 0
    Moduli della memoria infetti: 5
    Chiavi di registro infette: 15
    Valori di registro infetti: 10
    Elementi dato del registro infetti: 6
    Cartelle infette: 6
    File infetti: 16

    Processi delle memoria infetti:
    (Nessun elemento malevolo rilevato)

    Moduli della memoria infetti:
    C:\WINDOWS\system32\yuduvofa.dll (Trojan.Vundo.H) -> No action taken.
    C:\WINDOWS\system32\nowamore.dll (Trojan.Vundo.H) -> No action taken.
    C:\WINDOWS\system32\kotuvito.dll (Trojan.Vundo.H) -> No action taken.
    c:\WINDOWS\system32\dadalehi.dll (Trojan.Vundo.H) -> No action taken.
    C:\WINDOWS\system32\heriyeyo.dll (Trojan.Vundo.H) -> No action taken.

    Chiavi di registro infette:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{1cf84d0b-2758-4813-b3bc-10e97edad24e} (Trojan.Vundo.H) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{1cf84d0b-2758-4813-b3bc-10e97edad24e} (Trojan.Vundo.H) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Stats\{1cf84d0b-2758-4813-b3bc-10e97edad24e} (Trojan.Vundo.H) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.Vundo.H) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\webmediaplayer (Adware.EGDAccess) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\xpreapp (Malware.Trace) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\WakeNet (Trojan.Adware) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DomainServic e (Trojan.Agent) -> No action taken.
    HKEY_CLASSES_ROOT\WUSN.1 (Adware.WhenUSave) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\WebMediaPlayer (Rogue.Webmediaplayer) -> No action taken.
    KHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Cur rentVersion\Uninstall\prnet (Trojan.Downloader) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\net (Trojan.Agent) -> No action taken.

    Valori di registro infetti:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\kasesorogo (Trojan.Vundo.H) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\d0f90c44 (Trojan.Vundo.H) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\cpmd3ca3fd8 (Trojan.Vundo.H) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\SharedTaskScheduler\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.Vundo.H) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ShellServiceObjectDelayLoad\ssodl (Trojan.Vundo.H) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run\prnet (Trojan.Downloader) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\prnet (Trojan.Downloader) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run\net (Trojan.Downloader) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\net (Trojan.Downloader) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run\ptidle (Trojan.Downloader) -> No action taken.

    Elementi dato del registro infetti:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows\system32\dadalehi.dll -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows\system32\heriyeyo.dll -> No action taken.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\heriyeyo.dll -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

    Cartelle infette:
    C:\Programmi\WebMediaPlayer (Adware.EGDAccess) -> No action taken.
    C:\Programmi\WebMediaPlayer\resources (Adware.EGDAccess) -> No action taken.
    C:\Programmi\WebMediaPlayer\skins (Adware.EGDAccess) -> No action taken.
    C:\Programmi\WebMediaPlayer\updates (Adware.EGDAccess) -> No action taken.
    C:\Programmi\BitDownload (Trojan.Lop) -> No action taken.
    C:\Programmi\BitDownload\ZM (Trojan.Lop) -> No action taken.

    File infetti:
    C:\WINDOWS\system32\kotuvito.dll (Trojan.Vundo.H) -> No action taken.
    C:\WINDOWS\system32\yuduvofa.dll (Trojan.Vundo.H) -> No action taken.
    c:\WINDOWS\system32\dadalehi.dll (Trojan.Vundo.H) -> No action taken.
    C:\WINDOWS\system32\nowamore.dll (Trojan.Vundo.H) -> No action taken.
    C:\WINDOWS\system32\heriyeyo.dll (Trojan.Vundo.H) -> No action taken.
    C:\WINDOWS\system32\prnet.tmp (Trojan.Downloader) -> No action taken.
    C:\WINDOWS\system32\net.net (Trojan.Downloader) -> No action taken.
    C:\Documents and Settings\Paolo\Impostazioni locali\Temp\prun.tmp (Trojan.Downloader) -> No action taken.
    C:\Documents and Settings\Paolo\Impostazioni locali\Temp\smxwreoacn.tmp (Trojan.Downloader) -> No action taken.
    C:\Programmi\WebMediaPlayer\dxva_sig.txt (Adware.EGDAccess) -> No action taken.
    C:\Programmi\WebMediaPlayer\sqlite3.dll (Adware.EGDAccess) -> No action taken.
    C:\Programmi\WebMediaPlayer\uninst.exe (Adware.EGDAccess) -> No action taken.
    C:\Programmi\WebMediaPlayer\WebMediaPlayer.exe (Adware.EGDAccess) -> No action taken.
    C:\Programmi\WebMediaPlayer\resources\wmp_translat ion_file.xml (Adware.EGDAccess) -> No action taken.
    C:\Programmi\WebMediaPlayer\skins\classic.skn (Adware.EGDAccess) -> No action taken.
    C:\Programmi\BitDownload\BitDownload.TRC (Trojan.Lop) -> No action taken.
    Rispondi quotando Rispondi quotando
  4. 14-05-2009, 19:39 #4
    Deifobe
    Deifobe non è in linea
    Utente di HTML.it L'avatar di Deifobe
    Registrato dal
    Oct 2007
    Messaggi
    6,072
    ok, riesegui la scasione e a scansione completata, fai clic su OK => Mostra i Risultati.
    Assicurarti che tutto sia selezionato e clicca clic su Rimuovi selezionati.
    Se ti chiede di riavviare, riavvia per completare il processo di pulizia.
    Posta il rapporto.


    scarica SystemScan
    disconnetti il pc da internet => disattiva l'antivirus => esegui systemscan => clicca su "Scan Now". Finita la scansione, riattiva l'antivirus

    carica il rapporto che trovi sul desktop su megaupload e posta il link ottenuto.

    nota: systemscan viene riconosciuto come infetto per il tipo di scansione effettuata (è un falso positivo). La procedura postata è sicura.



    ciao
    Dei
    ...
    :x:_::_:*:_::_: )(:_:*:_:*:__::_:°FM°:_: )(:_:*:_:x:___
    Rispondi quotando Rispondi quotando
« Discussione precedente | Prossima discussione »

Permessi di invio

  • Non puoi inserire discussioni
  • Non puoi inserire repliche
  • Non puoi inserire allegati
  • Non puoi modificare i tuoi messaggi
  •  

Regole del Forum

Powered by vBulletin® Version 4.2.1
Copyright © 2025 vBulletin Solutions, Inc. All rights reserved.