Bellissimo questo programmaOriginariamente inviato da LUCASS
scarica questo removal tool sul desktop
http://info.prevx.com/download.asp?grab=GROMOZONREMTOOL
Disattiva eventuali programmi antivirus/antispyware in real time
Avvia il tool,nota che il tool per funzionare ha bisogno di un riavvio
(il programma ti avviserà),tu rispondi Si
Al riavvio partirà la scansione
Finita la scansione,il tool rilascia un rapporto in C:\gromozon_removal.log
Per piacere posta il contenuto del file gromozon_removal.log
Come sospettavo, il file ra sospetto
Cmq è strano che su google non si trovavano informazioni a partire dai nomi dei filecodice:Removal tool loaded into memory ------------------------------------ Executing rootkit removal engine.... ------------------------------------ Disabling rootkit file: \\?\C:\WINDOWS\system32\com5.alz \\?\C:\WINDOWS\system32\com5.alz Resetting file permissions... Clearing attributes... Accesso negato - C:\_cleaned.tmp Removing file... C:\_cleaned.tmp Rootkit removed! Cleaning up... Removing temp files... Scanning: C:\WINDOWS Gromozon-Related Malicious Code Detected! FileName: C:\WINDOWS\acbef1.dll Removed! Gromozon-Related Malicious Code Detected! FileName: C:\WINDOWS\system32\ldaa.dll Removed! Scanning: C:\Programmi\File comuni Removing protected file: C:\Programmi\File comuni\System\AKC.exe Removing directory: C:\Documents and Settings\\TIjJHEbNCo Removing protected file: C:\Programmi\File comuni\System\EPn.exe Removing directory: C:\Documents and Settings\\TIjJHEbNCo Removing protected file: C:\Programmi\File comuni\System\epQ.exe Removing directory: C:\Documents and Settings\\TIjJHEbNCo Removing protected file: C:\Programmi\File comuni\System\HPF.exe Removing directory: C:\Documents and Settings\\TIjJHEbNCo Removing protected file: C:\Programmi\File comuni\System\ISkp.exe Removing directory: C:\Documents and Settings\\TIjJHEbNCo Removing protected file: C:\Programmi\File comuni\System\JWv.exe Removing directory: C:\Documents and Settings\\TIjJHEbNCo Removing protected file: C:\Programmi\File comuni\System\MsU.exe Removing directory: C:\Documents and Settings\\TIjJHEbNCo Removing protected file: C:\Programmi\File comuni\System\NZV.exe Removing directory: C:\Documents and Settings\\TIjJHEbNCo Removing protected file: C:\Programmi\File comuni\System\odOha.exe Removing directory: C:\Documents and Settings\\TIjJHEbNCo Removing protected file: C:\Programmi\File comuni\System\PZTmo.exe Removing directory: C:\Documents and Settings\\TIjJHEbNCo Removing protected file: C:\Programmi\File comuni\System\QfF.exe Removing directory: C:\Documents and Settings\\TIjJHEbNCo Removing protected file: C:\Programmi\File comuni\System\QnHOLH.exe Removing directory: C:\Documents and Settings\\TIjJHEbNCo Removing protected file: C:\Programmi\File comuni\System\shx.exe Removing directory: C:\Documents and Settings\\TIjJHEbNCo Removing protected file: C:\Programmi\File comuni\System\ujULa.exe Removing directory: C:\Documents and Settings\\TIjJHEbNCo Removing protected file: C:\Programmi\File comuni\System\wmDu.exe Removing directory: C:\Documents and Settings\\TIjJHEbNCo Trojan.Gromozon Removed!
P.S un consiglio...non lasciare usare alle mamme il pc
Rispondi quotando