virus su windows vista, incredibile!

[Rkdv]

Ragazzi , sono disperato.. devo aver preso uno o più malawere che stanno distruggendo lentamente il mio registro!
ho windows vista ed i sintomi sono i seguenti:

- scomparsa del contenuto del menù avvio. non c'è più nessuna cartella, neanche quelle predefinite (come esecuzione automatica)
- msn messanger non funziona più, si blocca all'avvio
- il mio antivirus (avg) non viene più caricato
- mentre navigo mi si chiudono le pagine di internet explorer oppure compaiono pubblicità sotto forma di pupup.

dalla scansione con avg non risulta nulla, da quella con avg spywere neanche. Da spy serch&destroy comparivano 7 malawere , eliminati in modalità provvisoria. Da ad-aware comparivano 30 oggetti infetti , tutti disinfettati. Con nanoscan online non compare nulla, con total scan compaiono 30 oggetti infetti latenti...
insomma, ho il pc in ginocchio , ma vorrei evitare la fomattazione.

Mi aiutate? Grazie per tutto!

[Rkdv]

questo è il log di hijackthis

http://www.webalice.it/rkdv10/hijackthis.log

grazie di tutto!

[Demonios@]

Scarica
http://www.zonavirus.com/datos/desc...95/elibagla.asp
Assicurati che la casella Eliminar Ficheros Automaticamente sia spuntata e clicca su Explorar
Posta il log C:\InfoSat.txt


Scan con on line con Kaspersky Su tutto il pc (my computer) e posta il report
http://www.kaspersky.com/service?chapter=161739400

Posta anche un nuovo log di HijackThis (fai un copia incolla nel tuo prossimo post)

[Rkdv]

Parte 1 :

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Tuesday, March 04, 2008 1:19:54 PM
Operating System: Microsoft Windows Vista Home Edition, (Build 6000)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 3/03/2008
Kaspersky Anti-Virus database records: 547220
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: standard
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
C:\
D:\
E:\
F:\

Scan Statistics:
Total number of scanned objects: 165320
Number of viruses found: 1
Number of infected objects: 4
Number of suspicious objects: 0
Duration of the scan process: 05:16:57

Infected Object Name / Virus Name / Last Action
C:\boot\bcd Object is locked skipped
C:\boot\BCD.LOG Object is locked skipped
C:\Program Files\Enigma Software Group\SpyHunter\SpyHunterInstance.lock Object is locked skipped
C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\setup.ilg Object is locked skipped
C:\Program Files\Panda Security\TotalScan\236314226c9ad433b8db8cef0a7b914 9PSK_NAMES Object is locked skipped
C:\Program Files\Panda Security\TotalScan\236314226c9ad433b8db8cef0a7b914 9PSK_NAMES2 Object is locked skipped
C:\ProgramData\avg7\Log\emc.log Object is locked skipped
C:\ProgramData\CyberLink\TinyDB\EPGSignal Object is locked skipped
C:\ProgramData\CyberLink\TinyDB\Schedule Object is locked skipped
C:\ProgramData\Grisoft\Avg7Data\avg7log.log Object is locked skipped
C:\ProgramData\Grisoft\Avg7Data\avg7log.log.lck Object is locked skipped
C:\System.sav\util\App.Evt Object is locked skipped
C:\System.sav\util\Sec.Evt Object is locked skipped
C:\System.sav\util\Sys.Evt Object is locked skipped
C:\Users\Rkdv\AppData\Local\Temp\Low\~DF1BA1.tmp Object is locked skipped
C:\Users\Rkdv\AppData\Local\Temp\Low\~DF1C09.tmp Object is locked skipped
C:\Users\Rkdv\AppData\Local\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Users\Rkdv\AppData\Local\Microsoft\Windows\Hist ory\History.IE5\index.dat Object is locked skipped
C:\Users\Rkdv\AppData\Local\Microsoft\Windows\Hist ory\Low\History.IE5\index.dat Object is locked skipped
C:\Users\Rkdv\AppData\Local\Microsoft\Windows\Temp orary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Users\Rkdv\AppData\Local\Microsoft\Windows\Temp orary Internet Files\Low\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Users\Rkdv\AppData\Local\Microsoft\Windows\Temp orary Internet Files\Low\Content.IE5\index.dat Object is locked skipped
C:\Users\Rkdv\AppData\Local\Microsoft\Windows\Temp orary Internet Files\Low\MSIMGSIZ.DAT Object is locked skipped
C:\Users\Rkdv\AppData\Local\Microsoft\Windows\UsrC lass.dat Object is locked skipped
C:\Users\Rkdv\AppData\Local\Microsoft\Windows\UsrC lass.dat.LOG1 Object is locked skipped
C:\Users\Rkdv\AppData\Local\Microsoft\Windows\UsrC lass.dat.LOG2 Object is locked skipped
C:\Users\Rkdv\AppData\Local\Microsoft\Windows\UsrC lass.dat{0c2b725b-343a-11dc-8622-001a6b6f778d}.TM.blf Object is locked skipped
C:\Users\Rkdv\AppData\Local\Microsoft\Windows\UsrC lass.dat{0c2b725b-343a-11dc-8622-001a6b6f778d}.TMContainer00000000000000000001.regt rans-ms Object is locked skipped
C:\Users\Rkdv\AppData\Local\Microsoft\Windows\UsrC lass.dat{0c2b725b-343a-11dc-8622-001a6b6f778d}.TMContainer00000000000000000002.regt rans-ms Object is locked skipped
C:\Users\Rkdv\AppData\Local\VirtualStore\Program Files\Emule\Temp\001.part Object is locked skipped
C:\Users\Rkdv\AppData\Local\VirtualStore\Program Files\Emule\Temp\002.part Object is locked skipped
C:\Users\Rkdv\AppData\Local\VirtualStore\Program Files\Emule\Temp\003.part Object is locked skipped
C:\Users\Rkdv\AppData\Local\VirtualStore\Program Files\Emule\Temp\007.part Object is locked skipped
C:\Users\Rkdv\AppData\Local\VirtualStore\Program Files\Emule\Temp\008.part Object is locked skipped
C:\Users\Rkdv\AppData\Local\VirtualStore\Program Files\Emule\Temp\009.part Object is locked skipped
C:\Users\Rkdv\AppData\Local\VirtualStore\Program Files\Emule\Temp\011.part Object is locked skipped
C:\Users\Rkdv\AppData\Local\VirtualStore\Program Files\Emule\Temp\014.part Object is locked skipped
C:\Users\Rkdv\AppData\Local\VirtualStore\Program Files\Emule\Temp\016.part Object is locked skipped
C:\Users\Rkdv\AppData\LocalLow\Sun\Java\Deployment \cache\6.0\32\7836d960-7f490a71/BnnnnBaa.class Infected: Trojan.Java.ClassLoader.as skipped
C:\Users\Rkdv\AppData\LocalLow\Sun\Java\Deployment \cache\6.0\32\7836d960-7f490a71/VaannnaaBaa.class Infected: Trojan.Java.ClassLoader.as skipped
C:\Users\Rkdv\AppData\LocalLow\Sun\Java\Deployment \cache\6.0\32\7836d960-7f490a71/Bnnnnn.class Infected: Trojan.Java.ClassLoader.as skipped
C:\Users\Rkdv\AppData\LocalLow\Sun\Java\Deployment \cache\6.0\32\7836d960-7f490a71 ZIP: infected - 3 skipped
C:\Users\Rkdv\AppData\Roaming\Microsoft\Windows\Co okies\index.dat Object is locked skipped
C:\Users\Rkdv\AppData\Roaming\Microsoft\Windows\Co okies\Low\index.dat Object is locked skipped
C:\Users\Rkdv\ntuser.dat Object is locked skipped
C:\Users\Rkdv\ntuser.dat.LOG1 Object is locked skipped
C:\Users\Rkdv\ntuser.dat.LOG2 Object is locked skipped
C:\Users\Rkdv\ntuser.dat{d9c8c742-8737-11dc-a50c-001a6b6f778d}.TM.blf Object is locked skipped
C:\Users\Rkdv\ntuser.dat{d9c8c742-8737-11dc-a50c-001a6b6f778d}.TMContainer00000000000000000001.regt rans-ms Object is locked skipped
C:\Users\Rkdv\ntuser.dat{d9c8c742-8737-11dc-a50c-001a6b6f778d}.TMContainer00000000000000000002.regt rans-ms Object is locked skipped
C:\Windows\bthservsdp.dat Object is locked skipped
C:\Windows\Debug\PASSWD.LOG Object is locked skipped
C:\Windows\Debug\sam.log Object is locked skipped
C:\Windows\Debug\WIA\wiatrace.log Object is locked skipped
C:\Windows\Installer\MSI1B28.tmp Object is locked skipped
C:\Windows\Installer\MSIAE86.tmp Object is locked skipped
C:\Windows\Logs\CBS\CBS.log Object is locked skipped
C:\Windows\Logs\CBS\CBS.persist.log Object is locked skipped
C:\Windows\Logs\DPX\setupact.log Object is locked skipped
C:\Windows\Logs\DPX\setuperr.log Object is locked skipped
C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe.config Object is locked skipped
C:\Windows\panther\diagerr.xml Object is locked skipped
C:\Windows\panther\diagwrn.xml Object is locked skipped
C:\Windows\panther\setupact.log Object is locked skipped
C:\Windows\panther\setuperr.log Object is locked skipped
C:\Windows\panther\UnattendGC\diagerr.xml Object is locked skipped
C:\Windows\panther\UnattendGC\diagwrn.xml Object is locked skipped
C:\Windows\panther\UnattendGC\setupact.log Object is locked skipped
C:\Windows\panther\UnattendGC\setuperr.log Object is locked skipped
C:\Windows\security\database\secedit.sdb Object is locked skipped
C:\Windows\SoftwareDistribution\ReportingEvents.lo g Object is locked skipped
C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 Object is locked skipped
C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 Object is locked skipped
C:\Windows\System32\catroot2\edb.log Object is locked skipped
C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb Object is locked skipped
C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb Object is locked skipped
C:\Windows\System32\config\components Object is locked skipped
C:\Windows\System32\config\COMPONENTS.LOG1 Object is locked skipped
C:\Windows\System32\config\COMPONENTS.LOG2 Object is locked skipped
C:\Windows\System32\config\default Object is locked skipped
C:\Windows\System32\config\DEFAULT.LOG1 Object is locked skipped
C:\Windows\System32\config\DEFAULT.LOG2 Object is locked skipped
C:\Windows\System32\config\sam Object is locked skipped
C:\Windows\System32\config\SAM.LOG1 Object is locked skipped
C:\Windows\System32\config\SAM.LOG2 Object is locked skipped
C:\Windows\System32\config\security Object is locked skipped
C:\Windows\System32\config\SECURITY.LOG1 Object is locked skipped
C:\Windows\System32\config\SECURITY.LOG2 Object is locked skipped
C:\Windows\System32\config\software Object is locked skipped
C:\Windows\System32\config\SOFTWARE.LOG1 Object is locked skipped
C:\Windows\System32\config\SOFTWARE.LOG2 Object is locked skipped
C:\Windows\System32\config\system Object is locked skipped
C:\Windows\System32\config\SYSTEM.LOG1 Object is locked skipped
C:\Windows\System32\config\SYSTEM.LOG2 Object is locked skipped
C:\Windows\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.0.regtrans-ms Object is locked skipped
C:\Windows\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.1.regtrans-ms Object is locked skipped
C:\Windows\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.2.regtrans-ms Object is locked skipped

[Rkdv]

parte 2 :

C:\Windows\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.blf Object is locked skipped
C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TM.blf Object is locked skipped
C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000001.regt rans-ms Object is locked skipped
C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000002.regt rans-ms Object is locked skipped
C:\Windows\System32\drivers\sptd.sys Object is locked skipped
C:\Windows\System32\LogFiles\Scm\SCM.EVM Object is locked skipped
C:\Windows\System32\restore\MachineGuid.txt Object is locked skipped
C:\Windows\System32\spool\SpoolerETW.etl Object is locked skipped
C:\Windows\System32\sysprep\Panther\diagerr.xml Object is locked skipped
C:\Windows\System32\sysprep\Panther\diagwrn.xml Object is locked skipped
C:\Windows\System32\sysprep\Panther\setupact.log Object is locked skipped
C:\Windows\System32\sysprep\Panther\setuperr.log Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\3460B7617E042 9A960E481B197F238A3.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\8A94AF24F162D 580E3D9889344A3A317.mof Object is locked skipped
C:\Windows\System32\wbem\AutoRecover\E478A5DB75C97 21E744C05D78DBACFD3.mof Object is locked skipped
C:\Windows\System32\wbem\Logs\WMITracing.log Object is locked skipped
C:\Windows\System32\wbem\repository\INDEX.BTR Object is locked skipped
C:\Windows\System32\wbem\repository\MAPPING1.MAP Object is locked skipped
C:\Windows\System32\wbem\repository\MAPPING2.MAP Object is locked skipped
C:\Windows\System32\wbem\repository\OBJECTS.DATA Object is locked skipped
C:\Windows\System32\winevt\Logs\Application.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\DFS Replication.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\HardwareEvents.evt x Object is locked skipped
C:\Windows\System32\winevt\Logs\Internet Explorer.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Key Management Service.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Media Center.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Bits-Client%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-CodeIntegrity%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-DPS%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-PLA%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnostics-Networking%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnostics-Performance%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-DiskDiagnosticDataCollector%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-DriverFrameworks-UserMode%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-GroupPolicy%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Help%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-International%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-WHEA.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-LanguagePackSetup%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-MUI%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-NetworkAccessProtection%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-ParentalControls%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Program-Compatibility-Assistant%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReadyBoost%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReliabilityAnalysisComponent%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Detector%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Resolver%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Leak-Diagnostic%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-RestartManager%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-TaskScheduler%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-UAC%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-UAC-FileVirtualization%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-WindowsUpdateClient%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-WLAN-AutoConfig%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\ODiag.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\OSession.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Security.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Setup.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\System.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\VeriSoft.evtx Object is locked skipped
C:\Windows\Tasks\At1.job Object is locked skipped
C:\Windows\Tasks\At2.job Object is locked skipped
C:\Windows\Tasks\At3.job Object is locked skipped
C:\Windows\Tasks\SCHEDLGU.TXT Object is locked skipped
C:\Windows\WindowsUpdate.log Object is locked skipped
C:\Windows\winsxs\x86_microsoft-windows-n..n_service_datastore_31bf3856ad364e35_6.0.6000.1 6386_none_cef7ceb03914a67f\dnary.xsd Object is locked skipped

Scan process completed.

[Demonios@]

svuota la cache di Java
http://www.java.com/it/download/help/5000020300.xml

[Rkdv]

svuotato...ora?

[Demonios@]

che prloblemi hai?
dovresti essere ok

[Rkdv]

mmmh compaiono diversi pupup
poi messenger non funziona bene.. mi è scomparso il menù avvio... e spyhunter (in anti spywere) mi rileva kgb keylogger.. ma non lo riesco a togliere perchè non riesco a craccare come si deve spyhunter...!
grazie dell'interesse comunque!

[Demonios@]

non riesco a craccare come si deve spyhunter

evita questi argomenti

per il tuo problema vai
http://angeliquewi.wordpress.com/2007/07/28/msn-repair/