mi potete aiutare con questo problema dell' Internet Connection?
seguendo le vostre istruzioni vi posto l'URL
01_05_2008_22_29_report.zip
mi potete aiutare con questo problema dell' Internet Connection?
seguendo le vostre istruzioni vi posto l'URL
01_05_2008_22_29_report.zip
Crea una nuoca cartella in c:\ chiamata pippo
Scarica Avenger e CCleaner
Esegui avenger e nella finestra che si apre copia/incolla:
Spunta "Automatically disable any rootkits found" e clicca su "execute".files to delete:
C:\WINDOWS\tsnp2std.exe3207446874
C:\WINDOWS\vsnp2std.exe550471904
C:\WINDOWS\vsnp2std.exe82000658
C:\WINDOWS\vsnp2std.exe3430580756
C:\WINDOWS\vsnp2std.exe2607826876
C:\WINDOWS\vsnp2std.exe3325407554
C:\WINDOWS\vsnp2std.exe1240860814
C:\WINDOWS\vsnp2std.exe4285650044
C:\WINDOWS\vsnp2std.exe4227384916
C:\WINDOWS\vsnp2std.exe1606785978
C:\WINDOWS\tsnp2std.exe3852169280
C:\WINDOWS\vsnp2std.exe3394549988
C:\DOCUME~1\Enrico\IMPOST~1\Temp\r639593730.exe
C:\DOCUME~1\Enrico\IMPOST~1\Temp\r829740438.exe
C:\DOCUME~1\Enrico\IMPOST~1\Temp\r634590104.exe
C:\DOCUME~1\Enrico\IMPOST~1\Temp\r2698364528.exe
C:\DOCUME~1\Enrico\IMPOST~1\Temp\r3297118364.exe
C:\DOCUME~1\Enrico\IMPOST~1\Temp\r3061845216.exe
C:\DOCUME~1\Enrico\IMPOST~1\Temp\r724810680.exe
C:\DOCUME~1\Enrico\IMPOST~1\Temp\r123998074.exe
C:\WINDOWS\tsnp2std .exe
C:\WINDOWS\vsnp2std .exe
files to move:
C:\WINDOWS\tsnp2std.exe | c:\pippo\tsnp2std.exe
C:\WINDOWS\vsnp2std.exe | c:\pippo\vsnp2std.exe
Il pc dovrebbe riavviarsi da solo, altrimenti riavvialo tu. Posta il report rilasciato
Esegui CCleaner e ripulisci i file temporanei e i cookie (eseguilo 2 volte).
Analizza c:\pippo\tsnp2std.exe e c:\pippo\vsnp2std.exe su Virustotal e posta i risultati.
Poi, fai una scansione con kaspersly, quindi:
vai su Kaspersky_virusscanner
clicca su "kaspersky online scanner"
clicca su "accept"
--- verrà eseguito il download dei componenti necessari alla scansione
quando è terminato clicca su "next"
clicca su "scan settings"
spunta "extended" e dal l'ok
clicca su "my computer"
clicca su "scan settings"
salva e posta il rapporto di scansione (caricalo su Freefilehosting e posta il link ottenuto)
...
:x:_::_:*:_::_: )(:_:*:_:*:__::_:°FM°:_: )(:_:*:_:x:___
Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com
Platform: Windows XP
*******************
Script file opened successfully.
Script file read successfully.
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
Rootkit scan active.
No rootkits found!
File "C:\WINDOWS\tsnp2std.exe3207446874" deleted successfully.
File "C:\WINDOWS\vsnp2std.exe550471904" deleted successfully.
File "C:\WINDOWS\vsnp2std.exe82000658" deleted successfully.
File "C:\WINDOWS\vsnp2std.exe3430580756" deleted successfully.
File "C:\WINDOWS\vsnp2std.exe2607826876" deleted successfully.
File "C:\WINDOWS\vsnp2std.exe3325407554" deleted successfully.
File "C:\WINDOWS\vsnp2std.exe1240860814" deleted successfully.
File "C:\WINDOWS\vsnp2std.exe4285650044" deleted successfully.
File "C:\WINDOWS\vsnp2std.exe4227384916" deleted successfully.
File "C:\WINDOWS\vsnp2std.exe1606785978" deleted successfully.
File "C:\WINDOWS\tsnp2std.exe3852169280" deleted successfully.
File "C:\WINDOWS\vsnp2std.exe3394549988" deleted successfully.
File "C:\DOCUME~1\Enrico\IMPOST~1\Temp\r639593730.e xe" deleted successfully.
File "C:\DOCUME~1\Enrico\IMPOST~1\Temp\r829740438.e xe" deleted successfully.
File "C:\DOCUME~1\Enrico\IMPOST~1\Temp\r634590104.e xe" deleted successfully.
File "C:\DOCUME~1\Enrico\IMPOST~1\Temp\r2698364528. exe" deleted successfully.
File "C:\DOCUME~1\Enrico\IMPOST~1\Temp\r3297118364. exe" deleted successfully.
File "C:\DOCUME~1\Enrico\IMPOST~1\Temp\r3061845216. exe" deleted successfully.
File "C:\DOCUME~1\Enrico\IMPOST~1\Temp\r724810680.e xe" deleted successfully.
File "C:\DOCUME~1\Enrico\IMPOST~1\Temp\r123998074.e xe" deleted successfully.
File "C:\WINDOWS\tsnp2std .exe" deleted successfully.
File "C:\WINDOWS\vsnp2std .exe" deleted successfully.
File move operation "C:\WINDOWS\tsnp2std.exe|c:\pippo\tsnp2std.exe " completed successfully.
File move operation "C:\WINDOWS\vsnp2std.exe|c:\pippo\vsnp2std.exe " completed successfully.
Completed script processing.
*******************
Finished! Terminate.
Questo è il risultato per il "tsnp2std":
Antivirus Versione Ultimo aggiornamento Risultato
AhnLab-V3 2008.5.3.0 2008.05.02 -
AntiVir 7.8.0.11 2008.05.02 -
Authentium 4.93.8 2008.05.02 -
Avast 4.8.1169.0 2008.05.03 -
AVG 7.5.0.516 2008.05.03 -
BitDefender 7.2 2008.05.03 -
CAT-QuickHeal 9.50 2008.05.02 -
ClamAV 0.92.1 2008.05.02 -
DrWeb 4.44.0.09170 2008.05.03 -
eSafe 7.0.15.0 2008.04.28 suspicious Trojan/Worm
eTrust-Vet 31.3.5755 2008.05.03 -
Ewido 4.0 2008.05.02 -
F-Prot 4.4.2.54 2008.05.02 -
F-Secure 6.70.13260.0 2008.05.03 -
Fortinet 3.14.0.0 2008.05.03 -
Ikarus T3.1.1.26 2008.05.03 -
Kaspersky 7.0.0.125 2008.05.03 -
McAfee 5287 2008.05.02 -
Microsoft 1.3408 2008.04.22 -
NOD32v2 3072 2008.05.03 -
Norman 5.80.02 2008.05.02 -
Panda 9.0.0.4 2008.05.03 -
Prevx1 V2 2008.05.03 Malicious Software
Rising 20.42.22.00 2008.04.30 -
Sophos 4.29.0 2008.05.03 -
Sunbelt 3.0.1097.0 2008.05.03 -
Symantec 10 2008.05.03 -
TheHacker 6.2.92.299 2008.05.03 -
VBA32 3.12.6.5 2008.05.02 -
VirusBuster 4.3.26:9 2008.05.02 -
Webwasher-Gateway 6.6.2 2008.05.03 -
Informazioni addizionali
File size: 14348 bytes
MD5...: bd8ae5f2048cf2755ce59fc569bfd35b
SHA1..: 492e6ecaac1fb71320481bd5130dd79f4a6e7692
SHA256: 542ae22f2e771c03515c67710b53acfebe7fae954b6d9eeefb bf78155e56170b
SHA512: 4f223dbb92e33582d85f604570cf4717284ce74e101b176bbd 591f47cb9eaab6
0ef78ef8486a71347c07098b395f6997628232b7878f25fd9c 87267e4b44bd3a
PEiD..: UPX 2.90 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x409f70
timedatestamp.....: 0x48174471 (Tue Apr 29 15:53:21 2008)
machinetype.......: 0x14c (I386)
( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
UPX0 0x1000 0x6000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
UPX1 0x7000 0x4000 0x3200 7.84 b1fec94e23b1e01d00c0175375896c35
UPX2 0xb000 0x1000 0x200 2.50 bac0808cde7de0b0ed672e7b9ab07036
( 3 imports )
> KERNEL32.DLL: LoadLibraryA, GetProcAddress, VirtualProtect, VirtualAlloc, VirtualFree, ExitProcess
> SHLWAPI.dll: StrStrA
> USER32.dll: wvsprintfA
( 0 exports )
packers: UPX
packers: UPX
packers: PE_Patch.UPX, UPX
Prevx info: http://info.prevx.com/aboutprogramte...A88A0059915B7F
per quanto riguarda il "vsnp2std" mi dice che è già stato analizzato:
Il file è già stato analizzato:
MD5: bd8ae5f2048cf2755ce59fc569bfd35b
First received: 2008.05.03 08:54:37 (CET)
Data 2008.05.03 08:54:38 (CET) [<1D]
Risultati 2/31
Permalink: analisis/156fdd999462d62690f4a39a7b8bbf62
credo proprio siano da eliminare, rifaccio un controllo sulla dimensione e poi procediamo. Per ora tienili li'. Attendo kaspersky, ciao
http://www.runscanner.net/files/exe/...p2std.exe.aspx
http://www.runscanner.net/files/exe/...p2std.exe.aspx
...
:x:_::_:*:_::_: )(:_:*:_:*:__::_:°FM°:_: )(:_:*:_:x:___
ecco l'ultima scansione da Kaspersky.com
scansione Kaspersky.html
ti ringrazio tantissimo per l'aiuto
resto in attesa di tue info
Permessi di invio
Rispondi quotando