View Full Version : ho preso questo virus: wvustrr.dll
ciao a tutti , da un paio di settimana il mio pc è infetto da wvustrr.dll probabilmente una variante di Win32/Adware.Agent . io ho installato il nod 32 sul mio computer però non riesce ad eliminarlo.mi sono fatto un giro su google ma ho trovato risposte solo in francese:muro: qualcuno può mica aiutarmi??
grazie ciao
p.s adesso faccio una prova con cureit e poi vi faccio sapere se è servito
ho fatto la prova con cureit ma nn ho avuto risultati ... qualcuno può darm una mano?;)
lancetta
29-07-2007, 19:09
scaricati Questo VUNDOFIX (http://www.atribune.org/public-beta/VundoFix.exe)
sul desktop lancialo metti la spunta su "Run VundoFix as a task" ti darà un messaggio che vundofix si chiuderà e riaprirà in un minuto o meno, quando il programma si riaprirà clicca OK clicca su "Scan for Vundo" quando ha finito di fare la scansione clicca su "Remove vundo" clicca YES alla domanda se vuoi rimuovere i files,quindi inizierà a rimuovere le dll del vundo ,quando ha finito ti dirà che dovrà riavviare il pc clicca OK.
accendi il pc e posta il log che troverai in C:\vundofix.txt....
VundoFix V6.5.6
Checking Java version...
Sun Java not detected
Scan started at 4.05.38 30/07/2007
Listing files found while scanning....
C:\windows\system32\awtqn.dll
C:\windows\system32\awtqo.dll
C:\windows\system32\awtqp.dll
C:\windows\system32\awtqq.dll
C:\windows\system32\awtqr.dll
C:\windows\system32\awtsp.dll
C:\windows\system32\awtsq.dll
C:\windows\system32\awtsr.dll
C:\windows\system32\awtss.dll
C:\windows\system32\awtst.dll
C:\windows\system32\awvtq.dll
C:\windows\system32\awvtr.dll
C:\windows\system32\awvts.dll
C:\windows\system32\awvtt.dll
C:\windows\system32\awvtu.dll
C:\windows\system32\awvvs.dll
C:\windows\system32\awvvt.dll
C:\windows\system32\awvvu.dll
C:\windows\system32\awvvv.dll
C:\windows\system32\awvvw.dll
C:\windows\system32\ddaba.dll
C:\windows\system32\ddabb.dll
C:\windows\system32\ddabc.dll
C:\windows\system32\ddabx.dll
C:\windows\system32\ddaby.dll
C:\windows\system32\ddaya.dll
C:\windows\system32\ddayv.dll
C:\windows\system32\ddayw.dll
C:\windows\system32\ddayx.dll
C:\windows\system32\ddayy.dll
C:\windows\system32\ddcca.dll
C:\windows\system32\ddccb.dll
C:\windows\system32\ddccc.dll
C:\windows\system32\ddccd.dll
C:\windows\system32\ddccy.dll
C:\windows\system32\ddcya.dll
C:\windows\system32\ddcyw.dll
C:\windows\system32\ddcyx.dll
C:\windows\system32\ddcyy.dll
C:\windows\system32\gebca.dll
C:\windows\system32\gebcb.dll
C:\windows\system32\gebcc.dll
C:\windows\system32\gebcd.dll
C:\windows\system32\gebcy.dll
C:\windows\system32\gebya.dll
C:\windows\system32\gebyv.dll
C:\windows\system32\gebyw.dll
C:\windows\system32\gebyy.dll
C:\windows\system32\geeba.dll
C:\windows\system32\geebb.dll
C:\windows\system32\geebc.dll
C:\windows\system32\geebx.dll
C:\windows\system32\geeby.dll
C:\windows\system32\geeda.dll
C:\windows\system32\geedb.dll
C:\windows\system32\geedc.dll
C:\windows\system32\geedd.dll
C:\windows\system32\geede.dll
C:\windows\system32\jkhfc.dll
C:\windows\system32\jkhfd.dll
C:\windows\system32\jkhfe.dll
C:\windows\system32\jkhff.dll
C:\windows\system32\jkhfg.dll
C:\windows\system32\jkhhe.dll
C:\windows\system32\jkhhf.dll
C:\windows\system32\jkhhg.dll
C:\windows\system32\jkhhh.dll
C:\windows\system32\jkhhi.dll
C:\windows\system32\jkkjg.dll
C:\windows\system32\jkkjh.dll
C:\windows\system32\jkkji.dll
C:\windows\system32\jkkjj.dll
C:\windows\system32\jkkli.dll
C:\windows\system32\jkklj.dll
C:\windows\system32\jkklk.dll
C:\windows\system32\jkkll.dll
C:\windows\system32\jkklm.dll
C:\windows\system32\mljgd.dll
C:\windows\system32\mljge.dll
C:\windows\system32\mljgf.dll
C:\windows\system32\mljgg.dll
C:\windows\system32\mljgh.dll
C:\windows\system32\mljjg.dll
C:\windows\system32\mljjh.dll
C:\windows\system32\mljji.dll
C:\windows\system32\mljjj.dll
C:\windows\system32\mljjk.dll
C:\windows\system32\mlljg.dll
C:\windows\system32\mlljh.dll
C:\windows\system32\mllji.dll
C:\windows\system32\mlljj.dll
C:\windows\system32\mlljk.dll
C:\windows\system32\mllmj.dll
C:\windows\system32\mllmk.dll
C:\windows\system32\mllml.dll
C:\windows\system32\mllmn.dll
C:\windows\system32\pmkhe.dll
C:\windows\system32\pmkhg.dll
C:\windows\system32\pmkhh.dll
C:\windows\system32\pmkhi.dll
C:\windows\system32\pmkjg.dll
C:\windows\system32\pmkjh.dll
C:\windows\system32\pmkji.dll
C:\windows\system32\pmkjj.dll
C:\windows\system32\pmkjk.dll
C:\windows\system32\pmnli.dll
C:\windows\system32\pmnlj.dll
C:\windows\system32\pmnlk.dll
C:\windows\system32\pmnll.dll
C:\windows\system32\pmnlm.dll
C:\windows\system32\pmnnk.dll
C:\windows\system32\pmnnl.dll
C:\windows\system32\pmnnm.dll
C:\windows\system32\pmnno.dll
C:\WINDOWS\system32\rtstv.bak1
C:\WINDOWS\system32\rtstv.bak2
C:\WINDOWS\system32\rtstv.ini
C:\windows\system32\ssqpm.dll
C:\windows\system32\ssqpn.dll
C:\windows\system32\ssqpo.dll
C:\windows\system32\ssqpp.dll
C:\windows\system32\ssqpq.dll
C:\windows\system32\ssqro.dll
C:\windows\system32\ssqrp.dll
C:\windows\system32\ssqrq.dll
C:\windows\system32\ssqrr.dll
C:\windows\system32\ssqrs.dll
C:\windows\system32\sstqn.dll
C:\windows\system32\sstqo.dll
C:\windows\system32\sstqp.dll
C:\windows\system32\sstqq.dll
C:\windows\system32\sstqr.dll
C:\windows\system32\ssttq.dll
C:\windows\system32\ssttr.dll
C:\windows\system32\sstts.dll
C:\windows\system32\ssttt.dll
C:\windows\system32\ssttu.dll
C:\windows\system32\vtsqn.dll
C:\windows\system32\vtsqo.dll
C:\windows\system32\vtsqp.dll
C:\windows\system32\vtsqq.dll
C:\windows\system32\vtsqr.dll
C:\windows\system32\vtstq.dll
C:\WINDOWS\system32\vtstr.dll
C:\windows\system32\vtsts.dll
C:\windows\system32\vtstt.dll
C:\windows\system32\vtstu.dll
C:\windows\system32\vturo.dll
C:\windows\system32\vturp.dll
C:\windows\system32\vturq.dll
C:\windows\system32\vturr.dll
C:\windows\system32\vturs.dll
C:\windows\system32\vtutq.dll
C:\windows\system32\vtutr.dll
C:\windows\system32\vtuts.dll
C:\windows\system32\vtutt.dll
C:\windows\system32\vtutu.dll
C:\WINDOWS\system32\wvustrr.dll
Beginning removal...
Attempting to delete C:\windows\system32\awtqn.dll
C:\windows\system32\awtqn.dll Has been deleted!
Attempting to delete C:\windows\system32\awtqo.dll
C:\windows\system32\awtqo.dll Has been deleted!
Attempting to delete C:\windows\system32\awtqp.dll
C:\windows\system32\awtqp.dll Has been deleted!
Attempting to delete C:\windows\system32\awtqq.dll
C:\windows\system32\awtqq.dll Has been deleted!
Attempting to delete C:\windows\system32\awtqr.dll
C:\windows\system32\awtqr.dll Has been deleted!
Attempting to delete C:\windows\system32\awtsp.dll
C:\windows\system32\awtsp.dll Has been deleted!
Attempting to delete C:\windows\system32\awtsq.dll
C:\windows\system32\awtsq.dll Has been deleted!
Attempting to delete C:\windows\system32\awtsr.dll
C:\windows\system32\awtsr.dll Has been deleted!
Attempting to delete C:\windows\system32\awtss.dll
C:\windows\system32\awtss.dll Has been deleted!
Attempting to delete C:\windows\system32\awtst.dll
C:\windows\system32\awtst.dll Has been deleted!
Attempting to delete C:\windows\system32\awvtq.dll
C:\windows\system32\awvtq.dll Has been deleted!
Attempting to delete C:\windows\system32\awvtr.dll
C:\windows\system32\awvtr.dll Has been deleted!
Attempting to delete C:\windows\system32\awvts.dll
C:\windows\system32\awvts.dll Has been deleted!
Attempting to delete C:\windows\system32\awvtt.dll
C:\windows\system32\awvtt.dll Has been deleted!
Attempting to delete C:\windows\system32\awvtu.dll
C:\windows\system32\awvtu.dll Has been deleted!
Attempting to delete C:\windows\system32\awvvs.dll
C:\windows\system32\awvvs.dll Has been deleted!
Attempting to delete C:\windows\system32\awvvt.dll
C:\windows\system32\awvvt.dll Has been deleted!
Attempting to delete C:\windows\system32\awvvu.dll
C:\windows\system32\awvvu.dll Has been deleted!
Attempting to delete C:\windows\system32\awvvv.dll
C:\windows\system32\awvvv.dll Has been deleted!
Attempting to delete C:\windows\system32\awvvw.dll
C:\windows\system32\awvvw.dll Has been deleted!
Attempting to delete C:\windows\system32\ddaba.dll
C:\windows\system32\ddaba.dll Has been deleted!
Attempting to delete C:\windows\system32\ddabb.dll
C:\windows\system32\ddabb.dll Has been deleted!
Attempting to delete C:\windows\system32\ddabc.dll
C:\windows\system32\ddabc.dll Has been deleted!
Attempting to delete C:\windows\system32\ddabx.dll
C:\windows\system32\ddabx.dll Has been deleted!
Attempting to delete C:\windows\system32\ddaby.dll
C:\windows\system32\ddaby.dll Has been deleted!
Attempting to delete C:\windows\system32\ddaya.dll
C:\windows\system32\ddaya.dll Has been deleted!
Attempting to delete C:\windows\system32\ddayv.dll
C:\windows\system32\ddayv.dll Has been deleted!
Attempting to delete C:\windows\system32\ddayw.dll
C:\windows\system32\ddayw.dll Has been deleted!
Attempting to delete C:\windows\system32\ddayx.dll
C:\windows\system32\ddayx.dll Has been deleted!
Attempting to delete C:\windows\system32\ddayy.dll
C:\windows\system32\ddayy.dll Has been deleted!
Attempting to delete C:\windows\system32\ddcca.dll
C:\windows\system32\ddcca.dll Has been deleted!
Attempting to delete C:\windows\system32\ddccb.dll
C:\windows\system32\ddccb.dll Has been deleted!
Attempting to delete C:\windows\system32\ddccc.dll
C:\windows\system32\ddccc.dll Has been deleted!
Attempting to delete C:\windows\system32\ddccd.dll
C:\windows\system32\ddccd.dll Has been deleted!
Attempting to delete C:\windows\system32\ddccy.dll
C:\windows\system32\ddccy.dll Has been deleted!
Attempting to delete C:\windows\system32\ddcya.dll
C:\windows\system32\ddcya.dll Has been deleted!
Attempting to delete C:\windows\system32\ddcyw.dll
C:\windows\system32\ddcyw.dll Has been deleted!
Attempting to delete C:\windows\system32\ddcyx.dll
C:\windows\system32\ddcyx.dll Has been deleted!
Attempting to delete C:\windows\system32\ddcyy.dll
C:\windows\system32\ddcyy.dll Has been deleted!
Attempting to delete C:\windows\system32\gebca.dll
C:\windows\system32\gebca.dll Has been deleted!
Attempting to delete C:\windows\system32\gebcb.dll
C:\windows\system32\gebcb.dll Has been deleted!
Attempting to delete C:\windows\system32\gebcc.dll
C:\windows\system32\gebcc.dll Has been deleted!
Attempting to delete C:\windows\system32\gebcd.dll
C:\windows\system32\gebcd.dll Has been deleted!
Attempting to delete C:\windows\system32\gebcy.dll
C:\windows\system32\gebcy.dll Has been deleted!
Attempting to delete C:\windows\system32\gebya.dll
C:\windows\system32\gebya.dll Has been deleted!
Attempting to delete C:\windows\system32\gebyv.dll
C:\windows\system32\gebyv.dll Has been deleted!
Attempting to delete C:\windows\system32\gebyw.dll
C:\windows\system32\gebyw.dll Has been deleted!
Attempting to delete C:\windows\system32\gebyy.dll
C:\windows\system32\gebyy.dll Has been deleted!
Attempting to delete C:\windows\system32\geeba.dll
C:\windows\system32\geeba.dll Has been deleted!
Attempting to delete C:\windows\system32\geebb.dll
C:\windows\system32\geebb.dll Has been deleted!
Attempting to delete C:\windows\system32\geebc.dll
C:\windows\system32\geebc.dll Has been deleted!
Attempting to delete C:\windows\system32\geebx.dll
C:\windows\system32\geebx.dll Has been deleted!
Attempting to delete C:\windows\system32\geeby.dll
C:\windows\system32\geeby.dll Has been deleted!
Attempting to delete C:\windows\system32\geeda.dll
C:\windows\system32\geeda.dll Has been deleted!
Attempting to delete C:\windows\system32\geedb.dll
C:\windows\system32\geedb.dll Has been deleted!
Attempting to delete C:\windows\system32\geedc.dll
C:\windows\system32\geedc.dll Has been deleted!
Attempting to delete C:\windows\system32\geedd.dll
C:\windows\system32\geedd.dll Has been deleted!
Attempting to delete C:\windows\system32\geede.dll
C:\windows\system32\geede.dll Has been deleted!
Attempting to delete C:\windows\system32\jkhfc.dll
C:\windows\system32\jkhfc.dll Has been deleted!
Attempting to delete C:\windows\system32\jkhfd.dll
C:\windows\system32\jkhfd.dll Has been deleted!
Attempting to delete C:\windows\system32\jkhfe.dll
C:\windows\system32\jkhfe.dll Has been deleted!
Attempting to delete C:\windows\system32\jkhff.dll
C:\windows\system32\jkhff.dll Has been deleted!
Attempting to delete C:\windows\system32\jkhfg.dll
C:\windows\system32\jkhfg.dll Has been deleted!
Attempting to delete C:\windows\system32\jkhhe.dll
C:\windows\system32\jkhhe.dll Has been deleted!
Attempting to delete C:\windows\system32\jkhhf.dll
C:\windows\system32\jkhhf.dll Has been deleted!
Attempting to delete C:\windows\system32\jkhhg.dll
C:\windows\system32\jkhhg.dll Has been deleted!
Attempting to delete C:\windows\system32\jkhhh.dll
C:\windows\system32\jkhhh.dll Has been deleted!
Attempting to delete C:\windows\system32\jkhhi.dll
C:\windows\system32\jkhhi.dll Has been deleted!
Attempting to delete C:\windows\system32\jkkjg.dll
C:\windows\system32\jkkjg.dll Has been deleted!
Attempting to delete C:\windows\system32\jkkjh.dll
C:\windows\system32\jkkjh.dll Has been deleted!
Attempting to delete C:\windows\system32\jkkji.dll
C:\windows\system32\jkkji.dll Has been deleted!
Attempting to delete C:\windows\system32\jkkjj.dll
C:\windows\system32\jkkjj.dll Has been deleted!
Attempting to delete C:\windows\system32\jkkli.dll
C:\windows\system32\jkkli.dll Has been deleted!
Attempting to delete C:\windows\system32\jkklj.dll
C:\windows\system32\jkklj.dll Has been deleted!
Attempting to delete C:\windows\system32\jkklk.dll
C:\windows\system32\jkklk.dll Has been deleted!
Attempting to delete C:\windows\system32\jkkll.dll
C:\windows\system32\jkkll.dll Has been deleted!
Attempting to delete C:\windows\system32\jkklm.dll
C:\windows\system32\jkklm.dll Has been deleted!
Attempting to delete C:\windows\system32\mljgd.dll
C:\windows\system32\mljgd.dll Has been deleted!
Attempting to delete C:\windows\system32\mljge.dll
C:\windows\system32\mljge.dll Has been deleted!
Attempting to delete C:\windows\system32\mljgf.dll
C:\windows\system32\mljgf.dll Has been deleted!
Attempting to delete C:\windows\system32\mljgg.dll
C:\windows\system32\mljgg.dll Has been deleted!
Attempting to delete C:\windows\system32\mljgh.dll
C:\windows\system32\mljgh.dll Has been deleted!
Attempting to delete C:\windows\system32\mljjg.dll
C:\windows\system32\mljjg.dll Has been deleted!
Attempting to delete C:\windows\system32\mljjh.dll
C:\windows\system32\mljjh.dll Has been deleted!
Attempting to delete C:\windows\system32\mljji.dll
C:\windows\system32\mljji.dll Has been deleted!
Attempting to delete C:\windows\system32\mljjj.dll
C:\windows\system32\mljjj.dll Has been deleted!
Attempting to delete C:\windows\system32\mljjk.dll
C:\windows\system32\mljjk.dll Has been deleted!
Attempting to delete C:\windows\system32\mlljg.dll
C:\windows\system32\mlljg.dll Has been deleted!
Attempting to delete C:\windows\system32\mlljh.dll
C:\windows\system32\mlljh.dll Has been deleted!
Attempting to delete C:\windows\system32\mllji.dll
C:\windows\system32\mllji.dll Has been deleted!
Attempting to delete C:\windows\system32\mlljj.dll
C:\windows\system32\mlljj.dll Has been deleted!
Attempting to delete C:\windows\system32\mlljk.dll
C:\windows\system32\mlljk.dll Has been deleted!
Attempting to delete C:\windows\system32\mllmj.dll
C:\windows\system32\mllmj.dll Has been deleted!
Attempting to delete C:\windows\system32\mllmk.dll
C:\windows\system32\mllmk.dll Has been deleted!
Attempting to delete C:\windows\system32\mllml.dll
C:\windows\system32\mllml.dll Has been deleted!
Attempting to delete C:\windows\system32\mllmn.dll
C:\windows\system32\mllmn.dll Has been deleted!
Attempting to delete C:\windows\system32\pmkhe.dll
C:\windows\system32\pmkhe.dll Has been deleted!
Attempting to delete C:\windows\system32\pmkhg.dll
C:\windows\system32\pmkhg.dll Has been deleted!
Attempting to delete C:\windows\system32\pmkhh.dll
C:\windows\system32\pmkhh.dll Has been deleted!
Attempting to delete C:\windows\system32\pmkhi.dll
C:\windows\system32\pmkhi.dll Has been deleted!
Attempting to delete C:\windows\system32\pmkjg.dll
C:\windows\system32\pmkjg.dll Has been deleted!
Attempting to delete C:\windows\system32\pmkjh.dll
C:\windows\system32\pmkjh.dll Has been deleted!
Attempting to delete C:\windows\system32\pmkji.dll
C:\windows\system32\pmkji.dll Has been deleted!
Attempting to delete C:\windows\system32\pmkjj.dll
C:\windows\system32\pmkjj.dll Has been deleted!
Attempting to delete C:\windows\system32\pmkjk.dll
C:\windows\system32\pmkjk.dll Has been deleted!
Attempting to delete C:\windows\system32\pmnli.dll
C:\windows\system32\pmnli.dll Has been deleted!
Attempting to delete C:\windows\system32\pmnlj.dll
C:\windows\system32\pmnlj.dll Has been deleted!
Attempting to delete C:\windows\system32\pmnlk.dll
C:\windows\system32\pmnlk.dll Has been deleted!
Attempting to delete C:\windows\system32\pmnll.dll
C:\windows\system32\pmnll.dll Has been deleted!
Attempting to delete C:\windows\system32\pmnlm.dll
C:\windows\system32\pmnlm.dll Has been deleted!
Attempting to delete C:\windows\system32\pmnnk.dll
C:\windows\system32\pmnnk.dll Has been deleted!
Attempting to delete C:\windows\system32\pmnnl.dll
C:\windows\system32\pmnnl.dll Has been deleted!
Attempting to delete C:\windows\system32\pmnnm.dll
C:\windows\system32\pmnnm.dll Has been deleted!
Attempting to delete C:\windows\system32\pmnno.dll
C:\windows\system32\pmnno.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\rtstv.bak1
C:\WINDOWS\system32\rtstv.bak1 Has been deleted!
Attempting to delete C:\WINDOWS\system32\rtstv.bak2
C:\WINDOWS\system32\rtstv.bak2 Has been deleted!
Attempting to delete C:\WINDOWS\system32\rtstv.ini
C:\WINDOWS\system32\rtstv.ini Has been deleted!
Attempting to delete C:\windows\system32\ssqpm.dll
C:\windows\system32\ssqpm.dll Has been deleted!
Attempting to delete C:\windows\system32\ssqpn.dll
C:\windows\system32\ssqpn.dll Has been deleted!
Attempting to delete C:\windows\system32\ssqpo.dll
C:\windows\system32\ssqpo.dll Has been deleted!
Attempting to delete C:\windows\system32\ssqpp.dll
C:\windows\system32\ssqpp.dll Has been deleted!
Attempting to delete C:\windows\system32\ssqpq.dll
C:\windows\system32\ssqpq.dll Has been deleted!
Attempting to delete C:\windows\system32\ssqro.dll
C:\windows\system32\ssqro.dll Has been deleted!
Attempting to delete C:\windows\system32\ssqrp.dll
C:\windows\system32\ssqrp.dll Has been deleted!
Attempting to delete C:\windows\system32\ssqrq.dll
C:\windows\system32\ssqrq.dll Has been deleted!
Attempting to delete C:\windows\system32\ssqrr.dll
C:\windows\system32\ssqrr.dll Has been deleted!
Attempting to delete C:\windows\system32\ssqrs.dll
C:\windows\system32\ssqrs.dll Has been deleted!
Attempting to delete C:\windows\system32\sstqn.dll
C:\windows\system32\sstqn.dll Has been deleted!
Attempting to delete C:\windows\system32\sstqo.dll
C:\windows\system32\sstqo.dll Has been deleted!
Attempting to delete C:\windows\system32\sstqp.dll
C:\windows\system32\sstqp.dll Has been deleted!
Attempting to delete C:\windows\system32\sstqq.dll
C:\windows\system32\sstqq.dll Has been deleted!
Attempting to delete C:\windows\system32\sstqr.dll
C:\windows\system32\sstqr.dll Has been deleted!
Attempting to delete C:\windows\system32\ssttq.dll
C:\windows\system32\ssttq.dll Has been deleted!
Attempting to delete C:\windows\system32\ssttr.dll
C:\windows\system32\ssttr.dll Has been deleted!
Attempting to delete C:\windows\system32\sstts.dll
C:\windows\system32\sstts.dll Has been deleted!
Attempting to delete C:\windows\system32\ssttt.dll
C:\windows\system32\ssttt.dll Has been deleted!
Attempting to delete C:\windows\system32\ssttu.dll
C:\windows\system32\ssttu.dll Has been deleted!
Attempting to delete C:\windows\system32\vtsqn.dll
C:\windows\system32\vtsqn.dll Has been deleted!
Attempting to delete C:\windows\system32\vtsqo.dll
C:\windows\system32\vtsqo.dll Has been deleted!
Attempting to delete C:\windows\system32\vtsqp.dll
C:\windows\system32\vtsqp.dll Has been deleted!
Attempting to delete C:\windows\system32\vtsqq.dll
C:\windows\system32\vtsqq.dll Has been deleted!
Attempting to delete C:\windows\system32\vtsqr.dll
C:\windows\system32\vtsqr.dll Has been deleted!
Attempting to delete C:\windows\system32\vtstq.dll
C:\windows\system32\vtstq.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\vtstr.dll
C:\WINDOWS\system32\vtstr.dll Has been deleted!
Attempting to delete C:\windows\system32\vtsts.dll
C:\windows\system32\vtsts.dll Has been deleted!
Attempting to delete C:\windows\system32\vtstt.dll
C:\windows\system32\vtstt.dll Has been deleted!
Attempting to delete C:\windows\system32\vtstu.dll
C:\windows\system32\vtstu.dll Has been deleted!
Attempting to delete C:\windows\system32\vturo.dll
C:\windows\system32\vturo.dll Has been deleted!
Attempting to delete C:\windows\system32\vturp.dll
C:\windows\system32\vturp.dll Has been deleted!
Attempting to delete C:\windows\system32\vturq.dll
C:\windows\system32\vturq.dll Has been deleted!
Attempting to delete C:\windows\system32\vturr.dll
C:\windows\system32\vturr.dll Has been deleted!
Attempting to delete C:\windows\system32\vturs.dll
C:\windows\system32\vturs.dll Has been deleted!
Attempting to delete C:\windows\system32\vtutq.dll
C:\windows\system32\vtutq.dll Has been deleted!
Attempting to delete C:\windows\system32\vtutr.dll
C:\windows\system32\vtutr.dll Has been deleted!
Attempting to delete C:\windows\system32\vtuts.dll
C:\windows\system32\vtuts.dll Has been deleted!
Attempting to delete C:\windows\system32\vtutt.dll
C:\windows\system32\vtutt.dll Has been deleted!
Attempting to delete C:\windows\system32\vtutu.dll
C:\windows\system32\vtutu.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\wvustrr.dll
C:\WINDOWS\system32\wvustrr.dll Has been deleted!
Performing Repairs to the registry.
Done!
mi ha dato un errore prima del riavvio
wizard1993
30-07-2007, 10:05
mi ha dato un errore prima del riavvio
cioè?
un errore durante la cancellazione di un file....però adesso nod non mi avvisa più del virus...può essere che vundofix lo abbia eliminato?
Tidus Strife
30-07-2007, 13:23
un errore durante la cancellazione di un file....però adesso nod non mi avvisa più del virus...può essere che vundofix lo abbia eliminato?
Dal log pare proprio di sì
lancetta
30-07-2007, 13:41
un errore durante la cancellazione di un file....però adesso nod non mi avvisa più del virus...può essere che vundofix lo abbia eliminato?
Bene...adesso posta un log di hijackthis così diamo un occhiata
Logfile of HijackThis v1.99.1
Scan saved at 15.23.28, on 30/07/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Programmi\CyberLink\PowerCinema\PCMService.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\HP\HP Software Update\HPwuSchd2.exe
C:\Programmi\PowerISO\PWRISOVM.EXE
C:\Programmi\Java\jre1.6.0_01\bin\jusched.exe
C:\Programmi\Eset\nod32kui.exe
C:\Programmi\DAEMON Tools\daemon.exe
C:\Programmi\QuickTime\qttask.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe
C:\Programmi\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programmi\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Programmi\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
C:\Programmi\File comuni\LightScribe\LSSrvc.exe
C:\Programmi\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Programmi\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\HP\KBD\KBD.EXE
c:\windows\system\hpsysdrv.exe
C:\Programmi\AdunanzA\eMule_AdnzA.exe
C:\Programmi\MSN Messenger\usnsvc.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\File comuni\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Programmi\WinRAR\WinRAR.exe
C:\DOCUME~1\HP_PRO~1\IMPOST~1\Temp\Rar$EX00.968\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=IT_IT&c=63&bd=PAVILION&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=IT_IT&c=63&bd=PAVILION&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=IT_IT&c=63&bd=PAVILION&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: (no name) - {DFBAA338-1332-4878-BD55-50E343B06CEC} - C:\WINDOWS\system32\vtstr.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar3.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [PCMService] "C:\Programmi\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PCDrProfiler] "C:\Programmi\PC-Doctor 5 for Windows\RunProfiler.exe" -r
O4 - HKLM\..\Run: [HPBootOp] "C:\Programmi\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HP Software Update] C:\Programmi\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Programmi\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [nod32kui] "C:\Programmi\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [I downloaded pirated Software from P2P] Rayman Raving Rabbids
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Programmi\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BoostSpeed] "C:\Programmi\AusLogics BoostSpeed\BoostSpeed.exe" /Q
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Guida alla connessione - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Guida alla connessione - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Programmi\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} (Slide Image Uploader Control) - http://www.slide.com/uploader/SlideImageUploader.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: hggfdax - hggfdax.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Programmi\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Programmi\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Programmi\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programmi\File comuni\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Programmi\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Utilità di pianificazione di LiveUpdate automatico - Symantec Corporation - C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe
lancetta
30-07-2007, 15:28
O2 - BHO: (no name) - {DFBAA338-1332-4878-BD55-50E343B06CEC} - C:\WINDOWS\system32\vtstr.dll (file missing)
fixa questa poi vai in modalità provvisoria (F8 al boot) cerca e cancella questa dll in questo percorso:C:\WINDOWS\system32\vtstr.dll
fai sapere
Ciao :cool:
Edit:
O4 - HKLM\..\Run: [PCDrProfiler] "C:\Programmi\PC-Doctor 5 for Windows\RunProfiler.exe" -r
questo che cavolo è? l'hai messo tu?
O4 - HKLM\..\Run: [I downloaded pirated Software from P2P] Rayman Raving Rabbids ma che cacchio scarichi?:D questo ti parte all'avvio se vuoi puoi anche disabilitarlo
O20 - Winlogon Notify: hggfdax - hggfdax.dll (file missing) fixa pure questa e cercala in provvisoria vedi se c'è la cancelli..........
wizard1993
30-07-2007, 15:29
fixa questa poi vai in modalità provvisoria (F8 al boot) cerca e cancella questa dll in questo percorso:C:\WINDOWS\system32\vtstr.dll
fai sapere
Ciao :cool:
basta usare killbox e non deve nemmeno riavviare
lancetta
30-07-2007, 15:45
oppure Avenger però lo prendo sempre come ultima analisi,eppoi così si impara qualcosa in più :D .......Ciao Wiz adesso scappo al lavoro
Edit:non lo sapevo che con killbox non si riavvia...interessante....
vBulletin® v3.6.4, Copyright ©2000-2025, Jelsoft Enterprises Ltd.