View Full Version : chiavette usb e tutti i pc della rete infestati
cucumiao
19-08-2007, 10:51
ciao a tutti mi trovo in terre molto lontane(afghanistan) e ho un problema nella rete, è infestata da un virus sys e autrun, ho provato in mille modi a elliminarli ma nulla. Purtroppo ho una connessione internet molto limitata quindi non posso mettermi a fare scannerizzazioni su internet mi serve una soluzione manuale!! sono dei file nascosti ma non riesco proprio a eliminarli!! avete qualche soluzone?:muro:
juninho85
19-08-2007, 10:57
sicuro con non si trattti di autorun.inf e setup.exe?
cucumiao
19-08-2007, 16:48
allora ho fatto quello che hai detto sono andato su virus total ho inserito il log di hijackthis ma non ha rilevato nulla poi ho fatto la scansione con gmer e ha trovato una voce rossa, ma non me la fa cancellare
GMER 1.0.13.12551 - http://www.gmer.net
Rootkit scan 2007-08-19 19:18:33
Windows 5.1.2600 Service Pack 2
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE [F792666E] savonaccessfilter.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_NAMED_PIPE [F79279A6] savonaccessfilter.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE [F79278A2] savonaccessfilter.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_READ [F79279A6] savonaccessfilter.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE [F7927924] savonaccessfilter.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION [F79279A6] savonaccessfilter.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION [F7927820] savonaccessfilter.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA [F79279A6] savonaccessfilter.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA [F79279A6] savonaccessfilter.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS [F79279A6] savonaccessfilter.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION [F79279A6] savonaccessfilter.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION [F79279A6] savonaccessfilter.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL [F79279A6] savonaccessfilter.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL [F7927A26] savonaccessfilter.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL [F79279A6] savonaccessfilter.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_INTERNAL_DEVICE_CONTROL [F79266FA] savonaccessfilter.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN [F79279A6] savonaccessfilter.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL [F79279A6] savonaccessfilter.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP [F792779E] savonaccessfilter.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_MAILSLOT [F79279A6] savonaccessfilter.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY [F79279A6] savonaccessfilter.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY [F79279A6] savonaccessfilter.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_POWER [F79279A6] savonaccessfilter.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SYSTEM_CONTROL [F79279A6] savonaccessfilter.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CHANGE [F79279A6] savonaccessfilter.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA [F79279A6] savonaccessfilter.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA [F79279A6] savonaccessfilter.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CREATE [F792666E] savonaccessfilter.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CREATE_NAMED_PIPE [F79279A6] savonaccessfilter.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CLOSE [F79278A2] savonaccessfilter.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_READ [F79279A6] savonaccessfilter.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_WRITE [F7927924] savonaccessfilter.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_INFORMATION [F79279A6] savonaccessfilter.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_INFORMATION [F7927820] savonaccessfilter.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_EA [F79279A6] savonaccessfilter.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_EA [F79279A6] savonaccessfilter.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_FLUSH_BUFFERS [F79279A6] savonaccessfilter.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_VOLUME_INFORMATION [F79279A6] savonaccessfilter.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_VOLUME_INFORMATION [F79279A6] savonaccessfilter.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_DIRECTORY_CONTROL [F79279A6] savonaccessfilter.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_FILE_SYSTEM_CONTROL [F7927A26] savonaccessfilter.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_DEVICE_CONTROL [F79279A6] savonaccessfilter.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_INTERNAL_DEVICE_CONTROL [F79266FA] savonaccessfilter.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SHUTDOWN [F79279A6] savonaccessfilter.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_LOCK_CONTROL [F79279A6] savonaccessfilter.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CLEANUP [F792779E] savonaccessfilter.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CREATE_MAILSLOT [F79279A6] savonaccessfilter.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_SECURITY [F79279A6] savonaccessfilter.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_SECURITY [F79279A6] savonaccessfilter.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_POWER [F79279A6] savonaccessfilter.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SYSTEM_CONTROL [F79279A6] savonaccessfilter.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_DEVICE_CHANGE [F79279A6] savonaccessfilter.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_QUOTA [F79279A6] savonaccessfilter.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_QUOTA [F79279A6] savonaccessfilter.sys
---- Processes - GMER 1.0.13 ----
Library G:\sys.exe (*** hidden *** ) @ G:\sys.exe [2748] 0x00400000
---- EOF - GMER 1.0.13 ----
:mc: :help:
vBulletin® v3.6.4, Copyright ©2000-2026, Jelsoft Enterprises Ltd.