kyui
19-01-2009, 01:49
credo di essermi liberato almeno in parte di bagle.. grazie all'eccellente a-squared che m ha trovato una marea di infezion che ho messo in quarantena. il problema ora però è che ho la barra del menu di windwos danneggiata (cioè quando abbasso i programmi non compaiono piu li) mi sn sparite le connessioni e soprattutto non mi fa ancora installare alcuni programmi dicendo che windows installer è danneggiato .come se non bastasse il comando copia e incolla non funziona piu e neanche la f unzione cerca del menu avvio.... che mi consigliate di fare? prima di formattare volevo trovare una soluzione
a-squared Anti-Malware v. 4.0.0.66
(C) 2003-2008 Emsi Software GmbH - www.emsisoft.com
ID Object
0 C:\Programmi\eMule\Incoming\[giga?????].Tascam.GigaStudio.v3.10.0.2270.Incl.KeyGen.Fixed-H2O.rar Backdoor.Win32.IRCBot!IK
1 Value: HKEY_CLASSES_ROOT\CLSID\{B22FE43C-D1E8-432A-A862-9F83D5F04732}\InprocServer32 --> ThreadingModel Trace.Registry.SpyPc 8.0!A2
2 C:\Documents and Settings\Administrator\Cookies\administrator@doubleclick[1].txt Trace.TrackingCookie.doubleclick!A2
3 C:\Programmi\WinRAR\ZIP.SFX Virus.Win32.Trojan!IK
4 C:\Documents and Settings\Administrator\Desktop\sys15988.exe Riskware.Risktool.Win32.avenger10!IK
5 C:\Documents and Settings\Administrator\Cookies\administrator@serving-sys[2].txt Trace.TrackingCookie.serving-sys!A2
6 C:\Documents and Settings\Administrator\Cookies\administrator@bravenet[1].txt Trace.TrackingCookie.bravenet!A2
7 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CA4FC24B-C65C-11D1-AA6F-000000000000}\InprocServer32 --> ThreadingModel Trace.Registry.SpyPc 8.0!A2
8 C:\System Volume Information\_restore{1E01876D-905B-4658-A68A-A9BB9121E809}\RP91\A0441486.exe Trojan.Keygen.Q!IK
9 Value: HKEY_CLASSES_ROOT\CLSID\{DDD136CE-517B-11D2-AD03-00105A17B608}\InprocServer32 --> ThreadingModel Trace.Registry.SpyPc 8.0!A2
10 C:\Documents and Settings\Administrator\Desktop\EvID4226Patch223d-en.zip Riskware.Patch.TCPIP!IK
11 C:\Documents and Settings\Administrator\Cookies\administrator@atdmt[1].txt Trace.TrackingCookie.atdmt!A2
12 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DDD136CE-517B-11D2-AD03-00105A17B608}\InprocServer32 --> ThreadingModel Trace.Registry.SpyPc 8.0!A2
13 C:\Documents and Settings\Administrator\Desktop\metal\LegaProAStadiumpatch.rar Riskware.Client-IRC.Win32.mIRC!IK
14 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0C1F87AE-AE62-11D3-911C-00105A17B608}\InprocServer32 --> ThreadingModel Trace.Registry.SpyPc 8.0!A2
15 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F99A075-5227-11D2-AD06-00105A17B608}\InprocServer32 --> ThreadingModel Trace.Registry.SpyPc 8.0!A2
16 C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt Trace.TrackingCookie.adserver!A2
17 C:\Programmi\eMule\Incoming\lezioni di scrittura creativa 2008.rar Trojan.Win32.Bepiv!IK
18 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{371D0743-7A57-11D2-AD5A-00105A17B608}\InprocServer32 --> ThreadingModel Trace.Registry.SpyPc 8.0!A2
19 Value: HKEY_CLASSES_ROOT\CLSID\{E9D55102-9683-11D2-BA68-0040053687FE}\InprocServer32 --> ThreadingModel Trace.Registry.SpyPc 8.0!A2
20 C:\Programmi\FindyKill\Tools\Process.exe Riskware.RiskTool.Win32.Processor.20!A2
21 Value: HKEY_CLASSES_ROOT\CLSID\{CA4FC24B-C65C-11D1-AA6F-000000000000}\InprocServer32 --> ThreadingModel Trace.Registry.SpyPc 8.0!A2
22 C:\Programmi\eMule\Incoming\[Divx - ITA - CODEC] VARI CODEC PER FILM AVI MPG DIVX XVID (PER VEDERE TUTTO)(APRIRE CON WINZIP).zip Riskware.Hacktool.Keygen.DivX!IK
23 C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt Trace.TrackingCookie.bs.serving-sys!A2
24 C:\Programmi\eMule\Incoming\Acid-Base Titration 2.0 - TRojan Dldr.Bagle.aen.zip Trojan-Downloader.Win32.Bagle!IK
25 Value: HKEY_CLASSES_ROOT\CLSID\{0C1F87AE-AE62-11D3-911C-00105A17B608}\InprocServer32 --> ThreadingModel Trace.Registry.SpyPc 8.0!A2
26 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B22FE43C-D1E8-432A-A862-9F83D5F04732}\InprocServer32 --> ThreadingModel Trace.Registry.SpyPc 8.0!A2
27 Value: HKEY_CLASSES_ROOT\CLSID\{4F99A075-5227-11D2-AD06-00105A17B608}\InprocServer32 --> ThreadingModel Trace.Registry.SpyPc 8.0!A2
28 Value: HKEY_CLASSES_ROOT\CLSID\{371D0743-7A57-11D2-AD5A-00105A17B608}\InprocServer32 --> ThreadingModel Trace.Registry.SpyPc 8.0!A2
29 C:\RECYCLER\S-1-5-21-1644491937-1177238915-839522115-500\Dc50\CRACKED_ThriXXX_Hentai3D_017_AND_SexVilla3D_017_AND_VirtuallyJenna_017_Incl_AMD_Patch.rar Trojan.QQPass.LY!IK
30 C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt Trace.TrackingCookie.adserv!A2
31 c:\windows\system32\dartsock.dll Trace.File.SpyPc 8.0!A2
32 C:\System Volume Information\_restore{1E01876D-905B-4658-A68A-A9BB9121E809}\RP123\A0590994.sys Hoax.Win32.Agent.fu!A2
33 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E9D55102-9683-11D2-BA68-0040053687FE}\InprocServer32 --> ThreadingModel Trace.Registry.SpyPc 8.0!A2
34 C:\System Volume Information\_restore{1E01876D-905B-4658-A68A-A9BB9121E809}\RP87\A0408544.rbf Trojan.Small.1557988!IK
a-squared Anti-Malware v. 4.0.0.66
(C) 2003-2008 Emsi Software GmbH - www.emsisoft.com
ID Object
0 C:\Programmi\eMule\Incoming\[giga?????].Tascam.GigaStudio.v3.10.0.2270.Incl.KeyGen.Fixed-H2O.rar Backdoor.Win32.IRCBot!IK
1 Value: HKEY_CLASSES_ROOT\CLSID\{B22FE43C-D1E8-432A-A862-9F83D5F04732}\InprocServer32 --> ThreadingModel Trace.Registry.SpyPc 8.0!A2
2 C:\Documents and Settings\Administrator\Cookies\administrator@doubleclick[1].txt Trace.TrackingCookie.doubleclick!A2
3 C:\Programmi\WinRAR\ZIP.SFX Virus.Win32.Trojan!IK
4 C:\Documents and Settings\Administrator\Desktop\sys15988.exe Riskware.Risktool.Win32.avenger10!IK
5 C:\Documents and Settings\Administrator\Cookies\administrator@serving-sys[2].txt Trace.TrackingCookie.serving-sys!A2
6 C:\Documents and Settings\Administrator\Cookies\administrator@bravenet[1].txt Trace.TrackingCookie.bravenet!A2
7 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CA4FC24B-C65C-11D1-AA6F-000000000000}\InprocServer32 --> ThreadingModel Trace.Registry.SpyPc 8.0!A2
8 C:\System Volume Information\_restore{1E01876D-905B-4658-A68A-A9BB9121E809}\RP91\A0441486.exe Trojan.Keygen.Q!IK
9 Value: HKEY_CLASSES_ROOT\CLSID\{DDD136CE-517B-11D2-AD03-00105A17B608}\InprocServer32 --> ThreadingModel Trace.Registry.SpyPc 8.0!A2
10 C:\Documents and Settings\Administrator\Desktop\EvID4226Patch223d-en.zip Riskware.Patch.TCPIP!IK
11 C:\Documents and Settings\Administrator\Cookies\administrator@atdmt[1].txt Trace.TrackingCookie.atdmt!A2
12 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DDD136CE-517B-11D2-AD03-00105A17B608}\InprocServer32 --> ThreadingModel Trace.Registry.SpyPc 8.0!A2
13 C:\Documents and Settings\Administrator\Desktop\metal\LegaProAStadiumpatch.rar Riskware.Client-IRC.Win32.mIRC!IK
14 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0C1F87AE-AE62-11D3-911C-00105A17B608}\InprocServer32 --> ThreadingModel Trace.Registry.SpyPc 8.0!A2
15 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F99A075-5227-11D2-AD06-00105A17B608}\InprocServer32 --> ThreadingModel Trace.Registry.SpyPc 8.0!A2
16 C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt Trace.TrackingCookie.adserver!A2
17 C:\Programmi\eMule\Incoming\lezioni di scrittura creativa 2008.rar Trojan.Win32.Bepiv!IK
18 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{371D0743-7A57-11D2-AD5A-00105A17B608}\InprocServer32 --> ThreadingModel Trace.Registry.SpyPc 8.0!A2
19 Value: HKEY_CLASSES_ROOT\CLSID\{E9D55102-9683-11D2-BA68-0040053687FE}\InprocServer32 --> ThreadingModel Trace.Registry.SpyPc 8.0!A2
20 C:\Programmi\FindyKill\Tools\Process.exe Riskware.RiskTool.Win32.Processor.20!A2
21 Value: HKEY_CLASSES_ROOT\CLSID\{CA4FC24B-C65C-11D1-AA6F-000000000000}\InprocServer32 --> ThreadingModel Trace.Registry.SpyPc 8.0!A2
22 C:\Programmi\eMule\Incoming\[Divx - ITA - CODEC] VARI CODEC PER FILM AVI MPG DIVX XVID (PER VEDERE TUTTO)(APRIRE CON WINZIP).zip Riskware.Hacktool.Keygen.DivX!IK
23 C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt Trace.TrackingCookie.bs.serving-sys!A2
24 C:\Programmi\eMule\Incoming\Acid-Base Titration 2.0 - TRojan Dldr.Bagle.aen.zip Trojan-Downloader.Win32.Bagle!IK
25 Value: HKEY_CLASSES_ROOT\CLSID\{0C1F87AE-AE62-11D3-911C-00105A17B608}\InprocServer32 --> ThreadingModel Trace.Registry.SpyPc 8.0!A2
26 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B22FE43C-D1E8-432A-A862-9F83D5F04732}\InprocServer32 --> ThreadingModel Trace.Registry.SpyPc 8.0!A2
27 Value: HKEY_CLASSES_ROOT\CLSID\{4F99A075-5227-11D2-AD06-00105A17B608}\InprocServer32 --> ThreadingModel Trace.Registry.SpyPc 8.0!A2
28 Value: HKEY_CLASSES_ROOT\CLSID\{371D0743-7A57-11D2-AD5A-00105A17B608}\InprocServer32 --> ThreadingModel Trace.Registry.SpyPc 8.0!A2
29 C:\RECYCLER\S-1-5-21-1644491937-1177238915-839522115-500\Dc50\CRACKED_ThriXXX_Hentai3D_017_AND_SexVilla3D_017_AND_VirtuallyJenna_017_Incl_AMD_Patch.rar Trojan.QQPass.LY!IK
30 C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt Trace.TrackingCookie.adserv!A2
31 c:\windows\system32\dartsock.dll Trace.File.SpyPc 8.0!A2
32 C:\System Volume Information\_restore{1E01876D-905B-4658-A68A-A9BB9121E809}\RP123\A0590994.sys Hoax.Win32.Agent.fu!A2
33 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E9D55102-9683-11D2-BA68-0040053687FE}\InprocServer32 --> ThreadingModel Trace.Registry.SpyPc 8.0!A2
34 C:\System Volume Information\_restore{1E01876D-905B-4658-A68A-A9BB9121E809}\RP87\A0408544.rbf Trojan.Small.1557988!IK