View Full Version : Rilevato TROJ_ESEPOR.Y con il webscan di trendmicro...
da ieri quando faccio una ricerca su google qualsiasi parola scriva, anche se metto nelle opzioni "solo pagine italiane" mi trova risultati, per lo + link ad altri motori di ricerca, in lingua inglese! ho pensato fosse uno di quei fastidiosi spyware e ho eseguito adaware se aggiornato, che si ha trovato degli spyware, ma si vede nn quello legato al mio problema, in quanto esso persisteva! allora vado sul forum di hw e seguendo il link faccio lo scan della trade micro che con mia sorpresa trova il TROJ_ESEPOR.Y (http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=TROJ_ESEPOR.Y)!!!
il file che il trademicro mi rileva come infettato č
c:\windows\system32\tmksrvu.exe
perņ nello "scan results" mi dice "Non cleanable!" come faccio a toglierlo?
ecco link all'iimmagine della scansione
http://album.foto.virgilio.it/drakan/858313/foto.php
la facevo fin troppo semplice!
magari avessi solo un trojan... ecco il logo del web scan della bit defender...
C:\Documents and Settings\{diablo}\Impostazioni locali\Temporary Internet Files\Content.IE5\4DIVCXEF\454543403[1].zip: infected with Win32.Netsky.C@mm
C:\Programmi\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>arrow1.bmp: password protected
C:\Programmi\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>arrow2.bmp: password protected
C:\Programmi\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bck1.bmp: password protected
C:\Programmi\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bck2.bmp: password protected
C:\Programmi\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bt11.bmp: password protected
C:\Programmi\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bt12.bmp: password protected
C:\Programmi\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bt13.bmp: password protected
C:\Programmi\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bt21.bmp: password protected
C:\Programmi\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bt22.bmp: password protected
C:\Programmi\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bt23.bmp: password protected
C:\Programmi\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bt31.bmp: password protected
C:\Programmi\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bt32.bmp: password protected
C:\Programmi\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bt33.bmp: password protected
C:\Programmi\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bt41.bmp: password protected
C:\Programmi\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bt42.bmp: password protected
C:\Programmi\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bt43.bmp: password protected
C:\Programmi\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bt51.bmp: password protected
C:\Programmi\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bt52.bmp: password protected
C:\Programmi\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bt53.bmp: password protected
C:\Programmi\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bt61.bmp: password protected
C:\Programmi\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bt62.bmp: password protected
C:\Programmi\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>checkbox1.bmp: password protected
C:\Programmi\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>checkbox2.bmp: password protected
C:\Programmi\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>checkbox3.bmp: password protected
C:\Programmi\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>checkbox4.bmp: password protected
C:\Programmi\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>default.skn: password protected
C:\Programmi\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>defbtn1.bmp: password protected
C:\Programmi\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>defbtn2.bmp: password protected
C:\Programmi\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>defbtn3.bmp: password protected
C:\Programmi\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>glyph1.bmp: password protected
C:\Programmi\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>glyph2.bmp: password protected
C:\Programmi\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>glyph3.bmp: password protected
C:\Programmi\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>glyph4.bmp: password protected
C:\Programmi\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>glyph5.bmp: password protected
C:\Programmi\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>glyph6.bmp: password protected
C:\Programmi\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>glyph7.bmp: password protected
C:\Programmi\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>main.bmp: password protected
C:\Programmi\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>preview.bmp: password protected
C:\Programmi\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>sprite1.bmp: password protected
C:\Programmi\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>tab1.bmp: password protected
C:\Programmi\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>tab2.bmp: password protected
C:\WINDOWS\system32\javexulm.vxd: infected with Adware.BBuddy.A
C:\WINDOWS\system32\netut80ex.vxd=>C:/WINDOWS/System32/exul.exe: infected with Adware.BBuddy.A
C:\WINDOWS\system32\netut80ex.vxd=>C:/WINDOWS/System32/javexulm.vxd: infected with Adware.BBuddy.A
C:\WINDOWS\system32\tksrv99.exe=>(Upx): infected with Trojan.Downloader.Esepor.Y
C:\WINDOWS\system32\tmksrvu.exe: infected with Trojan.Downloader.Esepor.Y
D:\download\adaware personal 1.5\aawsepersonal.exe=>wise0023=>arrow1.bmp: password protected
D:\download\adaware personal 1.5\aawsepersonal.exe=>wise0023=>arrow2.bmp: password protected
D:\download\adaware personal 1.5\aawsepersonal.exe=>wise0023=>bck1.bmp: password protected
D:\download\adaware personal 1.5\aawsepersonal.exe=>wise0023=>bck2.bmp: password protected
D:\download\adaware personal 1.5\aawsepersonal.exe=>wise0023=>bt11.bmp: password protected
D:\download\adaware personal 1.5\aawsepersonal.exe=>wise0023=>bt12.bmp: password protected
D:\download\adaware personal 1.5\aawsepersonal.exe=>wise0023=>bt13.bmp: password protected
D:\download\adaware personal 1.5\aawsepersonal.exe=>wise0023=>bt21.bmp: password protected
D:\download\adaware personal 1.5\aawsepersonal.exe=>wise0023=>bt22.bmp: password protected
D:\download\adaware personal 1.5\aawsepersonal.exe=>wise0023=>bt23.bmp: password protected
D:\download\adaware personal 1.5\aawsepersonal.exe=>wise0023=>bt31.bmp: password protected
D:\download\adaware personal 1.5\aawsepersonal.exe=>wise0023=>bt32.bmp: password protected
D:\download\adaware personal 1.5\aawsepersonal.exe=>wise0023=>bt33.bmp: password protected
D:\download\adaware personal 1.5\aawsepersonal.exe=>wise0023=>bt41.bmp: password protected
D:\download\adaware personal 1.5\aawsepersonal.exe=>wise0023=>bt42.bmp: password protected
D:\download\adaware personal 1.5\aawsepersonal.exe=>wise0023=>bt43.bmp: password protected
D:\download\adaware personal 1.5\aawsepersonal.exe=>wise0023=>bt51.bmp: password protected
D:\download\adaware personal 1.5\aawsepersonal.exe=>wise0023=>bt52.bmp: password protected
D:\download\adaware personal 1.5\aawsepersonal.exe=>wise0023=>bt53.bmp: password protected
D:\download\adaware personal 1.5\aawsepersonal.exe=>wise0023=>bt61.bmp: password protected
D:\download\adaware personal 1.5\aawsepersonal.exe=>wise0023=>bt62.bmp: password protected
D:\download\adaware personal 1.5\aawsepersonal.exe=>wise0023=>checkbox1.bmp: password protected
D:\download\adaware personal 1.5\aawsepersonal.exe=>wise0023=>checkbox2.bmp: password protected
D:\download\adaware personal 1.5\aawsepersonal.exe=>wise0023=>checkbox3.bmp: password protected
D:\download\adaware personal 1.5\aawsepersonal.exe=>wise0023=>checkbox4.bmp: password protected
D:\download\adaware personal 1.5\aawsepersonal.exe=>wise0023=>default.skn: password protected
D:\download\adaware personal 1.5\aawsepersonal.exe=>wise0023=>defbtn1.bmp: password protected
D:\download\adaware personal 1.5\aawsepersonal.exe=>wise0023=>defbtn2.bmp: password protected
D:\download\adaware personal 1.5\aawsepersonal.exe=>wise0023=>defbtn3.bmp: password protected
D:\download\adaware personal 1.5\aawsepersonal.exe=>wise0023=>glyph1.bmp: password protected
D:\download\adaware personal 1.5\aawsepersonal.exe=>wise0023=>glyph2.bmp: password protected
D:\download\adaware personal 1.5\aawsepersonal.exe=>wise0023=>glyph3.bmp: password protected
D:\download\adaware personal 1.5\aawsepersonal.exe=>wise0023=>glyph4.bmp: password protected
D:\download\adaware personal 1.5\aawsepersonal.exe=>wise0023=>glyph5.bmp: password protected
D:\download\adaware personal 1.5\aawsepersonal.exe=>wise0023=>glyph6.bmp: password protected
D:\download\adaware personal 1.5\aawsepersonal.exe=>wise0023=>glyph7.bmp: password protected
D:\download\adaware personal 1.5\aawsepersonal.exe=>wise0023=>main.bmp: password protected
D:\download\adaware personal 1.5\aawsepersonal.exe=>wise0023=>preview.bmp: password protected
D:\download\adaware personal 1.5\aawsepersonal.exe=>wise0023=>sprite1.bmp: password protected
D:\download\adaware personal 1.5\aawsepersonal.exe=>wise0023=>tab1.bmp: password protected
D:\download\adaware personal 1.5\aawsepersonal.exe=>wise0023=>tab2.bmp: password protected
ed ecco l'immagine dello scan (č la foto 2!)
http://album.foto.virgilio.it/drakan/858313/foto.php
vBulletin® v3.6.4, Copyright ©2000-2026, Jelsoft Enterprises Ltd.