Virus non rilevati da avg

[superior]

Salve a tutti, è da un po di tempo che il pc va lento e mi sono chiesto se fosse un virus. Preciso che il computer funziona perfettamente, è semplicemente molto lento. Ho fatto la scansione con AVG e mi dice che ho kernel32.dll e shell32.dll "changed". Ho letto su un po' di forum e ho visto che teoricamente è tutto ok.
Poi ho provato a fare una scansione online con kaspersky e vi posto il risultato. Cosa devo fare per eliminare questi virus e sistemare il tutto (ovviamente senza formattare)

Scan Statistics
Total number of scanned objects 98181
Number of viruses found 6
Number of infected objects 23
Number of suspicious objects 0
Duration of the scan process 04:56:51

Infected Object Name Virus Name Last Action
C:\Matello\Internet TV (PPLive, ppStream, Tvants, PCast, SopCast)\PCAST SETUP\pcastbarmini.exe/data0003 Infected: not-a-virus:AdWare.Win32.Dudu.d skipped

C:\Matello\Internet TV (PPLive, ppStream, Tvants, PCast, SopCast)\PCAST SETUP\pcastbarmini.exe/data0004 Infected: not-a-virus:AdWare.Win32.Dudu.d skipped

C:\Matello\Internet TV (PPLive, ppStream, Tvants, PCast, SopCast)\PCAST SETUP\pcastbarmini.exe/data0005 Infected: not-a-virus:AdWare.Win32.Dudu.d skipped

C:\Matello\Internet TV (PPLive, ppStream, Tvants, PCast, SopCast)\PCAST SETUP\pcastbarmini.exe NSIS: infected - 3 skipped

C:\Matello\Internet TV (PPLive, ppStream, Tvants, PCast, SopCast).rar/Internet TV (PPLive, ppStream, Tvants, PCast, SopCast)/PCAST SETUP/pcastbarmini.exe/data0003 Infected: not-a-virus:AdWare.Win32.Dudu.d skipped

C:\Matello\Internet TV (PPLive, ppStream, Tvants, PCast, SopCast).rar/Internet TV (PPLive, ppStream, Tvants, PCast, SopCast)/PCAST SETUP/pcastbarmini.exe/data0004 Infected: not-a-virus:AdWare.Win32.Dudu.d skipped

C:\Matello\Internet TV (PPLive, ppStream, Tvants, PCast, SopCast).rar/Internet TV (PPLive, ppStream, Tvants, PCast, SopCast)/PCAST SETUP/pcastbarmini.exe/data0005 Infected: not-a-virus:AdWare.Win32.Dudu.d skipped

C:\Matello\Internet TV (PPLive, ppStream, Tvants, PCast, SopCast).rar/Internet TV (PPLive, ppStream, Tvants, PCast, SopCast)/PCAST SETUP/pcastbarmini.exe Infected: not-a-virus:AdWare.Win32.Dudu.d skipped

C:\Matello\Internet TV (PPLive, ppStream, Tvants, PCast, SopCast).rar RAR: infected - 4 skipped

C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

D:\Documents and Settings\All Users\Dati applicazioni\avg7\Log\emc.log Object is locked skipped

D:\Documents and Settings\All Users\Dati applicazioni\Grisoft\Avg7Data\avg7log.log Object is locked skipped

D:\Documents and Settings\All Users\Dati applicazioni\Grisoft\Avg7Data\avg7log.log.lck Object is locked skipped

D:\Documents and Settings\All Users\Dati applicazioni\Spybot - Search & Destroy\Recovery\WhenUDAEMONToolsSearchBar.zip/whse.exe Infected: not-a-virus:AdWare.Win32.SaveNow.bo skipped

D:\Documents and Settings\All Users\Dati applicazioni\Spybot - Search & Destroy\Recovery\WhenUDAEMONToolsSearchBar.zip ZIP: infected - 1 skipped

D:\Documents and Settings\All Users\Dati applicazioni\Spybot - Search & Destroy\Recovery\WhenUDAEMONToolsSearchBar1.zip/Uninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.az skipped

D:\Documents and Settings\All Users\Dati applicazioni\Spybot - Search & Destroy\Recovery\WhenUDAEMONToolsSearchBar1.zip ZIP: infected - 1 skipped

D:\Documents and Settings\All Users\Dati applicazioni\Spybot - Search & Destroy\Recovery\WhenUDAEMONToolsSearchBar2.zip/Search.exe Infected: not-a-virus:AdTool.Win32.WhenU.c skipped

D:\Documents and Settings\All Users\Dati applicazioni\Spybot - Search & Destroy\Recovery\WhenUDAEMONToolsSearchBar2.zip ZIP: infected - 1 skipped

D:\Documents and Settings\All Users\Dati applicazioni\Spybot - Search & Destroy\Recovery\WhenUDAEMONToolsSearchBar3.zip/search.dll Infected: not-a-virus:AdTool.Win32.WhenU.c skipped

D:\Documents and Settings\All Users\Dati applicazioni\Spybot - Search & Destroy\Recovery\WhenUDAEMONToolsSearchBar3.zip ZIP: infected - 1 skipped

D:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped

D:\Documents and Settings\LocalService\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped

D:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped

D:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

D:\Documents and Settings\LocalService\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

D:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped

D:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped

D:\Documents and Settings\Matello Superior\Cookies\index.dat Object is locked skipped

D:\Documents and Settings\Matello Superior\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped

D:\Documents and Settings\Matello Superior\Impostazioni locali\Cronologia\History.IE5\MSHist012007111520071116\index.dat Object is locked skipped

D:\Documents and Settings\Matello Superior\Impostazioni locali\Cronologia\History.IE5\MSHist012007111620071117\index.dat Object is locked skipped

D:\Documents and Settings\Matello Superior\Impostazioni locali\Dati applicazioni\Microsoft\CardSpace\CardSpace.db Object is locked skipped

D:\Documents and Settings\Matello Superior\Impostazioni locali\Dati applicazioni\Microsoft\CardSpace\CardSpace.db.shadow Object is locked skipped

D:\Documents and Settings\Matello Superior\Impostazioni locali\Dati applicazioni\Microsoft\Feeds Cache\index.dat Object is locked skipped

D:\Documents and Settings\Matello Superior\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped

D:\Documents and Settings\Matello Superior\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

D:\Documents and Settings\Matello Superior\Impostazioni locali\Temp\Perflib_Perfdata_e78.dat Object is locked skipped

D:\Documents and Settings\Matello Superior\Impostazioni locali\Temp\~DF3CC8.tmp Object is locked skipped

D:\Documents and Settings\Matello Superior\Impostazioni locali\Temp\~DF3CD5.tmp Object is locked skipped

D:\Documents and Settings\Matello Superior\Impostazioni locali\Temp\~DFBABB.tmp Object is locked skipped

D:\Documents and Settings\Matello Superior\Impostazioni locali\Temp\~DFBAC8.tmp Object is locked skipped

D:\Documents and Settings\Matello Superior\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

D:\Documents and Settings\Matello Superior\NTUSER.DAT Object is locked skipped

D:\Documents and Settings\Matello Superior\ntuser.dat.LOG Object is locked skipped

D:\Documents and Settings\Matello Superior\plugin131_13.trace Object is locked skipped

D:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped

D:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

D:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped

D:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped

D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

D:\System Volume Information\_restore{79348FA3-DAA3-4511-A9EB-9C9C3B3C55CF}\RP115\A0025727.exe Infected: not-a-virus:AdTool.Win32.WhenU.a skipped

D:\System Volume Information\_restore{79348FA3-DAA3-4511-A9EB-9C9C3B3C55CF}\RP116\A0025782.dll Infected: not-a-virus:AdTool.Win32.WhenU.r skipped

D:\System Volume Information\_restore{79348FA3-DAA3-4511-A9EB-9C9C3B3C55CF}\RP117\A0025906.exe Object is locked skipped

D:\System Volume Information\_restore{79348FA3-DAA3-4511-A9EB-9C9C3B3C55CF}\RP119\A0026053.exe Infected: not-a-virus:AdWare.Win32.SaveNow.bo skipped

D:\System Volume Information\_restore{79348FA3-DAA3-4511-A9EB-9C9C3B3C55CF}\RP119\A0026054.exe Infected: not-a-virus:AdWare.Win32.SaveNow.az skipped

D:\System Volume Information\_restore{79348FA3-DAA3-4511-A9EB-9C9C3B3C55CF}\RP119\A0026055.exe Infected: not-a-virus:AdTool.Win32.WhenU.c skipped

D:\System Volume Information\_restore{79348FA3-DAA3-4511-A9EB-9C9C3B3C55CF}\RP119\A0026056.dll Infected: not-a-virus:AdTool.Win32.WhenU.c skipped

D:\System Volume Information\_restore{79348FA3-DAA3-4511-A9EB-9C9C3B3C55CF}\RP122\change.log Object is locked skipped

D:\System Volume Information\_restore{79348FA3-DAA3-4511-A9EB-9C9C3B3C55CF}\RP99\A0014448.exe Object is locked skipped

D:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

D:\WINDOWS\SchedLgU.Txt Object is locked skipped

D:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

D:\WINDOWS\Sti_Trace.log Object is locked skipped

D:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped

D:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped

D:\WINDOWS\system32\config\ACEEvent.evt Object is locked skipped

D:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

D:\WINDOWS\system32\config\default Object is locked skipped

D:\WINDOWS\system32\config\default.LOG Object is locked skipped

D:\WINDOWS\system32\config\Internet.evt Object is locked skipped

D:\WINDOWS\system32\config\ODiag.evt Object is locked skipped

D:\WINDOWS\system32\config\OSession.evt Object is locked skipped

D:\WINDOWS\system32\config\SAM Object is locked skipped

D:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

D:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

D:\WINDOWS\system32\config\SECURITY Object is locked skipped

D:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

D:\WINDOWS\system32\config\software Object is locked skipped

D:\WINDOWS\system32\config\software.LOG Object is locked skipped

D:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

D:\WINDOWS\system32\config\system Object is locked skipped

D:\WINDOWS\system32\config\system.LOG Object is locked skipped

D:\WINDOWS\system32\drivers\atapi.sys Object is locked skipped

D:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped

D:\WINDOWS\system32\h323log.txt Object is locked skipped

D:\WINDOWS\wiadebug.log Object is locked skipped

D:\WINDOWS\wiaservc.log Object is locked skipped

D:\WINDOWS\WindowsUpdate.log Object is locked skipped

D:\WINDOWS\{00000002-00000000-00000005-00001102-00000004-00511102}.CDF Object is locked skipped

Scan process completed.

[Chill-Out]

Innazitutto ti invito a leggere le Regole di Sezione
http://www.hwupgrade.it/forum/showthread.php?t=1589984
successivamente la Guida alla Disinfezione
http://www.hwupgrade.it/forum/showthread.php?t=1599737
grazie per la collaborazione
Ciao

[xcdegasp]

ti chiedo di seguire la semplice procedura preliminare descritta in Regole di Sezione, al completamento della quale dovremmo avere uno screnning completo

mi raccomando segui le indicazioni in modo minuzioso e postaci i log qui, poi e solo dopo ti chiederemo di produrre un log con HiJackThgis

[superior]

Ho effettuato la procedura e ho tolto i virus che avevo...ho rifatto la scansione online con panda e mi dice che non ho virus...Il problema è che il pc è ancora molto lento e in particolare all'avvio ci sta molto a caricare nella taskbar la connessione lan, inoltre se scvo "ipconfig" su esegui di windows mi si apre e mi si chiude la finestra...
A me pare che ho ancora qualcosa..cosa devo fare? Ripetere la procedura?
Ci impiego quasi 7 ore a fare tutta la procedura...faccio prima a formattare ...

[Gle89]

Quote:

Originariamente inviato da xcdegasp

mi raccomando segui le indicazioni in modo minuzioso e postaci i log qui, poi e solo dopo ti chiederemo di produrre un log con HiJackThis

Come segnalatoti dal Mod e dalla guida dopo aver fatto tutte le scansioni avremo bisogno dei LOG che questi tool rilasciano e soprattutto quello di HJT.

Senza questi non possiamo aiutarti perchè non abbiamo materiale su cui lavorare