virus...

[moby90]

ciao,
facendo la scansione cn kaspersky online mi ha trovato vari virus nel mio pc...mi potete aiutare ad eliminarli?

vi posto il risultato della scansione...
Infected Object Name Virus Name Last Action
C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Anti-Virus Personal\5.0\Backup\BackupMng.i0000 Object is locked skipped

C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Anti-Virus Personal\5.0\Backup\BackupMng.i0001 Object is locked skipped

C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Anti-Virus Personal\5.0\Backup\BackupMng.i0100 Object is locked skipped

C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Anti-Virus Personal\5.0\Backup\BackupMng.i0101 Object is locked skipped

C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Anti-Virus Personal\5.0\Backup\BackupMng.i0200 Object is locked skipped

C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Anti-Virus Personal\5.0\Backup\BackupMng.i0201 Object is locked skipped

C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Anti-Virus Personal\5.0\Backup\BackupMng.i0300 Object is locked skipped

C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Anti-Virus Personal\5.0\Backup\BackupMng.i0301 Object is locked skipped

C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Anti-Virus Personal\5.0\Backup\BackupMng.reph Object is locked skipped

C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Anti-Virus Personal\5.0\Backup\BackupMng.repi Object is locked skipped

C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Anti-Virus Personal\5.0\Backup\BackupMng.rept Object is locked skipped

C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Anti-Virus Personal\5.0\Quarantine\QMng.i0000 Object is locked skipped

C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Anti-Virus Personal\5.0\Quarantine\QMng.i0001 Object is locked skipped

C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Anti-Virus Personal\5.0\Quarantine\QMng.i0100 Object is locked skipped

C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Anti-Virus Personal\5.0\Quarantine\QMng.i0101 Object is locked skipped

C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Anti-Virus Personal\5.0\Quarantine\QMng.i0200 Object is locked skipped

C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Anti-Virus Personal\5.0\Quarantine\QMng.i0201 Object is locked skipped

C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Anti-Virus Personal\5.0\Quarantine\QMng.i0300 Object is locked skipped

C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Anti-Virus Personal\5.0\Quarantine\QMng.i0301 Object is locked skipped

C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Anti-Virus Personal\5.0\Quarantine\QMng.reph Object is locked skipped

C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Anti-Virus Personal\5.0\Quarantine\QMng.repi Object is locked skipped

C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Anti-Virus Personal\5.0\Quarantine\QMng.rept Object is locked skipped

C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Anti-Virus Personal\5.0\Reports\RptMng.i0000 Object is locked skipped

C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Anti-Virus Personal\5.0\Reports\RptMng.i0001 Object is locked skipped

C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Anti-Virus Personal\5.0\Reports\RptMng.i0100 Object is locked skipped

C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Anti-Virus Personal\5.0\Reports\RptMng.i0101 Object is locked skipped

C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Anti-Virus Personal\5.0\Reports\RptMng.i0200 Object is locked skipped

C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Anti-Virus Personal\5.0\Reports\RptMng.i0201 Object is locked skipped

C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Anti-Virus Personal\5.0\Reports\RptMng.reph Object is locked skipped

C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Anti-Virus Personal\5.0\Reports\RptMng.repi Object is locked skipped

C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Anti-Virus Personal\5.0\Reports\RptMng.rept Object is locked skipped

C:\Documents and Settings\All Users\Dati applicazioni\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped

C:\Documents and Settings\All Users\Dati applicazioni\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped

C:\Documents and Settings\AMD\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\AMD\Dati applicazioni\Sun\Java\Deployment\cache\javapi\v1.0\jar\crtdcghcn.jar-53b026d4-11a4cf4a.zip/BaaaaBaa.class Infected: Trojan.Java.ClassLoader.ao skipped

C:\Documents and Settings\AMD\Dati applicazioni\Sun\Java\Deployment\cache\javapi\v1.0\jar\crtdcghcn.jar-53b026d4-11a4cf4a.zip/VaaaaaaaBaa.class Infected: Trojan.Java.ClassLoader.ao skipped

C:\Documents and Settings\AMD\Dati applicazioni\Sun\Java\Deployment\cache\javapi\v1.0\jar\crtdcghcn.jar-53b026d4-11a4cf4a.zip/Baaaaa.class Infected: Trojan.Java.ClassLoader.ao skipped

C:\Documents and Settings\AMD\Dati applicazioni\Sun\Java\Deployment\cache\javapi\v1.0\jar\crtdcghcn.jar-53b026d4-11a4cf4a.zip ZIP: infected - 3 skipped

C:\Documents and Settings\AMD\Desktop\Betto\Crack & co\mspass2\mspass.exe Infected: not-a-virus:PSWTool.Win32.Messen.106 skipped

C:\Documents and Settings\AMD\Desktop\Betto\MIRC\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.602 skipped

C:\Documents and Settings\AMD\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\265163.dmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\2AD814.dmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\best_0169.exe Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\cc1.txt Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\d1.exe Infected: Trojan-Proxy.Win32.Wopla.ag skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\d4.exe Infected: Trojan-Dropper.Win32.Agent.bdy skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\MessengerCache\ZTbE6J8kl20dzoFo9bmIlpOOF90= Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR10.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR11.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR12.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR13.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR14.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR15.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR16.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR17.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR18.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR19.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR1A.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR1B.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR1C.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR1D.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR1E.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR1F.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR20.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR21.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR22.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR23.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR24.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR25.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR26.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR27.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR28.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR29.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR2A.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR2B.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR2C.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR2D.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR2E.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR2F.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR30.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR31.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR32.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR33.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR34.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR35.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR36.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR37.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR38.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR39.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR3A.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR3B.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR3C.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR3D.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR3E.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR3F.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR40.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR41.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR42.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR43.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR44.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR45.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR46.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR47.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR48.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR49.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR4A.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR4B.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR4C.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR4D.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR4E.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR4F.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR50.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR51.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR52.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR53.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR54.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR55.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR56.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR57.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR58.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR59.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR5A.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR5B.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR5C.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR5D.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR5E.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR5F.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR6.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR60.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR61.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR62.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR63.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR64.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR65.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR66.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR67.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR68.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR69.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR6A.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR6B.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR6C.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR6D.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR6E.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR6F.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR7.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR70.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR71.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR72.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR73.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR74.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR75.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR76.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR77.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR78.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR79.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR7A.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR7B.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR7C.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR7D.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR7E.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR7F.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR8.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR80.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR81.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR82.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR83.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR84.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR85.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR86.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR87.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR88.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR89.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR8A.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR8B.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR8C.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXR9.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXRA.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXRB.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXRC.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXRD.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXRE.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\PXRF.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\winsyst32.exe Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temp\~DFEE7A.tmp Object is locked skipped

C:\Documents and Settings\AMD\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\AMD\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\AMD\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\AMD\Data\chandir.dat Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\AMD\Data\chandir.idx Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\AMD\Data\chn.dat Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\AMD\Data\chn.idx Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\AMD\Data\D0000000.FCS Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\AMD\Data\inuse.txt Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\AMD\Data\L0000001.FCS Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\AMD\Data\main.log Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\AMD\Data\prs.dat Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\AMD\Data\prs.idx Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\AMD\Data\prs_die.dat Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\AMD\Data\prs_die.idx Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\AMD\Data\prs_dnd.dat Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\AMD\Data\prs_dnd.idx Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\AMD\Data\prs_ext.dat Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\AMD\Data\prs_ext.idx Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\AMD\Data\prs_rcv.dat Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\AMD\Data\prs_rcv.idx Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\AMD\Data\storydb.dat Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\AMD\Data\storydb.idx Object is locked skipped

C:\Programmi\eMule\Incoming\mobidogs ita_fastest_BitTorrent_downloader.zip/BitDownload-3.0-setup.exe/data0012 Infected: Trojan.Win32.Inject.ba skipped

C:\Programmi\eMule\Incoming\mobidogs ita_fastest_BitTorrent_downloader.zip/BitDownload-3.0-setup.exe Infected: Trojan.Win32.Inject.ba skipped

C:\Programmi\eMule\Incoming\mobidogs ita_fastest_BitTorrent_downloader.zip ZIP: infected - 2 skipped

C:\Programmi\Kaspersky Lab\AVP6\Report\report.rpt Object is locked skipped

C:\Programmi\Kaspersky Lab\AVP6\storage.lic Object is locked skipped

C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

C:\WINDOWS\6257127238.exe Infected: Trojan-Clicker.Win32.Small.kj skipped

C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

C:\WINDOWS\fidbox.dat Object is locked skipped

C:\WINDOWS\fidbox.idx Object is locked skipped

C:\WINDOWS\msnhp32.dll Infected: Trojan-Clicker.Win32.Small.kj skipped

C:\WINDOWS\SchedLgU.Txt Object is locked skipped

C:\WINDOWS\SoftwareDistribution\EventCache\{72F3B440-A520-460F-B1D6-DF506BBB4F82}.bin Object is locked skipped

C:\WINDOWS\SoftwareDistribution\EventCache\{DF85E72F-7147-4764-BEBF-EA5833643A9B}.bin Object is locked skipped

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

C:\WINDOWS\Sti_Trace.log Object is locked skipped

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\default Object is locked skipped

C:\WINDOWS\system32\config\default.LOG Object is locked skipped

C:\WINDOWS\system32\config\SAM Object is locked skipped

C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SECURITY Object is locked skipped

C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

C:\WINDOWS\system32\config\software Object is locked skipped

C:\WINDOWS\system32\config\software.LOG Object is locked skipped

C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\system Object is locked skipped

C:\WINDOWS\system32\config\system.LOG Object is locked skipped

C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat Object is locked skipped

C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped

C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped

C:\WINDOWS\system32\drivers\sptd1645.sys Object is locked skipped

C:\WINDOWS\system32\rpcc.dll Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped

C:\WINDOWS\Temp\svcipa.exe Infected: Trojan-Clicker.Win32.Agent.jh skipped

C:\WINDOWS\Temp\ulogin125.exe Infected: Trojan-Clicker.Win32.Agent.jh skipped

C:\WINDOWS\Temp\~DF18E.tmp Object is locked skipped

C:\WINDOWS\wiadebug.log Object is locked skipped

C:\WINDOWS\wiaservc.log Object is locked skipped

C:\WINDOWS\WindowsUpdate.log Object is locked skipped

C:\WINDOWS\winhp32.exe Infected: Trojan-Clicker.Win32.Small.kj skipped

C:\_cleaned.tmp Object is locked skipped

Scan process completed.

[moby90]

e il log HijackThis

Logfile of HijackThis v1.99.1
Scan saved at 11.24.50, on 07/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Kaspersky Lab\AVP6\avp.exe
C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe
C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
C:\Programmi\D-Tools\daemon.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Programmi\Logitech\Video\LogiTray.exe
C:\Programmi\Kaspersky Lab\AVP6\avp.exe
C:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe
C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\PROGRA~1\FILECO~1\PCSuite\Services\SERVIC~1.EXE
C:\PROGRA~1\MESSEN~1\msmsgs.exe
C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Programmi\Logitech\Video\FxSvr2.exe
C:\Programmi\MSN Messenger\msnmsgr.exe
C:\PROGRA~1\FILECO~1\Nokia\MPAPI\MPAPI3s.exe
C:\Programmi\MessengerDiscovery\MessengerDiscovery Live.exe
C:\Programmi\Java\jre1.5.0_06\bin\jucheck.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\dwwin.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\dwwin.exe
C:\Documents and Settings\AMD\Desktop\Betto\Crack & co\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://codecs.r8.org/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe,"c:\windows\lexmark-service.exe",
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] "C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programmi\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programmi\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programmi\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Kaspersky Internet Security 2006 (Proto 2)] C:\Programmi\Kaspersky Lab\AVP6\avp.exe
O4 - HKLM\..\Run: [DataLayer] C:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Programmi\Logitech\Video\ManifestEngine.exe boot
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Programmi\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [MSMSGS] "C:\PROGRA~1\MESSEN~1\msmsgs.exe" /background
O4 - HKCU\..\Run: [PcSync] C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [BitTorrent] "C:\Programmi\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmi\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra button: Script Checker - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programmi\Kaspersky Lab\AVP6\scieplugin.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O12 - Plugin for .mp3: C:\Programmi\Internet Explorer\PLUGINS\npqtplugin3.dll
O12 - Plugin for .tif: C:\Programmi\Internet Explorer\PLUGINS\npqtplugin5.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/par...an_unicode.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab56986.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://bettodesti.spaces.msn.com//Ph...d/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} - http://locator1.cdn.imagesrvr.com/si...Install_it.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary...o.cab47946.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: rpcc - C:\WINDOWS\system32\rpcc.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVP - Kaspersky Lab - C:\Programmi\Kaspersky Lab\AVP6\avp.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe

[wizard1993]

disattiva il system restore
http://www.sicurezzainrete.com/disab...em_restore.htm

allora esegui questo
http://www.megalab.it/articoli.php?id=943

e segui questa discussione
http://www.hwupgrade.it/forum/showthread.php?t=1271721

poi fai una scan online con l'f-secure; pulisci i file temporanei con ccleaner e

fixa
F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe,"c:\windows\lexmark-service.exe",
O16 - DPF: {B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} - http://locator1.cdn.imagesrvr.com/si...Install_it.cab
O20 - Winlogon Notify: rpcc - C:\WINDOWS\system32\rpcc.dll


e poi con avenger
http://www.megalab.it/articoli.php?id=946

inserisci questo script

Files to delete:
C:\WINDOWS\system32\rpcc.dll
e posta il log

[moby90]

Quote:

Originariamente inviato da wizard1993

disattiva il system restore
http://www.sicurezzainrete.com/disab...em_restore.htm

allora esegui questo
http://www.megalab.it/articoli.php?id=943

e segui questa discussione
http://www.hwupgrade.it/forum/showthread.php?t=1271721

poi fai una scan online con l'f-secure; pulisci i file temporanei con ccleaner e

fixa
F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe,"c:\windows\lexmark-service.exe",
O16 - DPF: {B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} - http://locator1.cdn.imagesrvr.com/si...Install_it.cab
O20 - Winlogon Notify: rpcc - C:\WINDOWS\system32\rpcc.dll


e poi con avenger
http://www.megalab.it/articoli.php?id=946

inserisci questo script

Files to delete:
C:\WINDOWS\system32\rpcc.dll
e posta il log

allo i 2 link di megalab nn mi prendono...cmq il system restore l'ho disabilitato la scansione x il groomozon l'ho ftt e nn mi ha trovato nnt...poi i file temporanei li ho eliminati...stavo facendo la scansione cn f-secure ma ad un certo punto c'è stato un errore del sistema...ke mi ha ftt riavviare il computer...devo riprovarci a farla sempre cn f-secure?!?! infine avenger l'ho scaricato ma nn ho capito quella striscia dove devo inserirla....

[wizard1993]

Quote:

Originariamente inviato da moby90

allo i 2 link di megalab nn mi prendono...cmq il system restore l'ho disabilitato la scansione x il groomozon l'ho ftt e nn mi ha trovato nnt...poi i file temporanei li ho eliminati...stavo facendo la scansione cn f-secure ma ad un certo punto c'è stato un errore del sistema...ke mi ha ftt riavviare il computer...devo riprovarci a farla sempre cn f-secure?!?! infine avenger l'ho scaricato ma nn ho capito quella striscia dove devo inserirla....

ora megalab rifunziona; inserisci lo script

[moby90]

Quote:

Originariamente inviato da wizard1993

ora megalab rifunziona; inserisci lo script

allo io ho letto quell'articolo e ho visto se il mio computer era affetto da quel rootkit ma nn l'ho trovato...sempre seguendo quell'articolo ho ftt la scansione cn gmer...ma nn ho capito ti devo postare il log di gmer...di f-secure(ke però cm ti ho detto ieri mi provoca quell'errore...) o di hiackthis visto ke mi hai parlato di fixare...e poi mi potresti dire cm posso fare ad inserire quello script su avenger...visto ke nn ho capito cm fare...grz..scusa se ti sto assillando...

[wizard1993]

Quote:

Originariamente inviato da moby90

allo io ho letto quell'articolo e ho visto se il mio computer era affetto da quel rootkit ma nn l'ho trovato...sempre seguendo quell'articolo ho ftt la scansione cn gmer...ma nn ho capito ti devo postare il log di gmer...di f-secure(ke però cm ti ho detto ieri mi provoca quell'errore...) o di hiackthis visto ke mi hai parlato di fixare...e poi mi potresti dire cm posso fare ad inserire quello script su avenger...visto ke nn ho capito cm fare...grz..scusa se ti sto assillando...

da l'articolo su megalab, ci sono le istruzioni; comunque meti una spunta su insert manually script o qualcosa del genere ( la terza opzione) clicca sulla lente di ingrandimento incolli lo script sopra citato e premi sul semaforo e poi premi sempre si; alla fine il computer ti si riavvia e alla fine ti si apre un log che mi posterai

[moby90]

Quote:

Originariamente inviato da wizard1993

da l'articolo su megalab, ci sono le istruzioni; comunque meti una spunta su insert manually script o qualcosa del genere ( la terza opzione) clicca sulla lente di ingrandimento incolli lo script sopra citato e premi sul semaforo e poi premi sempre si; alla fine il computer ti si riavvia e alla fine ti si apre un log che mi posterai

ecco...

Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\qbuehhwu

*******************

Script file located at: \??\C:\Program Files\bbthaemy.txt
Script file opened successfully.

Script file read successfully

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

File C:\WINDOWS\system32\rpcc.dll deleted successfully.

Completed script processing.

*******************

Finished! Terminate.

[wizard1993]

ancora problemi?

[moby90]

Quote:

Originariamente inviato da wizard1993

ancora problemi?

il problema principale ke avevo è ke in continuazione si apriva una finestra di errore di internet explorer...e quando andavo a vedere i dettagli dell'errore riguardava un certo kernel32.dll...e purtroppo il problema c'è ancora...

[wizard1993]

Quote:

Originariamente inviato da moby90

il problema principale ke avevo è ke in continuazione si apriva una finestra di errore di internet explorer...e quando andavo a vedere i dettagli dell'errore riguardava un certo kernel32.dll...e purtroppo il problema c'è ancora...

se hai il cd di windows insersiclo nel lettore e esegui il comando sfc /scannow

[moby90]

Quote:

Originariamente inviato da wizard1993

se hai il cd di windows insersiclo nel lettore e esegui il comando sfc /scannow

ehm...nn ce l'ho...cm posso fare?!?

[wizard1993]

Quote:

Originariamente inviato da moby90

ehm...nn ce l'ho...cm posso fare?!?

fai una scan online con l'f-secure e una con panda antirootkit

[moby90]

Quote:

Originariamente inviato da wizard1993

fai una scan online con l'f-secure e una con panda antirootkit

facendo lo scan cn panda mi ha trovato qst rootkit
C:\WINDOWS\system32\poof
C:\WINDOWS\system32\koos.exe
C:\WINDOWS\system32\lzx32.sys
C:\WINDOWS\system32\drivers\sptd.sys:KAVICHS
C:\WINDOWS\system32\drivers\sptd1645.sys:KAVICHS
C:\WINDOWS\winhp32.exe
C:\WINDOWS\winhp32.exe
C:\WINDOWS\system32\kprof

cn f-secure nn riesco proprio a farlo lo scan...se lo faccio cn kasperky online cambia qualcosa...? se no dp ti posto il risultato...

[wizard1993]

usa questo fix e posta il log
http://www.uploads.ejvindh.net/rustbfix.exe