Valutazione 4.87/ 5 (100.00%) 5838 voti

Condividi:        

Dialer!

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: kadosh, Luke57

Dialer!

Postdi Douglas » 10/08/06 16:56

ciao a tutti! :P
sono nuovo e tanto per chiarirci non sono per niente pratico in materia di computer :eeh:
ok veniamo al problema:
dopo aver fatto una bella scansione antivirus con avast e altri software celebri, non sono riuscito ad eliminare dal mio pc questo trojano che kaspersky on line mi segnala insistentemente "Trojan.Win32.Dialer.fg".
Ho scaricato tra le altre cose il programma Virit che nel suo vocabolario ha elencato questo virus, ma niente non lo elimina affatto.

Vi riporto il mio logfile per agevolarvi nella discussione:

Logfile of HijackThis v1.99.1
Scan saved at 17.54.24, on 10/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\Programmi\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\system32\svchost.exe
C:\VEXPLITE\viritsvc.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\sistray.EXE
C:\WINDOWS\system32\keyhook.exe
C:\Programmi\Java\jre1.5.0_02\bin\jusched.exe
C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
C:\Programmi\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe
C:\VEXPLITE\MONLITE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\DOCUME~1\Admin\IMPOST~1\Temp\Directory temporanea 1 per hijackthis.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.libero.it/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programmi\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SiS Tray] C:\WINDOWS\system32\sistray.EXE
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MsgCenterExe] "C:\Programmi\File comuni\Real\Update_OB\RealOneMessageCenter.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [RemoteControl] C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [OpwareSE2] "C:\Programmi\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [VIRIT LITE MONITOR] C:\VEXPLITE\MONLITE.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O8 - Extra context menu item: &Google Search - res://c:\programmi\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\programmi\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Aggiungi all'elenco di stampa Easy-WebPrint - res://C:\Programmi\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Anteprima Easy-WebPrint - res://C:\Programmi\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Backward Links - res://c:\programmi\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\programmi\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\programmi\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Stampa ad alta velocità Easy-WebPrint - res://C:\Programmi\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Stampa Easy-WebPrint - res://C:\Programmi\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Translate Page into English - res://c:\programmi\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partne ... nicode.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1476B356-16DA-4278-8FA0-4B2F688A8F09}: NameServer = 193.70.152.15,193.70.152.25
O17 - HKLM\System\CS1\Services\Tcpip\..\{1476B356-16DA-4278-8FA0-4B2F688A8F09}: NameServer = 193.70.152.15,193.70.152.25
O17 - HKLM\System\CS2\Services\Tcpip\..\{1476B356-16DA-4278-8FA0-4B2F688A8F09}: NameServer = 193.70.152.15,193.70.152.25
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Programmi\ewido anti-spyware 4.0\guard.exe
O23 - Service: Virit eXplorer Lite (viritsvclite) - TG Soft Sas http://www.tgsoft.it - C:\VEXPLITE\viritsvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Douglas
Utente Junior
 
Post: 11
Iscritto il: 10/08/06 10:04

Sponsor
 

Postdi andorra24 » 10/08/06 17:07

Ciao, il tuo log e' pulitissimo e non si vede nessun trojan.dialer.
Puo' anche darsi che il kaspersky online sia incappato in un falso positivo. Hai guardato il resoconto a fine scansione? Hai visto di che file si tratta e in che directory si trova?
andorra24
Utente Senior
 
Post: 2742
Iscritto il: 21/05/06 15:44
Località: Palermo

Postdi Douglas » 11/08/06 12:06

Sono riuscito a salvare il report:

Total number of scanned objects 36366
Number of viruses found 1
Number of infected objects 237 / 0
Number of suspicious objects 0

C:\Documents and Settings\Admin\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\Admin\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Admin\Impostazioni locali\Cronologia\History.IE5\MSHist012006080220060803\index.dat Object is locked skipped

C:\Documents and Settings\Admin\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\Admin\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\Admin\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Admin\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\Admin\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\All Users\Dati applicazioni\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped

C:\Documents and Settings\All Users\Dati applicazioni\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped

C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped

C:\Programmi\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped

C:\Programmi\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped

C:\Programmi\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped

C:\Programmi\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped

C:\Programmi\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped

C:\Programmi\Alwil Software\Avast4\DATA\report\Protezione residente.txt Object is locked skipped

C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

C:\System Volume Information\_restore{9CCB409A-A5C7-4DA0-8A7E-61A07B56F585}\RP340\change.log Object is locked skipped

C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

C:\WINDOWS\Internet Logs\fwdbglog.txt Object is locked skipped

C:\WINDOWS\Internet Logs\fwpktlog.txt Object is locked skipped

C:\WINDOWS\Internet Logs\IAMDB.RDB Object is locked skipped

C:\WINDOWS\Internet Logs\tvDebug.log Object is locked skipped

C:\WINDOWS\Internet Logs\Y-772B71DD65F54.ldb Object is locked skipped

C:\WINDOWS\SchedLgU.Txt Object is locked skipped

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

C:\WINDOWS\Sti_Trace.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped

C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\default Object is locked skipped

C:\WINDOWS\system32\config\default.LOG Object is locked skipped

C:\WINDOWS\system32\config\SAM Object is locked skipped

C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SECURITY Object is locked skipped

C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

C:\WINDOWS\system32\config\software Object is locked skipped

C:\WINDOWS\system32\config\software.LOG Object is locked skipped

C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\system Object is locked skipped

C:\WINDOWS\system32\config\system.LOG Object is locked skipped

C:\WINDOWS\system32\h323log.txt Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped

C:\WINDOWS\Temp\Perflib_Perfdata_538.dat Object is locked skipped

C:\WINDOWS\Temp\ZLT03ab8.TMP Object is locked skipped

C:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped

C:\WINDOWS\wiadebug.log Object is locked skipped

C:\WINDOWS\wiaservc.log Object is locked skipped

C:\WINDOWS\WindowsUpdate.log Object is locked skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4616.CAB/A0349932.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4616.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4620.CAB/A0349937.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4620.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4629.CAB/A0350142.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4629.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4634.CAB/A0350173.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4634.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4646.CAB/A0350671.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4646.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4660.CAB/A0350810.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4660.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4668.CAB/A0351955.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4668.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4685.CAB/A0354182.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4685.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4686.CAB/A0354186.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4686.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4691.CAB/A0354316.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4691.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4694.CAB/A0354352.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4694.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4699.CAB/A0354482.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4699.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4703.CAB/A0354496.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4703.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4704.CAB/A0354504.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4704.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4709.CAB/A0355541.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4709.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4712.CAB/A0355568.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4712.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4724.CAB/A0357708.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4724.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4731.CAB/A0357820.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4731.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4735.CAB/A0357833.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4735.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4738.CAB/A0357841.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4738.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4744.CAB/A0357856.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4744.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4751.CAB/A0357969.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4751.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4754.CAB/A0357974.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4754.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4756.CAB/A0358005.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4756.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4767.CAB/A0360125.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4767.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4776.CAB/A0362138.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4776.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4778.CAB/A0362157.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4778.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4779.CAB/A0362161.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4779.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4780.CAB/A0362168.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4780.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4783.CAB/A0362173.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4783.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4785.CAB/A0362269.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4785.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4786.CAB/A0363270.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4786.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4789.CAB/A0363275.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4789.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4790.CAB/A0363279.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4790.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4792.CAB/A0363364.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4792.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4800.CAB/A0363380.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4800.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4802.CAB/A0363385.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4802.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4807.CAB/A0363395.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4807.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4809.CAB/A0363400.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4809.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4812.CAB/A0363406.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4812.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4814.CAB/A0363507.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4814.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4815.CAB/A0363616.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4815.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4817.CAB/A0363624.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4817.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4819.CAB/A0364630.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4819.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4822.CAB/A0364635.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4822.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4824.CAB/A0364639.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4824.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4826.CAB/A0364643.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4826.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4828.CAB/A0364651.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4828.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4832.CAB/A0364669.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4832.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4838.CAB/A0365751.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4838.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4842.CAB/A0365758.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4842.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4844.CAB/A0365762.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4844.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4850.CAB/A0365773.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4850.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4852.CAB/A0365778.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4852.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4854.CAB/A0365964.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4854.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4857.CAB/A0365969.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4857.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4863.CAB/A0365996.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4863.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4867.CAB/A0366015.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4867.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4869.CAB/A0366020.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4869.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4871.CAB/A0366024.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4871.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4876.CAB/A0366125.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4876.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4879.CAB/A0366133.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4879.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4881.CAB/A0366139.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4881.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4884.CAB/A0366144.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4884.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4889.CAB/A0366158.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4889.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4895.CAB/A0367168.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4895.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4897.CAB/A0367172.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4897.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4899.CAB/A0367179.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4899.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4901.CAB/A0367275.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4901.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4904.CAB/A0367283.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4904.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4905.CAB/A0367325.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4905.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4907.CAB/A0367334.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4907.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4913.CAB/A0367456.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4913.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4925.CAB/A0368661.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4925.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4926.CAB/A0368665.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4926.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4928.CAB/A0368669.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4928.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4929.CAB/A0368673.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4929.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4930.CAB/A0368677.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4930.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4933.CAB/A0368778.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4933.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4937.CAB/A0368783.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4937.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4940.CAB/A0368799.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4940.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4942.CAB/A0369802.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4942.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4944.CAB/A0369845.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4944.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4947.CAB/A0370868.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4947.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4955.CAB/A0371876.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4955.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4956.CAB/A0371880.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4956.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4958.CAB/A0371981.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4958.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4959.CAB/A0371995.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4959.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4960.CAB/A0372091.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4960.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4963.CAB/A0372096.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4963.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4965.CAB/A0372204.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4965.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4969.CAB/A0373230.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4969.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4971.CAB/A0373242.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4971.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4973.CAB/A0373246.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4973.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4975.CAB/A0373254.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4975.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4977.CAB/A0373263.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4977.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4978.CAB/A0373267.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4978.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4982.CAB/A0374279.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4982.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4988.CAB/A0374291.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4988.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4989.CAB/A0374295.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4989.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4990.CAB/A0374302.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4990.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4993.CAB/A0374307.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4993.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4997.CAB/A0375339.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4997.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4998.CAB/A0375343.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS4998.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS5001.CAB/A0375460.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS5001.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS5004.CAB/A0375470.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS5004.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS5008.CAB/A0375481.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS5008.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS5009.CAB/A0375490.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS5009.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS5012.CAB/A0375499.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS5012.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\ARCHIVE\FS5016.CAB/A0375510.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\ARCHIVE\FS5016.CAB CAB: infected - 1 skipped

G:\Dati F\_RESTORE\TEMP\A0350191.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\TEMP\A0354178.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\TEMP\A0357816.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\TEMP\A0357871.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\TEMP\A0360025.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\TEMP\A0365874.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\TEMP\A0365959.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\TEMP\A0366004.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\TEMP\A0367330.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\TEMP\A0367557.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\TEMP\A0368774.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\TEMP\A0372006.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\TEMP\A0374313.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\TEMP\A0374372.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\TEMP\A0375444.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\TEMP\A0375448.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\Dati F\_RESTORE\TEMP\A0375495.CPY Infected: Trojan.Win32.Dialer.fg skipped

G:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

G:\System Volume Information\_restore{9CCB409A-A5C7-4DA0-8A7E-61A07B56F585}\RP340\change.log Object is locked skipped
Douglas
Utente Junior
 
Post: 11
Iscritto il: 10/08/06 10:04

Postdi andorra24 » 11/08/06 12:14

Disattiva il ripristino di sistema e dopo riprova a fare la scansione. Se non sai come disattivare il ripristino fai cosi:
http://service1.symantec.com/SUPPORT/IN ... 3151930924
andorra24
Utente Senior
 
Post: 2742
Iscritto il: 21/05/06 15:44
Località: Palermo

Postdi Douglas » 11/08/06 13:38

fatto...il risultato purtroppo è identico :(
Douglas
Utente Junior
 
Post: 11
Iscritto il: 10/08/06 10:04

Postdi andorra24 » 11/08/06 14:21

Questo presunto trojan.dialer che ti trova il kaspersky sembra che si trovi in questo percorso G:\Dati F\_RESTORE\ARCHIVE\ e in questo G:\Dati F\_RESTORE\TEMP\. Visualizza cartelle e file nascosti e togli la spunta da ''nascondi i file protetti di sistema (consigliato)'' e segui il percorso indicato dal kaspersky e prova ad eliminare quei files manualmente.
andorra24
Utente Senior
 
Post: 2742
Iscritto il: 21/05/06 15:44
Località: Palermo

Postdi Douglas » 11/08/06 15:43

Ho eliminato manualmente quasi tutti i dati della cartella “Dati F”.
Be’ i file infetti sono diminuiti da 237 a 228, un piccolo passo avanti.
Però, stavo pensando: potrei eliminare totalmente la cartella in Dati F che adesso visualizzo come “Restore” (prima era nascosta!), fai conto che “G” è il mio secondo hd e mi è servito per fare una copia dei dati del mio vecchio pc quando fu formattato (addirittura).
Sai cosa, ho notato che il trojano è rilavato quasi subito da Kasper prima in “C” e la cosa che non capisco è che quando ho effettuato le scansioni on line, provai anche quella della “Trend Micro” nella speranza mi facesse eliminare il virus già rilavato da Kasper.
Invece questo trojano, si è andato ad insidiare anche nel software “house call” della Trend (per effettuare la scansione on line appunto!). Spero di essermi spiegato, è come se avesse trovato terreno fertile.
Noto che Kasper quando visiona il file “house call” mi rileva il virus! La cosa anomala è che se vado in installazioni-applicazioni, non trovo più sto software della Trend (vorrei disinstallarlo).
Poi non capisco una cosa (tra le tante), se veramente è un dialer perché non si è mai azionato per funzionare e cambiarmi connessione (?), misteri informatici…
Douglas
Utente Junior
 
Post: 11
Iscritto il: 10/08/06 10:04

Postdi andorra24 » 11/08/06 15:55

Non ci sono molte alternative, quei files o li elimini manualmente ad uno ad uno con tanta pazienza oppure li elimini in blocco.
Per disinstallare housecall dovresti cercare in questo percorso
C:\WINDOWS\Downloaded Program Files\
poi in C:\WINDOWS controlla se c'e' una cartella housecall.
andorra24
Utente Senior
 
Post: 2742
Iscritto il: 21/05/06 15:44
Località: Palermo

Postdi Douglas » 11/08/06 16:59

ci siamo ci siamo...vicinissimi alla soluzione!
rimane il virus, ma solo in 12 file!! se non avessi fatto la scansione con l'altro antivirus ce l'avremmo fatta capperi, non riesco a trovare quel cavolo di software maledetto house call.

Scan Statistics
Total number of scanned objects 32590
Number of viruses found 1
Number of infected objects 12 / 0
Number of suspicious objects 0
Duration of the scan process 00:36:08

Infected Object Name Virus Name Last Action
C:\Documents and Settings\Admin\.housecall\Quarantine\FS5008.CAB.bac_a03820/A0375481.CPY Infected: Trojan.Win32.Dialer.fg skipped

C:\Documents and Settings\Admin\.housecall\Quarantine\FS5008.CAB.bac_a03820 CAB: infected - 1 skipped

C:\Documents and Settings\Admin\.housecall\Quarantine\FS5008.CAB.bac_a03820 CryptFF.b: infected - 1 skipped

C:\Documents and Settings\Admin\.housecall\Quarantine\FS5008.CAⶰᗃ.bac_a03820/A0375481.CPY Infected: Trojan.Win32.Dialer.fg skipped

C:\Documents and Settings\Admin\.housecall\Quarantine\FS5008.CAⶰᗃ.bac_a03820 CAB: infected - 1 skipped

C:\Documents and Settings\Admin\.housecall\Quarantine\FS5008.CAⶰᗃ.bac_a03820 CryptFF.b: infected - 1 skipped

C:\Documents and Settings\Admin\.housecall\Quarantine\FS5012.CAB.bac_a03820/A0375499.CPY Infected: Trojan.Win32.Dialer.fg skipped

C:\Documents and Settings\Admin\.housecall\Quarantine\FS5012.CAB.bac_a03820 CAB: infected - 1 skipped

C:\Documents and Settings\Admin\.housecall\Quarantine\FS5012.CAB.bac_a03820 CryptFF.b: infected - 1 skipped

C:\Documents and Settings\Admin\.housecall\Quarantine\FS5012.CA궀ᖻ.bac_a03820/A0375499.CPY Infected: Trojan.Win32.Dialer.fg skipped

C:\Documents and Settings\Admin\.housecall\Quarantine\FS5012.CA궀ᖻ.bac_a03820 CAB: infected - 1 skipped

C:\Documents and Settings\Admin\.housecall\Quarantine\FS5012.CA궀ᖻ.bac_a03820 CryptFF.b: infected - 1 skipped

C:\Documents and Settings\Admin\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\Admin\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Admin\Impostazioni locali\Cronologia\History.IE5\MSHist012006081120060812\index.dat Object is locked skipped

C:\Documents and Settings\Admin\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\Admin\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\Admin\Impostazioni locali\Temp\fla23C6.tmp Object is locked skipped

C:\Documents and Settings\Admin\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Admin\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\Admin\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\Admin\UserData\index.dat Object is locked skipped

C:\Documents and Settings\All Users\Dati applicazioni\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped

C:\Documents and Settings\All Users\Dati applicazioni\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped

C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped

C:\Programmi\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped

C:\Programmi\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped

C:\Programmi\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped

C:\Programmi\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped

C:\Programmi\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped

C:\Programmi\Alwil Software\Avast4\DATA\report\Protezione residente.txt Object is locked skipped

C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

C:\VEXPLITE\Admin\reg.dat Object is locked skipped

C:\VEXPLITE\reg_ecc.dat Object is locked skipped

C:\VEXPLITE\VIRITMON.LOG Object is locked skipped

C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

C:\WINDOWS\Internet Logs\fwdbglog.txt Object is locked skipped

C:\WINDOWS\Internet Logs\fwpktlog.txt Object is locked skipped

C:\WINDOWS\Internet Logs\IAMDB.RDB Object is locked skipped

C:\WINDOWS\Internet Logs\tvDebug.log Object is locked skipped

C:\WINDOWS\Internet Logs\Y-772B71DD65F54.ldb Object is locked skipped

C:\WINDOWS\SchedLgU.Txt Object is locked skipped

C:\WINDOWS\SoftwareDistribution\EventCache\{8C6A6CEA-B2F9-4DC5-BB08-1E1EFD32A450}.bin Object is locked skipped

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

C:\WINDOWS\Sti_Trace.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\edbtmp.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped

C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\default Object is locked skipped

C:\WINDOWS\system32\config\default.LOG Object is locked skipped

C:\WINDOWS\system32\config\Paramete.evt Object is locked skipped

C:\WINDOWS\system32\config\SAM Object is locked skipped

C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SECURITY Object is locked skipped

C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

C:\WINDOWS\system32\config\software Object is locked skipped

C:\WINDOWS\system32\config\software.LOG Object is locked skipped

C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\system Object is locked skipped

C:\WINDOWS\system32\config\system.LOG Object is locked skipped

C:\WINDOWS\system32\h323log.txt Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped

C:\WINDOWS\Temp\Perflib_Perfdata_524.dat Object is locked skipped

C:\WINDOWS\Temp\ZLT05ef1.TMP Object is locked skipped

C:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped

C:\WINDOWS\wiadebug.log Object is locked skipped

C:\WINDOWS\wiaservc.log Object is locked skipped

C:\WINDOWS\WindowsUpdate.log Object is locked skipped

G:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

Scan process completed.
Douglas
Utente Junior
 
Post: 11
Iscritto il: 10/08/06 10:04

Postdi andorra24 » 11/08/06 17:03

Ah quei files sono nella cartella quarantena di housecall. Cerchiamo nel percorso indicato dal kaspersky e sbarazziamocene. Vai su start/risorse del computer/strumenti/opzioni cartella/visualizzazione e metti la spunta su visualizza cartelle file nascosti. Adesso segui il percorso che ti indica il kaspersky:

C:\Documents and Settings\Admin\.housecall\Quarantine
andorra24
Utente Senior
 
Post: 2742
Iscritto il: 21/05/06 15:44
Località: Palermo

Postdi Douglas » 11/08/06 17:04

trovato trovato, ho timore a eliminare la cartella non è che è un file di sistema? non vorrei cappellare
Douglas
Utente Junior
 
Post: 11
Iscritto il: 10/08/06 10:04

Postdi andorra24 » 11/08/06 17:06

Douglas ha scritto:trovato trovato, ho timore a eliminare la cartella non è che è un file di sistema? non vorrei cappellare

Hai trovato la cartella ''Quarantine'' di Housecall? Non e' una cartella di sistema. Puoi eliminare tranquillamente il suo contenuto.
andorra24
Utente Senior
 
Post: 2742
Iscritto il: 21/05/06 15:44
Località: Palermo

Postdi Douglas » 11/08/06 17:08

che goduria!! non sai quanta :D :D :D
operazione finale anzi finalissima: rifaccio l'ultima scansione...calcio di rigore...ci vuole un pò di tempo...
Douglas
Utente Junior
 
Post: 11
Iscritto il: 10/08/06 10:04

Postdi andorra24 » 11/08/06 17:10

Douglas ha scritto:che goduria!! non sai quanta :D :D :D
operazione finale anzi finalissima: rifaccio l'ultima scansione...calcio di rigore...ci vuole un pò di tempo...

Prima di fare la scansione svuota il cestino, non vorrei che poi kaspersky durante la scansione trovasse quei files nel cestino. :lol:
andorra24
Utente Senior
 
Post: 2742
Iscritto il: 21/05/06 15:44
Località: Palermo

Postdi Douglas » 11/08/06 18:47

Presente la canzoncina di braccio di ferro quando mangia gli spinaci? Ecco è la mia colonna sonora in questo momento perché il bastardissimo è stato segato a mezzo!!!! Pensa te, per evitare di essere seccato…dove si va a riprodurre? nel software di un altro antivirus!!!!! Che soddisfazione, grazie grazie un mucchio! ora il forum non lo mollo mica più, che credi hehehe
Douglas
Utente Junior
 
Post: 11
Iscritto il: 10/08/06 10:04

Postdi andorra24 » 11/08/06 19:10

Bene, mi fa molto piacere. ;)
andorra24
Utente Senior
 
Post: 2742
Iscritto il: 21/05/06 15:44
Località: Palermo

Cartelle .housecall

Postdi Puppybarf » 16/02/07 10:03

Scusate se mi accodo alla discussione... cercando un po' di files da eliminare manualmente per recuperare un po' di spazio su C:, mi sono imbattuto in una cartella .housecall e un'altra .housecall6.6; come mai ce ne sono 2 (comunque, eliminando soltanto i contenuti delle due sottocartelle "Quarantine" ho recuperato oltre 3 GB :eeh: )?
WinXP SP3 - ASUS P5K - Intel Core2 Quad Q6600 @2.40GHz - A-Data DDR2-800 4GB - Maxtor STM3320613AS 320GB S-ATA - LG GSA-H42N - PHILIPS SPD6002T - Video Gainward 9500GT 1GB - Capture Pinnacle 700-PCI - Audio Realtek HD Output
Avatar utente
Puppybarf
Utente Junior
 
Post: 10
Iscritto il: 22/03/05 20:54
Località: Benevento

Re: Cartelle .housecall

Postdi andorra24 » 16/02/07 10:22

Puppybarf ha scritto:Scusate se mi accodo alla discussione... cercando un po' di files da eliminare manualmente per recuperare un po' di spazio su C:, mi sono imbattuto in una cartella .housecall e un'altra .housecall6.6; come mai ce ne sono 2 (comunque, eliminando soltanto i contenuti delle due sottocartelle "Quarantine" ho recuperato oltre 3 GB :eeh: )?

Housecall è la scansione antivirus online della TrendMicro.
andorra24
Utente Senior
 
Post: 2742
Iscritto il: 21/05/06 15:44
Località: Palermo

Postdi Puppybarf » 16/02/07 10:56

Lo so, quello che non capisco è perché ci siano ben 2 cartelle apparentemente uguali (a parte il nome leggermente diverso) entrambe relative a quel servizio.
WinXP SP3 - ASUS P5K - Intel Core2 Quad Q6600 @2.40GHz - A-Data DDR2-800 4GB - Maxtor STM3320613AS 320GB S-ATA - LG GSA-H42N - PHILIPS SPD6002T - Video Gainward 9500GT 1GB - Capture Pinnacle 700-PCI - Audio Realtek HD Output
Avatar utente
Puppybarf
Utente Junior
 
Post: 10
Iscritto il: 22/03/05 20:54
Località: Benevento

Postdi andorra24 » 16/02/07 11:12

Non mi sembra un problema...sono entrambe relative a trendmicro...se fai spesso scansioni online con Housecall lasciale stare al loro posto.
andorra24
Utente Senior
 
Post: 2742
Iscritto il: 21/05/06 15:44
Località: Palermo

Prossimo

Torna a Sicurezza e Privacy


Topic correlati a "Dialer!":

Dialer, virus vari
Autore: zena
Forum: Sicurezza e Privacy
Risposte: 4
Probabile dialer
Autore: prof2000
Forum: Sicurezza e Privacy
Risposte: 5

Chi c’è in linea

Visitano il forum: Nessuno e 1 ospite