Valutazione 4.87/ 5 (100.00%) 5838 voti

Condividi:        

small bez

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: kadosh, Luke57

Postdi alemao » 23/08/06 13:53

un'ultima cosa andorra...
il computer all'improvviso si spegne a causa di un errore grave che fa riferimento alla cartella Minidump...sapresti dirmi di cosa si tratta??? ciao e grazie per tutto...questo è il log di hijackthis me lo controlli? grazie
alemao
Utente Junior
 
Post: 88
Iscritto il: 16/08/06 11:18

Sponsor
 

Postdi andorra24 » 23/08/06 14:03

alemao ha scritto:un'ultima cosa andorra...
il computer all'improvviso si spegne a causa di un errore grave che fa riferimento alla cartella Minidump...sapresti dirmi di cosa si tratta???

mmmm non e' un buon segno. Temo che potrebbe essere un problema hardware a farti spegnere il pc in quel modo. Per le problematiche hardware rivolgiti alla sezione ''Assistenza hardware''.

alemao ha scritto:questo è il log di hijackthis me lo controlli? grazie

Si mandalo.
andorra24
Utente Senior
 
Post: 2742
Iscritto il: 21/05/06 15:44
Località: Palermo

Postdi alemao » 23/08/06 14:21

Logfile of HijackThis v1.99.1
Scan saved at 15.20.41, on 23/08/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
C:\Programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmi\Ahead\InCD\InCD.exe
C:\WINDOWS\System32\rundll32.exe
C:\Programmi\QuickTime\qttask.exe
C:\Programmi\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe
C:\Programmi\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Programmi\Kodak\Kodak EasyShare Software\bin\EasyShare.exe
C:\Programmi\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Programmi\WinZip\WZQKPICK.EXE
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\creative.exe
C:\WINDOWS\System32\msiexec.exe
C:\Programmi\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\PROGRA~1\WINZIP\winzip32.exe
C:\Documents and Settings\Oliva Alessio\Impostazioni locali\Temp\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.virgilio.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://gw.aliceadsl.it/home
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fornito da Alice
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
F2 - REG:system.ini: Shell=Explorer.exe creative.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\userinit.exe,creative.exe
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programmi\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [InCD] C:\Programmi\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Controllo del Calendario di Ulead Photo Express] C:\Programmi\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Programmi\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
O4 - HKLM\..\RunServices: [Ms Java for Windows NT] msijavaup32.exe
O4 - HKLM\..\RunServices: [Creative Audio Drivers] creative.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmi\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\RunServices: [Creative Audio Drivers] creative.exe
O4 - HKCU\..\RunServices: [Ms Java for Windows NT] msijavaup32.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Programmi\Kodak\Kodak EasyShare Software\bin\EasyShare.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Programmi\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programmi\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Google Search - res://c:\programmi\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\programmi\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\programmi\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\programmi\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\programmi\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\programmi\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Alice - {BDE8DE80-DF59-4B58-9025-7649445CF9F1} - http://gw.aliceadsl.it/alice (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://gw.aliceadsl.it/home
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan ... asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMe ... loader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{180E4D09-3205-48F0-B772-FC22F599323D}: NameServer = 85.37.17.11 85.38.28.69
O17 - HKLM\System\CS1\Services\Tcpip\..\{180E4D09-3205-48F0-B772-FC22F599323D}: NameServer = 85.37.17.11 85.38.28.69
O20 - Winlogon Notify: SASWinLogon - C:\Programmi\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe
alemao
Utente Junior
 
Post: 88
Iscritto il: 16/08/06 11:18

Postdi andorra24 » 23/08/06 14:37

Ma perche' non riesci ad eliminare questi files? Sono ancora presenti nel log. Sicuramente sbagli qualcosa.
Apri hijackthis, premi su ''open the misc tools section'', poi premi ''open process manager'', individua la voce indicata sotto e premi ''kill process'':

C:\WINDOWS\System32\creative.exe

Poi vai in basso e premi il tasto back e subito dopo il tasto scan. Metti la spunta nella casellina accanto alle voci indicate sotto e premi ''fix checked'' :

F2 - REG:system.ini: Shell=Explorer.exe creative.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\userinit.exe,creative.exe
O4 - HKLM\..\RunServices: [Ms Java for Windows NT] msijavaup32.exe
O4 - HKLM\..\RunServices: [Creative Audio Drivers] creative.exe
O4 - HKCU\..\RunServices: [Creative Audio Drivers] creative.exe
O4 - HKCU\..\RunServices: [Ms Java for Windows NT] msijavaup32.exe

Vai su start/risorse del computer/strumenti/opzioni cartella/visualizzazione e metti la spunta su visualizza cartelle file nascosti e togli la spunta da ''nascondi i file protetti di sistema''.

Scarica delete doctor da qua:
http://www.megalab.it/articoli.php?id=652
Con delete doctor elimina i seguenti files:
C:\WINDOWS\System32\creative.exe
C:\WINDOWS\System32\msijavaup32.exe

Se le operazioni non riescono in modalita' normale riprova in modalita' provvisoria.
andorra24
Utente Senior
 
Post: 2742
Iscritto il: 21/05/06 15:44
Località: Palermo

Postdi alemao » 23/08/06 14:40

che vuol dire modalità provvisoria?
alemao
Utente Junior
 
Post: 88
Iscritto il: 16/08/06 11:18

Postdi andorra24 » 23/08/06 14:45

alemao ha scritto:che vuol dire modalità provvisoria?

Non sei mai andato in modalita' provvisoria? Per andare in modalita' provvisoria segui le indicazioni del link:
http://service1.symantec.com/SUPPORT/IN ... 2090503924

Comunque prima riprova tutte le operazioni in modalita' normale e poi al limite te ne vai in provvisoria a ripetere le operazioni.
andorra24
Utente Senior
 
Post: 2742
Iscritto il: 21/05/06 15:44
Località: Palermo

Postdi alemao » 24/08/06 11:11

l'antivirus mi rileva la presenza di altri due virus....uno si chiama recycler l'altro dsmartload.exe...che faccio?
alemao
Utente Junior
 
Post: 88
Iscritto il: 16/08/06 11:18

Postdi andorra24 » 24/08/06 11:53

alemao ha scritto:l'antivirus mi rileva la presenza di altri due virus....uno si chiama recycler l'altro dsmartload.exe...che faccio?

Ma recycler sei sicuro che non sia il cestino? Svuota il cestino ed elimina il suo contenuto. Comunque fai eliminare all'antivirus tutte le infezioni che trova.
andorra24
Utente Senior
 
Post: 2742
Iscritto il: 21/05/06 15:44
Località: Palermo

Postdi alemao » 24/08/06 12:16

no è una cartella nascosta...che mi è comparsa dopo la spunta delle voci che ho fatto... e che comunque non si elimina anche se avast me la rileva...
alemao
Utente Junior
 
Post: 88
Iscritto il: 16/08/06 11:18

Postdi andorra24 » 24/08/06 12:42

alemao ha scritto:no è una cartella nascosta...che mi è comparsa dopo la spunta delle voci che ho fatto... e che comunque non si elimina anche se avast me la rileva...

La cartella recycler fa parte del sistema operativo e non devi eliminarla.
Per visualizzarla devi togliere la spunta da ''nascondi i file protetti di sistema (consigliato)''. Mostrami questo messaggio di Avast in modo che possa capire meglio di cosa si tratta.
andorra24
Utente Senior
 
Post: 2742
Iscritto il: 21/05/06 15:44
Località: Palermo

Postdi alemao » 24/08/06 13:25

ecco il registro eventi di avast
alemao
Utente Junior
 
Post: 88
Iscritto il: 16/08/06 11:18

Postdi alemao » 24/08/06 13:59

24/08/2006 14.12.08 Oliva Alessio 1260 Sign of "Win32:Agent-QJ [Trj]" has been found in "C:\drsmartload.exe" file.
24/08/2006 14.05.10 Oliva Alessio 1260 Sign of "Win32:Agent-QJ [Trj]" has been found in "C:\drsmartload.exe" file.
24/08/2006 13.37.55 SYSTEM 1260 Sign of "Win32:Agent-QJ [Trj]" has been found in "C:\drsmartload.exe" file.
24/08/2006 13.11.17 SYSTEM 1260 Sign of "Win32:Agent-QJ [Trj]" has been found in "C:\drsmartload.exe" file.
24/08/2006 13.11.17 SYSTEM 1260 Sign of "Win32:Agent-QJ [Trj]" has been found in "C:\drsmartload.exe" file.
24/08/2006 12.28.58 Oliva Alessio 1252 Sign of "Win32:Agent-QJ [Trj]" has been found in "C:\drsmartload.exe" file.
24/08/2006 12.19.14 Oliva Alessio 1252 Sign of "Win32:Agent-QJ [Trj]" has been found in "C:\drsmartload.exe" file.
24/08/2006 12.06.57 Oliva Alessio 1252 Sign of "Win32:Agent-QJ [Trj]" has been found in "C:\drsmartload.exe" file.
24/08/2006 12.02.52 Oliva Alessio 1252 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\RECYCLER\S-1-5-21-1454471165-1580436667-854245398-1003\Dc19" file.
24/08/2006 12.00.54 Oliva Alessio 3492 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\Documents and Settings\Oliva Alessio\Impostazioni locali\Temp\m" file.
24/08/2006 12.00.37 Oliva Alessio 1252 An error has occured while attempting to update. Please check the logs.
24/08/2006 12.00.33 Oliva Alessio 1252 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
24/08/2006 11.58.28 Oliva Alessio 1252 Sign of "Win32:Agent-QJ [Trj]" has been found in "C:\drsmartload.exe" file.
24/08/2006 11.58.19 Oliva Alessio 1252 Sign of "Win32:Agent-QJ [Trj]" has been found in "C:\drsmartload.exe" file.
24/08/2006 11.56.58 Oliva Alessio 1252 Sign of "Win32:Agent-QJ [Trj]" has been found in "C:\Documents and Settings\Oliva Alessio\Impostazioni locali\Temporary Internet Files\Content.IE5\Z0A23VEF\loader.exe" file.
22/08/2006 23.44.58 Oliva Alessio 1368 Sign of "Win32:Agent-QJ [Trj]" has been found in "C:\drsmartload.exe" file.
22/08/2006 23.38.35 Oliva Alessio 1368 Sign of "Win32:Agent-QJ [Trj]" has been found in "C:\Documents and Settings\Oliva Alessio\Impostazioni locali\Temporary Internet Files\Content.IE5\078XPJDK\loader.exe" file.
22/08/2006 19.39.50 SYSTEM 1344 Sign of "Win32:Agent-QJ [Trj]" has been found in "C:\drsmartload.exe" file.
22/08/2006 19.39.50 SYSTEM 1344 Sign of "Win32:Agent-QJ [Trj]" has been found in "C:\drsmartload.exe" file.
22/08/2006 19.39.50 SYSTEM 1344 Sign of "Win32:Agent-QJ [Trj]" has been found in "C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\W06DXTLV\loader.exe" file.
22/08/2006 18.43.20 Oliva Alessio 1356 Sign of "Win32:Agent-QJ [Trj]" has been found in "C:\drsmartload.exe" file.
22/08/2006 18.43.02 Oliva Alessio 1356 Sign of "Win32:Agent-QJ [Trj]" has been found in "C:\drsmartload.exe" file.
22/08/2006 18.40.58 Oliva Alessio 1356 Sign of "Win32:Agent-QJ [Trj]" has been found in "C:\Documents and Settings\Oliva Alessio\Impostazioni locali\Temporary Internet Files\Content.IE5\G20F9K5K\loader.exe" file.
22/08/2006 18.28.05 SYSTEM 1356 Sign of "Win32:Agent-QJ [Trj]" has been found in "C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\W06DXTLV\loader.exe" file.
22/08/2006 18.28.05 SYSTEM 1356 Sign of "Win32:Agent-QJ [Trj]" has been found in "C:\drsmartload.exe" file.
22/08/2006 18.28.05 SYSTEM 1356 Sign of "Win32:Agent-QJ [Trj]" has been found in "C:\drsmartload.exe" file.
22/08/2006 18.15.11 Oliva Alessio 1384 Sign of "Win32:Virut-B" has been found in "C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\W06DXTLV\netapi.exe" file.
22/08/2006 18.12.42 Oliva Alessio 1384 Sign of "Win32:Virut-B" has been found in "C:\msijavaup32.exe" file.
22/08/2006 18.05.18 Oliva Alessio 1384 Sign of "Win32:Virut-B" has been found in "C:\msijavaup32.exe" file.
22/08/2006 18.05.09 Oliva Alessio 1384 Sign of "Win32:Virut-B" has been found in "C:\msijavaup32.exe" file.
22/08/2006 18.04.56 Oliva Alessio 1384 Sign of "Win32:Virut-B" has been found in "C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\W06DXTLV\netapi.exe" file.
22/08/2006 18.02.02 Oliva Alessio 1384 Sign of "Win32:Agent-QJ [Trj]" has been found in "C:\drsmartload.exe" file.
22/08/2006 18.01.53 Oliva Alessio 1384 Sign of "Win32:Agent-QJ [Trj]" has been found in "C:\drsmartload.exe" file.
22/08/2006 18.01.11 Oliva Alessio 1384 Sign of "Win32:Agent-QJ [Trj]" has been found in "C:\Documents and Settings\Oliva Alessio\Impostazioni locali\Temporary Internet Files\Content.IE5\T07Z6JKF\loader.exe" file.
22/08/2006 14.11.05 Oliva Alessio 1208 Sign of "Win32:Agent-QJ [Trj]" has been found in "C:\drsmartload.exe" file.
22/08/2006 14.10.58 Oliva Alessio 1208 Sign of "Win32:Agent-QJ [Trj]" has been found in "C:\drsmartload.exe" file.
22/08/2006 14.10.29 Oliva Alessio 1208 Sign of "Win32:Agent-QJ [Trj]" has been found in "C:\Documents and Settings\Oliva Alessio\Impostazioni locali\Temporary Internet Files\Content.IE5\T07Z6JKF\loader.exe" file.
22/08/2006 11.47.45 Oliva Alessio 1376 Sign of "Win32:Virut-B" has been found in "C:\RECYCLER\S-1-5-21-1454471165-1580436667-854245398-1003\Dc7.exe" file.
22/08/2006 11.47.24 Oliva Alessio 1376 Sign of "Win32:Agent-QJ [Trj]" has been found in "C:\RECYCLER\S-1-5-21-1454471165-1580436667-854245398-1003\Dc6.exe" file.
22/08/2006 11.42.14 Oliva Alessio 1376 Sign of "Win32:Virut-B" has been found in "C:\creative.exe" file.
22/08/2006 11.42.07 Oliva Alessio 1376 Sign of "Win32:Virut-B" has been found in "C:\creative.exe" file.
22/08/2006 11.41.55 Oliva Alessio 1376 Sign of "Win32:Virut-B" has been found in "C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\W5B8SJQI\netapi.exe" file.
22/08/2006 11.39.32 Oliva Alessio 1376 Sign of "Win32:Agent-QJ [Trj]" has been found in "C:\drsmartload.exe" file.
22/08/2006 11.39.23 Oliva Alessio 1376 Sign of "Win32:Agent-QJ [Trj]" has been found in "C:\drsmartload.exe" file.
22/08/2006 11.38.29 Oliva Alessio 1376 Sign of "Win32:Agent-QJ [Trj]" has been found in "C:\Documents and Settings\Oliva Alessio\Impostazioni locali\Temporary Internet Files\Content.IE5\4B45CJ2N\loader.exe" file.
21/08/2006 22.01.22 Oliva Alessio 1356 Sign of "Win32:Agent-QJ [Trj]" has been found in "C:\drsmartload.exe" file.
21/08/2006 22.01.18 Oliva Alessio 1356 Sign of "Win32:Agent-QJ [Trj]" has been found in "C:\drsmartload.exe" file.
21/08/2006 21.58.41 Oliva Alessio 1356 Sign of "Win32:Agent-QJ [Trj]" has been found in "C:\Documents and Settings\Oliva Alessio\Impostazioni locali\Temporary Internet Files\Content.IE5\B0OTO0F7\loader.exe" file.
21/08/2006 21.50.00 Oliva Alessio 1396 Sign of "Win32:Agent-QJ [Trj]" has been found in "C:\drsmartload.exe" file.
21/08/2006 21.49.20 Oliva Alessio 1396 Sign of "Win32:Agent-QJ [Trj]" has been found in "C:\Documents and Settings\Oliva Alessio\Impostazioni locali\Temporary Internet Files\Content.IE5\GHIJKLMN\loader.exe" file.
21/08/2006 21.45.51 Oliva Alessio 1396 Sign of "Win32:Adloader-CG [Trj]" has been found in "C:\drload2.exe" file.
21/08/2006 21.45.41 Oliva Alessio 1396 Sign of "Win32:Agent-QJ [Trj]" has been found in "C:\drsmartload.exe" file.
21/08/2006 21.44.32 Oliva Alessio 1396 Sign of "Win32:Small-BEZ [Trj]" has been found in "C:\aucl.exe\[FSG]" file.
21/08/2006 21.39.19 Oliva Alessio 1372 Sign of "Win32:Agent-QJ [Trj]" has been found in "C:\Documents and Settings\Oliva Alessio\Impostazioni locali\Temporary Internet Files\Content.IE5\SHY7CT6V\loader.exe" file.
21/08/2006 21.32.25 Oliva Alessio 1428 Sign of "Win32:Agent-QJ [Trj]" has been found in "C:\Documents and Settings\Oliva Alessio\Impostazioni locali\Temporary Internet Files\Content.IE5\HRSKCV5X\loader.exe" file.
21/08/2006 18.07.05 SYSTEM 1384 Sign of "Win32:Agent-QJ [Trj]" has been found in "C:\drsmartload.exe" file.
21/08/2006 18.07.05 SYSTEM 1384 Sign of "Win32:Agent-QJ [Trj]" has been found in "C:\drsmartload.exe" file.
21/08/2006 18.07.05 SYSTEM 1384 Sign of "Win32:Agent-QJ [Trj]" has been found in "C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\W06DXTLV\loader.exe" file.
20/08/2006 19.04.39 Oliva Alessio 1368 Sign of "Win32:Small-BEZ [Trj]" has been found in "C:\aucl.exe\[FSG]" file.
20/08/2006 19.04.29 Oliva Alessio 1368 Sign of "Win32:Small-BEZ [Trj]" has been found in "C:\aucl.exe\[FSG]" file.
20/08/2006 19.04.23 Oliva Alessio 1368 Sign of "Win32:Small-BEZ [Trj]" has been found in "C:\aucl.exe\[FSG]" file.
20/08/2006 19.04.15 Oliva Alessio 1368 Sign of "Win32:Small-BEZ [Trj]" has been found in "C:\aucl.exe\[FSG]" file.
20/08/2006 19.04.04 Oliva Alessio 1368 Sign of "Win32:Agent-QJ [Trj]" has been found in "C:\drsmartload.exe" file.
20/08/2006 19.03.54 Oliva Alessio 1368 Sign of "Win32:Small-BEZ [Trj]" has been found in "C:\aucl.exe\[FSG]" file.
20/08/2006 19.02.21 Oliva Alessio 1368 Sign of "Win32:Agent-QJ [Trj]" has been found in "C:\Documents and Settings\Oliva Alessio\Impostazioni locali\Temporary Internet Files\Content.IE5\AW0BTCTP\loader.exe" file.
20/08/2006 19.01.44 Oliva Alessio 1368 Sign of "Win32:Small-BEZ [Trj]" has been found in "C:\aucl.exe\[FSG]" file.
20/08/2006 17.50.48 Oliva Alessio 1456 Sign of "Win32:Agent-QJ [Trj]" has been found in "C:\drsmartload.exe" file.
20/08/2006 17.50.48 Oliva Alessio 1456 Sign of "Win32:Agent-QJ [Trj]" has been found in "C:\drsmartload.exe" file.
20/08/2006 17.50.48 Oliva Alessio 1456 Sign of "Win32:Agent-QJ [Trj]" has been found in "C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\9AEOFTRA\loader.exe" file.
20/08/2006 17.50.40 Oliva Alessio 1456 Sign of "Win32:Small-BEZ [Trj]" has been found in "C:\aucl.exe\[FSG]" file.
20/08/2006 17.50.40 Oliva Alessio 1456 Sign of "Win32:Small-BEZ [Trj]" has been found in "C:\aucl.exe\[FSG]" file.
20/08/2006 17.50.39 Oliva Alessio 1456 Sign of "Win32:Small-BEZ [Trj]" has been found in "C:\aucl.exe\[FSG]" file.
20/08/2006 17.50.39 Oliva Alessio 1456 Sign of "Win32:Small-BEZ [Trj]" has been found in "C:\aucl.exe\[FSG]" file.
20/08/2006 17.50.39 Oliva Alessio 1456 Sign of "Win32:Small-BEZ [Trj]" has been found in "C:\aucl.exe\[FSG]" file.
20/08/2006 17.50.39 Oliva Alessio 1456 Sign of "Win32:Small-BEZ [Trj]" has been found in "C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\W06DXTLV\stvslhrb.txt\[FSG]" file.
20/08/2006 17.50.34 Oliva Alessio 1456 Sign of "Win32:Small-BEZ [Trj]" has been found in "C:\aucl.exe\[FSG]" file.
20/08/2006 17.50.34 Oliva Alessio 1456 Sign of "Win32:Small-BEZ [Trj]" has been found in "C:\aucl.exe\[FSG]" file.
20/08/2006 17.50.34 Oliva Alessio 1456 Sign of "Win32:Small-BEZ [Trj]" has been found in "C:\aucl.exe\[FSG]" file.
20/08/2006 17.50.34 Oliva Alessio 1456 Sign of "Win32:Small-BEZ [Trj]" has been found in "C:\aucl.exe\[FSG]" file.
20/08/2006 17.50.33 Oliva Alessio 1456 Sign of "Win32:Small-BEZ [Trj]" has been found in "C:\aucl.exe\[FSG]" file.
20/08/2006 17.50.33 Oliva Alessio 1456 Sign of "Win32:Small-BEZ [Trj]" has been found in "C:\aucl.exe\[FSG]" file.
20/08/2006 17.50.33 Oliva Alessio 1456 Sign of "Win32:Small-BEZ [Trj]" has been found in "C:\Documents and Settings\Oliva Alessio\Impostazioni locali\Temporary Internet Files\Content.IE5\HRSKCV5X\stvslhrb.txt\[FSG]" file.
17/08/2006 14.02.43 Oliva Alessio 1288 Sign of "Win32:Agent-gen [Trj]" has been found in "C:\WINDOWS\4.tmp" file.
17/08/2006 13.39.18 Oliva Alessio 1436 An error has occured while attempting to update. Please check the logs.
17/08/2006 13.39.07 Oliva Alessio 1436 Function setifaceUpdateFiles() has failed. Return code is 0x00000001, dwRes is 00000001.
17/08/2006 13.37.51 Oliva Alessio 1436 Sign of "Win32:Agent-gen [Trj]" has been found in "C:\WINDOWS\3.tmp" file.
17/08/2006 11.53.59 SYSTEM 1340 An error has occured while attempting to update. Please check the logs.
17/08/2006 11.53.57 SYSTEM 1340 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
16/08/2006 12.00.59 Oliva Alessio 1452 Sign of "Win32:Trojan-gen. {UPX!}" has been found in "C:\WINDOWS\internt.exe" file.
16/08/2006 11.19.46 Oliva Alessio 1476 Sign of "Win32:Agent-gen [Trj]" has been found in "C:\WINDOWS\3.tmp" file.
15/08/2006 21.51.06 Oliva Alessio 1456 Sign of "Win32:Agent-gen [Trj]" has been found in "C:\WINDOWS\3.tmp" file.
15/08/2006 18.52.25 Oliva Alessio 1452 Sign of "Win32:Agent-gen [Trj]" has been found in "C:\WINDOWS\2.tmp" file.
14/08/2006 7.00.40 Oliva Alessio 1424 Sign of "Win32:Agent-gen [Trj]" has been found in "C:\WINDOWS\3.tmp" file.
13/08/2006 15.29.16 Oliva Alessio 1452 Sign of "Win32:Agent-gen [Trj]" has been found in "C:\WINDOWS\3.tmp" file.
12/08/2006 11.36.22 Oliva Alessio 1448 Sign of "Win32:Agent-gen [Trj]" has been found in "C:\WINDOWS\3.tmp" file.
11/08/2006 11.09.36 Oliva Alessio 1456 Sign of "Win32:Agent-gen [Trj]" has been found in "C:\WINDOWS\3.tmp" file.
10/08/2006 22.48.07 Oliva Alessio 1432 Sign of "Win32:Agent-gen [Trj]" has been found in "C:\WINDOWS\3.tmp" file.
08/08/2006 11.13.35 Oliva Alessio 1480 Sign of "Win32:Agent-gen [Trj]" has been found in "C:\WINDOWS\3.tmp" file.
07/08/2006 19.22.06 Oliva Alessio 1476 Sign of "Win32:Agent-gen [Trj]" has been found in "C:\WINDOWS\3.tmp" file.
07/08/2006 19.20.35 Oliva Alessio 1476 Sign of "Win32:Agent-gen [Trj]" has been found in "C:\WINDOWS\3.tmp" file.
05/08/2006 19.37.23 Oliva Alessio 1476 Sign of "Win32:Agent-gen [Trj]" has been found in "C:\WINDOWS\3.tmp" file.
05/08/2006 19.36.25 Oliva Alessio 1476 Sign of "Win32:Agent-gen [Trj]" has been found in "C:\WINDOWS\3.tmp" file.
04/08/2006 22.25.36 Oliva Alessio 1464 Sign of "Win32:Agent-gen [Trj]" has been found in "C:\WINDOWS\3.tmp" file.
03/08/2006 16.09.59 Oliva Alessio 1260 Sign of "Win32:Agent-gen [Trj]" has been found in "C:\WINDOWS\3.tmp" file.
03/08/2006 16.09.18 Oliva Alessio 1260 Sign of "Win32:Agent-gen [Trj]" has been found in "C:\WINDOWS\3.tmp" file.
02/08/2006 9.43.27 Oliva Alessio 1484 Sign of "Win32:Agent-gen [Trj]" has been found in "C:\WINDOWS\3.tmp" file.
30/07/2006 14.56.21 Oliva Alessio 1440 Sign of "Win32:Agent-gen [Trj]" has been found in "C:\WINDOWS\3.tmp" file.
29/07/2006 9.46.42 Oliva Alessio 1432 Sign of "Win32:Agent-gen [Trj]" has been found in "C:\WINDOWS\F.tmp" file.
28/07/2006 11.04.39 Oliva Alessio 1456 Sign of "Win32:Agent-gen [Trj]" has been found in "C:\WINDOWS\3.tmp" file.
27/07/2006 19.18.45 Oliva Alessio 1260 Sign of "Win32:Agent-gen [Trj]" has been found in "C:\WINDOWS\3.tmp" file.
26/07/2006 11.00.16 Oliva Alessio 1484 Sign of "Win32:Agent-gen [Trj]" has been found in "C:\WINDOWS\3.tmp" file.
25/07/2006 21.55.12 Oliva Alessio 1456 Sign of "Win32:Agent-gen [Trj]" has been found in "C:\WINDOWS\3.tmp" file.
25/07/2006 19.08.03 Oliva Alessio 1456 Sign of "Win32:Agent-gen [Trj]" has been found in "C:\WINDOWS\3.tmp" file.
25/07/2006 19.06.46 Oliva Alessio 1456 Sign of "Win32:Agent-gen [Trj]" has been found in "C:\WINDOWS\3.tmp" file.
24/07/2006 11.35.50 Oliva Alessio 1460 Sign of "Win32:Agent-gen [Trj]" has been found in "C:\WINDOWS\3.tmp" file.
24/07/2006 11.19.41 SYSTEM 1460 An error has occured while attempting to update. Please check the logs.
24/07/2006 11.19.39 SYSTEM 1460 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
23/07/2006 10.13.31 Oliva Alessio 1496 Sign of "Win32:Agent-gen [Trj]" has been found in "C:\WINDOWS\2.tmp" file.
22/07/2006 12.57.23 Oliva Alessio 1496 Sign of "Win32:Agent-gen [Trj]" has been found in "C:\WINDOWS\3.tmp" file.
20/07/2006 10.28.54 Oliva Alessio 1452 Sign of "Win32:Agent-gen [Trj]" has been found in "C:\WINDOWS\3.tmp" file.
19/07/2006 16.48.56 SYSTEM 1460 Sign of "Win32:Agent-AKW [Trj]" has been found in "C:\WINDOWS\Temp\paea.exe\[UPX]" file.
18/07/2006 14.37.52 SYSTEM 1448 Sign of "Win32:Agent-AKW [Trj]" has been found in "C:\WINDOWS\Temp\paea.exe\[UPX]" file.
17/07/2006 14.29.42 SYSTEM 1456 Sign of "Win32:Agent-AKW [Trj]" has been found in "C:\WINDOWS\Temp\paea.exe\[UPX]" file.
17/07/2006 14.28.39 SYSTEM 1456 Sign of "Win32:Agent-AKW [Trj]" has been found in "C:\WINDOWS\Temp\paea.exe\[UPX]" file.
16/07/2006 13.58.05 SYSTEM 1468 Sign of "Win32:Agent-AKW [Trj]" has been found in "C:\WINDOWS\Temp\paea.exe\[UPX]" file.
15/07/2006 12.39.33 SYSTEM 1484 Sign of "Win32:Agent-AKW [Trj]" has been found in "C:\WINDOWS\Temp\paea.exe\[UPX]" file.
14/07/2006 16.18.56 SYSTEM 1488 Sign of "Win32:Dialer-622 [Trj]" has been found in "C:\Documents and Settings\Oliva Alessio\Impostazioni locali\Temporary Internet Files\Content.IE5\W50VKFC3\trx230.exe\[UPX]" file.
14/07/2006 16.18.47 SYSTEM 1488 Sign of "Win32:Dialer-622 [Trj]" has been found in "http://www.italian-toplist.com/cart/gs/trx230.exe\[UPX]" file.
14/07/2006 14.20.07 SYSTEM 1440 Sign of "Win32:Agent-YE [Trj]" has been found in "http://198.88.20.73/ds/g.php?did=31" file.
14/07/2006 11.08.08 Oliva Alessio 4004 Function setifaceUpdatePackages() has failed. Return code is 0x000004C7, dwRes is 000004C7.
14/07/2006 10.35.50 SYSTEM 1420 Sign of "Win32:Agent-AKW [Trj]" has been found in "C:\WINDOWS\Temp\paea.exe\[UPX]" file.
13/07/2006 16.26.10 Oliva Alessio 3596 Sign of "Win32:Agent-AKW [Trj]" has been found in "C:\WINDOWS\Temp\_avast4_\unp140243208.tmp\[UPX]" file.
13/07/2006 16.18.21 Oliva Alessio 3596 Sign of "Win32:Agent-AJH [Trj]" has been found in "C:\WINDOWS\system32\vbsys2.dll" file.
13/07/2006 15.57.47 Oliva Alessio 3596 Sign of "Win32:Dialer-622 [Trj]" has been found in "C:\WINDOWS\Downloaded Program Files\wvhgol3x.exe\[UPX]" file.
13/07/2006 15.57.44 Oliva Alessio 3596 Sign of "Win32:Dialer-622 [Trj]" has been found in "C:\WINDOWS\Downloaded Program Files\wla3mp6x.exe\[UPX]" file.
13/07/2006 15.57.41 Oliva Alessio 3596 Sign of "Win32:Dialer-622 [Trj]" has been found in "C:\WINDOWS\Downloaded Program Files\nd01156.exe\[UPX]" file.
13/07/2006 15.57.39 Oliva Alessio 3596 Sign of "Win32:Dialer-662 [Trj]" has been found in "C:\WINDOWS\Downloaded Program Files\fast.exe\[UPX]" file.
13/07/2006 15.57.37 Oliva Alessio 3596 Sign of "Win32:Dialer-662 [Trj]" has been found in "C:\WINDOWS\Downloaded Program Files\CONFLICT.3\AUTO_299_N.exe\[UPX]" file.
13/07/2006 15.57.35 Oliva Alessio 3596 Sign of "Win32:Dialer-662 [Trj]" has been found in "C:\WINDOWS\Downloaded Program Files\CONFLICT.2\AUTO_299_N.exe\[UPX]" file.
13/07/2006 15.57.33 Oliva Alessio 3596 Sign of "Win32:Dialer-622 [Trj]" has been found in "C:\WINDOWS\Downloaded Program Files\CONFLICT.1\wvhgol3x.exe\[UPX]" file.
13/07/2006 15.57.30 Oliva Alessio 3596 Sign of "Win32:Dialer-662 [Trj]" has been found in "C:\WINDOWS\Downloaded Program Files\CONFLICT.1\AUTO_299_N.exe\[UPX]" file.
13/07/2006 15.57.28 Oliva Alessio 3596 Sign of "Win32:Dialer-662 [Trj]" has been found in "C:\WINDOWS\Downloaded Program Files\AUTO_299_N.exe\[UPX]" file.
13/07/2006 15.57.17 Oliva Alessio 3596 Sign of "Win32:Dialer-662 [Trj]" has been found in "C:\WINDOWS\Downloaded Program Files\AUTO_296_N.exe\[UPX]" file.
13/07/2006 15.21.05 Oliva Alessio 3596 Sign of "Win32:Trojan-gen. {VC}" has been found in "C:\Documents and Settings\Oliva Alessio\Impostazioni locali\Temp\DelF.tmp" file.
13/07/2006 15.21.03 Oliva Alessio 3596 Sign of "Win32:Agent-OE [Trj]" has been found in "C:\Documents and Settings\Oliva Alessio\Impostazioni locali\Temp\DelE.tmp" file.
13/07/2006 15.20.58 Oliva Alessio 3596 Sign of "Win32:Trojan-gen. {VC}" has been found in "C:\Documents and Settings\Oliva Alessio\Impostazioni locali\Temp\DelD.tmp" file.
13/07/2006 15.20.56 Oliva Alessio 3596 Sign of "Win32:Trojan-gen. {VC}" has been found in "C:\Documents and Settings\Oliva Alessio\Impostazioni locali\Temp\DelC.tmp" file.
13/07/2006 15.20.54 Oliva Alessio 3596 Sign of "Win32:Small-AJV [Trj]" has been found in "C:\Documents and Settings\Oliva Alessio\Impostazioni locali\Temp\DelB.tmp" file.
13/07/2006 15.20.53 Oliva Alessio 3596 Sign of "Win32:Small-AJV [Trj]" has been found in "C:\Documents and Settings\Oliva Alessio\Impostazioni locali\Temp\DelA.tmp" file.
13/07/2006 15.20.51 Oliva Alessio 3596 Sign of "Win32:Small-AJV [Trj]" has been found in "C:\Documents and Settings\Oliva Alessio\Impostazioni locali\Temp\Del9.tmp" file.
13/07/2006 15.20.49 Oliva Alessio 3596 Sign of "Win32:Trojan-gen. {VC}" has been found in "C:\Documents and Settings\Oliva Alessio\Impostazioni locali\Temp\Del8.tmp" file.
13/07/2006 15.20.47 Oliva Alessio 3596 Sign of "Win32:Trojan-gen. {VC}" has been found in "C:\Documents and Settings\Oliva Alessio\Impostazioni locali\Temp\Del7.tmp" file.
13/07/2006 15.20.44 Oliva Alessio 3596 Sign of "Win32:Trojan-gen. {VC}" has been found in "C:\Documents and Settings\Oliva Alessio\Impostazioni locali\Temp\Del6.tmp" file.
13/07/2006 15.20.42 Oliva Alessio 3596 Sign of "Win32:Trojan-gen. {VC}" has been found in "C:\Documents and Settings\Oliva Alessio\Impostazioni locali\Temp\Del5.tmp" file.
13/07/2006 15.20.40 Oliva Alessio 3596 Sign of "Win32:Trojan-gen. {VC}" has been found in "C:\Documents and Settings\Oliva Alessio\Impostazioni locali\Temp\Del4.tmp" file.
13/07/2006 15.20.39 Oliva Alessio 3596 Sign of "Win32:Trojan-gen. {VC}" has been found in "C:\Documents and Settings\Oliva Alessio\Impostazioni locali\Temp\Del2B.tmp" file.
13/07/2006 15.20.36 Oliva Alessio 3596 Sign of "Win32:Trojan-gen. {VC}" has been found in "C:\Documents and Settings\Oliva Alessio\Impostazioni locali\Temp\Del2A.tmp" file.
13/07/2006 15.19.49 Oliva Alessio 3596 Sign of "Win32:Downloader-AQ [Trj]" has been found in "C:\Documents and Settings\Oliva Alessio\Impostazioni locali\Temp\Del2.tmp\[FSG]" file.
13/07/2006 14.58.47 Oliva Alessio 3596 Sign of "Win32:Agent-AJP [Tool]" has been found in "C:\Documents and Settings\Oliva Alessio\Desktop\clickme.exe" file.
13/07/2006 14.58.21 Oliva Alessio 3596 Sign of "VBS:Malware [Gen]" has been found in "C:\Documents and Settings\Oliva Alessio\Dati applicazioni\Sun\Java\Deployment\cache\javapi\v1.0\jar\cBAULv9.jar-6123a5d3-592cf461.zip\Beyond.class" file.
13/07/2006 14.58.17 Oliva Alessio 3596 Sign of "VBS:Malware [Gen]" has been found in "C:\Documents and Settings\Oliva Alessio\Dati applicazioni\Sun\Java\Deployment\cache\javapi\v1.0\jar\cBAULv9.jar-6123a5d3-592cf461.zip\Dummy.class" file.
13/07/2006 14.58.14 Oliva Alessio 3596 Sign of "VBS:Malware [Gen]" has been found in "C:\Documents and Settings\Oliva Alessio\Dati applicazioni\Sun\Java\Deployment\cache\javapi\v1.0\jar\cBAULv9.jar-6123a5d3-592cf461.zip\VerifierBug.class" file.
13/07/2006 14.58.08 Oliva Alessio 3596 Sign of "VBS:Malware [Gen]" has been found in "C:\Documents and Settings\Oliva Alessio\Dati applicazioni\Sun\Java\Deployment\cache\javapi\v1.0\jar\cBAULv9.jar-6123a5d3-592cf461.zip\BlackBox.class" file.
13/07/2006 14.57.28 Oliva Alessio 3596 Sign of "VBS:Malware [Script]" has been found in "C:\Documents and Settings\Oliva Alessio\Dati applicazioni\Sun\Java\Deployment\cache\javapi\v1.0\file\SecurityClassLoader.class-1ea4998b-297bc43f.class" file.
13/07/2006 14.31.03 SYSTEM 1472 Sign of "Win32:Small-AJV [Trj]" has been found in "C:\ismj.exe" file.
13/07/2006 14.14.03 SYSTEM 1472 Sign of "VBS:Malware [Gen]" has been found in "C:\DOCUME~1\OLIVAA~1\IMPOST~1\Temp\AAWTMP\C251201\40819\Beyond.class" file.
13/07/2006 14.13.57 SYSTEM 1472 Sign of "VBS:Malware [Gen]" has been found in "C:\DOCUME~1\OLIVAA~1\IMPOST~1\Temp\AAWTMP\C251201\40819\Dummy.class" file.
13/07/2006 14.13.48 SYSTEM 1472 Sign of "VBS:Malware [Gen]" has been found in "C:\DOCUME~1\OLIVAA~1\IMPOST~1\Temp\AAWTMP\C251201\40819\VerifierBug.class" file.
13/07/2006 14.13.10 SYSTEM 1472 Sign of "VBS:Malware [Gen]" has been found in "C:\DOCUME~1\OLIVAA~1\IMPOST~1\Temp\AAWTMP\C251201\40819\BlackBox.class" file.
13/07/2006 14.08.02 SYSTEM 1472 Sign of "Win32:Agent-AKW [Trj]" has been found in "C:\WINDOWS\Temp\paea.exe\[UPX]" file.
13/07/2006 12.52.58 SYSTEM 1256 Sign of "Win32:Agent-YE [Trj]" has been found in "http://198.88.20.73/ds/g.php?did=31" file.
08/07/2006 14.35.22 Oliva Alessio 1460 Sign of "VBS:Malware [Gen]" has been found in "C:\DOCUME~1\OLIVAA~1\IMPOST~1\Temp\AAWTMP\C770207\3BD9\Beyond.class" file.
08/07/2006 14.35.17 Oliva Alessio 1460 Sign of "VBS:Malware [Gen]" has been found in "C:\DOCUME~1\OLIVAA~1\IMPOST~1\Temp\AAWTMP\C770207\3BD9\Dummy.class" file.
08/07/2006 14.35.12 Oliva Alessio 1460 Sign of "VBS:Malware [Gen]" has been found in "C:\DOCUME~1\OLIVAA~1\IMPOST~1\Temp\AAWTMP\C770207\3BD9\VerifierBug.class" file.
08/07/2006 14.31.45 Oliva Alessio 1460 Sign of "VBS:Malware [Gen]" has been found in "C:\DOCUME~1\OLIVAA~1\IMPOST~1\Temp\AAWTMP\C770207\3BD9\BlackBox.class" file.
07/07/2006 14.23.54 SYSTEM 1452 Sign of "MS06-001 WMF Exploit" has been found in "http://gromozon.com/4ad4059f/50305/2/pic.tiff" file.
02/07/2006 10.32.43 Oliva Alessio 1476 Sign of "VBS:Malware [Gen]" has been found in "C:\DOCUME~1\OLIVAA~1\IMPOST~1\Temp\AAWTMP\C727846\BC6B1\Beyond.class" file.
02/07/2006 10.32.37 Oliva Alessio 1476 Sign of "VBS:Malware [Gen]" has been found in "C:\DOCUME~1\OLIVAA~1\IMPOST~1\Temp\AAWTMP\C727846\BC6B1\Dummy.class" file.
02/07/2006 10.32.26 Oliva Alessio 1476 Sign of "VBS:Malware [Gen]" has been found in "C:\DOCUME~1\OLIVAA~1\IMPOST~1\Temp\AAWTMP\C727846\BC6B1\VerifierBug.class" file.
02/07/2006 10.31.52 Oliva Alessio 1476 Sign of "VBS:Malware [Gen]" has been found in "C:\DOCUME~1\OLIVAA~1\IMPOST~1\Temp\AAWTMP\C727846\BC6B1\BlackBox.class" file.
29/06/2006 17.36.13 SYSTEM 1468 Sign of "Win32:Dialer-586 [Trj]" has been found in "http://www.hardbanner.com/database_porno.exe" file.
29/06/2006 17.35.58 SYSTEM 1468 Sign of "Win32:Dialer-586 [Trj]" has been found in "http://www.hardbanner.com/database_porno.exe" file.
28/06/2006 20.41.12 SYSTEM 1420 Sign of "Win32:Agent-gen [Trj]" has been found in "C:\WINDOWS\Temp\paea.exe" file.
28/06/2006 18.43.56 SYSTEM 1476 Sign of "Win32:Agent-YE [Trj]" has been found in "http://198.88.20.73/ds/g.php?did=31" file.
26/06/2006 22.33.43 SYSTEM 1368 Sign of "Win32:Agent-gen [Trj]" has been found in "C:\WINDOWS\Temp\paea.exe" file.
26/06/2006 22.17.26 SYSTEM 1368 Sign of "Win32:Agent-gen [Trj]" has been found in "C:\DOCUME~1\OLIVAA~1\IMPOST~1\Temp\paea.exe" file.
26/06/2006 22.16.00 SYSTEM 1368 Sign of "Win32:Agent-gen [Trj]" has been found in "C:\WINDOWS\TEMP\paea.exe" file.
21/06/2006 16.32.15 SYSTEM 1368 Sign of "Win32:Dialer-593 [Trj]" has been found in "http://www.ricercaweb.info/webdesk.exe\[UPX]" file.
21/06/2006 16.24.45 SYSTEM 1368 Sign of "Win32:Dialer-593 [Trj]" has been found in "http://www.ilpolliceverde.net/Vogliose/fast.exe\[UPX]" file.
21/06/2006 16.13.39 SYSTEM 1368 Sig
alemao
Utente Junior
 
Post: 88
Iscritto il: 16/08/06 11:18

Postdi andorra24 » 24/08/06 14:09

Scarica ATF Cleaner da qui:
http://www.atribune.org/ccount/click.php?id=1
(per eliminare file temporanei di windows e IE)
Avvia ATF cleaner, clicca sul menu "main" e poi seleziona la casella "Select All". Adesso clicca sul pulsante "Empty selected" e aspetta il messaggio "Done Cleaning!"

Fai un paio di scansioni antivirus altrimenti non se ne esce:
http://www.bitdefender.com/scan8/ie.html
http://www.tgsoft.it/files/vnlt6109.exe

Domanda: USI UN FIREWALL? Se non ce l'hai mettilo subito.
andorra24
Utente Senior
 
Post: 2742
Iscritto il: 21/05/06 15:44
Località: Palermo

Postdi alemao » 24/08/06 17:04

VirIT eXplorer Lite Log

SCANSIONE DELLA MEMORIA
OK
--------------------------------------------------------
24/08/2006 - 17:27:19

[SCANSIONE DEL REGISTRO]
{2ee25147-37d4-4640-832c-fccfac8b21d9} Infetto da BHO.Agent.AR
* * * RIMOSSO * * *

[A:]
BOOT SECTOR: OK


[C:]
MASTER BOOT RECORD: OK
BOOT SECTOR: OK

C:\:hcjzfz.nxt:$DATA Infetto da Trojan.Win32.D
* * * RIMOSSO * * *
C:\Documents and Settings\Oliva Alessio\Impostazioni locali\Temp\mmmmm.exe.mht Infetto da Trojan.Win32.Dialer.Gen
* * * RIMOSSO * * *
C:\WINDOWS\4.tmp Infetto da BHO.IEPlugin.E
* * * RIMOSSO * * *
C:\WINDOWS\internt.exe Infetto da Trojan.Win32.Agent.TT
* * * RIMOSSO * * *
C:\WINDOWS\system32:ypaa.dll:$DATA Infetto da Trojan.Win32.Agent.ABV
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\9AEOFTRA\netapi.exe Infetto da Trojan.Win32.Agent.AEN
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\9AEOFTRA\netapi.exe Infetto da Trojan.Win32.Agent.AEN
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\9AEOFTRA\netapi.exe Infetto da Trojan.Win32.Agent.AEN
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\9AEOFTRA\netapi.exe Infetto da Trojan.Win32.Agent.AEN
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\9AEOFTRA\netapi.exe Infetto da Trojan.Win32.Agent.AEN
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\9AEOFTRA\netapi.exe Infetto da Trojan.Win32.Agent.AEN
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\9AEOFTRA\netapi.exe Infetto da Trojan.Win32.Agent.AEN
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\9AEOFTRA\netapi.exe Infetto da Trojan.Win32.Agent.AEI
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\9AEOFTRA\netapi.exe Infetto da Trojan.Win32.Agent.AEI
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\9AEOFTRA\netapi.exe Infetto da Trojan.Win32.Agent.AEN
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\9AEOFTRA\netapi.exe Infetto da Trojan.Win32.Agent.AEN
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\9AEOFTRA\netapi.exe Infetto da Trojan.Win32.Agent.AEI
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\9AEOFTRA\netapi.exe Infetto da Trojan.Win32.Agent.AEN
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\9AEOFTRA\netapi.exe Infetto da Trojan.Win32.Agent.AEN
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\9AEOFTRA\netapi.exe Infetto da Trojan.Win32.Agent.AEI
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\9AEOFTRA\netapi.exe Infetto da Trojan.Win32.Agent.AEI
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\9AEOFTRA\netapi.exe Infetto da Trojan.Win32.Agent.AEI
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\9AEOFTRA\netapi.exe Infetto da Trojan.Win32.Agent.AEI
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\9AEOFTRA\netapi.exe Infetto da Trojan.Win32.Agent.AEI
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\9AEOFTRA\netapi.exe Infetto da Trojan.Win32.Agent.AEI
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\9AEOFTRA\netapi.exe Infetto da Trojan.Win32.Agent.AEI
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\TUAC2IUQ\netapi[.exe Infetto da Trojan.Win32.Agent.AEN
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\TUAC2IUQ\netapi.exe Infetto da Trojan.Win32.Agent.AEN
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\TUAC2IUQ\netapi.exe Infetto da Trojan.Win32.Agent.AEI
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\TUAC2IUQ\netapi.exe Infetto da Trojan.Win32.Agent.AEN
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\TUAC2IUQ\netapi.exe Infetto da Trojan.Win32.Agent.AEN
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\TUAC2IUQ\netapi.exe Infetto da Trojan.Win32.Agent.AEI
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\TUAC2IUQ\netapi.exe Infetto da Trojan.Win32.Agent.AEI
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\TUAC2IUQ\netapi.exe Infetto da Trojan.Win32.Agent.AEI
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\TUAC2IUQ\netapi.exe Infetto da Trojan.Win32.Agent.AEI
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\TUAC2IUQ\netapi.exe Infetto da Trojan.Win32.Agent.AEI
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\TUAC2IUQ\netapi.exe Infetto da Trojan.Win32.Agent.AEI
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\TUAC2IUQ\netapi.exe Infetto da Trojan.Win32.Agent.AEI
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\TUAC2IUQ\netapi.exe Infetto da Trojan.Win32.Agent.AEI
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\W06DXTLV\netapi.exe Infetto da Trojan.Win32.Agent.AEI
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\W06DXTLV\netapi.exe Infetto da Trojan.Win32.Agent.AEN
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\W06DXTLV\netapi.exe Infetto da Trojan.Win32.Agent.AEN
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\W06DXTLV\netapi.exe Infetto da Trojan.Win32.Agent.AEN
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\W06DXTLV\netapi.exe Infetto da Win32.Virut.A
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\W06DXTLV\netapi.exe Infetto da Win32.Virut.A
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\W06DXTLV\netapi.exe Infetto da Trojan.Win32.Agent.AEN
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\W06DXTLV\netapi.exe Infetto da Trojan.Win32.Agent.AEI
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\W06DXTLV\netapi.exe Infetto da Trojan.Win32.Agent.AEN
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\W06DXTLV\netapi.exe Infetto da Trojan.Win32.Agent.AEI
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\W06DXTLV\netapi.exe Infetto da Trojan.Win32.Agent.AEI
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\W06DXTLV\netapi.exe Infetto da Trojan.Win32.Agent.AEI
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\W06DXTLV\netapi.exe Infetto da Trojan.Win32.Agent.AEI
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\W06DXTLV\netapi.exe Infetto da Trojan.Win32.Agent.AEI
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\W06DXTLV\netapi.exe Infetto da Trojan.Win32.Agent.AEI
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\W06DXTLV\netapi.exe Infetto da Trojan.Win32.Agent.AEI
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\W06DXTLV\netapi.exe Infetto da Trojan.Win32.Agent.AEI
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\W5B8SJQI\netapi.exe Infetto da Win32.Virut.A
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\W5B8SJQI\netapi.exe Infetto da Trojan.Win32.Agent.AEN
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\W5B8SJQI\netapi.exe Infetto da Trojan.Win32.Agent.AEN
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\W5B8SJQI\netapi.exe Infetto da Trojan.Win32.Agent.AEN
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\W5B8SJQI\netapi.exe Infetto da Trojan.Win32.Agent.AEN
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\W5B8SJQI\netapi.exe Infetto da Trojan.Win32.Agent.AEI
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\W5B8SJQI\netapi.exe Infetto da Win32.Virut.A
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\W5B8SJQI\netapi.exe Infetto da Trojan.Win32.Agent.AEI
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\W5B8SJQI\netapi.exe Infetto da Trojan.Win32.Agent.AEI
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\W5B8SJQI\netapi.exe Infetto da Trojan.Win32.Agent.AEI
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\W5B8SJQI\netapi.exe Infetto da Trojan.Win32.Agent.AEI
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\W5B8SJQI\netapi.exe Infetto da Trojan.Win32.Agent.AEI
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\W5B8SJQI\netapi.exe Infetto da Trojan.Win32.Agent.AEI
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\W5B8SJQI\netapi.exe Infetto da Trojan.Win32.Agent.AEN
* * * RIMOSSO * * *
C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\W5B8SJQI\netapi.exe Infetto da Trojan.Win32.Agent.AEN
* * * RIMOSSO * * *
C:\WINDOWS\system32\creative.exe Infetto da Trojan.Win32.Agent.AEN
* * * RIMOSSO * * *
C:\WINDOWS\system32\javanet.exe Infetto da Trojan.Win32.Agent.AEN
* * * RIMOSSO * * *
C:\WINDOWS\Temp\paea.exe Infetto da Trojan.Win32.Agent.ADM
* * * RIMOSSO * * *

[D:]


[E:]


Chiavi Registro infette: 1.
Files Infetti: 74.
Files Sospetti: 0.
Files Analizzati: 37888.
Files Totali: 37888.
Chiavi Registro rimosse: 1.
Virus Rimossi: 74.
risultato dello scan
alemao
Utente Junior
 
Post: 88
Iscritto il: 16/08/06 11:18

Postdi andorra24 » 24/08/06 17:14

Bene, le infezioni sono state rimosse tutte da VirIT.
andorra24
Utente Senior
 
Post: 2742
Iscritto il: 21/05/06 15:44
Località: Palermo

Precedente

Torna a Sicurezza e Privacy


Topic correlati a "small bez":


Chi c’è in linea

Visitano il forum: Nessuno e 7 ospiti