Valutazione 4.87/ 5 (100.00%) 5838 voti

Condividi:        

virus msn fucking-around!!! aiuto.....

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: kadosh, Luke57

virus msn fucking-around!!! aiuto.....

Postdi Corsair » 02/10/07 15:34

salve a tutti
da ieri su msn circola un virus... col nome fucking-around credo...
praticamente ti arriva un mex da un tuo contatto...
che in inglese ti invita a spacchettare il file zippato per vedere una foto... blaa bla... etc
personalmente vi consiglio di nn accettare.... me ne sono arrivati così tanti che forse per sbaglio ne ho accettato uno....
dannazione... :diavolo: ho eliminato il file.... ma ogni tanto mentre sono tranquillo tranquillo davanti al mio pc...
sto virus manda un messaggio ai miei contatti....
come quelli di prima.... nn so + cosa fare
ho provato a fare una scansione...con nod ma niente.... ho provato a cercare il file... ma nn l' ho trovato.....
cosa mi consigliate...
vi prego aiutatemi......!!!!! :cry:
Avatar utente
Corsair
Utente Senior
 
Post: 180
Iscritto il: 18/01/07 10:40

Sponsor
 

Postdi Corsair » 02/10/07 18:05

allora :(
nessuno sa aiutarmi......????
vi prego datemi una mano........ è urgente....così rimango isolato da tutto il resto del mono senza msn.....!!!! :eeh:
Avatar utente
Corsair
Utente Senior
 
Post: 180
Iscritto il: 18/01/07 10:40

Postdi SkunkWorks 68 » 02/10/07 18:10

Comincia con il postare un log di Hijacthis...
Ciao
"Quando ti svegli la mattina,pensa quale prezioso privilegio e’ essere vivi:respirare, pensare,provare gioia e amare"(Marco Aurelio).
Avatar utente
SkunkWorks 68
Utente Senior
 
Post: 2336
Iscritto il: 03/03/07 08:55

Postdi Corsair » 02/10/07 19:11

ecco fatto

grazie mille per avermi risposto !!!

Logfile of HijackThis v1.99.1
Scan saved at 20.09.50, on 02/10/2007
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\AcerOrbiCam.exe
C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Acer\OrbiCam10\OrbiCam.exe
C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\opwareSE2.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Windows\winfp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\System32\Macromed\Shockwave 10\PostUpdate.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Users\Corsair\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\Program Files\Azureus\Azureus.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Users\Corsair\AppData\Local\Temp\Rar$EX00.184\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.huddi.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Encarta Web Companion Oggetto helper - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O3 - Toolbar: LEC - {1DBAB667-A486-421e-AFE4-CF07DD0088E5} - C:\Program Files\Power Translator\Applications\LEC IE Translation Extension.dll
O3 - Toolbar: Encarta Web Companion - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Acer OrbiCam] C:\Windows\AcerOrbiCam.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [AcerOrbicamRibbon] "C:\Program Files\Acer\OrbiCam10\OrbiCam.exe" /hide
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PPScheduler] "C:\Program Files\ScanSoft\PaperPort\PPScheduler.exe"
O4 - HKLM\..\Run: [Audio Device Manager] winfp.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\RunOnce: [SWHelper] "C:\Windows\System32\Macromed\Shockwave 10\PostUpdate.exe" 1014020
O4 - Startup: Ritaglio schermata e avvio di OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Barra di ricerca di Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{D4018CDF-F8A7-4866-9CBD-EC600720EB7B}: NameServer = 85.37.17.50 85.38.28.76
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - AppInit_DLLs: eNetHook.dll
O21 - SSODL: printers - {F87926FC-94C1-4C2B-9816-BFE44B5BA2FE} - libcintles3.dll (file missing)
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: LEC TranslateDotNet Server - Language Engineering Corporation, LLC - C:\Program Files\Power Translator\LogoMedia TranslateDotNet Server.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
Avatar utente
Corsair
Utente Senior
 
Post: 180
Iscritto il: 18/01/07 10:40

Postdi SkunkWorks 68 » 02/10/07 19:18

Ma che sistema hai,Vista?
Non ho Vista(se si tratta di Vista) e non posso essere più preciso.
Questo mi piace molto poco:
"winfp.exe"
Ciao
"Quando ti svegli la mattina,pensa quale prezioso privilegio e’ essere vivi:respirare, pensare,provare gioia e amare"(Marco Aurelio).
Avatar utente
SkunkWorks 68
Utente Senior
 
Post: 2336
Iscritto il: 03/03/07 08:55

Postdi Luke57 » 02/10/07 21:09

Ciao, fai una scansione online con kaspersky(devi usare ie)
http://www.kaspersky.com/service?chapter=161739400
1.Clicca su Kaspersky Online Scanner
2.Scarica un componente ActiveX da Kaspersky, Clicca su "Yes."
3.Attendi la fine del download
4.Clicca su "Next"
5.Clicca su "Scan Settings"
6.Assicurati che siano spuntate le seguenti voci
Scan using the following Anti-Virus database:
Extended
spunta le voci di "Scan options"
Scan Archives
Scan Mail Bases
7.Clicca su "OK"
8.Scegli "My computer"
Attendi la fine della scansione, se viene rilevato qualcosa salva il rapporto cliccando su "Save as Text"

Salva il report e postalo
Luke57
Moderatore
 
Post: 6410
Iscritto il: 11/08/05 19:10

Postdi Corsair » 03/10/07 15:18

uff....
allora la risposta e si.... ho il vista...
per il resto dopo 2 ore di scansione ecco il risultato

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Wednesday, October 03, 2007 4:13:47 PM
Operating System: Microsoft Windows Vista Home Edition, (Build 6000)
Kaspersky Online Scanner version: 5.0.93.1
Kaspersky Anti-Virus database last update: 3/10/2007
Kaspersky Anti-Virus database records: 426708
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
C:\
D:\
E:\
F:\
G:\

Scan Statistics:
Total number of scanned objects: 118983
Number of viruses found: 4
Number of infected objects: 18
Number of suspicious objects: 0
Duration of the scan process: 02:07:05

Infected Object Name / Virus Name / Last Action
C:\Program Files\Eset\cache\CACHE.NDB Object is locked skipped
C:\Program Files\Eset\infected\54STXUCA.NQF Infected: Trojan.Win32.Diamin.gen skipped
C:\Program Files\Eset\infected\5HUKHBAA.NQF Infected: Trojan.Win32.Diamin.gen skipped
C:\Program Files\Eset\infected\ND2C0ECA.NQF Infected: Trojan.Win32.Diamin.gen skipped
C:\Program Files\Eset\infected\SKC33OAA.NQF Infected: Trojan.Win32.Diamin.gen skipped
C:\Program Files\Eset\logs\virlog.dat Object is locked skipped
C:\Program Files\Eset\logs\warnlog.dat Object is locked skipped
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\f558e511eb29b0f56226a208cb655dc6_0386542c-f707-43ce-9f8a-dcdcf8686db3 Object is locked skipped
C:\ProgramData\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\ProgramData\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.28.Crwl Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.28.gthr Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.log Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010001.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010002.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010003.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010005.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010006.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010007.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010008.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010009.ci Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010009.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010009.wsb Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000A.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000E.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010012.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010013.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010015.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010016.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010018.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010019.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001A.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001E.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.000 Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.000 Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\Used0000.000 Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.000 Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk1.gthr Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk2.gthr Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy43.gthr Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\tmp.edb Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc\Ntf733B.tmp Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc\Ntf733C.tmp Object is locked skipped
C:\ProgramData\Microsoft\Windows Defender\Support\MPLog-11022006-050241.log Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\Users\Corsair\AppData\Local\Ahead\Nero Home\bl.db Object is locked skipped
C:\Users\Corsair\AppData\Local\Ahead\Nero Home\is2.db Object is locked skipped
C:\Users\Corsair\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT Object is locked skipped
C:\Users\Corsair\AppData\Local\Microsoft\Windows\Explorer\thumbcache_1024.db Object is locked skipped
C:\Users\Corsair\AppData\Local\Microsoft\Windows\Explorer\thumbcache_256.db Object is locked skipped
C:\Users\Corsair\AppData\Local\Microsoft\Windows\Explorer\thumbcache_32.db Object is locked skipped
C:\Users\Corsair\AppData\Local\Microsoft\Windows\Explorer\thumbcache_96.db Object is locked skipped
C:\Users\Corsair\AppData\Local\Microsoft\Windows\Explorer\thumbcache_idx.db Object is locked skipped
C:\Users\Corsair\AppData\Local\Microsoft\Windows\Explorer\thumbcache_sr.db Object is locked skipped
C:\Users\Corsair\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat Object is locked skipped
C:\Users\Corsair\AppData\Local\Microsoft\Windows\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Users\Corsair\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Users\Corsair\AppData\Local\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Users\Corsair\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1 Object is locked skipped
C:\Users\Corsair\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2 Object is locked skipped
C:\Users\Corsair\AppData\Local\Microsoft\Windows\UsrClass.dat{29c22bcc-f657-11db-aad0-000000000000}.TM.blf Object is locked skipped
C:\Users\Corsair\AppData\Local\Microsoft\Windows\UsrClass.dat{29c22bcc-f657-11db-aad0-000000000000}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped
C:\Users\Corsair\AppData\Local\Microsoft\Windows\UsrClass.dat{29c22bcc-f657-11db-aad0-000000000000}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped
C:\Users\Corsair\AppData\Local\Microsoft\Windows Defender\FileTracker\{2BF3B53F-3B8A-447E-9332-49D4D1D7AFE1} Object is locked skipped
C:\Users\Corsair\AppData\Local\Microsoft\Windows Sidebar\Settings.ini Object is locked skipped
C:\Users\Corsair\AppData\Local\Mozilla\Firefox\Profiles\rjavvk8u.default\Cache\_CACHE_001_ Object is locked skipped
C:\Users\Corsair\AppData\Local\Mozilla\Firefox\Profiles\rjavvk8u.default\Cache\_CACHE_002_ Object is locked skipped
C:\Users\Corsair\AppData\Local\Mozilla\Firefox\Profiles\rjavvk8u.default\Cache\_CACHE_003_ Object is locked skipped
C:\Users\Corsair\AppData\Local\Mozilla\Firefox\Profiles\rjavvk8u.default\Cache\_CACHE_MAP_ Object is locked skipped
C:\Users\Corsair\AppData\Local\Temp\LVCOMSX.LOG Object is locked skipped
C:\Users\Corsair\AppData\Roaming\Microsoft\Windows\Cookies\index.dat Object is locked skipped
C:\Users\Corsair\AppData\Roaming\Mozilla\Firefox\Profiles\rjavvk8u.default\cert8.db Object is locked skipped
C:\Users\Corsair\AppData\Roaming\Mozilla\Firefox\Profiles\rjavvk8u.default\formhistory.dat Object is locked skipped
C:\Users\Corsair\AppData\Roaming\Mozilla\Firefox\Profiles\rjavvk8u.default\history.dat Object is locked skipped
C:\Users\Corsair\AppData\Roaming\Mozilla\Firefox\Profiles\rjavvk8u.default\key3.db Object is locked skipped
C:\Users\Corsair\AppData\Roaming\Mozilla\Firefox\Profiles\rjavvk8u.default\parent.lock Object is locked skipped
C:\Users\Corsair\AppData\Roaming\Mozilla\Firefox\Profiles\rjavvk8u.default\search.sqlite Object is locked skipped
C:\Users\Corsair\AppData\Roaming\Mozilla\Firefox\Profiles\rjavvk8u.default\urlclassifier2.sqlite Object is locked skipped
C:\Users\Corsair\NTUSER.DAT Object is locked skipped
C:\Users\Corsair\ntuser.dat.LOG1 Object is locked skipped
C:\Users\Corsair\ntuser.dat.LOG2 Object is locked skipped
C:\Users\Corsair\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf Object is locked skipped
C:\Users\Corsair\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped
C:\Users\Corsair\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped
C:\Windows\Debug\PASSWD.LOG Object is locked skipped
C:\Windows\Debug\sam.log Object is locked skipped
C:\Windows\Debug\WIA\wiatrace.log Object is locked skipped
C:\Windows\fuckin-around.zip/fuckin-around.jpeg-www.imageshack.com Infected: Backdoor.Win32.IRCBot.aix skipped
C:\Windows\fuckin-around.zip ZIP: infected - 1 skipped
C:\Windows\img122.zip/img122.jpeg-www.imageshack.com Infected: Backdoor.Win32.IRCBot.aix skipped
C:\Windows\img122.zip ZIP: infected - 1 skipped
C:\Windows\img4851.zip/img4851.jpg-www.myspace.com Infected: Backdoor.Win32.IRCBot.aix skipped
C:\Windows\img4851.zip ZIP: infected - 1 skipped
C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat Object is locked skipped
C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat Object is locked skipped
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WindowsUpdate.log Object is locked skipped
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT Object is locked skipped
C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1 Object is locked skipped
C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG2 Object is locked skipped
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT{3a539869-6a70-11db-887c-d362bd253390}.TM.blf Object is locked skipped
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT{3a539869-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT{3a539869-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT Object is locked skipped
C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1 Object is locked skipped
C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG2 Object is locked skipped
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT{3a539865-6a70-11db-887c-d362bd253390}.TM.blf Object is locked skipped
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT{3a539865-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT{3a539865-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped
C:\Windows\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 Object is locked skipped
C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 Object is locked skipped
C:\Windows\System32\catroot2\edb.log Object is locked skipped
C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb Object is locked skipped
C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb Object is locked skipped
C:\Windows\System32\config\COMPONENTS Object is locked skipped
C:\Windows\System32\config\COMPONENTS.LOG1 Object is locked skipped
C:\Windows\System32\config\COMPONENTS.LOG2 Object is locked skipped
C:\Windows\System32\config\DEFAULT Object is locked skipped
C:\Windows\System32\config\DEFAULT.LOG1 Object is locked skipped
C:\Windows\System32\config\DEFAULT.LOG2 Object is locked skipped
C:\Windows\System32\config\RegBack\COMPONENTS Object is locked skipped
C:\Windows\System32\config\RegBack\DEFAULT Object is locked skipped
C:\Windows\System32\config\RegBack\SAM Object is locked skipped
C:\Windows\System32\config\RegBack\SECURITY Object is locked skipped
C:\Windows\System32\config\RegBack\SOFTWARE Object is locked skipped
C:\Windows\System32\config\RegBack\SYSTEM Object is locked skipped
C:\Windows\System32\config\SAM Object is locked skipped
C:\Windows\System32\config\SAM.LOG1 Object is locked skipped
C:\Windows\System32\config\SAM.LOG2 Object is locked skipped
C:\Windows\System32\config\SECURITY Object is locked skipped
C:\Windows\System32\config\SECURITY.LOG1 Object is locked skipped
C:\Windows\System32\config\SECURITY.LOG2 Object is locked skipped
C:\Windows\System32\config\SOFTWARE Object is locked skipped
C:\Windows\System32\config\SOFTWARE.LOG1 Object is locked skipped
C:\Windows\System32\config\SOFTWARE.LOG2 Object is locked skipped
C:\Windows\System32\config\SYSTEM Object is locked skipped
C:\Windows\System32\config\SYSTEM.LOG1 Object is locked skipped
C:\Windows\System32\config\SYSTEM.LOG2 Object is locked skipped
C:\Windows\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.0.regtrans-ms Object is locked skipped
C:\Windows\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.1.regtrans-ms Object is locked skipped
C:\Windows\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.2.regtrans-ms Object is locked skipped
C:\Windows\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.blf Object is locked skipped
C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TM.blf Object is locked skipped
C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped
C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped
C:\Windows\System32\drivers\sptd.sys Object is locked skipped
C:\Windows\System32\Ikeext.etl Object is locked skipped
C:\Windows\System32\LogFiles\Scm\SCM.EVM Object is locked skipped
C:\Windows\System32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped
C:\Windows\System32\Msdtc\KtmRmTm.blf Object is locked skipped
C:\Windows\System32\Msdtc\KtmRmTmContainer00000000000000000001 Object is locked skipped
C:\Windows\System32\Msdtc\KtmRmTmContainer00000000000000000002 Object is locked skipped
C:\Windows\System32\spool\SpoolerETW.etl Object is locked skipped
C:\Windows\System32\wbem\Logs\WMITracing.log Object is locked skipped
C:\Windows\System32\wbem\Repository\INDEX.BTR Object is locked skipped
C:\Windows\System32\wbem\Repository\MAPPING1.MAP Object is locked skipped
C:\Windows\System32\wbem\Repository\MAPPING2.MAP Object is locked skipped
C:\Windows\System32\wbem\Repository\OBJECTS.DATA Object is locked skipped
C:\Windows\System32\WDI\LogFiles\WdiContextLog.etl.002 Object is locked skipped
C:\Windows\System32\wfp\wfpdiag.etl Object is locked skipped
C:\Windows\System32\winevt\Logs\Application.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\DFS Replication.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\HardwareEvents.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Internet Explorer.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Key Management Service.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Media Center.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Bits-Client%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-CodeIntegrity%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-DPS%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnostics-Performance%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-DriverFrameworks-UserMode%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-GroupPolicy%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-International%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-WHEA.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-NetworkAccessProtection%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReadyBoost%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReliabilityAnalysisComponent%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Detector%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Resolver%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Leak-Diagnostic%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-RestartManager%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-TaskScheduler%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-WindowsUpdateClient%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-WLAN-AutoConfig%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\ODiag.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\OSession.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Security.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\System.evtx Object is locked skipped
C:\Windows\Tasks\SCHEDLGU.TXT Object is locked skipped
C:\Windows\tracing\BAP.LOG Object is locked skipped
C:\Windows\tracing\IpHlpSvc.LOG Object is locked skipped
C:\Windows\tracing\kerberos\CORSAIR_kerberos_1_6_0_6000_0_0__300_6_0_6000_16386__vista_rtm_061101_2205_.etl Object is locked skipped
C:\Windows\tracing\KMDDSP.LOG Object is locked skipped
C:\Windows\tracing\NDPTSP.LOG Object is locked skipped
C:\Windows\tracing\PPP.LOG Object is locked skipped
C:\Windows\tracing\RASAPI32.LOG Object is locked skipped
C:\Windows\tracing\RASBACP.LOG Object is locked skipped
C:\Windows\tracing\RASCCP.LOG Object is locked skipped
C:\Windows\tracing\RASDLG.LOG Object is locked skipped
C:\Windows\tracing\RASEAP.LOG Object is locked skipped
C:\Windows\tracing\RASIPCP.LOG Object is locked skipped
C:\Windows\tracing\RASIPHLP.LOG Object is locked skipped
C:\Windows\tracing\RASIPV6CP.LOG Object is locked skipped
C:\Windows\tracing\RASMAN.LOG Object is locked skipped
C:\Windows\tracing\RASPAP.LOG Object is locked skipped
C:\Windows\tracing\RASQEC.LOG Object is locked skipped
C:\Windows\tracing\RASTAPI.LOG Object is locked skipped
C:\Windows\tracing\svchost_RASCHAP.LOG Object is locked skipped
C:\Windows\tracing\svchost_RASTLS.LOG Object is locked skipped
C:\Windows\tracing\tapi32.LOG Object is locked skipped
C:\Windows\tracing\tapisrv.LOG Object is locked skipped
C:\Windows\WindowsUpdate.log Object is locked skipped
C:\Windows\winfp.exe Infected: Backdoor.Win32.IRCBot.aix skipped
D:\Flavio\26-aprile-2007\programmi\Utility Flavio\BearShareV6.exe/WISE0044.BIN/stream/data0005 Infected: not-a-virus:AdWare.Win32.Mostofate.aa skipped
D:\Flavio\26-aprile-2007\programmi\Utility Flavio\BearShareV6.exe/WISE0044.BIN/stream Infected: not-a-virus:AdWare.Win32.Mostofate.aa skipped
D:\Flavio\26-aprile-2007\programmi\Utility Flavio\BearShareV6.exe/WISE0044.BIN Infected: not-a-virus:AdWare.Win32.Mostofate.aa skipped
D:\Flavio\26-aprile-2007\programmi\Utility Flavio\BearShareV6.exe WiseSFX: infected - 3 skipped
D:\Flavio\26-aprile-2007\programmi\Utility Flavio\BearShareV6.exe WiseSFX Dropper: infected - 3 skipped
D:\Flavio\26-aprile-2007\programmi\Utility Flavio\Nero 7.8.5.0 Multlenguage\Nero-7.8.5.0_all_trial.exe/Toolbar.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
D:\Flavio\26-aprile-2007\programmi\Utility Flavio\Nero 7.8.5.0 Multlenguage\Nero-7.8.5.0_all_trial.exe RAR: infected - 1 skipped

Scan process completed.

grazie ancora ..... è bello che sulla rete c'è qualcuno disposto ad aiutarti..... :P
Avatar utente
Corsair
Utente Senior
 
Post: 180
Iscritto il: 18/01/07 10:40

Postdi Corsair » 03/10/07 15:24

ah ah!!!! ho appena dato uno sguardo ai risultati ... ed oltre ad altri file ho trovato nella cartelle windows, il benedetto (si fa per dire) fucking around...
cosa posso fare per eliminarlo?...
basta semplicemente cestinarlo?
e degli altri file che mi riconosce come virus?
che faccio?
Avatar utente
Corsair
Utente Senior
 
Post: 180
Iscritto il: 18/01/07 10:40

Postdi Luke57 » 03/10/07 18:06

Ciao, prova a eliminarli.
Luke57
Moderatore
 
Post: 6410
Iscritto il: 11/08/05 19:10

Postdi Corsair » 03/10/07 21:30

:D ok
perfetto grazie mille.....
credo di aver risoltoil problema.........
viva il forum di pc-facile....
grazie mille a tutti i moderatori , mi siete stati utili in mille occasioni
se nn fossi etero vi direi VI AMO::::
:eeh:
Avatar utente
Corsair
Utente Senior
 
Post: 180
Iscritto il: 18/01/07 10:40


Torna a Sicurezza e Privacy


Topic correlati a "virus msn fucking-around!!! aiuto.....":


Chi c’è in linea

Visitano il forum: Nessuno e 2 ospiti