Ho riscontrato problemi simili a Dreamer83 e Newbie ("non valido per win32").
Ho provveduto a scansionare il PC con Kaspersky (report che accludo), ma non sono in grado di derivarne le directory, i files, le chiavi sulle quali intervenire e come intervenire.
Prima di usare Avenger ecc. ecc. gradirei sapere cosa fare.
Grazie
KASPERSKY ONLINE SCANNER REPORT
Friday, March 14, 2008 2:46:23 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 13/03/2008
Kaspersky Anti-Virus database records: 627505
Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
A:\
C:\
D:\
E:\
F:\
Scan Statistics
Total number of scanned objects 126602
Number of viruses found 11
Number of infected objects 33
Number of suspicious objects 0
Duration of the scan process 23:05:38
Infected Object Name Virus Name Last Action
C:\Documents and Settings\Administrator\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\Impostazioni locali\Cronologia\History.IE5\MSHist012008031320080314\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Administrator\Impostazioni locali\Temp\hpotdd001.log Object is locked skipped
C:\Documents and Settings\Administrator\Impostazioni locali\Temp\~DF96FB.tmp Object is locked skipped
C:\Documents and Settings\Administrator\Impostazioni locali\Temp\~DF9708.tmp Object is locked skipped
C:\Documents and Settings\Administrator\Impostazioni locali\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\Administrator\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\ntuser.dat Object is locked skipped
C:\Documents and Settings\Administrator\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Administrator\UserData\index.dat Object is locked skipped
C:\Documents and Settings\All Users\Dati applicazioni\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Dati applicazioni\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Dati applicazioni\Microsoft\Windows NT\MSFax\ActivityLog\InboxLOG.txt Object is locked skipped
C:\Documents and Settings\All Users\Dati applicazioni\Microsoft\Windows NT\MSFax\ActivityLog\OutboxLOG.txt Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Programmi\Hewlett-Packard\Digital Imaging\HPIdeas\common\content.dll Object is locked skipped
C:\Programmi\IncrediMail\bin\IncrediMail_Install.exe Infected: not-a-virus:Downloader.Win32.ImLoader.e skipped
C:\Programmi\TopSearch\ls_update.exe/stream/data0002 Infected: not-a-virus:AdWare.Win32.TopSearch.a skipped
C:\Programmi\TopSearch\ls_update.exe/stream Infected: not-a-virus:AdWare.Win32.TopSearch.a skipped
C:\Programmi\TopSearch\ls_update.exe NSIS: infected - 2 skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{357FAD77-0E54-4266-8DDF-F130D2FAF211}\RP1\A0000127.sys Infected: Trojan-Downloader.Win32.Bagle.kh skipped
C:\System Volume Information\_restore{357FAD77-0E54-4266-8DDF-F130D2FAF211}\RP1\A0000944.sys Infected: Trojan-Downloader.Win32.Bagle.kh skipped
C:\System Volume Information\_restore{357FAD77-0E54-4266-8DDF-F130D2FAF211}\RP1\A0001061.sys Infected: Trojan-Downloader.Win32.Bagle.kh skipped
C:\System Volume Information\_restore{357FAD77-0E54-4266-8DDF-F130D2FAF211}\RP1\A0001079.sys Infected: Trojan-Downloader.Win32.Bagle.kh skipped
C:\System Volume Information\_restore{357FAD77-0E54-4266-8DDF-F130D2FAF211}\RP2\A0001100.sys Infected: Trojan-Downloader.Win32.Bagle.kh skipped
C:\System Volume Information\_restore{357FAD77-0E54-4266-8DDF-F130D2FAF211}\RP2\A0001106.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{357FAD77-0E54-4266-8DDF-F130D2FAF211}\RP2\A0001221.sys Infected: Trojan-Downloader.Win32.Bagle.kh skipped
C:\System Volume Information\_restore{357FAD77-0E54-4266-8DDF-F130D2FAF211}\RP3\A0001257.sys Infected: Trojan-Downloader.Win32.Bagle.kh skipped
C:\System Volume Information\_restore{357FAD77-0E54-4266-8DDF-F130D2FAF211}\RP3\A0001401.exe Infected: Trojan.Win32.Agent.ftz skipped
C:\System Volume Information\_restore{357FAD77-0E54-4266-8DDF-F130D2FAF211}\RP3\A0001402.exe Infected: P2P-Worm.Win32.Archivarius.a skipped
C:\System Volume Information\_restore{357FAD77-0E54-4266-8DDF-F130D2FAF211}\RP4\A0001557.sys Infected: Trojan-Downloader.Win32.Bagle.kh skipped
C:\System Volume Information\_restore{357FAD77-0E54-4266-8DDF-F130D2FAF211}\RP4\A0001558.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{357FAD77-0E54-4266-8DDF-F130D2FAF211}\RP4\A0001559.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{357FAD77-0E54-4266-8DDF-F130D2FAF211}\RP4\A0001561.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{357FAD77-0E54-4266-8DDF-F130D2FAF211}\RP6\A0001781.exe Infected: not-a-virus:FraudTool.Win32.AdvancedCleaner.a skipped
C:\System Volume Information\_restore{357FAD77-0E54-4266-8DDF-F130D2FAF211}\RP7\A0001802.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{357FAD77-0E54-4266-8DDF-F130D2FAF211}\RP8\A0002024.sys Infected: Trojan-Downloader.Win32.Bagle.kh skipped
C:\System Volume Information\_restore{357FAD77-0E54-4266-8DDF-F130D2FAF211}\RP8\A0002026.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{357FAD77-0E54-4266-8DDF-F130D2FAF211}\RP8\A0002027.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{357FAD77-0E54-4266-8DDF-F130D2FAF211}\RP8\A0002028.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{357FAD77-0E54-4266-8DDF-F130D2FAF211}\RP8\A0002042.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{357FAD77-0E54-4266-8DDF-F130D2FAF211}\RP8\change.log Object is locked skipped
C:\WINDOWS\$Aggiornamenti\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe Object is locked skipped
C:\WINDOWS\$Aggiornamenti\$NtServicePackUninstall$\ntoskrnl.exe Object is locked skipped
C:\WINDOWS\$Aggiornamenti\$NtUninstallKB890859$\ntoskrnl.exe Object is locked skipped
C:\WINDOWS\$hf_mig$\KB929338\SP2QFE\ntoskrnl.exe Object is locked skipped
C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntoskrnl.exe Object is locked skipped
C:\WINDOWS\$NtUninstallKB929338$\ntoskrnl.exe Object is locked skipped
C:\WINDOWS\$NtUninstallKB931784$\ntoskrnl.exe Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\Driver Cache\i386\ntoskrnl.exe Object is locked skipped
C:\WINDOWS\ModemLog_SoftK56 Data Fax Voice Speakerphone CARP.txt Object is locked skipped
C:\WINDOWS\ServicePackFiles\i386\ntoskrnl.exe Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\mdelk.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\WINDOWS\system32\nsinet.exe Infected: not-a-virus:Porn-Dialer.Win32.InstantAccess.be skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
D:\RECYCLER\S-1-5-21-1409082233-362288127-839522115-500\Dd1: Live In the Uk (2008).rar:$DATA/Installer-Crack-Keygen.exe Infected: P2P-Worm.Win32.Archivarius.a skipped
D:\RECYCLER\S-1-5-21-1409082233-362288127-839522115-500\Dd1: Live In the Uk (2008).rar:$DATA CAB: infected - 1 skipped
D:\RECYCLER\S-1-5-21-1409082233-362288127-839522115-500\Dd17.exe Infected: not-a-virus:Downloader.Win32.Keylogger.a skipped
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
D:\System Volume Information\_restore{357FAD77-0E54-4266-8DDF-F130D2FAF211}\RP3\A0001405.exe Infected: Trojan-Downloader.Win32.Bagle.jh skipped
D:\System Volume Information\_restore{357FAD77-0E54-4266-8DDF-F130D2FAF211}\RP3\A0001406.exe Infected: Trojan-Downloader.Win32.Bagle.jh skipped
D:\System Volume Information\_restore{357FAD77-0E54-4266-8DDF-F130D2FAF211}\RP8\change.log Object is locked skipped
F:\Knight.exe Infected: Worm.Win32.AutoRun.aul skipped
Scan process completed.
Registrazione
