| Precedente :: Successivo |
| Autore |
Messaggio |
laphytia
Eroe
Registrato: 07/06/07 09:50
Messaggi: 49
|
 Inviato: 19 Ott 2007 10:15 Oggetto: |
 |
|
ce l'ho fatta bdoriano!!!!
questo è il link
19_10_2007_10_05_report.zip
ho sudato 7 camicie, sopratutto quando, dopo aver eliminato explorer.exe, sono sparite tutte le icone dal desktop e la barra applicazioni!
cmq alla fine è partito anche sys....
spero di ricevere buone nuove!!!! |
|
| Top |
|
 |
bdoriano
Amministratore
Registrato: 02/04/07 12:05
Messaggi: 14391
Residenza: 3° pianeta del sistema solare...
|
| Inviato: 19 Ott 2007 11:00 Oggetto: |
|
|
| laphytia ha scritto: | | ce l'ho fatta bdoriano!!!! |
Brava! 
| laphytia ha scritto: | | ho sudato 7 camicie, sopratutto quando, dopo aver eliminato explorer.exe, sono sparite tutte le icone dal desktop e la barra applicazioni! |
Ops! 
Scusa, mi sono dimenticato di dirti che sarebbe successo appena terminavi il processo explorer.exe. 
Adesso mi leggo il log e poi di faccio sapere.  |
|
| Top |
|
|
bdoriano
Amministratore
Registrato: 02/04/07 12:05
Messaggi: 14391
Residenza: 3° pianeta del sistema solare...
|
| Inviato: 19 Ott 2007 11:05 Oggetto: |
|
|
Nel frattempo, scarica anche ATF-Cleaner.
Avvia ATF-Cleaner
Metti il segno di spunta a Select All
(se vuoi conservare i files del cestino, togli il segno di spunta a Recycle bin)
Clicca su Empty selected
Così cominciamo a eliminare i files temporanei.  |
|
| Top |
|
|
bdoriano
Amministratore
Registrato: 02/04/07 12:05
Messaggi: 14391
Residenza: 3° pianeta del sistema solare...
|
| Inviato: 19 Ott 2007 11:23 Oggetto: |
|
|
Scarica Avenger e scompattalo in una sua cartella non temporanea e non sul desktop
Apri il notepad, e copia/incolla questo codice:
| Citazione: | Windows Registry Editor Version 5.00
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\Kgykg] |
poi salva il file col nome di fix.reg in C:\ (IMPORTANTE!)
Avvia AVENGER
Clicca su input script manually
Clicca sulla lente d'ingrandimento
Inserisci queste righe:
| Citazione: | Registry keys to delete:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\Kgykg
Files to delete:
c:\windows\tasks\uusb.job
c:\windows\tasks\ozmtk.job
c:\windows\tasks\eixgljfl.job
c:\windows\tasks\skxf.job
c:\windows\tasks\xoi.job
c:\windows\tasks\wmsgwvxb.job
c:\windows\tasks\sqk.job
c:\windows\tasks\pndp.job
c:\windows\tasks\gqypawt.job
c:\windows\tasks\qytta.job
c:\windows\tasks\sai.job
c:\windows\tasks\bguutfj.job
c:\windows\tasks\wbk.job
c:\windows\tasks\qti.job
c:\windows\tasks\wfgji.job
c:\windows\tasks\yfpz.job
c:\windows\tasks\ptjbpf.job
c:\windows\tasks\kzxhwbbq.job
c:\windows\tasks\puvlui.job
c:\windows\tasks\eamulyw.job
c:\windows\tasks\wrodb.job
c:\windows\tasks\oow.job
c:\windows\tasks\fbwuhj.job
c:\windows\tasks\nbioqw.job
c:\windows\tasks\ynfrub.job
c:\windows\tasks\iuma.job
c:\windows\tasks\tyu.job
c:\windows\tasks\kxfmanqv.job
c:\windows\tasks\kmao.job
c:\windows\tasks\wdp.job
c:\windows\tasks\ntw.job
c:\windows\tasks\eugopecf.job
c:\windows\tasks\cel.job
c:\windows\tasks\uew.job
c:\windows\tasks\gthqzez.job
c:\windows\tasks\swgfaykn.job
c:\windows\tasks\hmqzh.job
c:\windows\tasks\bzrblgf.job
c:\windows\tasks\lmehm.job
c:\windows\tasks\zocg.job
c:\windows\tasks\ffka.job
c:\windows\tasks\neymrtv.job
c:\windows\tasks\thr.job
c:\windows\tasks\dgrawzr.job
c:\windows\tasks\zjyv.job
c:\windows\tasks\ekcl.job
c:\windows\tasks\hnuhfe.job
c:\windows\tasks\ddzwhta.job
c:\windows\tasks\jzytd.job
c:\windows\tasks\iku.job
c:\windows\tasks\tcwx.job
c:\windows\tasks\jjka.job
c:\windows\tasks\zbcjmhs.job
c:\windows\tasks\kxhkmkmy.job
c:\windows\tasks\oxbimp.job
c:\windows\tasks\qzbcn.job
c:\windows\tasks\dxwat.job
c:\windows\tasks\orbv.job
c:\windows\tasks\myuara.job
c:\windows\tasks\mbitq.job
c:\windows\tasks\mbbdh.job
c:\windows\tasks\tvvfzkz.job
c:\windows\tasks\bwic.job
c:\windows\tasks\yfcdiw.job
c:\windows\tasks\okkprno.job
c:\windows\tasks\qbcuvnbf.job
c:\windows\tasks\wvirre.job
c:\windows\tasks\asbqf.job
c:\windows\tasks\mcqsbmar.job
c:\windows\tasks\kdhywd.job
c:\windows\tasks\ihzof.job
c:\windows\tasks\bae.job
c:\windows\tasks\eygp.job
c:\windows\tasks\xbmpmzfv.job
c:\windows\tasks\lfknrxb.job
c:\windows\tasks\cspx.job
c:\windows\tasks\zgsh.job
c:\windows\tasks\lxypkqv.job
c:\windows\tasks\rnkymyu.job
c:\windows\tasks\qefccpy.job
c:\windows\tasks\hsd.job
c:\windows\tasks\rzm.job
c:\windows\tasks\bvdg.job
c:\windows\tasks\ctlljye.job
c:\windows\tasks\rppekmdv.job
c:\windows\tasks\zeyuoihd.job
c:\windows\tasks\vkf.job
c:\windows\tasks\ptssxfza.job
c:\windows\tasks\qrcdepyv.job
c:\windows\tasks\oxme.job
c:\windows\tasks\sothz.job
c:\windows\tasks\fbjlepco.job
c:\windows\tasks\kkgcmk.job
c:\windows\tasks\dle.job
c:\windows\tasks\pfheldpb.job
c:\windows\tasks\dvly.job
c:\windows\tasks\ooe.job
c:\windows\tasks\dsai.job
c:\windows\tasks\kfdzuz.job
c:\windows\tasks\ytck.job
c:\windows\tasks\ona.job
c:\windows\tasks\obi.job
c:\windows\tasks\sglwjwpb.job
c:\windows\tasks\ruholw.job
c:\windows\tasks\waje.job
c:\windows\tasks\teht.job
c:\windows\tasks\rgxmfch.job
c:\windows\tasks\vzshck.job
c:\windows\tasks\wwghqo.job
c:\windows\tasks\xsjwt.job
c:\windows\tasks\hfw.job
c:\windows\tasks\lng.job
c:\windows\tasks\kxqaot.job
c:\windows\tasks\dgib.job
c:\windows\tasks\faifyk.job
c:\windows\tasks\ghitob.job
c:\windows\tasks\ife.job
c:\windows\tasks\tmhiwek.job
c:\windows\tasks\ofkptvuc.job
c:\windows\tasks\duqpvf.job
c:\windows\tasks\ndl.job
c:\windows\tasks\znua.job
c:\windows\tasks\uhury.job
c:\windows\tasks\tqdplwt.job
c:\windows\tasks\exbrvf.job
c:\windows\tasks\vmom.job
c:\windows\tasks\dkusfll.job
c:\windows\tasks\wiws.job
c:\windows\tasks\kndvy.job
c:\windows\tasks\mxdxhydu.job
c:\windows\tasks\ysq.job
c:\windows\tasks\yrrpaw.job
c:\windows\tasks\pvwfwaid.job
c:\windows\tasks\aeehtc.job
c:\windows\tasks\dkm.job
c:\windows\tasks\orostus.job
c:\windows\tasks\gmkjtk.job
c:\windows\tasks\ochyj.job
c:\windows\tasks\iwqkacfe.job
c:\windows\tasks\umky.job
c:\windows\tasks\exnuwc.job
c:\windows\tasks\iyh.job
c:\windows\tasks\wpb.job
c:\windows\tasks\gpwdhup.job
c:\windows\tasks\lbvsclu.job
c:\windows\tasks\zlnaxmy.job
c:\windows\tasks\uig.job
c:\windows\tasks\iild.job
c:\windows\tasks\enmmgdk.job
c:\windows\tasks\vmiw.job
c:\windows\tasks\rknsjl.job
c:\windows\tasks\wznlko.job
c:\windows\tasks\puszdkn.job
c:\windows\tasks\vsp.job
c:\windows\tasks\kxah.job
c:\windows\tasks\qwockj.job
c:\windows\tasks\svlyp.job
c:\windows\tasks\ibx.job
c:\windows\tasks\emike.job
c:\windows\tasks\ymnofihc.job
c:\windows\tasks\hpn.job
c:\windows\tasks\rky.job
c:\windows\tasks\qxpb.job
c:\windows\tasks\uyrjr.job
c:\windows\tasks\whbqugdc.job
c:\windows\tasks\wodzla.job
c:\windows\tasks\hbpf.job
c:\windows\tasks\kqxmfr.job
c:\windows\tasks\nvv.job
c:\windows\tasks\pnkd.job
c:\windows\tasks\rwxqandx.job
c:\windows\tasks\mtfvyj.job
c:\windows\tasks\wjxgpqbg.job
c:\windows\tasks\fwzm.job
c:\windows\tasks\njw.job
c:\windows\tasks\bnenwcyn.job
c:\windows\tasks\ahj.job
c:\windows\tasks\ipmrupn.job
c:\windows\tasks\zcmfjls.job
c:\windows\tasks\etb.job
c:\windows\tasks\lijeyt.job
c:\windows\tasks\whto.job
c:\windows\tasks\getsrtl.job
c:\windows\tasks\sdmta.job
c:\windows\tasks\ayasl.job
c:\windows\tasks\xlxuswos.job
c:\windows\tasks\gfdvqdu.job
c:\windows\tasks\cqjamvo.job
c:\windows\tasks\zammkwh.job
c:\windows\tasks\etceo.job
c:\windows\tasks\bliecyrj.job
c:\windows\tasks\mhl.job
c:\windows\tasks\kxzo.job
c:\windows\tasks\utcbt.job
c:\windows\tasks\dopp.job
c:\windows\tasks\qvhsnxj.job
c:\windows\tasks\lvj.job
c:\windows\tasks\rou.job
c:\windows\tasks\vbcjwye.job
c:\windows\tasks\xmvcp.job
c:\windows\tasks\kcydv.job
c:\windows\tasks\imvh.job
c:\windows\tasks\jolk.job
c:\windows\tasks\sia.job
c:\windows\tasks\rdfpz.job
c:\windows\tasks\gjvr.job
c:\windows\tasks\zfnn.job
c:\windows\tasks\hwnv.job
c:\windows\tasks\fpcpbdwq.job
c:\windows\tasks\jrxffip.job
c:\windows\tasks\vrzfaxu.job
c:\windows\tasks\yhnzk.job
c:\windows\tasks\jyxurb.job
c:\windows\tasks\giexxkg.job
c:\windows\tasks\pzp.job
c:\windows\tasks\gnhgi.job
c:\windows\tasks\evvh.job
c:\windows\tasks\szdn.job
c:\windows\tasks\ymsgem.job
c:\windows\tasks\zoo.job
c:\windows\tasks\abtmp.job
c:\windows\tasks\qacb.job
c:\windows\tasks\wdlla.job
c:\windows\tasks\xmnxsokk.job
c:\windows\tasks\vlglllrb.job
c:\windows\tasks\yjvg.job
c:\windows\tasks\kidz.job
c:\windows\tasks\ysp.job
c:\windows\tasks\uqbgumio.job
c:\windows\tasks\fsparcpz.job
c:\windows\tasks\ytpcab.job
c:\windows\tasks\icfxo.job
c:\windows\tasks\ybkyhg.job
c:\windows\tasks\lrxcnft.job
c:\windows\tasks\twdylok.job
c:\windows\tasks\dbzptswb.job
c:\windows\tasks\pirt.job
c:\windows\tasks\upqwjbuq.job
c:\windows\tasks\iiegsjar.job
c:\windows\tasks\gpaatq.job
c:\windows\tasks\mecm.job
c:\windows\tasks\rgt.job
c:\windows\tasks\idzkw.job
c:\windows\tasks\agpu.job
c:\windows\tasks\san.job
c:\windows\tasks\iojxmhxn.job
c:\windows\tasks\qpn.job
c:\windows\tasks\yzcyf.job
c:\windows\tasks\mqjnstj.job
c:\windows\tasks\ltk.job
c:\windows\tasks\yokrrr.job
c:\windows\tasks\agndhfds.job
c:\windows\tasks\tiljy.job
c:\windows\tasks\yarmrqa.job
c:\windows\tasks\slwwlniy.job
c:\windows\tasks\twshxe.job
c:\windows\tasks\qgiqmk.job
c:\windows\tasks\sziawlm.job
c:\windows\tasks\reg.job
c:\windows\tasks\famjc.job
c:\windows\tasks\kqj.job
c:\windows\tasks\unrjn.job
c:\windows\tasks\jfzqoc.job
c:\windows\tasks\wnuk.job
c:\windows\tasks\fwb.job
c:\windows\tasks\vroszu.job
c:\windows\tasks\vywqlkj.job
c:\windows\tasks\wlxtxpj.job
c:\windows\tasks\bqmyv.job
c:\windows\tasks\zlkdfiz.job
c:\windows\tasks\hkczyu.job
c:\windows\tasks\osghwmkc.job
c:\windows\tasks\fvkwmssv.job
c:\windows\tasks\eukoyr.job
c:\windows\tasks\hvopck.job
c:\windows\tasks\xkaj.job
c:\windows\tasks\nuauuuqk.job
c:\windows\tasks\ygh.job
c:\windows\tasks\qem.job
c:\windows\tasks\wnme.job
c:\windows\tasks\fcrxtlo.job
c:\windows\tasks\cogk.job
c:\windows\tasks\dhs.job
c:\windows\tasks\ynzyn.job
c:\windows\tasks\xpkczmtc.job
c:\windows\tasks\rbgvsr.job
c:\windows\tasks\hvvupr.job
c:\windows\tasks\gvog.job
c:\windows\tasks\uxjvdww.job
c:\windows\tasks\xjtz.job
c:\windows\tasks\fwcqilqw.job
c:\windows\tasks\akbi.job
c:\windows\tasks\xwxjm.job
c:\windows\tasks\yhvjrwow.job
c:\windows\tasks\szyy.job
c:\windows\tasks\lic.job
c:\windows\tasks\hizpfx.job
c:\windows\tasks\uamcow.job
c:\windows\tasks\ojdpza.job
c:\windows\tasks\ziykz.job
c:\windows\tasks\udumj.job
c:\windows\tasks\alk.job
c:\windows\tasks\ftsdk.job
c:\windows\tasks\hcqbo.job
c:\windows\tasks\bkhntorr.job
c:\windows\tasks\oipgnq.job
c:\windows\tasks\lsidn.job
c:\windows\tasks\qthjbww.job
c:\windows\tasks\fmqotq.job
c:\windows\tasks\ymc.job
c:\windows\tasks\fbulgzhq.job
c:\windows\tasks\leki.job
c:\windows\tasks\khkynfa.job
c:\windows\tasks\mczgjxhh.job
c:\windows\tasks\zbhsi.job
c:\windows\tasks\iubzdbzs.job
c:\windows\tasks\ceqt.job
c:\windows\tasks\ewxy.job
c:\windows\tasks\kie.job
c:\windows\tasks\hub.job
c:\windows\tasks\gqnzqkee.job
c:\windows\tasks\nrlq.job
c:\windows\tasks\uwt.job
c:\windows\tasks\vrgiyv.job
c:\windows\tasks\oolekfv.job
c:\windows\tasks\jcchw.job
C:\windows\winxdahw.exe
C:\windows\system32\winxdahw.exe
Programs to launch on reboot:
C:\fix.reg |
Clicca su Done
Clicca sul semaforo
Il pc dovrebbe riavviarsi, se così non fosse, riavvialo tu.
Al termine dell'operazione, posta qui il risultato.
dopo collegati a Kaspersky on-line scanner e fai la scansione estesa, come indicato qui.
Salva il risultato della scansione in un file (in formato HTML), carica il file su Freefilehosting e posta qui il link che ti viene assegnato. |
|
| Top |
|
|
laphytia
Eroe
Registrato: 07/06/07 09:50
Messaggi: 49
|
| Inviato: 19 Ott 2007 11:48 Oggetto: |
|
|
dunque, prima di fare danni irreparabili, preferisco chiederti alcune delucidazioni.
1)anche la procedura per kaspersky prevede lo spegnimento dell'antivirus. AVG io l'ho disinserito in questa maniera: tasto dxsull'icona vicino all'orologio e selezionato "quite avg control center" . va bene?
2) ho rimosso quite counter, quel programmino per smettere di fumare, ma ogni volta che riavvio il pc si apre una finestrella "errore" che recita "list index out of bounds(0)" e poi si apre la schermata iniziale del programa. Io non sono un'esperta, ovviamente, ma sul pannello di controllo, in rimozione, non vi è piu traccia di questo cavolo di programma, non capisco perchè continui a venire fuori roba sua.
3) al riavvio dopo avenger, si è aperto il blocco note e diceva che mancava qualche file, poi si è aperta una finestrella che diceva che il file avenger.txt mancava e se volevo modificarlo o farlo, non ricordo.
qualcosa è andato storto? |
|
| Top |
|
|
bdoriano
Amministratore
Registrato: 02/04/07 12:05
Messaggi: 14391
Residenza: 3° pianeta del sistema solare...
|
| Inviato: 19 Ott 2007 11:57 Oggetto: |
|
|
| laphytia ha scritto: | dunque, prima di fare danni irreparabili, preferisco chiederti alcune delucidazioni.
1)anche la procedura per kaspersky prevede lo spegnimento dell'antivirus. AVG io l'ho disinserito in questa maniera: tasto dxsull'icona vicino all'orologio e selezionato "quite avg control center" . va bene? |
Si! 
| laphytia ha scritto: | | 2) ho rimosso quite counter, quel programmino per smettere di fumare, ma ogni volta che riavvio il pc si apre una finestrella "errore" che recita "list index out of bounds(0)" e poi si apre la schermata iniziale del programa. Io non sono un'esperta, ovviamente, ma sul pannello di controllo, in rimozione, non vi è piu traccia di questo cavolo di programma, non capisco perchè continui a venire fuori roba sua. |
Questo lo ignoro, lo vedremo con il prossimo log di hijackthis.
| laphytia ha scritto: | 3) al riavvio dopo avenger, si è aperto il blocco note e diceva che mancava qualche file, poi si è aperta una finestrella che diceva che il file avenger.txt mancava e se volevo modificarlo o farlo, non ricordo.
qualcosa è andato storto? |
Per vedere se qualcosa è andato storto, verifica se esiste il file C:\Avenger\avenger.txt. Se c'è copiane qui il contenuto. |
|
| Top |
|
|
laphytia
Eroe
Registrato: 07/06/07 09:50
Messaggi: 49
|
| Inviato: 19 Ott 2007 12:16 Oggetto: |
|
|
bene, in C:/avenger c'era un file backup.zip l'ho scompattato e c'era una cartella "avenger" e dentro "backup.reg" ma se ci clicco sopra mi chiede se voglio
"aggiungere i dati contenuti in C:/avenger/avenger/backup.reg l registro?"
e io ho risposto di si
e lui: "informazioni in C:\avenger\avenger\backup.reg inserite nel registro di sistema."
ma dove lo prendo questo file per mandartelo?
io intanto procedo con kaspersky... |
|
| Top |
|
|
bdoriano
Amministratore
Registrato: 02/04/07 12:05
Messaggi: 14391
Residenza: 3° pianeta del sistema solare...
|
| Inviato: 19 Ott 2007 12:21 Oggetto: |
|
|
| laphytia ha scritto: | bene, in C:/avenger c'era un file backup.zip l'ho scompattato e c'era una cartella "avenger" e dentro "backup.reg" ma se ci clicco sopra mi chiede se voglio
"aggiungere i dati contenuti in C:/avenger/avenger/backup.reg l registro?"
e io ho risposto di si
e lui: "informazioni in C:\avenger\avenger\backup.reg inserite nel registro di sistema." |
NOOOOOOOOOOOOOOOOO!!!! 
Il file backup.zip non va toccato assolutamente!!! 
Anzi, caricalo su Freefilehosting e mandami un MP con il link che ti viene assegnato.
| laphytia ha scritto: | ma dove lo prendo questo file per mandartelo?
io intanto procedo con kaspersky... |
All'interno della cartella C:\AVENGER\ non c'è un file di testo (estensione .TXT)? |
|
| Top |
|
|
laphytia
Eroe
Registrato: 07/06/07 09:50
Messaggi: 49
|
| Inviato: 19 Ott 2007 13:24 Oggetto: |
|
|
ciao bd!
questo è il risultato di kaspersky
kasper2.html
incrocio le dita!
ciao fede |
|
| Top |
|
|
laphytia
Eroe
Registrato: 07/06/07 09:50
Messaggi: 49
|
| Inviato: 19 Ott 2007 14:13 Oggetto: |
|
|
ho fatto un nuovo log di hijackt...
hijackthis256.log
ciao |
|
| Top |
|
|
bdoriano
Amministratore
Registrato: 02/04/07 12:05
Messaggi: 14391
Residenza: 3° pianeta del sistema solare...
|
| Inviato: 19 Ott 2007 14:33 Oggetto: |
|
|
Facciamola più semplice.
Avvia AVENGER
Clicca su input script manually
Clicca sulla lente d'ingrandimento
Inserisci queste righe:
| Citazione: | Files to delete:
C:\windows\system32\winxdahw.exe
C:\Documents and Settings\Fresca\Impostazioni locali\Temp\wkzbsa.exe
C:\Programmi\Morpheus\morpheustoolbar.exe
C:\Programmi\music_it.exe
c:\windows\tasks\uusb.job
c:\windows\tasks\ozmtk.job
c:\windows\tasks\eixgljfl.job
c:\windows\tasks\skxf.job
c:\windows\tasks\xoi.job
c:\windows\tasks\wmsgwvxb.job
c:\windows\tasks\sqk.job
c:\windows\tasks\pndp.job
c:\windows\tasks\gqypawt.job
c:\windows\tasks\qytta.job
c:\windows\tasks\sai.job
c:\windows\tasks\bguutfj.job
c:\windows\tasks\wbk.job
c:\windows\tasks\qti.job
c:\windows\tasks\wfgji.job
c:\windows\tasks\yfpz.job
c:\windows\tasks\ptjbpf.job
c:\windows\tasks\kzxhwbbq.job
c:\windows\tasks\puvlui.job
c:\windows\tasks\eamulyw.job
c:\windows\tasks\wrodb.job
c:\windows\tasks\oow.job
c:\windows\tasks\fbwuhj.job
c:\windows\tasks\nbioqw.job
c:\windows\tasks\ynfrub.job
c:\windows\tasks\iuma.job
c:\windows\tasks\tyu.job
c:\windows\tasks\kxfmanqv.job
c:\windows\tasks\kmao.job
c:\windows\tasks\wdp.job
c:\windows\tasks\ntw.job
c:\windows\tasks\eugopecf.job
c:\windows\tasks\cel.job
c:\windows\tasks\uew.job
c:\windows\tasks\gthqzez.job
c:\windows\tasks\swgfaykn.job
c:\windows\tasks\hmqzh.job
c:\windows\tasks\bzrblgf.job
c:\windows\tasks\lmehm.job
c:\windows\tasks\zocg.job
c:\windows\tasks\ffka.job
c:\windows\tasks\neymrtv.job
c:\windows\tasks\thr.job
c:\windows\tasks\dgrawzr.job
c:\windows\tasks\zjyv.job
c:\windows\tasks\ekcl.job
c:\windows\tasks\hnuhfe.job
c:\windows\tasks\ddzwhta.job
c:\windows\tasks\jzytd.job
c:\windows\tasks\iku.job
c:\windows\tasks\tcwx.job
c:\windows\tasks\jjka.job
c:\windows\tasks\zbcjmhs.job
c:\windows\tasks\kxhkmkmy.job
c:\windows\tasks\oxbimp.job
c:\windows\tasks\qzbcn.job
c:\windows\tasks\dxwat.job
c:\windows\tasks\orbv.job
c:\windows\tasks\myuara.job
c:\windows\tasks\mbitq.job
c:\windows\tasks\mbbdh.job
c:\windows\tasks\tvvfzkz.job
c:\windows\tasks\bwic.job
c:\windows\tasks\yfcdiw.job
c:\windows\tasks\okkprno.job
c:\windows\tasks\qbcuvnbf.job
c:\windows\tasks\wvirre.job
c:\windows\tasks\asbqf.job
c:\windows\tasks\mcqsbmar.job
c:\windows\tasks\kdhywd.job
c:\windows\tasks\ihzof.job
c:\windows\tasks\bae.job
c:\windows\tasks\eygp.job
c:\windows\tasks\xbmpmzfv.job
c:\windows\tasks\lfknrxb.job
c:\windows\tasks\cspx.job
c:\windows\tasks\zgsh.job
c:\windows\tasks\lxypkqv.job
c:\windows\tasks\rnkymyu.job
c:\windows\tasks\qefccpy.job
c:\windows\tasks\hsd.job
c:\windows\tasks\rzm.job
c:\windows\tasks\bvdg.job
c:\windows\tasks\ctlljye.job
c:\windows\tasks\rppekmdv.job
c:\windows\tasks\zeyuoihd.job
c:\windows\tasks\vkf.job
c:\windows\tasks\ptssxfza.job
c:\windows\tasks\qrcdepyv.job
c:\windows\tasks\oxme.job
c:\windows\tasks\sothz.job
c:\windows\tasks\fbjlepco.job
c:\windows\tasks\kkgcmk.job
c:\windows\tasks\dle.job
c:\windows\tasks\pfheldpb.job
c:\windows\tasks\dvly.job
c:\windows\tasks\ooe.job
c:\windows\tasks\dsai.job
c:\windows\tasks\kfdzuz.job
c:\windows\tasks\ytck.job
c:\windows\tasks\ona.job
c:\windows\tasks\obi.job
c:\windows\tasks\sglwjwpb.job
c:\windows\tasks\ruholw.job
c:\windows\tasks\waje.job
c:\windows\tasks\teht.job
c:\windows\tasks\rgxmfch.job
c:\windows\tasks\vzshck.job
c:\windows\tasks\wwghqo.job
c:\windows\tasks\xsjwt.job
c:\windows\tasks\hfw.job
c:\windows\tasks\lng.job
c:\windows\tasks\kxqaot.job
c:\windows\tasks\dgib.job
c:\windows\tasks\faifyk.job
c:\windows\tasks\ghitob.job
c:\windows\tasks\ife.job
c:\windows\tasks\tmhiwek.job
c:\windows\tasks\ofkptvuc.job
c:\windows\tasks\duqpvf.job
c:\windows\tasks\ndl.job
c:\windows\tasks\znua.job
c:\windows\tasks\uhury.job
c:\windows\tasks\tqdplwt.job
c:\windows\tasks\exbrvf.job
c:\windows\tasks\vmom.job
c:\windows\tasks\dkusfll.job
c:\windows\tasks\wiws.job
c:\windows\tasks\kndvy.job
c:\windows\tasks\mxdxhydu.job
c:\windows\tasks\ysq.job
c:\windows\tasks\yrrpaw.job
c:\windows\tasks\pvwfwaid.job
c:\windows\tasks\aeehtc.job
c:\windows\tasks\dkm.job
c:\windows\tasks\orostus.job
c:\windows\tasks\gmkjtk.job
c:\windows\tasks\ochyj.job
c:\windows\tasks\iwqkacfe.job
c:\windows\tasks\umky.job
c:\windows\tasks\exnuwc.job
c:\windows\tasks\iyh.job
c:\windows\tasks\wpb.job
c:\windows\tasks\gpwdhup.job
c:\windows\tasks\lbvsclu.job
c:\windows\tasks\zlnaxmy.job
c:\windows\tasks\uig.job
c:\windows\tasks\iild.job
c:\windows\tasks\enmmgdk.job
c:\windows\tasks\vmiw.job
c:\windows\tasks\rknsjl.job
c:\windows\tasks\wznlko.job
c:\windows\tasks\puszdkn.job
c:\windows\tasks\vsp.job
c:\windows\tasks\kxah.job
c:\windows\tasks\qwockj.job
c:\windows\tasks\svlyp.job
c:\windows\tasks\ibx.job
c:\windows\tasks\emike.job
c:\windows\tasks\ymnofihc.job
c:\windows\tasks\hpn.job
c:\windows\tasks\rky.job
c:\windows\tasks\qxpb.job
c:\windows\tasks\uyrjr.job
c:\windows\tasks\whbqugdc.job
c:\windows\tasks\wodzla.job
c:\windows\tasks\hbpf.job
c:\windows\tasks\kqxmfr.job
c:\windows\tasks\nvv.job
c:\windows\tasks\pnkd.job
c:\windows\tasks\rwxqandx.job
c:\windows\tasks\mtfvyj.job
c:\windows\tasks\wjxgpqbg.job
c:\windows\tasks\fwzm.job
c:\windows\tasks\njw.job
c:\windows\tasks\bnenwcyn.job
c:\windows\tasks\ahj.job
c:\windows\tasks\ipmrupn.job
c:\windows\tasks\zcmfjls.job
c:\windows\tasks\etb.job
c:\windows\tasks\lijeyt.job
c:\windows\tasks\whto.job
c:\windows\tasks\getsrtl.job
c:\windows\tasks\sdmta.job
c:\windows\tasks\ayasl.job
c:\windows\tasks\xlxuswos.job
c:\windows\tasks\gfdvqdu.job
c:\windows\tasks\cqjamvo.job
c:\windows\tasks\zammkwh.job
c:\windows\tasks\etceo.job
c:\windows\tasks\bliecyrj.job
c:\windows\tasks\mhl.job
c:\windows\tasks\kxzo.job
c:\windows\tasks\utcbt.job
c:\windows\tasks\dopp.job
c:\windows\tasks\qvhsnxj.job
c:\windows\tasks\lvj.job
c:\windows\tasks\rou.job
c:\windows\tasks\vbcjwye.job
c:\windows\tasks\xmvcp.job
c:\windows\tasks\kcydv.job
c:\windows\tasks\imvh.job
c:\windows\tasks\jolk.job
c:\windows\tasks\sia.job
c:\windows\tasks\rdfpz.job
c:\windows\tasks\gjvr.job
c:\windows\tasks\zfnn.job
c:\windows\tasks\hwnv.job
c:\windows\tasks\fpcpbdwq.job
c:\windows\tasks\jrxffip.job
c:\windows\tasks\vrzfaxu.job
c:\windows\tasks\yhnzk.job
c:\windows\tasks\jyxurb.job
c:\windows\tasks\giexxkg.job
c:\windows\tasks\pzp.job
c:\windows\tasks\gnhgi.job
c:\windows\tasks\evvh.job
c:\windows\tasks\szdn.job
c:\windows\tasks\ymsgem.job
c:\windows\tasks\zoo.job
c:\windows\tasks\abtmp.job
c:\windows\tasks\qacb.job
c:\windows\tasks\wdlla.job
c:\windows\tasks\xmnxsokk.job
c:\windows\tasks\vlglllrb.job
c:\windows\tasks\yjvg.job
c:\windows\tasks\kidz.job
c:\windows\tasks\ysp.job
c:\windows\tasks\uqbgumio.job
c:\windows\tasks\fsparcpz.job
c:\windows\tasks\ytpcab.job
c:\windows\tasks\icfxo.job
c:\windows\tasks\ybkyhg.job
c:\windows\tasks\lrxcnft.job
c:\windows\tasks\twdylok.job
c:\windows\tasks\dbzptswb.job
c:\windows\tasks\pirt.job
c:\windows\tasks\upqwjbuq.job
c:\windows\tasks\iiegsjar.job
c:\windows\tasks\gpaatq.job
c:\windows\tasks\mecm.job
c:\windows\tasks\rgt.job
c:\windows\tasks\idzkw.job
c:\windows\tasks\agpu.job
c:\windows\tasks\san.job
c:\windows\tasks\iojxmhxn.job
c:\windows\tasks\qpn.job
c:\windows\tasks\yzcyf.job
c:\windows\tasks\mqjnstj.job
c:\windows\tasks\ltk.job
c:\windows\tasks\yokrrr.job
c:\windows\tasks\agndhfds.job
c:\windows\tasks\tiljy.job
c:\windows\tasks\yarmrqa.job
c:\windows\tasks\slwwlniy.job
c:\windows\tasks\twshxe.job
c:\windows\tasks\qgiqmk.job
c:\windows\tasks\sziawlm.job
c:\windows\tasks\reg.job
c:\windows\tasks\famjc.job
c:\windows\tasks\kqj.job
c:\windows\tasks\unrjn.job
c:\windows\tasks\jfzqoc.job
c:\windows\tasks\wnuk.job
c:\windows\tasks\fwb.job
c:\windows\tasks\vroszu.job
c:\windows\tasks\vywqlkj.job
c:\windows\tasks\wlxtxpj.job
c:\windows\tasks\bqmyv.job
c:\windows\tasks\zlkdfiz.job
c:\windows\tasks\hkczyu.job
c:\windows\tasks\osghwmkc.job
c:\windows\tasks\fvkwmssv.job
c:\windows\tasks\eukoyr.job
c:\windows\tasks\hvopck.job
c:\windows\tasks\xkaj.job
c:\windows\tasks\nuauuuqk.job
c:\windows\tasks\ygh.job
c:\windows\tasks\qem.job
c:\windows\tasks\wnme.job
c:\windows\tasks\fcrxtlo.job
c:\windows\tasks\cogk.job
c:\windows\tasks\dhs.job
c:\windows\tasks\ynzyn.job
c:\windows\tasks\xpkczmtc.job
c:\windows\tasks\rbgvsr.job
c:\windows\tasks\hvvupr.job
c:\windows\tasks\gvog.job
c:\windows\tasks\uxjvdww.job
c:\windows\tasks\xjtz.job
c:\windows\tasks\fwcqilqw.job
c:\windows\tasks\akbi.job
c:\windows\tasks\xwxjm.job
c:\windows\tasks\yhvjrwow.job
c:\windows\tasks\szyy.job
c:\windows\tasks\lic.job
c:\windows\tasks\hizpfx.job
c:\windows\tasks\uamcow.job
c:\windows\tasks\ojdpza.job
c:\windows\tasks\ziykz.job
c:\windows\tasks\udumj.job
c:\windows\tasks\alk.job
c:\windows\tasks\ftsdk.job
c:\windows\tasks\hcqbo.job
c:\windows\tasks\bkhntorr.job
c:\windows\tasks\oipgnq.job
c:\windows\tasks\lsidn.job
c:\windows\tasks\qthjbww.job
c:\windows\tasks\fmqotq.job
c:\windows\tasks\ymc.job
c:\windows\tasks\fbulgzhq.job
c:\windows\tasks\leki.job
c:\windows\tasks\khkynfa.job
c:\windows\tasks\mczgjxhh.job
c:\windows\tasks\zbhsi.job
c:\windows\tasks\iubzdbzs.job
c:\windows\tasks\ceqt.job
c:\windows\tasks\ewxy.job
c:\windows\tasks\kie.job
c:\windows\tasks\hub.job
c:\windows\tasks\gqnzqkee.job
c:\windows\tasks\nrlq.job
c:\windows\tasks\uwt.job
c:\windows\tasks\vrgiyv.job
c:\windows\tasks\oolekfv.job
c:\windows\tasks\jcchw.job
Registry keys to delete:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\Kgykg |
Clicca su Done
Clicca sul semaforo
Il pc dovrebbe riavviarsi, se così non fosse, riavvialo tu.
Al termine dell'operazione, posta qui il risultato. |
|
| Top |
|
|
laphytia
Eroe
Registrato: 07/06/07 09:50
Messaggi: 49
|
| Inviato: 19 Ott 2007 14:44 Oggetto: |
|
|
ecco qui, finalmente, il log di avenger...
Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\dimrmurw
*******************
Script file located at: \??\C:\Documents and Settings\rvvqvaga.txt
Script file opened successfully.
Script file read successfully
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
File C:\windows\system32\winxdahw.exe deleted successfully.
File C:\Documents and Settings\Fresca\Impostazioni locali\Temp\wkzbsa.exe deleted successfully.
File C:\Programmi\Morpheus\morpheustoolbar.exe deleted successfully.
File C:\Programmi\music_it.exe deleted successfully.
File c:\windows\tasks\uusb.job deleted successfully.
File c:\windows\tasks\ozmtk.job deleted successfully.
File c:\windows\tasks\eixgljfl.job deleted successfully.
File c:\windows\tasks\skxf.job deleted successfully.
File c:\windows\tasks\xoi.job deleted successfully.
File c:\windows\tasks\wmsgwvxb.job deleted successfully.
File c:\windows\tasks\sqk.job deleted successfully.
File c:\windows\tasks\pndp.job deleted successfully.
File c:\windows\tasks\gqypawt.job deleted successfully.
File c:\windows\tasks\qytta.job deleted successfully.
File c:\windows\tasks\sai.job deleted successfully.
File c:\windows\tasks\bguutfj.job deleted successfully.
File c:\windows\tasks\wbk.job deleted successfully.
File c:\windows\tasks\qti.job deleted successfully.
File c:\windows\tasks\wfgji.job deleted successfully.
File c:\windows\tasks\yfpz.job deleted successfully.
File c:\windows\tasks\ptjbpf.job deleted successfully.
File c:\windows\tasks\kzxhwbbq.job deleted successfully.
File c:\windows\tasks\puvlui.job deleted successfully.
File c:\windows\tasks\eamulyw.job deleted successfully.
File c:\windows\tasks\wrodb.job deleted successfully.
File c:\windows\tasks\oow.job deleted successfully.
File c:\windows\tasks\fbwuhj.job deleted successfully.
File c:\windows\tasks\nbioqw.job deleted successfully.
File c:\windows\tasks\ynfrub.job deleted successfully.
File c:\windows\tasks\iuma.job deleted successfully.
File c:\windows\tasks\tyu.job deleted successfully.
File c:\windows\tasks\kxfmanqv.job deleted successfully.
File c:\windows\tasks\kmao.job deleted successfully.
File c:\windows\tasks\wdp.job deleted successfully.
File c:\windows\tasks\ntw.job deleted successfully.
File c:\windows\tasks\eugopecf.job deleted successfully.
File c:\windows\tasks\cel.job deleted successfully.
File c:\windows\tasks\uew.job deleted successfully.
File c:\windows\tasks\gthqzez.job deleted successfully.
File c:\windows\tasks\swgfaykn.job deleted successfully.
File c:\windows\tasks\hmqzh.job deleted successfully.
File c:\windows\tasks\bzrblgf.job deleted successfully.
File c:\windows\tasks\lmehm.job deleted successfully.
File c:\windows\tasks\zocg.job deleted successfully.
File c:\windows\tasks\ffka.job deleted successfully.
File c:\windows\tasks\neymrtv.job deleted successfully.
File c:\windows\tasks\thr.job deleted successfully.
File c:\windows\tasks\dgrawzr.job deleted successfully.
File c:\windows\tasks\zjyv.job deleted successfully.
File c:\windows\tasks\ekcl.job deleted successfully.
File c:\windows\tasks\hnuhfe.job deleted successfully.
File c:\windows\tasks\ddzwhta.job deleted successfully.
File c:\windows\tasks\jzytd.job deleted successfully.
File c:\windows\tasks\iku.job deleted successfully.
File c:\windows\tasks\tcwx.job deleted successfully.
File c:\windows\tasks\jjka.job deleted successfully.
File c:\windows\tasks\zbcjmhs.job deleted successfully.
File c:\windows\tasks\kxhkmkmy.job deleted successfully.
File c:\windows\tasks\oxbimp.job deleted successfully.
File c:\windows\tasks\qzbcn.job deleted successfully.
File c:\windows\tasks\dxwat.job deleted successfully.
File c:\windows\tasks\orbv.job deleted successfully.
File c:\windows\tasks\myuara.job deleted successfully.
File c:\windows\tasks\mbitq.job deleted successfully.
File c:\windows\tasks\mbbdh.job deleted successfully.
File c:\windows\tasks\tvvfzkz.job deleted successfully.
File c:\windows\tasks\bwic.job deleted successfully.
File c:\windows\tasks\yfcdiw.job deleted successfully.
File c:\windows\tasks\okkprno.job deleted successfully.
File c:\windows\tasks\qbcuvnbf.job deleted successfully.
File c:\windows\tasks\wvirre.job deleted successfully.
File c:\windows\tasks\asbqf.job deleted successfully.
File c:\windows\tasks\mcqsbmar.job deleted successfully.
File c:\windows\tasks\kdhywd.job deleted successfully.
File c:\windows\tasks\ihzof.job deleted successfully.
File c:\windows\tasks\bae.job deleted successfully.
File c:\windows\tasks\eygp.job deleted successfully.
File c:\windows\tasks\xbmpmzfv.job deleted successfully.
File c:\windows\tasks\lfknrxb.job deleted successfully.
File c:\windows\tasks\cspx.job deleted successfully.
File c:\windows\tasks\zgsh.job deleted successfully.
File c:\windows\tasks\lxypkqv.job deleted successfully.
File c:\windows\tasks\rnkymyu.job deleted successfully.
File c:\windows\tasks\qefccpy.job deleted successfully.
File c:\windows\tasks\hsd.job deleted successfully.
File c:\windows\tasks\rzm.job deleted successfully.
File c:\windows\tasks\bvdg.job deleted successfully.
File c:\windows\tasks\ctlljye.job deleted successfully.
File c:\windows\tasks\rppekmdv.job deleted successfully.
File c:\windows\tasks\zeyuoihd.job deleted successfully.
File c:\windows\tasks\vkf.job deleted successfully.
File c:\windows\tasks\ptssxfza.job deleted successfully.
File c:\windows\tasks\qrcdepyv.job deleted successfully.
File c:\windows\tasks\oxme.job deleted successfully.
File c:\windows\tasks\sothz.job deleted successfully.
File c:\windows\tasks\fbjlepco.job deleted successfully.
File c:\windows\tasks\kkgcmk.job deleted successfully.
File c:\windows\tasks\dle.job deleted successfully.
File c:\windows\tasks\pfheldpb.job deleted successfully.
File c:\windows\tasks\dvly.job deleted successfully.
File c:\windows\tasks\ooe.job deleted successfully.
File c:\windows\tasks\dsai.job deleted successfully.
File c:\windows\tasks\kfdzuz.job deleted successfully.
File c:\windows\tasks\ytck.job deleted successfully.
File c:\windows\tasks\ona.job deleted successfully.
File c:\windows\tasks\obi.job deleted successfully.
File c:\windows\tasks\sglwjwpb.job deleted successfully.
File c:\windows\tasks\ruholw.job deleted successfully.
File c:\windows\tasks\waje.job deleted successfully.
File c:\windows\tasks\teht.job deleted successfully.
File c:\windows\tasks\rgxmfch.job deleted successfully.
File c:\windows\tasks\vzshck.job deleted successfully.
File c:\windows\tasks\wwghqo.job deleted successfully.
File c:\windows\tasks\xsjwt.job deleted successfully.
File c:\windows\tasks\hfw.job deleted successfully.
File c:\windows\tasks\lng.job deleted successfully.
File c:\windows\tasks\kxqaot.job deleted successfully.
File c:\windows\tasks\dgib.job deleted successfully.
File c:\windows\tasks\faifyk.job deleted successfully.
File c:\windows\tasks\ghitob.job deleted successfully.
File c:\windows\tasks\ife.job deleted successfully.
File c:\windows\tasks\tmhiwek.job deleted successfully.
File c:\windows\tasks\ofkptvuc.job deleted successfully.
File c:\windows\tasks\duqpvf.job deleted successfully.
File c:\windows\tasks\ndl.job deleted successfully.
File c:\windows\tasks\znua.job deleted successfully.
File c:\windows\tasks\uhury.job deleted successfully.
File c:\windows\tasks\tqdplwt.job deleted successfully.
File c:\windows\tasks\exbrvf.job deleted successfully.
File c:\windows\tasks\vmom.job deleted successfully.
File c:\windows\tasks\dkusfll.job deleted successfully.
File c:\windows\tasks\wiws.job deleted successfully.
File c:\windows\tasks\kndvy.job deleted successfully.
File c:\windows\tasks\mxdxhydu.job deleted successfully.
File c:\windows\tasks\ysq.job deleted successfully.
File c:\windows\tasks\yrrpaw.job deleted successfully.
File c:\windows\tasks\pvwfwaid.job deleted successfully.
File c:\windows\tasks\aeehtc.job deleted successfully.
File c:\windows\tasks\dkm.job deleted successfully.
File c:\windows\tasks\orostus.job deleted successfully.
File c:\windows\tasks\gmkjtk.job deleted successfully.
File c:\windows\tasks\ochyj.job deleted successfully.
File c:\windows\tasks\iwqkacfe.job deleted successfully.
File c:\windows\tasks\umky.job deleted successfully.
File c:\windows\tasks\exnuwc.job deleted successfully.
File c:\windows\tasks\iyh.job deleted successfully.
File c:\windows\tasks\wpb.job deleted successfully.
File c:\windows\tasks\gpwdhup.job deleted successfully.
File c:\windows\tasks\lbvsclu.job deleted successfully.
File c:\windows\tasks\zlnaxmy.job deleted successfully.
File c:\windows\tasks\uig.job deleted successfully.
File c:\windows\tasks\iild.job deleted successfully.
File c:\windows\tasks\enmmgdk.job deleted successfully.
File c:\windows\tasks\vmiw.job deleted successfully.
File c:\windows\tasks\rknsjl.job deleted successfully.
File c:\windows\tasks\wznlko.job deleted successfully.
File c:\windows\tasks\puszdkn.job deleted successfully.
File c:\windows\tasks\vsp.job deleted successfully.
File c:\windows\tasks\kxah.job deleted successfully.
File c:\windows\tasks\qwockj.job deleted successfully.
File c:\windows\tasks\svlyp.job deleted successfully.
File c:\windows\tasks\ibx.job deleted successfully.
File c:\windows\tasks\emike.job deleted successfully.
File c:\windows\tasks\ymnofihc.job deleted successfully.
File c:\windows\tasks\hpn.job deleted successfully.
File c:\windows\tasks\rky.job deleted successfully.
File c:\windows\tasks\qxpb.job deleted successfully.
File c:\windows\tasks\uyrjr.job deleted successfully.
File c:\windows\tasks\whbqugdc.job deleted successfully.
File c:\windows\tasks\wodzla.job deleted successfully.
File c:\windows\tasks\hbpf.job deleted successfully.
File c:\windows\tasks\kqxmfr.job deleted successfully.
File c:\windows\tasks\nvv.job deleted successfully.
File c:\windows\tasks\pnkd.job deleted successfully.
File c:\windows\tasks\rwxqandx.job deleted successfully.
File c:\windows\tasks\mtfvyj.job deleted successfully.
File c:\windows\tasks\wjxgpqbg.job deleted successfully.
File c:\windows\tasks\fwzm.job deleted successfully.
File c:\windows\tasks\njw.job deleted successfully.
File c:\windows\tasks\bnenwcyn.job deleted successfully.
File c:\windows\tasks\ahj.job deleted successfully.
File c:\windows\tasks\ipmrupn.job deleted successfully.
File c:\windows\tasks\zcmfjls.job deleted successfully.
File c:\windows\tasks\etb.job deleted successfully.
File c:\windows\tasks\lijeyt.job deleted successfully.
File c:\windows\tasks\whto.job deleted successfully.
File c:\windows\tasks\getsrtl.job deleted successfully.
File c:\windows\tasks\sdmta.job deleted successfully.
File c:\windows\tasks\ayasl.job deleted successfully.
File c:\windows\tasks\xlxuswos.job deleted successfully.
File c:\windows\tasks\gfdvqdu.job deleted successfully.
File c:\windows\tasks\cqjamvo.job deleted successfully.
File c:\windows\tasks\zammkwh.job deleted successfully.
File c:\windows\tasks\etceo.job deleted successfully.
File c:\windows\tasks\bliecyrj.job deleted successfully.
File c:\windows\tasks\mhl.job deleted successfully.
File c:\windows\tasks\kxzo.job deleted successfully.
File c:\windows\tasks\utcbt.job deleted successfully.
File c:\windows\tasks\dopp.job deleted successfully.
File c:\windows\tasks\qvhsnxj.job deleted successfully.
File c:\windows\tasks\lvj.job deleted successfully.
File c:\windows\tasks\rou.job deleted successfully.
File c:\windows\tasks\vbcjwye.job deleted successfully.
File c:\windows\tasks\xmvcp.job deleted successfully.
File c:\windows\tasks\kcydv.job deleted successfully.
File c:\windows\tasks\imvh.job deleted successfully.
File c:\windows\tasks\jolk.job deleted successfully.
File c:\windows\tasks\sia.job deleted successfully.
File c:\windows\tasks\rdfpz.job deleted successfully.
File c:\windows\tasks\gjvr.job deleted successfully.
File c:\windows\tasks\zfnn.job deleted successfully.
File c:\windows\tasks\hwnv.job deleted successfully.
File c:\windows\tasks\fpcpbdwq.job deleted successfully.
File c:\windows\tasks\jrxffip.job deleted successfully.
File c:\windows\tasks\vrzfaxu.job deleted successfully.
File c:\windows\tasks\yhnzk.job deleted successfully.
File c:\windows\tasks\jyxurb.job deleted successfully.
File c:\windows\tasks\giexxkg.job deleted successfully.
File c:\windows\tasks\pzp.job deleted successfully.
File c:\windows\tasks\gnhgi.job deleted successfully.
File c:\windows\tasks\evvh.job deleted successfully.
File c:\windows\tasks\szdn.job deleted successfully.
File c:\windows\tasks\ymsgem.job deleted successfully.
File c:\windows\tasks\zoo.job deleted successfully.
File c:\windows\tasks\abtmp.job deleted successfully.
File c:\windows\tasks\qacb.job deleted successfully.
File c:\windows\tasks\wdlla.job deleted successfully.
File c:\windows\tasks\xmnxsokk.job deleted successfully.
File c:\windows\tasks\vlglllrb.job deleted successfully.
File c:\windows\tasks\yjvg.job deleted successfully.
File c:\windows\tasks\kidz.job deleted successfully.
File c:\windows\tasks\ysp.job deleted successfully.
File c:\windows\tasks\uqbgumio.job deleted successfully.
File c:\windows\tasks\fsparcpz.job deleted successfully.
File c:\windows\tasks\ytpcab.job deleted successfully.
File c:\windows\tasks\icfxo.job deleted successfully.
File c:\windows\tasks\ybkyhg.job deleted successfully.
File c:\windows\tasks\lrxcnft.job deleted successfully.
File c:\windows\tasks\twdylok.job deleted successfully.
File c:\windows\tasks\dbzptswb.job deleted successfully.
File c:\windows\tasks\pirt.job deleted successfully.
File c:\windows\tasks\upqwjbuq.job deleted successfully.
File c:\windows\tasks\iiegsjar.job deleted successfully.
File c:\windows\tasks\gpaatq.job deleted successfully.
File c:\windows\tasks\mecm.job deleted successfully.
File c:\windows\tasks\rgt.job deleted successfully.
File c:\windows\tasks\idzkw.job deleted successfully.
File c:\windows\tasks\agpu.job deleted successfully.
File c:\windows\tasks\san.job deleted successfully.
File c:\windows\tasks\iojxmhxn.job deleted successfully.
File c:\windows\tasks\qpn.job deleted successfully.
File c:\windows\tasks\yzcyf.job deleted successfully.
File c:\windows\tasks\mqjnstj.job deleted successfully.
File c:\windows\tasks\ltk.job deleted successfully.
File c:\windows\tasks\yokrrr.job deleted successfully.
File c:\windows\tasks\agndhfds.job deleted successfully.
File c:\windows\tasks\tiljy.job deleted successfully.
File c:\windows\tasks\yarmrqa.job deleted successfully.
File c:\windows\tasks\slwwlniy.job deleted successfully.
File c:\windows\tasks\twshxe.job deleted successfully.
File c:\windows\tasks\qgiqmk.job deleted successfully.
File c:\windows\tasks\sziawlm.job deleted successfully.
File c:\windows\tasks\reg.job deleted successfully.
File c:\windows\tasks\famjc.job deleted successfully.
File c:\windows\tasks\kqj.job deleted successfully.
File c:\windows\tasks\unrjn.job deleted successfully.
File c:\windows\tasks\jfzqoc.job deleted successfully.
File c:\windows\tasks\wnuk.job deleted successfully.
File c:\windows\tasks\fwb.job deleted successfully.
File c:\windows\tasks\vroszu.job deleted successfully.
File c:\windows\tasks\vywqlkj.job deleted successfully.
File c:\windows\tasks\wlxtxpj.job deleted successfully.
File c:\windows\tasks\bqmyv.job deleted successfully.
File c:\windows\tasks\zlkdfiz.job deleted successfully.
File c:\windows\tasks\hkczyu.job deleted successfully.
File c:\windows\tasks\osghwmkc.job deleted successfully.
File c:\windows\tasks\fvkwmssv.job deleted successfully.
File c:\windows\tasks\eukoyr.job deleted successfully.
File c:\windows\tasks\hvopck.job deleted successfully.
File c:\windows\tasks\xkaj.job deleted successfully.
File c:\windows\tasks\nuauuuqk.job deleted successfully.
File c:\windows\tasks\ygh.job deleted successfully.
File c:\windows\tasks\qem.job deleted successfully.
File c:\windows\tasks\wnme.job deleted successfully.
File c:\windows\tasks\fcrxtlo.job deleted successfully.
File c:\windows\tasks\cogk.job deleted successfully.
File c:\windows\tasks\dhs.job deleted successfully.
File c:\windows\tasks\ynzyn.job deleted successfully.
File c:\windows\tasks\xpkczmtc.job deleted successfully.
File c:\windows\tasks\rbgvsr.job deleted successfully.
File c:\windows\tasks\hvvupr.job deleted successfully.
File c:\windows\tasks\gvog.job deleted successfully.
File c:\windows\tasks\uxjvdww.job deleted successfully.
File c:\windows\tasks\xjtz.job deleted successfully.
File c:\windows\tasks\fwcqilqw.job deleted successfully.
File c:\windows\tasks\akbi.job deleted successfully.
File c:\windows\tasks\xwxjm.job deleted successfully.
File c:\windows\tasks\yhvjrwow.job deleted successfully.
File c:\windows\tasks\szyy.job deleted successfully.
File c:\windows\tasks\lic.job deleted successfully.
File c:\windows\tasks\hizpfx.job deleted successfully.
File c:\windows\tasks\uamcow.job deleted successfully.
File c:\windows\tasks\ojdpza.job deleted successfully.
File c:\windows\tasks\ziykz.job deleted successfully.
File c:\windows\tasks\udumj.job deleted successfully.
File c:\windows\tasks\alk.job deleted successfully.
File c:\windows\tasks\ftsdk.job deleted successfully.
File c:\windows\tasks\hcqbo.job deleted successfully.
File c:\windows\tasks\bkhntorr.job deleted successfully.
File c:\windows\tasks\oipgnq.job deleted successfully.
File c:\windows\tasks\lsidn.job deleted successfully.
File c:\windows\tasks\qthjbww.job deleted successfully.
File c:\windows\tasks\fmqotq.job deleted successfully.
File c:\windows\tasks\ymc.job deleted successfully.
File c:\windows\tasks\fbulgzhq.job deleted successfully.
File c:\windows\tasks\leki.job deleted successfully.
File c:\windows\tasks\khkynfa.job deleted successfully.
File c:\windows\tasks\mczgjxhh.job deleted successfully.
File c:\windows\tasks\zbhsi.job deleted successfully.
File c:\windows\tasks\iubzdbzs.job deleted successfully.
File c:\windows\tasks\ceqt.job deleted successfully.
File c:\windows\tasks\ewxy.job deleted successfully.
File c:\windows\tasks\kie.job deleted successfully.
File c:\windows\tasks\hub.job deleted successfully.
File c:\windows\tasks\gqnzqkee.job deleted successfully.
File c:\windows\tasks\nrlq.job deleted successfully.
File c:\windows\tasks\uwt.job deleted successfully.
File c:\windows\tasks\vrgiyv.job deleted successfully.
File c:\windows\tasks\oolekfv.job deleted successfully.
File c:\windows\tasks\jcchw.job deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\Kgykg deleted successfully.
Completed script processing.
*******************
Finished! Terminate.
ciao bd |
|
| Top |
|
|
bdoriano
Amministratore
Registrato: 02/04/07 12:05
Messaggi: 14391
Residenza: 3° pianeta del sistema solare...
|
| Inviato: 19 Ott 2007 14:57 Oggetto: |
|
|
Ok! Ora ci siamo! 
Apri il file di registro, trova questa chiave:
| Codice: | | HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\Kgykg |
ed eliminala.
Fammi un favore, carica il file c:\avenger\backup(qualcosa).zip su Freefilehosting e mandami il link con un MP. |
|
| Top |
|
|
bdoriano
Amministratore
Registrato: 02/04/07 12:05
Messaggi: 14391
Residenza: 3° pianeta del sistema solare...
|
| Inviato: 19 Ott 2007 15:31 Oggetto: |
|
|
| Come va il pc? Riscontri ancora problemi? |
|
| Top |
|
|
bdoriano
Amministratore
Registrato: 02/04/07 12:05
Messaggi: 14391
Residenza: 3° pianeta del sistema solare...
|
| Inviato: 19 Ott 2007 16:38 Oggetto: |
|
|
Per i problemi con skype, hai provato a disinstallarlo e reinstallarlo?
Per il resto, facciamo un'ultima passata:
Scarica VirIt, installalo, aggiornalo (importante) e fai lo scan completo.
Salva il risultato della scansione in un file, carica il file su Freefilehosting e posta qui il link che ti viene assegnato. |
|
| Top |
|
|
laphytia
Eroe
Registrato: 07/06/07 09:50
Messaggi: 49
|
| Inviato: 19 Ott 2007 17:17 Oggetto: |
|
|
questo è il contenuto di una finestrellache si è aperta quando ho provato a mandare il file sospetto al loro centro analisi
110.txt
non penso che ala fine l'abbia inviato
e questo è il log di virit
26.txt
ciao |
|
| Top |
|
|
bdoriano
Amministratore
Registrato: 02/04/07 12:05
Messaggi: 14391
Residenza: 3° pianeta del sistema solare...
|
| Inviato: 19 Ott 2007 17:23 Oggetto: |
|
|
In effetti il primo messaggio è d'errore per l'invio tramite posta elettronica. Fa nulla.
VirIT ha eliminato un altro virus dai temporanei e altri 2 presenti nel ripristino di sistema. Ora dovresti essere pulita.
Prova a disinstallare e reinstallare Skype, per vedere se spuntano ancora quegli errori. |
|
| Top |
|
|
laphytia
Eroe
Registrato: 07/06/07 09:50
Messaggi: 49
|
| Inviato: 19 Ott 2007 17:55 Oggetto: |
|
|
ottimissimo 
skype ora funziona a meraviglia. ma prima di ringraziarti definitivamente ti lancio gli ultimi sos
1)al riavvio compare la solita finestrina di errore di quel cavolo di programma per smettere di fumare quite counter , come posso eliminarlo?
2)al riavvio è ripartito virit. Partirà ogni volta che accendo il pc?
è meglio tenerlo o lo disinstallo?
3)il mio antivirus va bene (AVG) o me ne consigli un altro?
4)ho sentito che per evitare di essere infestati, e per tante altre ragioni, sarebbe meglio togliere explorer... tu che ne dici? e con cosa mi consigli di sostituirlo?
5)ed infine, di tutti i programmini che ho scaricato in questi giorni, posso eliminarne qualcuno o li tengo tutti? (cwshredder.exe SpywareBlaster Ad-Watch 2007 Ad-Aware 2007 Eusing Free Registry Cleaner sys86381.exe atf killbox gmer) |
|
| Top |
|
|
bdoriano
Amministratore
Registrato: 02/04/07 12:05
Messaggi: 14391
Residenza: 3° pianeta del sistema solare...
|
| Inviato: 20 Ott 2007 10:03 Oggetto: |
|
|
| laphytia ha scritto: | ottimissimo
skype ora funziona a meraviglia. ma prima di ringraziarti definitivamente ti lancio gli ultimi sos |
Contento che hai risolto.
| laphytia ha scritto: | | 1)al riavvio compare la solita finestrina di errore di quel cavolo di programma per smettere di fumare quite counter , come posso eliminarlo? |
Posta un log aggiornato di hijackthis che vediamo cosa si può fare.
| laphytia ha scritto: | 2)al riavvio è ripartito virit. Partirà ogni volta che accendo il pc?
è meglio tenerlo o lo disinstallo? |
Dovrebbe partire ogni volta che si aggiorna. (non ne sono sicurissimo)
Direi di tenerlo. Per 30gg puoi utilizzarlo al pieno delle "sue forze". Dopodiché, ti segnalerà solo i virus senza eliminarli.
Disabilita il Monitor di VirIT (configurazione o opzioni), in modo tale che non vada in conflitto con il tuo antivirus.
Ogni tanto, gli fai fare una scansione completa del pc.
| laphytia ha scritto: | | 3)il mio antivirus va bene (AVG) o me ne consigli un altro? |
Direi che va bene. Se poi lasci anche VirIt, va meglio.
Tieni conto che gli antivirus funzionano bene solo con le firme aggiornate. Se ti becchi qualcosa di sconosciuto... non puoi fare molto. 
| laphytia ha scritto: | | 4)ho sentito che per evitare di essere infestati, e per tante altre ragioni, sarebbe meglio togliere explorer... tu che ne dici? e con cosa mi consigli di sostituirlo? |
Se intendi Internet Explorer, non puoi eliminarlo.
Puoi non utilizzarlo. Al suo posto puoi usare Opera o Mozilla Firefox e, solo in casi estremi, utilizzare Internet Explorer.
| laphytia ha scritto: | | 5)ed infine, di tutti i programmini che ho scaricato in questi giorni, posso eliminarne qualcuno o li tengo tutti? (cwshredder.exe SpywareBlaster Ad-Watch 2007 Ad-Aware 2007 Eusing Free Registry Cleaner sys86381.exe atf killbox gmer) |
Tienili tutti.
SpywareBlaster: lo aggiorni 1 volta al mese e, ad ogni aggiornamento, esegui l'immunizzazione.
Ad-Aware 2007: lo aggiorni ogni 1 o 2 settimane e, dopo l'aggiornamento, gli fai fare una scansione completa.
Eusing Free Registry Cleaner: ottimo per la pulizia del registro di Windows. Fagliela fare 1 volta al mese.
sys86831.exe: servirà alla prossima infezione. 
ATF-Cleaner: ottimo per l'eliminazione dei files temporanei.
KillBox: ottimo per l'eliminazione dei files impossibili da cancellare. Anche questo potrà essere utile alla prossima infezione.
GMer: ottimo per la ricerca di rootkit. Idem come sopra.
Avenger: (che non ha menzionato). Idem come sopra. |
|
| Top |
|
|
laphytia
Eroe
Registrato: 07/06/07 09:50
Messaggi: 49
|
| Inviato: 20 Ott 2007 16:33 Oggetto: |
 |
|
ciao bdoriano
grazie per i preziosissimi consigli....
qui ti ho caricato il log di hijackt
hijackthis266.log
per la famosa finestrella rompib***e
ciao e buon week-end
fede |
|
| Top |
|
|
|
FAQ
Cerca
Lista utenti
Gruppi
Registrati
Profilo
Messaggi privati
Log in
