Olimpo Informatico

Sante62 · Inviato: 01 Feb 2008 14:06 Oggetto:

Bene, aspetto il log di Kaspersky...

nelmiopiccolofacciogiuoco · Mortale pio Registrato: 23/01/08 14:32 Messaggi: 28

avrei un problemino...credo ke kaspersky on line vada solamente con internet explorer e mi si disconnette in continuazione e nn faccio in tempo...con mozilla fire fox nn va avanti

nelmiopiccolofacciogiuoco · Mortale pio Registrato: 23/01/08 14:32 Messaggi: 28

e anke mozilla mi da lo stesso problema.............................................................................

Sante62 · Inviato: 01 Feb 2008 16:56 Oggetto:

Scarica questo file sul desktop
Disconettiti da internet, seleziona il file DelDomains.inf, tasto destro del mouse e scegli l'opzione "Installa". Se va a buon fine, riavvia il PC e riprova a fare la scansione con Kasper...Ovviamente devi usare Internet Explorer.

nelmiopiccolofacciogiuoco · Mortale pio Registrato: 23/01/08 14:32 Messaggi: 28

KASPERSKY ONLINE SCANNER REPORT
Saturday, February 02, 2008 3:56:39 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 2/02/2008
Kaspersky Anti-Virus database records: 545930

Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true

Scan Target My Computer
A:\
C:\
D:\
E:\
F:\
G:\

Scan Statistics
Total number of scanned objects 43617
Number of viruses found 2
Number of infected objects 14
Number of suspicious objects 0
Duration of the scan process 01:35:03

Infected Object Name Virus Name Last Action
C:\avenger\backup.zip/avenger/1130735544.exe Infected: Trojan.Win32.KillAV.oe skipped

C:\avenger\backup.zip/avenger/1294152120.exe Infected: Trojan.Win32.KillAV.oe skipped

C:\avenger\backup.zip/avenger/1410728420.exe Infected: Trojan.Win32.KillAV.oe skipped

C:\avenger\backup.zip/avenger/1952711556.exe Infected: Trojan.Win32.KillAV.oe skipped

C:\avenger\backup.zip/avenger/2260842816.exe Infected: Trojan.Win32.KillAV.oe skipped

C:\avenger\backup.zip/avenger/2267298412.exe Infected: Trojan.Win32.KillAV.oe skipped

C:\avenger\backup.zip/avenger/2613482828.exe Infected: Trojan.Win32.KillAV.oe skipped

C:\avenger\backup.zip/avenger/3223316868.exe Infected: Trojan.Win32.KillAV.oe skipped

C:\avenger\backup.zip/avenger/3443686516.exe Infected: Trojan.Win32.KillAV.oe skipped

C:\avenger\backup.zip/avenger/4072739548.exe Infected: Trojan.Win32.KillAV.oe skipped

C:\avenger\backup.zip/avenger/nod32kui.exe Infected: Trojan-Downloader.Win32.Agent.ihz skipped

C:\avenger\backup.zip ZIP: infected - 11 skipped

C:\Documents and Settings\All Users\Dati applicazioni\Nero\Nero8\Nero BackItUp\Cache\NeroBackItUpScheduler3.log Object is locked skipped

C:\Documents and Settings\Giovanni\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\Giovanni\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Giovanni\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\Giovanni\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\Giovanni\Impostazioni locali\Temp\993309800.exe Infected: Trojan.Win32.KillAV.oe skipped

C:\Documents and Settings\Giovanni\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Giovanni\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\Giovanni\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped

C:\Programmi\Eset\cache\CACHE.NDB Object is locked skipped

C:\Programmi\Eset\logs\virlog.dat Object is locked skipped

C:\Programmi\Eset\logs\warnlog.dat Object is locked skipped

C:\Programmi\Nero\Nero8\Nero BackItUp\BIU1.txt Object is locked skipped

C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

C:\System Volume Information\_restore{0B5CC96E-9FD9-4CCD-B69D-DCAC94B4C676}\RP66\A0027279.exe Infected: Trojan-Downloader.Win32.Agent.ihz skipped

C:\System Volume Information\_restore{0B5CC96E-9FD9-4CCD-B69D-DCAC94B4C676}\RP68\change.log Object is locked skipped

C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

C:\WINDOWS\SchedLgU.Txt Object is locked skipped

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\default Object is locked skipped

C:\WINDOWS\system32\config\default.LOG Object is locked skipped

C:\WINDOWS\system32\config\SAM Object is locked skipped

C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SECURITY Object is locked skipped

C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

C:\WINDOWS\system32\config\software Object is locked skipped

C:\WINDOWS\system32\config\software.LOG Object is locked skipped

C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\system Object is locked skipped

C:\WINDOWS\system32\config\system.LOG Object is locked skipped

C:\WINDOWS\system32\h323log.txt Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped

C:\WINDOWS\WindowsUpdate.log Object is locked skipped

D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

Scan process completed.

Sante62 · Inviato: 02 Feb 2008 23:48 Oggetto:

disattiva il ripristino di sistema; Utilizza Avenger con questo script:

nelmiopiccolofacciogiuoco · Mortale pio Registrato: 23/01/08 14:32 Messaggi: 28

Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\lkkwjxul

*******************

Script file located at: \??\C:\WINDOWS\system32\tufayvha.txt
Script file opened successfully.

Script file read successfully

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

File C:\Documents and Settings\Giovanni\Impostazioni locali\Temp\993309800.exe deleted successfully.

Completed script processing.

*******************

Finished! Terminate.

nelmiopiccolofacciogiuoco · Mortale pio Registrato: 23/01/08 14:32 Messaggi: 28

i problemi persistono e anke le disconnessioni sistematiche...credo di formattare anke xk sono senza internet praticamente...ti ringrazio tantissimo ugualmente...

Sante62 · Inviato: 03 Feb 2008 18:40 Oggetto:

Bhe, mi dispiace.....se proprio non c'è altra soluzione....
Ciao

nelmiopiccolofacciogiuoco · Mortale pio Registrato: 23/01/08 14:32 Messaggi: 28

mmm...cose strane ...oggi nn mi si disconnette mah...cmq il pc è ancora impallato. se ci sono altre soluzioni da provare e nn ti secca aiutarmi aspetto altri suggerimenti Smile

Sante62 · Inviato: 04 Feb 2008 19:45 Oggetto:

Che tipo di problemi riscontri di preciso?..

nelmiopiccolofacciogiuoco · Mortale pio Registrato: 23/01/08 14:32 Messaggi: 28

adesso gli stessi di prima mi si aprono pag di internet ke mi riportano a siti di sedicenti antivirus, ho il pc ke mi va lentissimo e anke se oggi è successo solo tre volte mi si disconnette e mi appare un mess di errore con su scritto generic hosts process for win 32 services senza nessun numero di errore

nelmiopiccolofacciogiuoco · Mortale pio Registrato: 23/01/08 14:32 Messaggi: 28

e poi volevo chiederti una cosa...è normale ke il nod mi utlizzi in media 25000kb di memoria?

bdoriano · Inviato: 04 Feb 2008 22:18 Oggetto:

rifai la scansione con SystemScan e posta il log su FreeFileHosting come indicato qui.

nelmiopiccolofacciogiuoco · Mortale pio Registrato: 23/01/08 14:32 Messaggi: 28

05_02_2008_15_03_report.zip

Sante62 · Inviato: 07 Feb 2008 13:43 Oggetto:

Sarà...ma dal log non vedo voci sospette...
Per l'errore generic hosts process for win 32 services fai un aggiornamento totale da Windows Update; non da aggiornamenti automatici, ma da questo link che ho messo..Fai sapere come va...
Ciao