| Precedente :: Successivo |
| Autore |
Messaggio |
alcy
Semidio
Registrato: 29/05/06 15:37
Messaggi: 359
|
 Inviato: 31 Mag 2007 19:04 Oggetto: scansione on line kaspersky:trovati virus |
 |
|
ciao ragazzi,ho fatto la scansione on line con kaspersky che mi ha trovato delle infezioni che evidentemente il mio avast, che agisce in automatico,non mi aveva preso.Uso anche avg-antispyware,ad-aware-spybot(tutti non in real time,ma da me aggiornati )pero' non mi avevano mai segnalato queste infezioni...ragazzi voi che cosa mi consigliate?grazie infinite.
 |
|
| Top |
|
 |
ioSOLOio
Amministratore
Registrato: 12/09/03 19:01
Messaggi: 16342
Residenza: in un sacco di...acqua
|
| Inviato: 31 Mag 2007 20:18 Oggetto: |
|
|
Ma Kaspersky online non permette di rimuovere ciò che trova infetto?
Ti indica quali files o processi sono infetti?
Se invece hai solo dei dubbi (perchè i tuoi antivirus non hanno rilevano nulla) potresti fare una ulteriore prova con altro antivirus online. |
|
| Top |
|
|
alcy
Semidio
Registrato: 29/05/06 15:37
Messaggi: 359
|
| Inviato: 31 Mag 2007 20:46 Oggetto: re |
|
|
non voglio sbagliarmi ma non mi pare che kaspersky permetta di correggere i danni trovati(spero di non dire oscenita'...)....ad ogni modo ho diementicato di incollare il risulato..ora ci provo..ciao!!!!!
| Kaspersky online ha scritto: |
Thursday, May 31, 2007 6:47:32 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.93.0
Kaspersky Anti-Virus database last update: 31/05/2007
Kaspersky Anti-Virus database records: 335304
Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
A:\
C:\
D:\
E:\
F:\
G:\
H:\
I:\
Scan Statistics
Total number of scanned objects 65419
Number of viruses found 4
Number of infected objects 10
Number of suspicious objects 0
Duration of the scan process 01:08:29
Infected Object Name Virus Name Last Action
C:\Documents and Settings\All Users\Dati applicazioni\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Dati applicazioni\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Dati applicazioni\Prevx\Local.dat Object is locked skipped
C:\Documents and Settings\Colella\.housecall\Quarantine\backup-20060528-123534-303.dll.bac_a00972 Infected: not-a-virus:AdTool.Win32.MyWebSearch.ai skipped
C:\Documents and Settings\Colella\.housecall6.6\Quarantine\backup-20060528-123534-303.dll.bac_a00972 Infected: not-a-virus:AdTool.Win32.MyWebSearch.ai skipped
C:\Documents and Settings\Colella\.housecall6.6\Quarantine\riched20.dll.bac_a03144 Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\Documents and Settings\Colella\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Colella\Dati applicazioni\Prevx\proc.cat Object is locked skipped
C:\Documents and Settings\Colella\Dati applicazioni\Sun\Java\Deployment\cache\javapi\v1.0\jar\crtdcghcn.jar-53b026d4-5a369c5c.zip/BaaaaBaa.class Infected: Trojan.Java.ClassLoader.ao skipped
C:\Documents and Settings\Colella\Dati applicazioni\Sun\Java\Deployment\cache\javapi\v1.0\jar\crtdcghcn.jar-53b026d4-5a369c5c.zip/VaaaaaaaBaa.class Infected: Trojan.Java.ClassLoader.ao skipped
C:\Documents and Settings\Colella\Dati applicazioni\Sun\Java\Deployment\cache\javapi\v1.0\jar\crtdcghcn.jar-53b026d4-5a369c5c.zip/Baaaaa.class Infected: Trojan.Java.ClassLoader.ao skipped
C:\Documents and Settings\Colella\Dati applicazioni\Sun\Java\Deployment\cache\javapi\v1.0\jar\crtdcghcn.jar-53b026d4-5a369c5c.zip ZIP: infected - 3 skipped
C:\Documents and Settings\Colella\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Colella\Impostazioni locali\Cronologia\History.IE5\MSHist012007053120070601\index.dat Object is locked skipped
C:\Documents and Settings\Colella\Impostazioni locali\Dati applicazioni\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\Colella\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Colella\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Colella\Impostazioni locali\Temp\SIDX0.$$$ Object is locked skipped
C:\Documents and Settings\Colella\Impostazioni locali\Temp\SIDX1.$$$ Object is locked skipped
C:\Documents and Settings\Colella\Impostazioni locali\Temp\SIDX2.$$$ Object is locked skipped
C:\Documents and Settings\Colella\Impostazioni locali\Temp\SIDX3.$$$ Object is locked skipped
C:\Documents and Settings\Colella\Impostazioni locali\Temp\TEMP0001.$$$ Object is locked skipped
C:\Documents and Settings\Colella\Impostazioni locali\Temp\TEMP0002.$$$ Object is locked skipped
C:\Documents and Settings\Colella\Impostazioni locali\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\Colella\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Colella\ntuser.dat Object is locked skipped
C:\Documents and Settings\Colella\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Programmi\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped
C:\Programmi\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped
C:\Programmi\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped
C:\Programmi\eMule\Temp\002.part Object is locked skipped
C:\Programmi\eMule\Temp\004.part Object is locked skipped
C:\Programmi\eMule\Temp\005.part Object is locked skipped
C:\Programmi\eMule\Temp\006.part Object is locked skipped
C:\Programmi\eMule\Temp\007.part Object is locked skipped
C:\Programmi\eMule\Temp\008.part Object is locked skipped
C:\Programmi\eMule\Temp\009.part Object is locked skipped
C:\Programmi\eMule\Temp\011.part Object is locked skipped
C:\Programmi\eMule\Temp\012.part Object is locked skipped
C:\Programmi\eMule\Temp\013.part Object is locked skipped
C:\Programmi\eMule\Temp\014.part Object is locked skipped
C:\Programmi\eMule\Temp\015.part Object is locked skipped
C:\Programmi\LHSP\L&H Power Translator Pro\Efgen.rul Object is locked skipped
C:\Programmi\LHSP\L&H Power Translator Pro\EFUSER.CDS Object is locked skipped
C:\Programmi\LHSP\L&H Power Translator Pro\Eggen.rul Object is locked skipped
C:\Programmi\LHSP\L&H Power Translator Pro\EGUSER.CDS Object is locked skipped
C:\Programmi\LHSP\L&H Power Translator Pro\Eigen.rul Object is locked skipped
C:\Programmi\LHSP\L&H Power Translator Pro\EIUSER.CDS Object is locked skipped
C:\Programmi\LHSP\L&H Power Translator Pro\Epgen.rul Object is locked skipped
C:\Programmi\LHSP\L&H Power Translator Pro\EPUSER.CDS Object is locked skipped
C:\Programmi\LHSP\L&H Power Translator Pro\Esgen.rul Object is locked skipped
C:\Programmi\LHSP\L&H Power Translator Pro\ESUSER.CDS Object is locked skipped
C:\Programmi\LHSP\L&H Power Translator Pro\Fegen.rul Object is locked skipped
C:\Programmi\LHSP\L&H Power Translator Pro\FEUSER.CDS Object is locked skipped
C:\Programmi\LHSP\L&H Power Translator Pro\Fggen.rul Object is locked skipped
C:\Programmi\LHSP\L&H Power Translator Pro\FGUSER.CDS Object is locked skipped
C:\Programmi\LHSP\L&H Power Translator Pro\Figen.rul Object is locked skipped
C:\Programmi\LHSP\L&H Power Translator Pro\FIUSER.CDS Object is locked skipped
C:\Programmi\LHSP\L&H Power Translator Pro\Gegen.rul Object is locked skipped
C:\Programmi\LHSP\L&H Power Translator Pro\GEUSER.CDS Object is locked skipped
C:\Programmi\LHSP\L&H Power Translator Pro\Gfgen.rul Object is locked skipped
C:\Programmi\LHSP\L&H Power Translator Pro\GFUSER.CDS Object is locked skipped
C:\Programmi\LHSP\L&H Power Translator Pro\Gigen.rul Object is locked skipped
C:\Programmi\LHSP\L&H Power Translator Pro\GIUSER.CDS Object is locked skipped
C:\Programmi\LHSP\L&H Power Translator Pro\Iegen.rul Object is locked skipped
C:\Programmi\LHSP\L&H Power Translator Pro\IEUSER.CDS Object is locked skipped
C:\Programmi\LHSP\L&H Power Translator Pro\Ifgen.rul Object is locked skipped
C:\Programmi\LHSP\L&H Power Translator Pro\IFUSER.CDS Object is locked skipped
C:\Programmi\LHSP\L&H Power Translator Pro\Iggen.rul Object is locked skipped
C:\Programmi\LHSP\L&H Power Translator Pro\IGUSER.CDS Object is locked skipped
C:\Programmi\LHSP\L&H Power Translator Pro\Isgen.rul Object is locked skipped
C:\Programmi\LHSP\L&H Power Translator Pro\ISUSER.CDS Object is locked skipped
C:\Programmi\LHSP\L&H Power Translator Pro\Pegen.rul Object is locked skipped
C:\Programmi\LHSP\L&H Power Translator Pro\PEUSER.CDS Object is locked skipped
C:\Programmi\LHSP\L&H Power Translator Pro\Segen.rul Object is locked skipped
C:\Programmi\LHSP\L&H Power Translator Pro\SEUSER.CDS Object is locked skipped
C:\Programmi\LHSP\L&H Power Translator Pro\Sigen.rul Object is locked skipped
C:\Programmi\LHSP\L&H Power Translator Pro\SIUSER.CDS Object is locked skipped
C:\Programmi\Prevx1\lclbrk.cache Object is locked skipped
C:\Programmi\Prevx1\log\px-log.txt Object is locked skipped
C:\Programmi\Prevx1\paws.cache Object is locked skipped
C:\Programmi\Prevx1\prevx.cache Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{9B7F54BF-24CB-4DC3-810E-B0766E8D7C57}\RP309\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\Paramete.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\Perflib_Perfdata_564.dat Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
H:\Interfree\Interdialer\Idialer.exe/data/InstID.exe Infected: not-a-virus:Dialer.Win32.InterDialer.a skipped
H:\Interfree\Interdialer\Idialer.exe/data Infected: not-a-virus:Dialer.Win32.InterDialer.a skipped
H:\Interfree\Interdialer\Idialer.exe PaquetBuilder: infected - 2 skipped
Scan process completed. |
|
|
| Top |
|
|
Orange
Dio maturo
Registrato: 18/02/07 13:20
Messaggi: 2224
Residenza: Roma
|
| Inviato: 31 Mag 2007 21:05 Oggetto: |
|
|
ciao!
ha ragione alcy. lo scan on-line di Kaspersky non rimuove (purtroppo) nessuna infezione.
comunque non c'è nulla di tanto serio, a parte queste che mi rendono un'pò perplessa:
| Citazione: | H:\Interfree\Interdialer\Idialer.exe/data/InstID.exe Infected: not-a-virus:Dialer.Win32.InterDialer.a skipped
H:\Interfree\Interdialer\Idialer.exe/data Infected: not-a-virus:Dialer.Win32.InterDialer.a skipped
H:\Interfree\Interdialer\Idialer.exe PaquetBuilder: infected - 2 skipped |
alcy, cos'hai in H:\? è una pen-drive? un CD?
per eliminare le cose trovate dovresti eliminare i files temp e svuotare cache Java
puoi servirti di CCleaner e/o ATF Cleaner
mentre AdTool.Win32.MyWebSearch si trova nella quarantena di TrendMicro Housecall (immagino avrai fatto una scansione on-line..?) |
|
| Top |
|
|
alcy
Semidio
Registrato: 29/05/06 15:37
Messaggi: 359
|
| Inviato: 31 Mag 2007 21:44 Oggetto: re |
|
|
ciao e grazie..allora con cleaner gia' fatto...quanto ad H allora l'ho aperto da risorse del computer e dentro ci sono delle cartelle:
corsi basica
driver
interfree
SBSI
SIS
Windows
anilogo2.exe
quanto ai tuoi sospetti di che si tratta?? 
aspetto tua ris..
ciao!!!!!!!!!!!
grazie |
|
| Top |
|
|
Orange
Dio maturo
Registrato: 18/02/07 13:20
Messaggi: 2224
Residenza: Roma
|
| Inviato: 31 Mag 2007 22:03 Oggetto: |
|
|
no sospetti! 
volevo solo sapere che cos'è H:\?
è un CD?
prova a cercare questi file ed eliminarli manualmente. |
|
| Top |
|
|
ioSOLOio
Amministratore
Registrato: 12/09/03 19:01
Messaggi: 16342
Residenza: in un sacco di...acqua
|
| Inviato: 01 Giu 2007 13:37 Oggetto: |
 |
|
dunque:
| Citazione: |
C:\Documents and Settings\Colella\.housecall\Quarantine\backup-20060528-123534-303.dll.bac_a00972 Infected: not-a-virus:AdTool.Win32.MyWebSearch.ai skipped
C:\Documents and Settings\Colella\.housecall6.6\Quarantine\backup-20060528-123534-303.dll.bac_a00972 Infected: not-a-virus:AdTool.Win32.MyWebSearch.ai skipped
C:\Documents and Settings\Colella\.housecall6.6\Quarantine\riched20.dll.bac_a03144 Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped |
queste tre segnalazioni si riferiscono a files si infetti ma che sembrerebbero essere nella cartella di Quarantena dell'antivirus..per cui in questo caso non sarebbero un problema (comunque nessuno ti vieta di ripulire la cartella in questione)
| Citazione: |
C:\Documents and Settings\Colella\Dati applicazioni\Sun\Java\Deployment\cache\javapi\v1.0\jar\crtdcghcn.jar-53b026d4-5a369c5c.zip/BaaaaBaa.class Infected: Trojan.Java.ClassLoader.ao skipped
C:\Documents and Settings\Colella\Dati applicazioni\Sun\Java\Deployment\cache\javapi\v1.0\jar\crtdcghcn.jar-53b026d4-5a369c5c.zip/VaaaaaaaBaa.class Infected: Trojan.Java.ClassLoader.ao skipped
C:\Documents and Settings\Colella\Dati applicazioni\Sun\Java\Deployment\cache\javapi\v1.0\jar\crtdcghcn.jar-53b026d4-5a369c5c.zip/Baaaaa.class Infected: Trojan.Java.ClassLoader.ao skipped
C:\Documents and Settings\Colella\Dati applicazioni\Sun\Java\Deployment\cache\javapi\v1.0\jar\crtdcghcn.jar-53b026d4-5a369c5c.zip ZIP: infected - 3 skipped |
questo si riferiscono a un piccolo problemino in effetti...ma mi pare strano che l'antivirus non lo rilevi..prova a fare la scansione della cartella Sun indicata e vedi se on-demand continua a non rilevare nulla.
Se non ricordo male beccarsi questa "infezione" dovrebbe essere legato ad una vulnerabilità legata al Java e corretta a suo tempo da Microsoft con una patch apposita...
| Citazione: |
H:\Interfree\Interdialer\Idialer.exe/data/InstID.exe Infected: not-a-virus:Dialer.Win32.InterDialer.a skipped
H:\Interfree\Interdialer\Idialer.exe/data Infected: not-a-virus:Dialer.Win32.InterDialer.a skipped
H:\Interfree\Interdialer\Idialer.exe PaquetBuilder: infected - 2 skipped |
qua mi unisco a Orange nel chiedere cosa sia H..un usb pen, cdrom, ecc.
Hai così tanti hard -disk e unità ottiche da arrivare alla H? |
|
| Top |
|
|
|
FAQ
Cerca
Lista utenti
Gruppi
Registrati
Profilo
Messaggi privati
Log in
