Grazie per il preziosi consigli. Sembra essere tutto a posto per il momento, vi farò sapere se per caso avrò altri problemi, intanto questi sono i log.
Vir Lite:
[SCANSIONE DEL REGISTRO]
{C9FA1DC9-1FB3-C2A8-2F1A-DC1A33E7AF9D} Infetto da Trojan.Win32.OUT_NAME.B
* * * RIMOSSO * * *
[A:]
BOOT SECTOR: OK
[C:]
MASTER BOOT RECORD: OK
BOOT SECTOR: OK
C:\Documents and Settings\User\Impostazioni locali\Temp\10.tmp Infetto da Trojan.Win32.Small.KE
* * * RIMOSSO * * *
C:\Programmi\Netscape\Netscape Browser\defaults\safetynet\updateLists.exe Possibile variante da Trojan.Win32.Small.EM
C:\Programmi\Netscape\Netscape Browser\mangle.exe Possibile variante da Trojan.Win32.Small.EM
C:\Programmi\Netscape\Netscape Browser\rebasedlls.exe Possibile variante da Trojan.Win32.Small.AP
C:\Programmi\Netscape\Netscape Browser\regchrome.exe Possibile variante da Trojan.Win32.Small.EM
C:\Programmi\Netscape\Netscape Browser\xpcshell.exe Possibile variante da Trojan.Win32.Small.IT
C:\Programmi\Netscape\Netscape Browser\xpt_dump.exe Possibile variante da Trojan.Win32.Small.FS
C:\Programmi\Netscape\Netscape Browser\xpt_link.exe Possibile variante da Trojan.SpySmall.C
C:\WINDOWS\system32\dfrgsrv.exe Infetto da Trojan.Win32.Zlob.D
Il file sarà spostato nella cartella di quarantena.
[D:]
[F:]
BOOT SECTOR: OK
Chiavi Registro infette: 1.
Files Infetti: 9.
Files Sospetti: 0.
Files Analizzati: 66944.
Files Totali: 66944.
Chiavi Registro rimosse: 1.
Virus Rimossi: 1.
Adesso puoi RIAVVIARE il computer per spostare il file nella cartella di quarantena.
SCANSIONE DELLA MEMORIA
OK
E poi il log di smitRem
smitRem © log file
version 2.8
by noahdfear
Microsoft Windows XP [Versione 5.1.2600]
Running from
C:\Documents and Settings\User\Documenti\ETTORE\ettore\downloads\smitRem\smitRem
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Pre-run SharedTask Export
(GetSTS.exe) SharedTaskScheduler exporter by Lawrence Abrams (Grinler)
Copyright(C) 2006 BleepingComputer.com
Registry Pseudo-Format Mode (Not a valid reg file):
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Precaricatore Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Daemon di cache delle categorie di componenti"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32]
@="%SystemRoot%\system32\browseui.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32]
@="%SystemRoot%\system32\browseui.dll"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
checking for ShudderLTD key
ShudderLTD key not present!
checking for PSGuard.com key
PSGuard.com key not present!
checking for WinHound.com key
WinHound.com key not present!
spyaxe uninstaller NOT present
Winhound uninstaller NOT present
SpywareStrike uninstaller NOT present
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Existing Pre-run Files
~~~ Program Files ~~~
~~~ Shortcuts ~~~
~~~ Favorites ~~~
~~~ system32 folder ~~~
1024 dir
ld****.tmp
mssearchnet.exe
ncompat.tlb
logfiles
~~~ Icons in System32 ~~~
~~~ Windows directory ~~~
~~~ Drive root ~~~
~~~ Miscellaneous Files/folders ~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright(C) 2002-2003
Craig.Peacock@beyondlogic.org
Killing PID 740 'explorer.exe'
Starting registry repairs
Registry repairs complete
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
SharedTask Export after registry fix
(GetSTS.exe) SharedTaskScheduler exporter by Lawrence Abrams (Grinler)
Copyright(C) 2006 BleepingComputer.com
Registry Pseudo-Format Mode (Not a valid reg file):
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Precaricatore Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Daemon di cache delle categorie di componenti"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32]
@="%SystemRoot%\system32\browseui.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32]
@="%SystemRoot%\system32\browseui.dll"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Deleting files
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Remaining Post-run Files
~~~ Program Files ~~~
~~~ Shortcuts ~~~
~~~ Favorites ~~~
~~~ system32 folder ~~~
~~~ Icons in System32 ~~~
~~~ Windows directory ~~~
~~~ Drive root ~~~
~~~ Miscellaneous Files/folders ~~~
~~~ Wininet.dll ~~~
CLEAN!
Registrazione