Home Page
Articoli
Tips & Tricks
News
Forum
Archivio Forum
Blogs
Sondaggi
Rss
Video
Utenti
Chi Siamo
Contattaci
Username:
Password:
Login
Registrati ora!
Recupera Password
Home Page
Stanze Forum
Off Topic (OT)
Trojan Aiuto
mercoledì 28 marzo 2007 - 20.43
Elenco Threads
Stanze Forum
Aggiungi ai Preferiti
Cerca nel forum
AntCiar
Profilo
| Expert
936
messaggi | Data Invio:
mer 28 mar 2007 - 20:43
Salve.
Mi sono infettato con un trojan di tipo "tr/crypt.fkm.gen" e non riesco a toglierlo in nessun modo.
Ho provato con Antivir, Ad-Adware, Spyboot.
Antivir lo rileva, me lo fa eliminare ma dopo pochi secondi ricompare.
Qualcuno ha rislto questo problema?
grazie
MarKonE
Profilo
| Guru
2.074
messaggi | Data Invio:
gio 29 mar 2007 - 00:52
Ciao,
Prova a scaricare il TSC della trendmicro, si tratta di un tool completo per la rimozione delle schifezze :
Qui puoi trovare Sysclean (eseguibile) -->
http://it.trendmicro-europe.com/file_downloads/common/tsc/sysclean.com
E qui i pattern aggiornati -->
http://it.trendmicro-europe.com/global/file_downloads/common/pattern/opr/lpt373.zip
Una volta scaricati i due file devi mettere sysclean.com nella stessa cartella del *contenuto* del file zip .
< < Riavvia in modalità provvisoria > >
Una volta fatto *Disabilita* temporaneamente l'antivirus....non dimenticarti
A questo punto puoi lanciare SYSCLEAN. Si aprirà una finestra ... selezionando SCAN farai partire la scansione.
Selezionando "Automatically clean or delete detected files" il tool cercherà di rimuovere automaticamente ogni infezione...se non ti fidi puoi deselezionare tale opzione e decidere di volta in volta cosa fare.
Alla fine potrai trovare, nella stessa cartella da cui hai lanciato il tool, il file SYSCLEAN.LOG. Eventualmente prova a postarlo che gli diamo un'occhiata.
Potrebbe essere necessario disabilitare il ripristino del sistema operativo....ma procediamo per gradi
Ciao!
My Blog...
http://blogs.dotnethell.it/Mark/
AntCiar
Profilo
| Expert
936
messaggi | Data Invio:
sab 31 mar 2007 - 18:54
Ciao.
Ho seguito le istruzioni che mi hai dato. Di seguito posto il Log risultante. Ho fatto due scansioni: la prima in modalità provvisoria e la seconda in modalità normale. Ho potuto notare in entrambi le scansioni che per ogni voce esaminata (nella finestra dos) compariva accanto la dicitura "error <<-94>>.
Ho dato una occhiata ai log e mi sembra che non abbia trovato niente.
Comunque il virus è ancora qui.
Spero tu abbia una soluzione alternativa prima dell'inesorabile "Formattata"
LOG:
/--------------------------------------------------------------\
| Trend Micro System Cleaner |
| Copyright 2006, Trend Micro, Inc. |
|
http://www.antivirus.com
|
\--------------------------------------------------------------/
2007-03-31, 18:33:57, Running scanner "C:\tr\TSC.BIN"...
2007-03-31, 18:34:42, Scanner "C:\tr\TSC.BIN" has finished running.
2007-03-31, 18:34:42, TSC Log:
Damage Cleanup Engine (DCE) 5.0(Build 1107)
Windows XP(Build 2600: Service Pack 1)
Start time : sab mar 31 2007 18:33:59
Load Damage Cleanup Template (DCT) "C:\tr\tsc.ptn" (version 850) [success]
Complete time : sab mar 31 2007 18:34:42
Execute pattern count(3073), Virus found count(0), Virus clean count(0), Clean failed count(0)
2007-03-31, 18:58:25, Files Detected:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 3/31/2007 18:36:00
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 373 (169661 Patterns) (2007/03/27) (437300)
Command Line: C:\tr\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB C:\*.* /P=C:\tr
34875 files have been read.
34875 files have been checked.
30861 files have been scanned.
44988 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 3/31/2007 18:58:25
---------*---------*---------*---------*---------*---------*---------*---------*
2007-03-31, 18:58:25, Files Clean:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 3/31/2007 18:36:00
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 373 (169661 Patterns) (2007/03/27) (437300)
Command Line: C:\tr\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB C:\*.* /P=C:\tr
34875 files have been read.
34875 files have been checked.
30861 files have been scanned.
44988 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 3/31/2007 18:58:25 22 minutes 10 seconds (1329.47 seconds) has elapsed.
---------*---------*---------*---------*---------*---------*---------*---------*
2007-03-31, 18:58:25, Clean Fail:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 3/31/2007 18:36:00
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 373 (169661 Patterns) (2007/03/27) (437300)
Command Line: C:\tr\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB C:\*.* /P=C:\tr
34875 files have been read.
34875 files have been checked.
30861 files have been scanned.
44988 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 3/31/2007 18:58:25 22 minutes 10 seconds (1329.47 seconds) has elapsed.
---------*---------*---------*---------*---------*---------*---------*---------*
2007-03-31, 18:58:25, Scanner "C:\tr\VSCANTM.BIN" has finished running.
2007-03-31, 18:58:40, Files Detected:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 3/31/2007 18:58:25
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 373 (169661 Patterns) (2007/03/27) (437300)
Command Line: C:\tr\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB D:\*.* /P=C:\tr
2 files have been read.
2 files have been checked.
2 files have been scanned.
2 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 3/31/2007 18:58:40
---------*---------*---------*---------*---------*---------*---------*---------*
2007-03-31, 18:58:40, Files Clean:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 3/31/2007 18:58:25
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 373 (169661 Patterns) (2007/03/27) (437300)
Command Line: C:\tr\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB D:\*.* /P=C:\tr
2 files have been read.
2 files have been checked.
2 files have been scanned.
2 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 3/31/2007 18:58:40 0.02 seconds has elapsed.
---------*---------*---------*---------*---------*---------*---------*---------*
2007-03-31, 18:58:40, Clean Fail:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 3/31/2007 18:58:25
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 373 (169661 Patterns) (2007/03/27) (437300)
Command Line: C:\tr\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB D:\*.* /P=C:\tr
2 files have been read.
2 files have been checked.
2 files have been scanned.
2 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 3/31/2007 18:58:40 0.02 seconds has elapsed.
---------*---------*---------*---------*---------*---------*---------*---------*
2007-03-31, 18:58:40, Scanner "C:\tr\VSCANTM.BIN" has finished running.
/--------------------------------------------------------------\
| Trend Micro System Cleaner |
| Copyright 2006, Trend Micro, Inc. |
|
http://www.antivirus.com
|
\--------------------------------------------------------------/
2007-03-31, 19:22:37, Running scanner "C:\tr\TSC.BIN"...
2007-03-31, 19:22:55, Scanner "C:\tr\TSC.BIN" has finished running.
2007-03-31, 19:22:55, TSC Log:
Damage Cleanup Engine (DCE) 5.0(Build 1107)
Windows XP(Build 2600: Service Pack 1)
Start time : sab mar 31 2007 19:22:40
Load Damage Cleanup Template (DCT) "C:\tr\tsc.ptn" (version 850) [success]
Complete time : sab mar 31 2007 19:22:55
Execute pattern count(3073), Virus found count(0), Virus clean count(0), Clean failed count(0)
2007-03-31, 19:40:05, Files Detected:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 3/31/2007 19:23:14
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 373 (169661 Patterns) (2007/03/27) (437300)
Command Line: C:\tr\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB C:\*.* /P=C:\tr
34885 files have been read.
34885 files have been checked.
30859 files have been scanned.
44986 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 3/31/2007 19:40:05
---------*---------*---------*---------*---------*---------*---------*---------*
2007-03-31, 19:40:05, Files Clean:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 3/31/2007 19:23:14
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 373 (169661 Patterns) (2007/03/27) (437300)
Command Line: C:\tr\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB C:\*.* /P=C:\tr
34885 files have been read.
34885 files have been checked.
30859 files have been scanned.
44986 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 3/31/2007 19:40:05 16 minutes 46 seconds (1006.12 seconds) has elapsed.
---------*---------*---------*---------*---------*---------*---------*---------*
2007-03-31, 19:40:05, Clean Fail:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 3/31/2007 19:23:14
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 373 (169661 Patterns) (2007/03/27) (437300)
Command Line: C:\tr\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB C:\*.* /P=C:\tr
34885 files have been read.
34885 files have been checked.
30859 files have been scanned.
44986 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 3/31/2007 19:40:05 16 minutes 46 seconds (1006.12 seconds) has elapsed.
---------*---------*---------*---------*---------*---------*---------*---------*
2007-03-31, 19:40:05, Scanner "C:\tr\VSCANTM.BIN" has finished running.
2007-03-31, 19:40:09, Files Detected:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 3/31/2007 19:40:06
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 373 (169661 Patterns) (2007/03/27) (437300)
Command Line: C:\tr\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB D:\*.* /P=C:\tr
2 files have been read.
2 files have been checked.
2 files have been scanned.
2 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 3/31/2007 19:40:09
---------*---------*---------*---------*---------*---------*---------*---------*
2007-03-31, 19:40:09, Files Clean:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 3/31/2007 19:40:06
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 373 (169661 Patterns) (2007/03/27) (437300)
Command Line: C:\tr\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB D:\*.* /P=C:\tr
2 files have been read.
2 files have been checked.
2 files have been scanned.
2 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 3/31/2007 19:40:09 0.02 seconds has elapsed.
---------*---------*---------*---------*---------*---------*---------*---------*
2007-03-31, 19:40:09, Clean Fail:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 3/31/2007 19:40:06
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 373 (169661 Patterns) (2007/03/27) (437300)
Command Line: C:\tr\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB D:\*.* /P=C:\tr
2 files have been read.
2 files have been checked.
2 files have been scanned.
2 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 3/31/2007 19:40:09 0.02 seconds has elapsed.
---------*---------*---------*---------*---------*---------*---------*---------*
2007-03-31, 19:40:09, Scanner "C:\tr\VSCANTM.BIN" has finished running.
MarKonE
Profilo
| Guru
2.074
messaggi | Data Invio:
lun 2 apr 2007 - 21:08
Ciao, quale software ti rileva il virus di cui parli ?
Quali sono nello specifico i file infetti ?
Utilizzi windows xp ? Aggiorni regolarmente il sistema tramite Windows Update ?
Ciao
My Blog...
http://blogs.dotnethell.it/Mark/
AntCiar
Profilo
| Expert
936
messaggi | Data Invio:
mar 3 apr 2007 - 08:48
Ciao.
Il computer infettato monta un XP Home Edition.
L'antivirus che rileva l'infezione è "Antivir" della TrendMicro.
La cosa accade random, cioè di tanto in tanto compare una finestra di Antivir il quale informa di aver trovato il trojian. Mi da anche il percorso che punta ad una dll nella cartella Windows, ma andando a controllare, il file che mi dice non esiste (ho controllato abilitando la visualizzazione dei file e delle cartelle nascoste)
Per quanto riguarda gli aggiornamenti automatici, vengono eseguiti con una certa costanza (per quanto si può dato che si possiede una connessione 56Kb).
Non so se è stato aggiornato di recente perchè non è mio il computer in questione ma di una mia amica.
grazie.
Torna su
Stanze Forum
Elenco Threads
Partecipa anche tu! Registrati!
Hai bisogno di aiuto ?
Perchè non ti registri subito?
Dopo esserti registrato potrai chiedere
aiuto sul nostro
Forum
oppure aiutare gli altri
Consulta le
Stanze
disponibili.
Registrati ora !