Bakaras
28th August 2010, 16:09
sto diventando pazzo.
Sul computer di mio fratello avira trovaquesto virus, pensavo di averlo eliminato ad inizio agosto andando a ripristinare il settore di boot direttamente col cd di vista ma niente, torno oggi qui e si è ripresentato.
poco male penso, formatto e reinstallo e bon, ma a quanto pare con il solo avira installato su installazione fresca ( avevo anche deallocato la partizione e reallocata per sicurezza ) continua a rilevarmelo.
di seguito il log di avira:
Avira AntiVir Personal
Report file date: sabato 28 agosto 2010 15:45
Scanning for 2757613 virus strains and unwanted programs.
The program is running as an unrestricted full version.
Online services are available:
Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows Vista x64
Windows version : (plain) [6.0.6000]
Boot mode : Normally booted
Username : Alessandro
Computer name : MetalGear
Version information:
BUILD.DAT : 10.0.0.567 32097 Bytes 19/04/2010 15:07:00
AVSCAN.EXE : 10.0.3.0 433832 Bytes 01/04/2010 11:37:38
AVSCAN.DLL : 10.0.3.0 46440 Bytes 01/04/2010 11:57:04
LUKE.DLL : 10.0.2.3 104296 Bytes 07/03/2010 17:33:04
LUKERES.DLL : 10.0.0.1 12648 Bytes 10/02/2010 22:40:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 08:05:36
VBASE001.VDF : 7.10.1.0 1372672 Bytes 19/11/2009 18:27:49
VBASE002.VDF : 7.10.3.1 3143680 Bytes 20/01/2010 16:37:42
VBASE003.VDF : 7.10.3.75 996864 Bytes 26/01/2010 15:37:42
VBASE004.VDF : 7.10.4.203 1579008 Bytes 05/03/2010 10:29:03
VBASE005.VDF : 7.10.6.82 2494464 Bytes 15/04/2010 13:42:59
VBASE006.VDF : 7.10.7.218 2294784 Bytes 02/06/2010 13:43:03
VBASE007.VDF : 7.10.9.165 4840960 Bytes 23/07/2010 13:43:10
VBASE008.VDF : 7.10.9.166 2048 Bytes 23/07/2010 13:43:10
VBASE009.VDF : 7.10.9.167 2048 Bytes 23/07/2010 13:43:10
VBASE010.VDF : 7.10.9.168 2048 Bytes 23/07/2010 13:43:10
VBASE011.VDF : 7.10.9.169 2048 Bytes 23/07/2010 13:43:10
VBASE012.VDF : 7.10.9.170 2048 Bytes 23/07/2010 13:43:10
VBASE013.VDF : 7.10.9.198 157696 Bytes 26/07/2010 13:43:11
VBASE014.VDF : 7.10.9.255 997888 Bytes 29/07/2010 13:43:12
VBASE015.VDF : 7.10.10.28 139264 Bytes 02/08/2010 13:43:12
VBASE016.VDF : 7.10.10.52 127488 Bytes 03/08/2010 13:43:13
VBASE017.VDF : 7.10.10.84 137728 Bytes 06/08/2010 13:43:13
VBASE018.VDF : 7.10.10.107 176640 Bytes 09/08/2010 13:43:13
VBASE019.VDF : 7.10.10.130 132608 Bytes 10/08/2010 13:43:14
VBASE020.VDF : 7.10.10.158 131072 Bytes 12/08/2010 13:43:14
VBASE021.VDF : 7.10.10.190 136704 Bytes 16/08/2010 13:43:14
VBASE022.VDF : 7.10.10.217 118272 Bytes 19/08/2010 13:43:14
VBASE023.VDF : 7.10.10.246 130048 Bytes 23/08/2010 13:43:14
VBASE024.VDF : 7.10.11.11 144896 Bytes 25/08/2010 13:43:15
VBASE025.VDF : 7.10.11.33 135168 Bytes 27/08/2010 13:43:15
VBASE026.VDF : 7.10.11.34 2048 Bytes 27/08/2010 13:43:15
VBASE027.VDF : 7.10.11.35 2048 Bytes 27/08/2010 13:43:15
VBASE028.VDF : 7.10.11.36 2048 Bytes 27/08/2010 13:43:15
VBASE029.VDF : 7.10.11.37 2048 Bytes 27/08/2010 13:43:15
VBASE030.VDF : 7.10.11.38 2048 Bytes 27/08/2010 13:43:15
VBASE031.VDF : 7.10.11.43 26624 Bytes 28/08/2010 13:43:15
Engineversion : 8.2.4.46
AEVDF.DLL : 8.1.2.1 106868 Bytes 28/08/2010 13:43:22
AESCRIPT.DLL : 8.1.3.44 1364346 Bytes 28/08/2010 13:43:21
AESCN.DLL : 8.1.6.1 127347 Bytes 28/08/2010 13:43:21
AESBX.DLL : 8.1.3.1 254324 Bytes 28/08/2010 13:43:22
AERDL.DLL : 8.1.8.2 614772 Bytes 28/08/2010 13:43:21
AEPACK.DLL : 8.2.3.5 471412 Bytes 28/08/2010 13:43:20
AEOFFICE.DLL : 8.1.1.8 201081 Bytes 28/08/2010 13:43:20
AEHEUR.DLL : 8.1.2.19 2867574 Bytes 28/08/2010 13:43:20
AEHELP.DLL : 8.1.13.3 242038 Bytes 28/08/2010 13:43:18
AEGEN.DLL : 8.1.3.20 397684 Bytes 28/08/2010 13:43:18
AEEMU.DLL : 8.1.2.0 393588 Bytes 28/08/2010 13:43:17
AECORE.DLL : 8.1.16.2 192887 Bytes 28/08/2010 13:43:17
AEBB.DLL : 8.1.1.0 53618 Bytes 28/08/2010 13:43:17
AVWINLL.DLL : 10.0.0.0 19304 Bytes 14/01/2010 11:03:38
AVPREF.DLL : 10.0.0.0 44904 Bytes 14/01/2010 11:03:35
AVREP.DLL : 10.0.0.8 62209 Bytes 18/02/2010 15:47:40
AVREG.DLL : 10.0.3.0 53096 Bytes 01/04/2010 11:35:46
AVSCPLR.DLL : 10.0.3.0 83816 Bytes 01/04/2010 11:39:51
AVARKT.DLL : 10.0.0.14 227176 Bytes 01/04/2010 11:22:13
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 26/01/2010 08:53:30
SQLITE3.DLL : 3.6.19.0 355688 Bytes 28/01/2010 11:57:58
AVSMTP.DLL : 10.0.0.17 63848 Bytes 16/03/2010 14:38:56
NETNT.DLL : 10.0.0.0 11624 Bytes 19/02/2010 13:41:00
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 28/01/2010 12:10:20
RCTEXT.DLL : 10.0.53.0 97128 Bytes 09/04/2010 13:14:29
Configuration settings for the scan:
Jobname.............................: Short system scan after installation
Configuration file..................: c:\program files (x86)\avira\antivir desktop\setupprf.dat
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: off
Integrity checking of system files..: off
Scan all files......................: Intelligent file selection
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium
Start of the scan: sabato 28 agosto 2010 15:45
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'avconfig.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'setup.exe' - '1' Module(s) have been scanned
Scan process 'presetup.exe' - '1' Module(s) have been scanned
Scan process 'avira_antivir_personal_en_1000567.exe' - '1' Module(s) have been scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[DETECTION] Contains code of the BOO/Sinowal.F boot sector virus
[NOTE] The boot sector was not written!
Start scanning boot sectors:
Starting to scan executable files (registry).
The registry was scanned ( '144' files ).
End of the scan: sabato 28 agosto 2010 15:46
Used time: 01:18 Minute(s)
The scan has been done completely.
0 Scanned directories
588 Files were scanned
1 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
588 Files not concerned
3 Archives were scanned
0 Warnings
1 Notes
come si vede dalle ultime righe del report, lo rileva nel settore di boot del hd1.
Ho già tentato alcune procedure che si trovano online, senza successo.
Un grazie anticipato .
Sul computer di mio fratello avira trovaquesto virus, pensavo di averlo eliminato ad inizio agosto andando a ripristinare il settore di boot direttamente col cd di vista ma niente, torno oggi qui e si è ripresentato.
poco male penso, formatto e reinstallo e bon, ma a quanto pare con il solo avira installato su installazione fresca ( avevo anche deallocato la partizione e reallocata per sicurezza ) continua a rilevarmelo.
di seguito il log di avira:
Avira AntiVir Personal
Report file date: sabato 28 agosto 2010 15:45
Scanning for 2757613 virus strains and unwanted programs.
The program is running as an unrestricted full version.
Online services are available:
Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows Vista x64
Windows version : (plain) [6.0.6000]
Boot mode : Normally booted
Username : Alessandro
Computer name : MetalGear
Version information:
BUILD.DAT : 10.0.0.567 32097 Bytes 19/04/2010 15:07:00
AVSCAN.EXE : 10.0.3.0 433832 Bytes 01/04/2010 11:37:38
AVSCAN.DLL : 10.0.3.0 46440 Bytes 01/04/2010 11:57:04
LUKE.DLL : 10.0.2.3 104296 Bytes 07/03/2010 17:33:04
LUKERES.DLL : 10.0.0.1 12648 Bytes 10/02/2010 22:40:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 08:05:36
VBASE001.VDF : 7.10.1.0 1372672 Bytes 19/11/2009 18:27:49
VBASE002.VDF : 7.10.3.1 3143680 Bytes 20/01/2010 16:37:42
VBASE003.VDF : 7.10.3.75 996864 Bytes 26/01/2010 15:37:42
VBASE004.VDF : 7.10.4.203 1579008 Bytes 05/03/2010 10:29:03
VBASE005.VDF : 7.10.6.82 2494464 Bytes 15/04/2010 13:42:59
VBASE006.VDF : 7.10.7.218 2294784 Bytes 02/06/2010 13:43:03
VBASE007.VDF : 7.10.9.165 4840960 Bytes 23/07/2010 13:43:10
VBASE008.VDF : 7.10.9.166 2048 Bytes 23/07/2010 13:43:10
VBASE009.VDF : 7.10.9.167 2048 Bytes 23/07/2010 13:43:10
VBASE010.VDF : 7.10.9.168 2048 Bytes 23/07/2010 13:43:10
VBASE011.VDF : 7.10.9.169 2048 Bytes 23/07/2010 13:43:10
VBASE012.VDF : 7.10.9.170 2048 Bytes 23/07/2010 13:43:10
VBASE013.VDF : 7.10.9.198 157696 Bytes 26/07/2010 13:43:11
VBASE014.VDF : 7.10.9.255 997888 Bytes 29/07/2010 13:43:12
VBASE015.VDF : 7.10.10.28 139264 Bytes 02/08/2010 13:43:12
VBASE016.VDF : 7.10.10.52 127488 Bytes 03/08/2010 13:43:13
VBASE017.VDF : 7.10.10.84 137728 Bytes 06/08/2010 13:43:13
VBASE018.VDF : 7.10.10.107 176640 Bytes 09/08/2010 13:43:13
VBASE019.VDF : 7.10.10.130 132608 Bytes 10/08/2010 13:43:14
VBASE020.VDF : 7.10.10.158 131072 Bytes 12/08/2010 13:43:14
VBASE021.VDF : 7.10.10.190 136704 Bytes 16/08/2010 13:43:14
VBASE022.VDF : 7.10.10.217 118272 Bytes 19/08/2010 13:43:14
VBASE023.VDF : 7.10.10.246 130048 Bytes 23/08/2010 13:43:14
VBASE024.VDF : 7.10.11.11 144896 Bytes 25/08/2010 13:43:15
VBASE025.VDF : 7.10.11.33 135168 Bytes 27/08/2010 13:43:15
VBASE026.VDF : 7.10.11.34 2048 Bytes 27/08/2010 13:43:15
VBASE027.VDF : 7.10.11.35 2048 Bytes 27/08/2010 13:43:15
VBASE028.VDF : 7.10.11.36 2048 Bytes 27/08/2010 13:43:15
VBASE029.VDF : 7.10.11.37 2048 Bytes 27/08/2010 13:43:15
VBASE030.VDF : 7.10.11.38 2048 Bytes 27/08/2010 13:43:15
VBASE031.VDF : 7.10.11.43 26624 Bytes 28/08/2010 13:43:15
Engineversion : 8.2.4.46
AEVDF.DLL : 8.1.2.1 106868 Bytes 28/08/2010 13:43:22
AESCRIPT.DLL : 8.1.3.44 1364346 Bytes 28/08/2010 13:43:21
AESCN.DLL : 8.1.6.1 127347 Bytes 28/08/2010 13:43:21
AESBX.DLL : 8.1.3.1 254324 Bytes 28/08/2010 13:43:22
AERDL.DLL : 8.1.8.2 614772 Bytes 28/08/2010 13:43:21
AEPACK.DLL : 8.2.3.5 471412 Bytes 28/08/2010 13:43:20
AEOFFICE.DLL : 8.1.1.8 201081 Bytes 28/08/2010 13:43:20
AEHEUR.DLL : 8.1.2.19 2867574 Bytes 28/08/2010 13:43:20
AEHELP.DLL : 8.1.13.3 242038 Bytes 28/08/2010 13:43:18
AEGEN.DLL : 8.1.3.20 397684 Bytes 28/08/2010 13:43:18
AEEMU.DLL : 8.1.2.0 393588 Bytes 28/08/2010 13:43:17
AECORE.DLL : 8.1.16.2 192887 Bytes 28/08/2010 13:43:17
AEBB.DLL : 8.1.1.0 53618 Bytes 28/08/2010 13:43:17
AVWINLL.DLL : 10.0.0.0 19304 Bytes 14/01/2010 11:03:38
AVPREF.DLL : 10.0.0.0 44904 Bytes 14/01/2010 11:03:35
AVREP.DLL : 10.0.0.8 62209 Bytes 18/02/2010 15:47:40
AVREG.DLL : 10.0.3.0 53096 Bytes 01/04/2010 11:35:46
AVSCPLR.DLL : 10.0.3.0 83816 Bytes 01/04/2010 11:39:51
AVARKT.DLL : 10.0.0.14 227176 Bytes 01/04/2010 11:22:13
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 26/01/2010 08:53:30
SQLITE3.DLL : 3.6.19.0 355688 Bytes 28/01/2010 11:57:58
AVSMTP.DLL : 10.0.0.17 63848 Bytes 16/03/2010 14:38:56
NETNT.DLL : 10.0.0.0 11624 Bytes 19/02/2010 13:41:00
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 28/01/2010 12:10:20
RCTEXT.DLL : 10.0.53.0 97128 Bytes 09/04/2010 13:14:29
Configuration settings for the scan:
Jobname.............................: Short system scan after installation
Configuration file..................: c:\program files (x86)\avira\antivir desktop\setupprf.dat
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: off
Integrity checking of system files..: off
Scan all files......................: Intelligent file selection
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium
Start of the scan: sabato 28 agosto 2010 15:45
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'avconfig.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'setup.exe' - '1' Module(s) have been scanned
Scan process 'presetup.exe' - '1' Module(s) have been scanned
Scan process 'avira_antivir_personal_en_1000567.exe' - '1' Module(s) have been scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[DETECTION] Contains code of the BOO/Sinowal.F boot sector virus
[NOTE] The boot sector was not written!
Start scanning boot sectors:
Starting to scan executable files (registry).
The registry was scanned ( '144' files ).
End of the scan: sabato 28 agosto 2010 15:46
Used time: 01:18 Minute(s)
The scan has been done completely.
0 Scanned directories
588 Files were scanned
1 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
588 Files not concerned
3 Archives were scanned
0 Warnings
1 Notes
come si vede dalle ultime righe del report, lo rileva nel settore di boot del hd1.
Ho già tentato alcune procedure che si trovano online, senza successo.
Un grazie anticipato .
