Antivir, zonealarm, avg fuori uso!
ho seguito la guida da voi stilata ma non riesco a neutralizzare Begle con efficacia con avenger! mi potete dare una manina?
inizio con il postare il LOG di KASPESKY:
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Sunday, January 13, 2008 9:23:56 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 13/01/2008
Kaspersky Anti-Virus database records: 510043
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: false
Scan Target - Folders:
C:\ACER\
C:\ATI\
C:\avenger\
C:\CanoScan\
C:\Diskeeper\
C:\DlSystem\
C:\Documents and Settings\
C:\MSOCache\
C:\Programmi\
C:\RECYCLER\
C:\System Volume Information\
C:\Temp\
C:\WINDOWS\
Scan Statistics:
Total number of scanned objects: 61979
Number of viruses found: 7
Number of infected objects: 28
Number of suspicious objects: 0
Duration of the scan process: 02:46:26
Infected Object Name / Virus Name / Last Action
C:\ACER\Documents and Settings\utente\Impostazioni locali\Temporary Internet Files\Content.IE5\Z6B9JV2S\YazzleActiveX[1].exe/data0002 Infected: not-a-virus:AdWare.Win32.MediaTickets.z skipped
C:\ACER\Documents and Settings\utente\Impostazioni locali\Temporary Internet Files\Content.IE5\Z6B9JV2S\YazzleActiveX[1].exe NSIS: infected - 1 skipped
C:\avenger\backup-13.01.2008-11.59.07,18.zip/avenger/down/37531.exe Infected: Trojan-Downloader.Win32.Bagle.ho skipped
C:\avenger\backup-13.01.2008-11.59.07,18.zip/avenger/down/41171.exe Infected: Trojan.Win32.Pakes.bwy skipped
C:\avenger\backup-13.01.2008-11.59.07,18.zip/avenger/hldrrr.exe Infected: Trojan-Downloader.Win32.Bagle.ht skipped
C:\avenger\backup-13.01.2008-11.59.07,18.zip/avenger/srosa.sys Infected: Trojan-Downloader.Win32.Bagle.hw skipped
C:\avenger\backup-13.01.2008-11.59.07,18.zip/avenger/wintems.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\avenger\backup-13.01.2008-11.59.07,18.zip ZIP: infected - 5 skipped
C:\avenger\backup-13.01.2008-12.19.09,70.zip/avenger/srosa.sys Infected: Trojan-Downloader.Win32.Bagle.hw skipped
C:\avenger\backup-13.01.2008-12.19.09,70.zip/avenger/wintems.exe Infected: Trojan-Downloader.Win32.Bagle.ho skipped
C:\avenger\backup-13.01.2008-12.19.09,70.zip ZIP: infected - 2 skipped
C:\Documents and Settings\boh\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\boh\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\boh\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\boh\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\boh\Impostazioni locali\Temp\Perflib_Perfdata_fac.dat Object is locked skipped
C:\Documents and Settings\boh\Impostazioni locali\Temporary Internet Files\Content.IE5\14KSZOVA\b64_3[1].jpg Infected: Email-Worm.Win32.Bagle.of skipped
C:\Documents and Settings\boh\Impostazioni locali\Temporary Internet Files\Content.IE5\1ZV8FAIA\b64_2[1].jpg Infected: Trojan.Win32.Pakes.bwy skipped
C:\Documents and Settings\boh\Impostazioni locali\Temporary Internet Files\Content.IE5\1ZV8FAIA\b64_3[1].jpg Infected: Trojan-Downloader.Win32.Bagle.ho skipped
C:\Documents and Settings\boh\Impostazioni locali\Temporary Internet Files\Content.IE5\1ZV8FAIA\b64_3[2].jpg Infected: Email-Worm.Win32.Bagle.of skipped
C:\Documents and Settings\boh\Impostazioni locali\Temporary Internet Files\Content.IE5\54RX8J4U\b64[1].jpg Infected: Email-Worm.Win32.Bagle.of skipped
C:\Documents and Settings\boh\Impostazioni locali\Temporary Internet Files\Content.IE5\54RX8J4U\b64_1[1].jpg Infected: Trojan-PSW.Win32.LdPinch.ewq skipped
C:\Documents and Settings\boh\Impostazioni locali\Temporary Internet Files\Content.IE5\54RX8J4U\b64_3[1].jpg Infected: Email-Worm.Win32.Bagle.of skipped
C:\Documents and Settings\boh\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\boh\Impostazioni locali\Temporary Internet Files\Content.IE5\QATUGXAI\b64_3[1].jpg Infected: Email-Worm.Win32.Bagle.of skipped
C:\Documents and Settings\boh\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\boh\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Programmi\BillP Studios\WinPatrol\winpatrol.exe Infected: Trojan-Downloader.Win32.Bagle.ht skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{4D485C57-0152-4BDD-BA6A-7203437211D5}\RP155\A0072890.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{4D485C57-0152-4BDD-BA6A-7203437211D5}\RP155\A0072891.sys Infected: Trojan-Downloader.Win32.Bagle.hw skipped
C:\System Volume Information\_restore{4D485C57-0152-4BDD-BA6A-7203437211D5}\RP156\A0072912.exe Infected: Trojan-Downloader.Win32.Bagle.ht skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\Internet Logs\fwdbglog.txt Object is locked skipped
C:\WINDOWS\Internet Logs\fwpktlog.txt Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\ODiag.evt Object is locked skipped
C:\WINDOWS\system32\config\OSession.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\drivers\down\14470671.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\WINDOWS\system32\drivers\down\14482671.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\WINDOWS\system32\drivers\down\29031312.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\WINDOWS\system32\drivers\down\29033734.exe Infected: Trojan.Win32.Pakes.bwy skipped
C:\WINDOWS\system32\drivers\down\29048625.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\Perflib_Perfdata_5d0.dat Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
Scan process completed.
come devo procedere??
grazie e buona domenica!!