www.MegaLab.it

[bi.ro73]

buonasera
avrei bisogno di aiuto per liberare da insestazioni il mio computer
premetto che ho letto parecchie discussioni in merito al virus bagle
e credo proprio che sia il mio problema.
Comunque ho gia fatto la scansione con karspersky online e ho già pronto il report da inviare .
grazie anticipatamente

[ste_95]

Invia il log.

[bi.ro73]

ECCO IL LOG



KASPERSKY ONLINE SCANNER REPORT
Saturday, February 16, 2008 10:27:32 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 16/02/2008
Kaspersky Anti-Virus database records: 569242


Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true

Scan Target Folders
C:\21c8984c0aa963389f0f\
C:\avenger\
C:\Config.Msi\
C:\Documents and Settings\
C:\Program Files\
C:\Programmi\
C:\RECYCLER\
C:\SIEMENS\
C:\System Volume Information\
C:\WINDOWS\
C:\WUTemp\

Scan Statistics
Total number of scanned objects 161846
Number of viruses found 14
Number of infected objects 545
Number of suspicious objects 0
Duration of the scan process 01:19:41

Infected Object Name Virus Name Last Action

[ste_95]

Carica il log su www.freefilehosting.net e postane il link che ti viene assegnato.

[bi.ro73]

CREDO SIA QUESTO
http://www.freefilehosting.net/download/3cch4

[ste_95]

Disabilita il ripristino configurazione di sistema.

Scarica Avenger
Estrailo in una cartella a tua scelta
Esegui il file avenger.exe con la figura di una spada
Metti il pallino su input script manually
Quindi scegli la lente e cliccaci
Ora incolla queste righe nella box bianca che si è aperta:

Codice: Seleziona tutto

Files to delete:
C:\WINDOWS\system32\drivers\srosa.sys
C:\WINDOWS\system32\wintems.exe
C:\windows\system32\drivers\hldrrr.exe
C:\WINDOWS\system32\mdelk.exe
C:\avenger\backup.zip
C:\WINDOWS\7ops2es6.exe
C:\WINDOWS\braviax.exe
C:\WINDOWS\cru629.dat
C:\WINDOWS\system32\braviax.exe
C:\WINDOWS\system32\cru629.dat
C:\WINDOWS\system32\dllcache\beep.sys
C:\WINDOWS\system32\drivers\beep.sys
C:\WINDOWS\system32\users32.dat
C:\WINDOWS\system32\winivstr.exe

Folders to delete:
C:\WINDOWS\system32\drivers\down

Registry keys to delete:
HKLM\SYSTEM\CurrentControlSet\Services\srosa
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA

Adesso devi cliccare su Done in basso nella box
Seleziona il semaforino in alto a destra
Rispondi di Si alle due richieste di Avenger
Adesso il tuo computer dovrebbe riavviarsi, nel caso non succedesse, riavvialo tu manualmente
Al riavvio del computer, copia e incolla qui il contenuto del blocco note che apparirà.

Riscarica gli installer dei programmi di sicurezza e prova a reinstallare un antivirus.

[bi.ro73]

il cp si è riavviato ed ecco il log



Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\hmpfrmeo

*******************

Script file located at: \??\C:\WINDOWS\legmffpj.txt
Script file opened successfully.

Script file read successfully

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:



File C:\WINDOWS\system32\drivers\srosa.sys not found!
Deletion of file C:\WINDOWS\system32\drivers\srosa.sys failed!

Could not process line:
C:\WINDOWS\system32\drivers\srosa.sys
Status: 0xc0000034



File C:\WINDOWS\system32\wintems.exe not found!
Deletion of file C:\WINDOWS\system32\wintems.exe failed!

Could not process line:
C:\WINDOWS\system32\wintems.exe
Status: 0xc0000034



File C:\windows\system32\drivers\hldrrr.exe not found!
Deletion of file C:\windows\system32\drivers\hldrrr.exe failed!

Could not process line:
C:\windows\system32\drivers\hldrrr.exe
Status: 0xc0000034



File C:\WINDOWS\system32\mdelk.exe not found!
Deletion of file C:\WINDOWS\system32\mdelk.exe failed!

Could not process line:
C:\WINDOWS\system32\mdelk.exe
Status: 0xc0000034

File C:\avenger\backup.zip deleted successfully.
File C:\WINDOWS\7ops2es6.exe deleted successfully.
File C:\WINDOWS\braviax.exe deleted successfully.
File C:\WINDOWS\cru629.dat deleted successfully.
File C:\WINDOWS\system32\braviax.exe deleted successfully.
File C:\WINDOWS\system32\cru629.dat deleted successfully.
File C:\WINDOWS\system32\dllcache\beep.sys deleted successfully.
File C:\WINDOWS\system32\drivers\beep.sys deleted successfully.
File C:\WINDOWS\system32\users32.dat deleted successfully.
File C:\WINDOWS\system32\winivstr.exe deleted successfully.


Folder C:\WINDOWS\system32\drivers\down not found!
Deletion of folder C:\WINDOWS\system32\drivers\down failed!

Could not process line:
C:\WINDOWS\system32\drivers\down
Status: 0xc0000034



Registry key HKLM\SYSTEM\CurrentControlSet\Services\srosa not found!
Deletion of registry key HKLM\SYSTEM\CurrentControlSet\Services\srosa failed!

Could not process line:
HKLM\SYSTEM\CurrentControlSet\Services\srosa
Status: 0xc0000034



Registry key HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA not found!
Deletion of registry key HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA failed!

Could not process line:
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Status: 0xc0000034


Completed script processing.

*******************

Finished! Terminate.

[ste_95]

Riscarica gli installer dei programmi di sicurezza e prova a reinstallare un antivirus.