Valutazione 4.87/ 5 (100.00%) 5838 voti

Condividi:        

AIUTO VIRUS WIN32 BEAGLE

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: kadosh, Luke57

AIUTO VIRUS WIN32 BEAGLE

Postdi daniell » 09/08/08 13:05

Salve a tutti mi chiamo Daniela e sono nuova del forum. Ho bisogno del vostro aiuto ho preso il virus win32 beagle e non riesco ad installare nessun antivirus sono riuscita ad installare spyhunt mi visualizza il virus ma per rimuoverlo bisogna pagarlo che fare? Sono inesperta ho bisogno istruzioni passo passo.
Grazie.
Daniela
daniell
Utente Junior
 
Post: 10
Iscritto il: 09/08/08 12:49

Sponsor
 

Re: AIUTO VIRUS WIN32 BEAGLE

Postdi Luke57 » 09/08/08 14:02

Ciao, qual è il tuo sistema operativo?
Luke57
Moderatore
 
Post: 6410
Iscritto il: 11/08/05 19:10

Re: AIUTO VIRUS WIN32 BEAGLE

Postdi daniell » 09/08/08 15:34

Il mio sistema operativo è windows xp.
daniell
Utente Junior
 
Post: 10
Iscritto il: 09/08/08 12:49

Re: AIUTO VIRUS WIN32 BEAGLE

Postdi Luke57 » 09/08/08 16:02

Ciao, Scarica combofix sul desktop
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
devi rinominare il file prima di salvarlo sul desktop in abc.exe
(per rinominare il file, quando lo scarichi ti chiede dove salvarlo e ti compare la casella "nome file" ,basta che cambi il nome che ti appare li in abc.exe)
Una volta scaricato il programma, clicca su start>esegui, nel box bianco copia e incolla questo comando, virgolette comprese:
"%userprofile%\desktop\abc.exe" /killall
Premi OK, se tutto va bene parte il programma che potrebbe impiegare molto (non fare altre manovre durante la scansione),una volta terminata, se tutto è andato bene, in C:\ dovresti trovare il file combofix.txt , posta il contenuto del file.
Luke57
Moderatore
 
Post: 6410
Iscritto il: 11/08/05 19:10

Re: AIUTO VIRUS WIN32 BEAGLE

Postdi daniell » 09/08/08 18:45

Ho lanciato programma ecco il risultato:
ComboFix 08-08-08.08 - Utente 2008-08-09 19:22:26.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1040.18.309 [GMT 2:00]

ATENÃ+O - ESTA MAQUINA NAO TEM A CONSOLE DE RECUPERAÃ+O INSTALADA !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\55.exe
C:\WINDOWS\system32\actskn43.ocx
C:\WINDOWS\system32\drivers\srosa.sys
C:\WINDOWS\winhelp.ini

.
((((((((((((((((((((((((( Files Created from 2008-07-09 to 2008-08-09 )))))))))))))))))))))))))))))))
.

2008-08-08 22:45 . 2008-08-08 22:45 36,363 --a------ C:\WINDOWS\CSTBox.INI
2008-08-08 19:14 . 2008-08-08 19:14 <DIR> d-------- C:\Documents and Settings\Utente\Dati applicazioni\Canon
2008-08-08 19:13 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2008-08-08 19:13 . 2004-08-03 22:58 15,104 --a--c--- C:\WINDOWS\system32\dllcache\usbscan.sys
2008-08-08 19:05 . 2008-08-09 10:36 <DIR> d-------- C:\Programmi\Canon
2008-08-08 19:04 . 2008-08-08 19:04 <DIR> d-------- C:\Programmi\ScanSoft
2008-08-08 19:03 . 2008-08-08 19:03 <DIR> d-------- C:\Programmi\ArcSoft
2008-08-08 19:03 . 1995-08-01 04:44 212,480 --a------ C:\WINDOWS\PCDLIB32.DLL
2008-08-08 19:02 . 2008-08-08 19:02 <DIR> d-------- C:\WINDOWS\system32\Adobe
2008-08-08 19:02 . 2008-08-08 19:02 <DIR> d-------- C:\WINDOWS\Profiles
2008-08-08 19:02 . 2008-08-08 19:02 <DIR> d-------- C:\Documents and Settings\Utente\Dati applicazioni\InterTrust
2008-08-08 19:01 . 2008-08-08 19:01 <DIR> d--h----- C:\CanoScan
2008-08-08 19:01 . 2005-02-24 19:14 274,432 --a------ C:\WINDOWS\system32\CNQL1212.dll
2008-08-08 19:01 . 2005-02-02 09:20 57,344 --a------ C:\WINDOWS\system32\CNQU111.DLL
2008-08-08 17:45 . 2007-11-07 11:37 319,488 --------- C:\WINDOWS\system32\fppmon3.dll
2008-08-08 17:45 . 2007-11-05 10:25 126,976 --------- C:\WINDOWS\system32\fppr332.dll
2008-08-08 16:42 . 2008-08-08 16:42 <DIR> d-------- C:\Programmi\Enigma Software Group
2008-08-08 16:22 . 2008-08-08 16:22 <DIR> d-------- C:\Programmi\Sophos
2008-08-08 14:57 . 2008-08-08 14:57 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Lab Setup Files
2008-08-08 14:02 . 2008-08-08 14:02 118 --a------ C:\WINDOWS\ConverterCore.INI
2008-08-08 13:57 . 2008-08-09 12:45 <DIR> d-------- C:\Documents and Settings\Utente\Dati applicazioni\SolidDocuments
2008-08-08 13:57 . 2008-07-23 00:17 21,240 --a------ C:\WINDOWS\system32\solidlocalmon.dll
2008-08-08 13:57 . 2008-07-23 00:17 13,560 --a------ C:\WINDOWS\system32\solidlocalui.dll
2008-08-08 13:56 . 2008-08-08 13:56 <DIR> d-------- C:\Programmi\SolidDocuments
2008-08-08 13:56 . 2008-08-08 13:56 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\SolidDocuments
2008-08-08 13:31 . 2008-08-08 13:31 262,144 --a------ C:\Documents and Settings\GRNOHN~2
2008-08-08 11:37 . 2008-08-08 11:37 <DIR> d-------- C:\Documents and Settings\Utente\Dati applicazioni\PC Tools
2008-08-08 11:37 . 2008-08-08 11:46 <DIR> d-a------ C:\Documents and Settings\All Users\Dati applicazioni\TEMP
2008-08-08 11:37 . 2008-06-10 21:22 81,288 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
2008-08-08 11:37 . 2008-06-02 15:19 66,952 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys
2008-08-08 11:37 . 2008-06-02 15:19 42,376 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys
2008-08-08 11:37 . 2008-06-02 15:19 29,576 --a------ C:\WINDOWS\system32\drivers\kcom.sys
2008-08-08 11:15 . 2008-08-08 12:18 <DIR> d-------- C:\55
2008-08-08 11:08 . 2008-08-08 11:11 <DIR> d-------- C:\qual
2008-08-07 23:08 . 2008-08-07 23:08 <DIR> d-------- C:\Programmi\Alwil Software
2008-08-07 19:36 . 2008-08-08 11:27 <DIR> d-------- C:\Programmi\ESET
2008-08-07 19:29 . 2008-08-07 19:29 <DIR> d-------- C:\Programmi\FreePOPs
2008-08-07 19:28 . 2008-08-07 19:29 262,144 --a------ C:\Documents and Settings\GRNOHN~1
2008-08-07 18:51 . 2008-08-07 18:51 76,040 --a------ C:\WINDOWS\system32\drivers\avgtdix.sys
2008-08-07 18:50 . 2008-08-07 18:50 96,520 --a------ C:\WINDOWS\system32\drivers\avgldx86.sys
2008-08-04 17:03 . 2008-08-08 15:43 <DIR> d-------- C:\WINDOWS\Internet Logs
2008-08-04 17:03 . 2008-08-04 17:03 <DIR> d-------- C:\Programmi\Zone Labs
2008-08-04 17:03 . 2008-07-09 09:05 1,086,952 --a------ C:\WINDOWS\system32\zpeng24.dll
2008-08-04 17:03 . 2008-08-04 17:03 352,624 --a------ C:\WINDOWS\system32\vsconfig.xml
2008-08-03 17:53 . 2008-08-03 17:53 691,160 --a------ C:\Programmi\installer-73361-34it-DVDFab-HD-Decrypter-Italian.exe
2008-07-27 14:22 . 2008-07-27 14:23 128,360 --a------ C:\Programmi\Download_avi_mpeg_converter-trial.exe
2008-07-25 18:50 . 2008-07-25 18:50 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Adobe Systems
2008-07-25 18:49 . 2008-07-25 18:49 <DIR> d-------- C:\Programmi\File comuni\Adobe Systems Shared
2008-07-25 18:41 . 2008-07-25 18:41 <DIR> d-------- C:\Programmi\Photoshop_CS2_tryout
2008-07-25 18:21 . 2008-07-25 18:24 344,998,294 --a------ C:\Programmi\Photoshop_CS2_tryout.zip
2008-07-23 19:29 . 2008-08-05 08:17 <DIR> d-------- C:\Programmi\DVDlabPro2
2008-07-23 19:25 . 2008-07-23 19:25 23,912,316 --a------ C:\Programmi\dvdlabpro23.exe
2008-07-18 09:22 . 2008-08-09 12:51 55 --a------ C:\WINDOWS\KMSTMVM.ini
2008-07-17 21:25 . 2004-08-03 23:01 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2008-07-17 21:25 . 2004-08-03 23:01 25,856 --a--c--- C:\WINDOWS\system32\dllcache\usbprint.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-09 17:29 --------- d-----w C:\Documents and Settings\Utente\Dati applicazioni\Skype
2008-08-09 10:32 --------- d-----w C:\Documents and Settings\Utente\Dati applicazioni\AdobeUM
2008-08-09 08:36 --------- d--h--w C:\Programmi\InstallShield Installation Information
2008-08-07 06:43 --------- d-----w C:\Programmi\eMule
2008-07-25 16:53 --------- d-----w C:\Programmi\File comuni\Adobe
2008-06-13 11:04 13,466,405 ----a-w C:\Programmi\CENED - Regione Lombardia.zip
2008-06-13 11:04 --------- d-----w C:\Programmi\CENED - Regione Lombardia
2008-06-02 12:07 2,041,046 ----a-w C:\Programmi\dvdripperwizard.exe
2008-05-18 12:54 2,000,324 ----a-w C:\Programmi\cdex_151.exe
2008-05-18 12:16 90,748 ----a-w C:\Programmi\mp3DirectCut.zip
2008-05-18 11:54 4,856,734 ----a-w C:\Programmi\midi2mp3_setup.exe
2008-05-18 09:49 1,751,040 ----a-w C:\Programmi\rtcreator_2_4_windows_trial.exe
2008-05-13 07:08 199,267 ----a-w C:\WATER.exe
2008-05-13 06:30 107 ----a-w C:\INTEST.DAT
2008-02-20 19:18 75,621 ----a-w C:\Programmi\la_bades.zip
2008-02-12 11:46 2,247,168 ----a-w C:\Programmi\vnlt6255.exe
2008-02-11 21:00 17,788,920 ----a-w C:\Programmi\antivir_workstation_win7u_en_h.exe
2008-01-16 18:34 2,724,328 ----a-w C:\Programmi\ccsetup203.exe
2008-01-08 17:44 2,493,933 ----a-w C:\Programmi\vsoDivxToDVD_setup.exe
2007-11-03 13:54 3,780,652 ----a-w C:\Programmi\BitTorrent-4.0.1.exe
2007-10-27 10:15 207,953 ----a-w C:\Programmi\cookingbook.zip
2007-10-27 07:13 18,165,191 ----a-w C:\Programmi\ricettoteca.zip
2007-06-14 10:27 45,085 ----a-w C:\Programmi\margreth.dwg
2007-05-13 16:21 2,742,038 ----a-w C:\Programmi\BookDB2.exe
2007-04-16 18:14 7,087,488 ----a-w C:\Programmi\Alcohol120_trial_1.9.6.4719.exe
2007-04-12 16:38 4,355,481 ----a-w C:\Programmi\dvdinfoadvert.zip
2007-03-01 19:14 14,621,240 ----a-w C:\Programmi\snagit.exe
2007-02-27 17:58 301,396 ----a-w C:\Programmi\FlashSavingPlugin.zip
2007-02-26 19:13 7,201,535 ----a-w C:\Programmi\Downtube2-Stable.exe
2007-02-24 19:22 2,642,280 ----a-w C:\Programmi\oesetup.exe
2007-01-27 21:21 87,608 ----a-w C:\Documents and Settings\Utente\Dati applicazioni\ezpinst.exe
2007-01-27 21:21 47,360 ----a-w C:\Documents and Settings\Utente\Dati applicazioni\pcouffin.sys
2006-12-29 17:33 813,888 ----a-w C:\Programmi\megauploadtoolbarsetup.exe
2006-11-09 13:46 2,262,648 ----a-w C:\Programmi\Flash9b.ocx
2006-11-09 13:46 190,072 ----a-w C:\Programmi\FlashUtil9b.exe
2006-11-01 11:37 3,534,076 ----a-w C:\Programmi\eMule0.47c-Installer.exe
2006-09-26 16:44 10,332,640 ----a-w C:\Programmi\SkypeSetup.exe
2006-08-01 16:25 707,047 ----a-w C:\Programmi\SubRip_1[1].17.1.exe
2006-08-01 15:52 1,075,649 ----a-w C:\Programmi\subtitleworkshop251.zip
2006-07-23 17:09 700,792 ----a-w C:\Programmi\VirtualDub-1_4_111.zip
.

------- Sigcheck -------

2004-08-30 20:40 359040 7b11118b078b88f87183fe69eda43137 C:\WINDOWS\system32\drivers\tcpip.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 15:39 15360]
"MsnMsgr"="C:\Programmi\MSN Messenger\MsnMsgr.Exe" [2006-06-16 14:39 5324584]
"Skype"="C:\Programmi\Skype\Phone\Skype.exe" [2006-12-18 18:32 25365032]
"ccleaner"="C:\Programmi\CCleaner\ccleaner.exe" [2007-11-22 18:10 787696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"pdfFactory Pro Dispatcher v3"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis3a.exe" [2007-11-07 11:39 507904]
"SpyHunter Security Suite"="C:\Programmi\Enigma Software Group\SpyHunter\SpyHunter3.exe" [2008-01-23 14:47 847872]
"SoundMan"="SOUNDMAN.EXE" [2004-10-27 08:49 73728 C:\WINDOWS\SOUNDMAN.EXE]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-19 15:39 15360]

C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
FreePOPs.lnk - C:\Programmi\FreePOPs\freepopsd.exe [2008-06-11 22:28:58 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.PIM1"= pclepim1.dll
"msacm.divxa32"= divxa32.acm

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\WINDOWS\\system32\\sessmgr.exe"=
"C:\\Programmi\\MSN Messenger\\msnmsgr.exe"=
"C:\\Programmi\\MSN Messenger\\msncall.exe"=
"C:\\Programmi\\eMule\\emule.exe"=
"C:\\Programmi\\Ahead\\Nero ShowTime\\ShowTime.exe"=
"C:\\Programmi\\Skype\\Phone\\Skype.exe"=

R0 PzWDM;PzWDM;C:\WINDOWS\system32\Drivers\PzWDM.sys [2007-12-31 19:26]
R1 BIOS;BIOS;C:\WINDOWS\system32\drivers\BIOS.sys [2005-03-16 08:23]
R2 AvgTdiX;AVG Free8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-08-07 18:51]
R2 SCPDFV4ReadSpool;SolidConverterPDFv4ReadSpool;C:\WINDOWS\Installer\MSI26.tmp [2008-08-08 13:57]
R3 snpstd2;Trust WB-3100P Portable Webcam;C:\WINDOWS\system32\DRIVERS\snpstd2.sys [2004-10-14 17:12]
S1 AvgLdx86;AVG Free AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-08-07 18:50]
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-OPSE reminder - C:\Programmi\ScanSoft\OmniPageSE2.0\EregIta\Ereg.exe


.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page = www.libero.it/
O8 -: E&sporta in Microsoft Excel - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O16 -: Microsoft XML Parser for Java - file://C:\WINDOWS\Java\classes\xmldso.cab
C:\WINDOWS\Downloaded Program Files\Microsoft XML Parser for Java.osd


**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-09 19:27:29
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SCPDFV4ReadSpool]
"ImagePath"="C:\WINDOWS\Installer\MSI26.tmp"
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\wdfmgr.exe
C:\Programmi\Skype\Plugin Manager\skypePM.exe
.
**************************************************************************
.
Completion time: 2008-08-09 19:35:36 - machine was rebooted
ComboFix-quarantined-files.txt 2008-08-09 17:35:33

Pre-Run: 9,260,724,224 byte disponibili
Post-Run: 9,300,004,864 byte disponibili

188

Cosa devo fare adesso?
Grazie.
Daniela
daniell
Utente Junior
 
Post: 10
Iscritto il: 09/08/08 12:49

Re: AIUTO VIRUS WIN32 BEAGLE

Postdi Luke57 » 09/08/08 20:44

Ciao, sembra ok, per contrrollo:
Scarica Bagle Remover sul desktop.
http://download.bleepingcomputer.com/sUBs/Beagled.exe
-Ora clic su Beagled.exe e seguire le istruzioni
attendere .....quando ha finito chiederà di riavviare: fatelo


-Esegui anche una scansione online (usando IExplorer) con Nod32 (che elimina ciò che trova)
http://www.eset.com/onlinescan/
spuntando le caselle:
-Remove found threats
-Scan unwanted applications

fammi conoscere l'esito degli scan
Luke57
Moderatore
 
Post: 6410
Iscritto il: 11/08/05 19:10

Re: AIUTO VIRUS WIN32 BEAGLE

Postdi daniell » 09/08/08 21:00

Ho fatto la scansione col programma beagled.exe il risultato dello scan mi ha detto che non ho virus però non mi ha fatto riavviare il pc. Adesso sono andata nel sito di nod32 però per la scansione on line mi dice di installare il controllo activex devo farlo o c'è pericolo?
daniell
Utente Junior
 
Post: 10
Iscritto il: 09/08/08 12:49


Torna a Sicurezza e Privacy


Topic correlati a "AIUTO VIRUS WIN32 BEAGLE":


Chi c’è in linea

Visitano il forum: Nessuno e 3 ospiti