win xp: applicazione win32 non valida

[Huchis]

Salve a tutti ragazzi! Ho un problema che spero di risolvere, con il vostro aiuto.
Ho un ACER. Da qualche giorno l'avvio del computer è come bloccato, si avvia il sistema operativo (Win xp) e qualche altro programma MA non tutti. Non si avviano l'antivirus (Avira), l'antispyware (spybot) il controller del volume. In più quando cerco di aprire questi programmi, così come CCleaner, Hijackthis, mi compare il messaggio di errore: applicazione win32 non valida. Ma io li ho sempre usati tranquillamente! Non ho modificato nulla eppure non riesco più ad avviarli. .. li ho anche disinstallati e reinstallati tutti ma senza risultato..

Non riesco ad avviare il computer in modalità provvisoria...

In più non riconosce assolutamente gli hard disk esterni. Anzi, credo che me li abbia infettati
Qualcuno sa dirmi cosa può essere successo o cosa posso fare per capirlo (e risolverlo)?? Grazie.


ho scoperto oggi questo bagle
Ho trovato nel computer i seguenti file:
C:\Documents and Settings\Proprietario\Dati applicazioni\drivers\srosa2.sys
C:\Documents and Settings\Proprietario\Dati applicazioni\drivers\winupgro.exe

Ho provato ad effettuare una scansione on line con kaspersky ma non ci sono riuscito perchè si blocca (credo ad opera del worm). Ho provato ad installare l'antirootkit gmer ma ancora non funziona (applicazione non valida)....
Il pc non si riavvia in modalità provvisoria.

L'unica scansione che sono riuscito a fare è stata con catchme.exe e questo è il log:
catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006
http://www.gmer.net

scanning hidden processes ...

? [2932]
? [880]

scanning hidden services ...

HKLM\SYSTEM\CurrentControlSet\Services\srserviceFUServicerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\SrverviceFUServicerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\sscdbusceFUServicerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\sscdmdfleFUServicerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\sscdmdmleFUServicerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\SSDPSRVleFUServicerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\ssmdrvVleFUServicerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\StarOpeneFUServicerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\stisvceneFUServicerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\streamipeFUServicerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\swenumipeFUServicerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\swmidiipeFUServicerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\SwPrviipeFUServicerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\symc810peFUServicerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\symc8xxpeFUServicerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\sym_hixpeFUServicerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\sym_u3xpeFUServicerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\SynTP3xpeFUServicerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\sysaudioeFUServicerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\SysmonLogFUServicerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\TapiSrvogFUServicerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\TcpiprvogFUServicerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\TDPIPEvogFUServicerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\TDTCPEvogFUServicerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\TermDDvogFUServicerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\TermServiceServicerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\TfFsMonviceServicerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\TfKbMonviceServicerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\TfNetMoniceServicerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\TfSysMoniceServicerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\ThemesoniceServicerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\ThreatFireeServicerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\TlntSvrireeServicerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\TosIderireeServicerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\TrkWksrireeServicerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\TSDDDsrireeServicerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\UdfsDsrireeServicerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\ultrasrireeServicerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\UnlockerDriver5icerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\UpdateerDriver5icerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\upnphostDriver5icerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\UPSphostDriver5icerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\usbccgptDriver5icerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\usbehcitDriver5icerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\usbhubitDriver5icerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\usbprintDriver5icerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\usbscantDriver5icerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\usbstortDriver5icerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\usbuhcitDriver5icerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\usnjsvctDriver5icerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\VgaSavetDriver5icerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\viaagpetDriver5icerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\viaagp1tDriver5icerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\viagfx1tDriver5icerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\ViaIde1tDriver5icerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\VIAudiotDriver5icerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\VolSnaptDriver5icerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\VSSSnaptDriver5icerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\VxDSnaptDriver5icerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\W32TimetDriver5icerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\W3SVCmetDriver5icerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\WanarpetDriver5icerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\WDICApetDriver5icerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\wdmaudetDriver5icerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\WebClientriver5icerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\winmgmtntriver5icerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\Winsockntriver5icerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\WinSock2triver5icerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\WinTrusttriver5icerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\WmdmPmSNtriver5icerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\WmiApRpltriver5icerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\WmiApSrvtriver5icerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\WpdUsbrvtriver5icerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\WS2IFSLvtriver5icerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\wscsvcLvtriver5icerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\WSTCODECtriver5icerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\wuauservtriver5icerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\WudfPfrvtriver5icerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\WudfRdrvtriver5icerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\WudfSvcvtriver5icerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\WZCSVCcvtriver5icerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\xmlprovvtriver5icerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\ZD1211BU(ZyDAS)icerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\ZDPSp50U(ZyDAS)icerentr 3udit Service

HKLM\SYSTEM\CurrentControlSet\Services\af6rfeig2-9F8E-4A1A-8E61-47E34B6EAAA1}

scanning hidden autostart entries ...

scanning hidden files ...


scan completed successfully
hidden processes: 2
hidden services: 85
hidden files: 0

IO NON CI CAPISCO NIENTE.

A proposito dei consigli letti sul vostro forum di scaricare bagled elibagla e malwarebytes, ho provato a farlo (elibagla non ci sono riuscito) ma non riesco ad aprirli credo perchè il worm me lo impedisce. Pur volendo non li posso scaricare più perchè adesso il notebook non si connette a internet e in più non riconosce le penne usb (quindi non posso trasferire file)....

Non so proprio cosa fare!! Chiedo per favore aiuto. Grazie

[Huchis]

Scusatemi, sono nuovo del forum. Voglio ringraziare coloro che vorranno aiutarmi... per favore! Non vorrei dover formattare tutto!!

[wjmat]

ciao
segui qui la guida per la rimozione di Bagle e posta in quella discussione tutti i log richiesti, in un unico post, secondo le modalità .

[Chill-Out]

Segui quanto sopra indicato, chiudo