Pc lento

wolf.otakar

Ciao meeee82,

dai una ripulita anche con ccleaner!

p.s.
Per i software suggeriti da desmo_77, fatti un giretto qui:

Utility per la sicurezza del PC.

desmo.77

...e ATF cleaner dove lo mettiamo?!
anche questo!

meeee82

Ok, ma non me li fa installare e nn mi fa andare in modalita provvisoria.

desmo.77

Probabilmente sei infetto da Beagle o affini = stai nei casini!!!

Wolf, pensaci tu che qui serve TAAAAANTA pazienza per aiutare in nostro amico ad uscire dalle "sabbie mobili"

wolf.otakar

@desmo_77 said:

Probabilmente sei infetto da Beagle o affini = stai nei casini!!!

Credo di sì!!!

Ciao meeee82,

disattiva il ripristino configurazioni di sistema:

**S****tart **--> programmi --> accessori --> utilita' di sistema --> ripristino configurazioni di sistema --> impostazioni ripristino configurazioni di sistema --> Disattiva ripristino! Disattivato il ripristino, scarica:

findykill; esegui prima l'opzione 1 "la ricerca", poi la 2 "l'eliminazione"!

Riporta poi, qui sul forum il log presente in C:**FindyKill.txt
**
**

**

meeee82

Allora, inizio a riportare il log, sta eseguendo ancora la ricerca.

----------------- FindyKill V4.705 ------------------

User: utente - ULTIMO
Executed from : C:\Programmi\FindyKill
Update on 17/11/08 by Chiquitine29
Start at 13:26:43 the 20/11/2008
Windows XP - Internet Explorer 7.0.5730.11

((((((((((((((((( *** Searching *** ))))))))))))))))))

--------------- [ Active Processes ] ----------------

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Bonjour\mDNSResponder.exe
C:\Programmi\Power Translator\LogoMedia TranslateDotNet Server.exe
C:\Programmi\File comuni\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programmi\Analog Devices\Core\smax4pnp.exe
C:\Programmi\Analog Devices\SoundMAX\Smax4.exe
C:\Programmi\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\WINDOWS\system32\PDFCreatorMessages.exe
C:\Programmi\JawsSystems\Jaws PDF Creator\PDFClient.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Programmi\PowerISO\PWRISOVM.EXE
C:\WINDOWS\Knight.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\DNA\btdna.exe
C:\Programmi\WinZip\WZQKPICK.EXE
C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\MSN Messenger\usnsvc.exe
C:\Programmi\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\Restore\rstrui.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\SYSTEM32\WOWEXEC.EXE

--------------- [ Infected files / folders ] ----------------

»»»» Presence Files in

»»»» Presence Files in C:\WINDOWS

»»»» Presence Files in C:\WINDOWS\Prefetch

Found ! - C:\WINDOWS\prefetch\130093.EXE-1FC610E4.pf
Found ! - C:\WINDOWS\prefetch\143796.EXE-38711B68.pf
Found ! - C:\WINDOWS\prefetch\1497312.EXE-01336616.pf
Found ! - C:\WINDOWS\prefetch\1568546.EXE-11363F13.pf
Found ! - C:\WINDOWS\prefetch\1581937.EXE-352FA99C.pf
Found ! - C:\WINDOWS\prefetch\1588031.EXE-01BC8295.pf
Found ! - C:\WINDOWS\prefetch\1606875.EXE-32282B45.pf
Found ! - C:\WINDOWS\prefetch\79171.EXE-32A7513C.pf
Found ! - C:\WINDOWS\prefetch\82687.EXE-343A4AF6.pf
Found ! - C:\WINDOWS\prefetch\FLEC006.EXE-2554840C.pf
Found ! - C:\WINDOWS\prefetch\MDELK.EXE-1D176F91.pf
Found ! - C:\WINDOWS\prefetch\WINFILSE.EXE-17C2CF68.pf
Found ! - C:\WINDOWS\prefetch\WINTEMS.EXE-2A563F9B.pf

»»»» Presence Files in C:\WINDOWS\system32

Found ! [20/11/2008 09.13] - C:\WINDOWS\system32\mdelk.exe
Found ! [20/11/2008 09.13] - C:\WINDOWS\system32\wintems.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\ban_list.txt

»»»» Presence Files in C:\WINDOWS\system32\drivers

Found ! [20/11/2008 09.12] - C:\WINDOWS\system32\drivers\srosa.sys
Found ! [20/11/2008 09.12] - C:\WINDOWS\system32\drivers\srosa2.sys
Found ! [18/08/2005 10.09] - C:\WINDOWS\system32\drivers\winfilse.exe
Found ! [20/11/2008 13.20] - "C:\WINDOWS\system32\drivers\downld"
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\100656.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\101750.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\102625.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\103750.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\106671.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\107625.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\108671.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\108937.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\109156.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\111015.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\111187.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\111843.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\115093.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\121812.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\122500.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\123218.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\123984.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\126781.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\126968.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\127906.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\128109.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\130093.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\130718.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\132875.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\133046.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\133125.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\134609.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\134750.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\138031.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\139484.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\139875.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\139984.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\140609.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\143312.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\143796.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\145156.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\145406.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\145578.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\146546.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\146640.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\146984.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\14731265.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\14743453.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\14746906.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\14754671.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\14760468.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\14788187.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\14796171.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\14800484.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\14804875.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\14812687.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\14814984.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\14815875.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\14817015.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\148234.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\14827953.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\14876250.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\14879343.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\14880062.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\14880078.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\14888296.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\14891328.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\14909156.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\14912765.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\14923781.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\14933250.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\14938031.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\14940750.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\14942250.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\14944687.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\14945640.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\14948062.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\14952562.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\14958359.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\14966187.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\149671.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\14968312.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\1497312.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\150093.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\15013609.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\15014609.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\150453.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\15069437.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\150875.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\15093437.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\152921.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\153187.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\1544062.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\1546250.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\155312.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\156343.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\1568546.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\157296.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\157593.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\1581937.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\158312.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\1588031.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\159375.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\1606875.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\1612687.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\161875.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\162062.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\162734.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\162984.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\163187.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\163312.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\166578.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\166718.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\167156.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\167406.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\168921.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\170562.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\1719218.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\172875.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\174984.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\1750796.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\175500.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\176343.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\1770578.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\179625.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\180671.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\181406.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\185281.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\187562.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\188453.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\188937.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\192593.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\193984.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\194062.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\194171.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\196171.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\197890.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\200687.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\202406.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\203375.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\205468.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\208500.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\208593.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\209703.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\210640.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\212343.exe
Found ! [20/11/2008 13.20] - C:\WINDOWS\system32\drivers\downld\213218.exe

meeee82

Definitivo dopo l'eliminazione dei file:

----------------- FindyKill V4.705 ------------------

User : utente - ULTIMO
executed from : C:\Programmi\FindyKill
Update on 17/11/08 par Chiquitine29
Start at 13:55:43 the 20/11/2008
Windows XP - Internet Explorer 7.0.5730.11

((((((((((((((( *** deleting *** ))))))))))))))))))

--------------- [ Active Processes ] ----------------

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\Programmi\Power Translator\LogoMedia TranslateDotNet Server.exe
C:\WINDOWS\system32\userinit.exe
C:\Programmi\File comuni\LightScribe\LSSrvc.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\PDFCreatorMessages.exe
C:\WINDOWS\system32\wdfmgr.exe

--------------- [ Infected files / folders ] ----------------

»»»» Supression files in

»»»» Supression files in C:\WINDOWS

»»»» Supression files in C:\WINDOWS\Prefetch

Deleted ! - C:\WINDOWS\prefetch\130093.EXE-1FC610E4.pf
Deleted ! - C:\WINDOWS\prefetch\143796.EXE-38711B68.pf
Deleted ! - C:\WINDOWS\prefetch\1497312.EXE-01336616.pf
Deleted ! - C:\WINDOWS\prefetch\1568546.EXE-11363F13.pf
Deleted ! - C:\WINDOWS\prefetch\1581937.EXE-352FA99C.pf
Deleted ! - C:\WINDOWS\prefetch\1588031.EXE-01BC8295.pf
Deleted ! - C:\WINDOWS\prefetch\1606875.EXE-32282B45.pf
Deleted ! - C:\WINDOWS\prefetch\79171.EXE-32A7513C.pf
Deleted ! - C:\WINDOWS\prefetch\82687.EXE-343A4AF6.pf
Deleted ! - C:\WINDOWS\prefetch\FLEC006.EXE-2554840C.pf
Deleted ! - C:\WINDOWS\prefetch\MDELK.EXE-1D176F91.pf
Deleted ! - C:\WINDOWS\prefetch\WINFILSE.EXE-17C2CF68.pf
Deleted ! - C:\WINDOWS\prefetch\WINTEMS.EXE-2A563F9B.pf

»»»» Supression files in C:\WINDOWS\system32

Deleted ! - C:\WINDOWS\system32\mdelk.exe
Deleted ! - C:\WINDOWS\system32\wintems.exe
Deleted ! - C:\WINDOWS\system32\ban_list.txt

»»»» Supression files in C:\WINDOWS\system32\drivers

Deleted ! - C:\WINDOWS\system32\drivers\srosa.sys
Deleted ! - C:\WINDOWS\system32\drivers\srosa2.sys
Deleted ! - C:\WINDOWS\system32\drivers\winfilse.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\100656.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\101750.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\102625.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\103750.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\106671.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\107625.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\108671.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\108937.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\109156.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\111015.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\111187.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\111843.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\115093.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\121812.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\122500.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\123218.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\123984.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\126781.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\126968.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\127906.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\128109.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\130093.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\130718.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\132875.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\133046.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\133125.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\134609.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\134750.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\138031.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\139484.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\139875.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\139984.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\140609.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\143312.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\143796.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\145156.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\145406.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\145578.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\146546.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\146640.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\146984.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14731265.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14743453.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14746906.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14754671.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14760468.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14788187.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14796171.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14800484.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14804875.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14812687.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14814984.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14815875.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14817015.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\148234.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14827953.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14876250.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14879343.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14880062.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14880078.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14888296.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14891328.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14909156.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14912765.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14923781.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14933250.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14938031.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14940750.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14942250.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14944687.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14945640.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14948062.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14952562.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14958359.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14966187.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\149671.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14968312.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\1497312.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\150093.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\15013609.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\15014609.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\150453.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\15069437.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\150875.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\15093437.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\152921.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\153187.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\1544062.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\1546250.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\155312.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\156343.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\1568546.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\157296.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\157593.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\1581937.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\158312.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\1588031.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\159375.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\1606875.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\1612687.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\161875.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\162062.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\162734.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\162984.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\163187.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\163312.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\166578.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\166718.exe

Deleted ! - C:\WINDOWS\system32\drivers\downld\95265.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\96406.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\96765.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\97921.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\99906.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\a.bat
Deleted ! - "C:\WINDOWS\system32\drivers\downld"

»»»» Supression files in C:\Documents and Settings\utente\Dati applicazioni

Deleted ! - "C:\Documents and Settings\utente\Dati applicazioni\m\flec006.exe"
Deleted ! - "C:\Documents and Settings\utente\Dati applicazioni\m\list.oct"
Deleted ! - "C:\Documents and Settings\utente\Dati applicazioni\m\data.oct"
Deleted ! - "C:\Documents and Settings\utente\Dati applicazioni\m\srvlist.oct"
Deleted ! - C:\Documents and Settings\utente\Dati applicazioni\m\shared\000-514 - DB2 UDB Family Application Development Practice Exam Questions 1.0.zip
Deleted ! - C:\Documents and Settings\utente\Dati applicazioni\m\shared\A1_Jummfa_DVD_Converter_and_Slim_DVD_5.0_(Patch).zip
Deleted ! - C:\Documents and Settings\utente\Dati applicazioni\m\shared\Active XCavator 2.0.zip
Deleted ! - C:\Documents and Settings\utente\Dati applicazioni\m\shared\ADShareit SWF to AVI VCD DVD SVCD Converter Pro 5.5.zip
Deleted ! - C:\Documents and Settings\utente\Dati applicazioni\m\shared\AdvancedRemoteInfo_0.6.3.6.zip
Deleted ! - C:\Documents and Settings\utente\Dati applicazioni\m\shared\AirDefense Personal 3.0.zip
Deleted ! - C:\Documents and Settings\utente\Dati applicazioni\m\shared\Akala_EXE_Lock_3.2_build_31122.zip
Deleted ! - C:\Documents and Settings\utente\Dati applicazioni\m\shared\AlphaPeeler_Professional_1.0b.zip
Deleted ! - C:\Documents and Settings\utente\Dati applicazioni\m\shared\AlphaWipe_Tracks_Cleaner_2006_2.1.zip
Deleted ! - C:\Documents and Settings\utente\Dati applicazioni\m\shared\Amethyst_CADconvert_2004_2.02.12.zip
Deleted ! - C:\Documents and Settings\utente\Dati applicazioni\m\shared\Ancient Egypt Screen Saver 1.0.zip
Deleted ! - C:\Documents and Settings\utente\Dati applicazioni\m\shared\Antares10_10.2.1.12.zip
Deleted ! - C:\Documents and Settings\utente\Dati applicazioni\m\shared\AssociativeLogview_2.1_[Patch].zip
Deleted ! - C:\Documents and Settings\utente\Dati applicazioni\m\shared\AtFinCalc 1.0.zip
Deleted ! - C:\Documents and Settings\utente\Dati applicazioni\m\shared\Audio Companion 1.5.4 (KeyGen).zip
Deleted ! - C:\Documents and Settings\utente\Dati applicazioni\m\shared\AutoWallpaper 3.0.1389.zip
Deleted ! - C:\Documents and Settings\utente\Dati applicazioni\m\shared\Battlestations_Midway_Screensaver_(X360)1.1.zip
Deleted ! - C:\Documents and Settings\utente\Dati applicazioni\m\shared\Beach Wallpaper 1.zip
Deleted ! - C:\Documents and Settings\utente\Dati applicazioni\m\shared\ByteWedge Professional 3.3 build 2356.zip
Deleted ! - C:\Documents and Settings\utente\Dati applicazioni\m\shared\Calls_Professional_Suite_2.zip
Deleted ! - C:\Documents and Settings\utente\Dati applicazioni\m\shared\CB_WET_Web-Tracking_1.0.zip
Deleted ! - C:\Documents and Settings\utente\Dati applicazioni\m\shared\ChemoWizard 1.3.zip
Deleted ! - C:\Documents and Settings\utente\Dati applicazioni\m\shared\Chuzzles_1.0.zip
Deleted ! - C:\Documents and Settings\utente\Dati applicazioni\m\shared\Client Share 1.0.zip
Deleted ! - C:\Documents and Settings\utente\Dati applicazioni\m\shared\CM reporter 2.0.zip
Deleted ! - C:\Documents and Settings\utente\Dati applicazioni\m\shared\Comedy Network Schedule 2.0.zip
Deleted ! - C:\Documents and Settings\utente\Dati applicazioni\m\shared\Creatures of Darkness Add-on For MorphVOX Beta.zip
Deleted ! - C:\Documents and Settings\utente\Dati applicazioni\m\shared\Credit_Repair_Planner_113.123a.zip
Deleted ! - C:\Documents and Settings\utente\Dati applicazioni\m\shared\Crossword_Construction_Kit_4.0c_build_4.0.31[Cracked].zip
Deleted ! - C:\Documents and Settings\utente\Dati applicazioni\m\shared\CTXCOMMAP 1.0.zip
Deleted ! - C:\Documents and Settings\utente\Dati applicazioni\m\shared\Cub Reporter 1.0.zip
Deleted ! - C:\Documents and Settings\utente\Dati applicazioni\m\shared\Dark_Age_of_Camelot_Trials_of_Atlantis_New_Frontiers_beta_expansion.zip
Deleted ! - C:\Documents and Settings\utente\Dati applicazioni\m\shared\dataStor 0.3.16.22.zip
Deleted ! - C:\Documents and Settings\utente\Dati applicazioni\m\shared\DBDiff for Oracle 3.0.zip
Deleted ! - C:\Documents and Settings\utente\Dati applicazioni\m\shared\Desktop Sales Manager 6.7.2.zip
Deleted ! - C:\Documents and Settings\utente\Dati locali\Temporary Internet Files\Content.IE5\SJ8V8W6R\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\utente\Impostazioni locali\Temporary Internet Files\Content.IE5\SJ8V8W6R\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\utente\Impostazioni locali\Temporary Internet Files\Content.IE5\SJ8V8W6R\b64_3[2].jpg
Deleted ! - C:\Documents and Settings\utente\Impostazioni locali\Temporary Internet Files\Content.IE5\SJ8V8W6R\mxd[1].jpg

--------------- [ Registry / Infected keys ] ----------------

Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_CURRENT_CONFIG\System\CurrentControlSet\Enum\ROOT\LEGACY_SROSA
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_USERS\S-1-5-21-1614895754-725345543-1163769877-1003\Software\Local AppWizard-Generated Applications\winfilse

--------------- [ States / Restarting of services ] ----------------

+- Safe boot mode restored !

+- Services : [ Auto=2 / Request=3 / Disable=4 ]
Ndisuio - Type of startup = 3

Ip6Fw - Type of startup = 2

SharedAccess - Type of startup = 2

wuauserv - Type of startup = 2

wscsvc - Type of startup = 2

--------------- [ Cleaning removable drives ] ----------------

+- Informations :
- Unit? fissa
- Unit? CD-ROM

+- deleting files :

--------------- [ Registry / Mountpoint2 ] ----------------

-> Not found !

meeee82

Ora che devo fare?

meeee82

Che faccio, riattivo il ripristino?

Comunque il computer non è piu lento però i programmi che ho installato quando avevo il virus non partivano e non partono manco ora.

wolf.otakar

Ciao meeee82,

intanto ti ricordo parte del regolamento GT:

I titoli ed i testi devono essere scritti in italiano corretto, sia grammaticamente che ortograficamente.
Postare frasi con errori evidenti è sempre una forma di NON rispetto per chi legge.
Non sono consentiti termini abbreviativi da sms come: nn_mlt_cn_qst_sn_xkè_ke_x_cmq+*_ ***ecc..
Oltre ad una pessima capacità comunicativa, tali sigle, così come gli errori di battitura, NON sono recepiti dai bot dei motori di ricerca, vanificando un'adeguata indicizzazione della pagina.
Il Moderatore editerà a sua discrezione testi ritenuti sgrammaticati o in sms style.

3.2. Sono da evitare titoli generici o ad effetto tipo "Aiutooo !" oppure "sono disperato" e così via.

3.3. Evitare di scrivere parte o la totalità del titolo o del messaggio in grassetto o IN MAIUSCOLO, se non in casi assolutamente necessari o inerentemente a sigle.
Per convenzione scrivere così equivale ad urlare, cosa non gradita dallo spirito del ForumGT.
L'applicazione ed il rispetto di tale regola permette inoltre una migliore leggibilità dei testi.

@meeee82 said:

Che faccio, riattivo il ripristino?

No!

@meeee82 said:

Comunque il computer non è piu lento però i programmi che ho installato quando avevo il virus non partivano e non partono manco ora.

Spetta, quanta fretta!

Non devi installare nessun antivirus; rimuovili tutti.

Rieffettua una scansione FindyKill; fatto questo scarica e scansiona con:

elibagla lo trovi in basso nella pagina,cliccando su *"descargar elibagla 11.97" *

Lancia elibagle cliccando explorar dopo aver spuntanto la casella "eliminar ficheros automaticamente"!

Riporta il log presente in: C:/Infosat.txt

Ora, scansiona con Combofix; il log, sarà presente in: C:\Combofix.txt

meeee82

Non da più problemi,
Sei un grande wolf ti farò una statua d'oro e la metterò qui in ufficio.

p.s. Scusa per il linguaggio sbagliato.
Grazie ancora

wolf.otakar

@meeee82 said:

Non da più problemi

Ora scarica Malwarebytes' Anti-Malware; "aggiornalo" e scansiona in modo completo!

Dai una ripulita con ccleaner!!!