files to delete:
C:\sqmnoopt05.sqm
C:\sqmdata05.sqm
C:\sqmnoopt04.sqm
C:\sqmdata04.sqm
C:\sqmnoopt03.sqm
C:\sqmdata03.sqm
C:\sqmnoopt02.sqm
C:\sqmdata02.sqm
C:\sqmnoopt01.sqm
C:\sqmdata01.sqm
C:\sqmnoopt06.sqm
C:\sqmdata06.sqm
C:\sqmdata07.sqm
C:\sqmnoopt07.sqm
C:\sqmnoopt08.sqm
C:\sqmdata08.sqm
C:\sqmnoopt09.sqm
C:\sqmdata09.sqm
C:\sqmdata10.sqm
C:\sqmnoopt10.sqm
C:\sqmdata11.sqm
C:\sqmnoopt11.sqm
C:\DOCUME~1\ADMINI~1\IMPOST~1\Temp\jhbhml0f.exe
C:\DOCUME~1\ADMINI~1\IMPOST~1\Temp\jar_cache46692. tmp
C:\DOCUME~1\ADMINI~1\IMPOST~1\Temp\jar_cache46706. tmp
C:\DOCUME~1\ADMINI~1\IMPOST~1\Temp\jar_cache10538. tmp
C:\DOCUME~1\ADMINI~1\IMPOST~1\Temp\jar_cache10540. tmp
C:\DOCUME~1\ADMINI~1\IMPOST~1\Temp\jar_cache33772. tmp
C:\DOCUME~1\ADMINI~1\IMPOST~1\Temp\jar_cache33773. tmp
C:\DOCUME~1\ADMINI~1\IMPOST~1\Temp\jar_cache32627. tmp
C:\DOCUME~1\ADMINI~1\IMPOST~1\Temp\jar_cache32629. tmp
C:\DOCUME~1\ADMINI~1\IMPOST~1\Temp\jar_cache32630. tmp
C:\DOCUME~1\ADMINI~1\IMPOST~1\Temp\jar_cache32633. tmp
C:\DOCUME~1\ADMINI~1\IMPOST~1\Temp\jar_cache41157. tmp
C:\DOCUME~1\ADMINI~1\IMPOST~1\Temp\jar_cache41158. tmp
C:\DOCUME~1\ADMINI~1\IMPOST~1\Temp\jar_cache16825. tmp
C:\DOCUME~1\ADMINI~1\IMPOST~1\Temp\jar_cache44530. tmp
C:\DOCUME~1\ADMINI~1\IMPOST~1\Temp\tmp3.tmp
C:\DOCUME~1\ADMINI~1\IMPOST~1\Temp\tmp1.tmp
C:\DOCUME~1\ADMINI~1\IMPOST~1\Temp\tmp2.tmp
C:\DOCUME~1\ADMINI~1\IMPOST~1\Temp\tmp34.tmp
C:\DOCUME~1\ADMINI~1\IMPOST~1\Temp\7868734.html
C:\DOCUME~1\ADMINI~1\IMPOST~1\Temp\818070750.html
C:\WINDOWS\system32\olfougkh.tmp
C:\WINDOWS\system32\fycuthfn.dll
C:\WINDOWS\system32\uifrdxrf.tmp
C:\WINDOWS\system32\uifrdxrf.ini
C:\WINDOWS\system32\uifrdxrf.ini2
C:\WINDOWS\system32\npkoylln.dll
C:\WINDOWS\system32\slikeexo.dll
C:\WINDOWS\system32\b78abc33-.txt
C:\WINDOWS\system32\hnhrudda.dll
C:\WINDOWS\system32\jTttAJjl.ini2
C:\WINDOWS\system32\jTttAJjl.ini
C:\WINDOWS\system32\vtUMCtSi.dll
C:\WINDOWS\BMbf9a4bd1.xml
C:\WINDOWS\pskt.ini
C:\WINDOWS\BMbf9a4bd1.txt
C:\WINDOWS\svchost.exe
C:\WINDOWS\system32\yayAtuTK.dll
C:\WINDOWS\system32\ljJAttTj.dll
C:\WINDOWS\system32\drivers\hidr.exe
C:\WINDOWS\system32\drivers\hidrrr.exe
C:\WINDOWS\system32\drivers\hldrrr.exe
C:\WINDOWS\system32\drivers\srosa.sys
C:\WINDOWS\system32\drivers\klif.sys
C:\WINDOWS\system32\drivers\pci32.sys
C:\WINDOWS\system32\wintems.exe
C:\WINDOWS\system32\hldrrr.exe
C:\WINDOWS\system32\trusted.exe
C:\WINDOWS\system32\mdelk.exe
folders to delete:
C:\WINDOWS\system32\drivers\down
C:\Documents and Settings\Administrator\Dati applicazioni\m
registry values to delete:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run | BMbf9a4bd1
HKLM\Software\Microsoft\Windows\CurrentVersion\pol icies\Explorer\Run | 5T19I3B27A
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\ShellExecuteHooks | {D790AE15-EA98-453B-8D01-6838557F0C21}
registry keys to delete:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\yayAtuTK
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{2FD3A9DE-1375-473F-B448-E22EB2600CFF}
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{D790AE15-EA98-453B-8D01-6838557F0C21}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\srosa
HKEY_LOCAL_MACHINE\system\ControlSet001\Services\s rosa
HKEY_LOCAL_MACHINE\system\ControlSet002\Services\s rosa
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\R oot\LEGACY_SROSA
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\ LEGACY_SROSA
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\ LEGACY_SROSA
programs to launch on reboot:
c:\fix.reg