files to delete:
C:\WINDOWS\BM772bec00.txt
C:\WINDOWS\BM772bec00.xml
C:\WINDOWS\IFinst26.exe
C:\WINDOWS\kvCaTqlsu.exe
C:\WINDOWS\tasks\Tyjegb
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\aspymevt.dll
C:\WINDOWS\system32\awtrPfgD.dll
C:\WINDOWS\system32\clkcnt.txt
C:\WINDOWS\system32\djthjyck.dll
C:\WINDOWS\system32\efcCsPJA.dll.vir
C:\WINDOWS\system32\efcdCUMG.dll
C:\WINDOWS\system32\hgGAsTki.dll
C:\WINDOWS\system32\IjRBayay.ini
C:\WINDOWS\system32\IjRBayay.ini2
C:\WINDOWS\system32\ljJCrPIB.dll
C:\WINDOWS\system32\MxCFCHYM.dll
C:\WINDOWS\system32\pmnnLEus.dll
C:\WINDOWS\system32\qdcuvrhy.dll
C:\WINDOWS\system32\skxgyocl.dll
C:\WINDOWS\system32\spogqnds.ini
C:\WINDOWS\system32\tuvSJcdb.dll
C:\WINDOWS\system32\tvemypsa.ini
C:\WINDOWS\system32\urqQhfgf.dll
C:\WINDOWS\system32\vtULcdAp.dll
C:\WINDOWS\system32\wvUKCvUk.dll
C:\WINDOWS\system32\yayaBRjI.dll
C:\WINDOWS\system32\yglxpdpf.dll
C:\WINDOWS\temp\h0ikgxhl.TMP
C:\WINDOWS\system32\cbrsvc.exe
C:\WINDOWS\system32\drivers\etc\hosts.bak
C:\DOCUME~1\NICO~1.COM\IMPOST~1\Temp\foto7.zip
C:\DOCUME~1\NICO~1.COM\IMPOST~1\Temp\jar_cache2160 0.tmp
C:\DOCUME~1\NICO~1.COM\IMPOST~1\Temp\jar_cache5533 0.tmp
C:\DOCUME~1\NICO~1.COM\IMPOST~1\Temp\photo-022.zip
C:\DOCUME~1\NICO~1.COM\IMPOST~1\Temp\photo-028.zip
C:\DOCUME~1\NICO~1.COM\IMPOST~1\Temp\photo-031.zip
C:\DOCUME~1\NICO~1.COM\IMPOST~1\Temp\removalfile.b at
C:\Documents and Settings\nico.COMPUTER-MARTI\Documenti\File ricevuti\photo-028.zip
C:\Documents and Settings\nico.COMPUTER-MARTI\Documenti\File ricevuti\photo-031.zip
C:\Documents and Settings\nico.COMPUTER-MARTI\Documenti\File ricevuti\photo-022.zip
C:\RECYCLER\S-1-5-21-2052111302-854245398-839522115-1006\Dc2093.zip
registry values to delete:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run | 7418df9c
HKLM\Software\Microsoft\Windows\CurrentVersion\Run | BM772bec00
HKLM\Software\Microsoft\Windows\CurrentVersion\Run | Windows Performance Adapter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ShellServiceObjectDelayLoad | {81D6FDCB-651D-47E2-9538-16BD14659205}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ShellServiceObjectDelayLoad | {6F8DDADA-D71B-450C-B894-D86251EEC844}
registry keys to delete:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{01FB9C55-FC66-4476-A199-389241193188}
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{6410BCAC-C1C6-42A7-94FC-87E7E86E535E}
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{6F8DDADA-D71B-450C-B894-D86251EEC844}
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{C10A35BF-49B3-4D18-A2A6-1FF122683FE1}
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{F3BEA1B2-6285-41AD-8399-03D04518B1AE}
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{FEE322BB-081A-43AF-91BF-1F89ECD67DFF}
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\vtULcdAp
programs to launch on reboot:
c:\fix.reg
Rispondi quotando