files to delete:
C:\sqmnoopt12.sqm
C:\sqmdata12.sqm
C:\sqmnoopt13.sqm
C:\sqmdata13.sqm
C:\sqmnoopt14.sqm
C:\sqmdata14.sqm
C:\sqmnoopt15.sqm
C:\sqmdata15.sqm
C:\sqmnoopt16.sqm
C:\sqmdata16.sqm
C:\sqmdata17.sqm
C:\sqmnoopt17.sqm
C:\sqmdata00.sqm
C:\sqmnoopt18.sqm
C:\sqmnoopt00.sqm
C:\sqmdata18.sqm
C:\sqmdata19.sqm
C:\sqmnoopt19.sqm
C:\sqmnoopt01.sqm
C:\sqmdata01.sqm
C:\sqmnoopt02.sqm
C:\sqmdata02.sqm
C:\sqmnoopt03.sqm
C:\sqmdata03.sqm
C:\sqmnoopt04.sqm
C:\sqmdata04.sqm
C:\sqmdata05.sqm
C:\sqmnoopt05.sqm
C:\sqmdata06.sqm
C:\sqmnoopt06.sqm
C:\sqmnoopt07.sqm
C:\sqmdata07.sqm
C:\sqmdata08.sqm
C:\sqmnoopt08.sqm
C:\WINDOWS\homepage.html
C:\WINDOWS\index.html
C:\WINDOWS\promo1.html
C:\WINDOWS\promogif1.gif
C:\WINDOWS\promo2.html
C:\WINDOWS\promogif2.gif
C:\WINDOWS\promo3.html
C:\WINDOWS\promogif3.gif
C:\WINDOWS\promo5.html
C:\WINDOWS\promo4.html
C:\WINDOWS\promo6.html
C:\WINDOWS\system32\sockots64.dll
C:\WINDOWS\system32\sockins32.dll
C:\WINDOWS\system32\lt.res
C:\WINDOWS\system32\sn.txt
C:\WINDOWS\system32\sft.res
C:\WINDOWS\system32\adult.txt
C:\WINDOWS\system32\pharma.txt
C:\WINDOWS\system32\finance.txt
C:\WINDOWS\system32\other.txt
C:\WINDOWS\temp\_tmp32.bat
C:\PROGRA~1\FILECO~1\VIRUSD~1\ugac.exe
C:\Programmi\VirusDifesa\ptask.exe
C:\Programmi\File comuni\VirusDifesa\bm.exe
C:\WINDOWS\tasks\At6.job
C:\WINDOWS\tasks\At4.job
C:\WINDOWS\tasks\At5.job
C:\WINDOWS\tasks\At3.job
C:\WINDOWS\tasks\At8.job
C:\WINDOWS\tasks\At7.job
C:\WINDOWS\tasks\At1.job
C:\WINDOWS\tasks\At12.job
C:\WINDOWS\tasks\At13.job
C:\WINDOWS\tasks\At14.job
C:\WINDOWS\tasks\At2.job
C:\WINDOWS\tasks\At16.job
C:\WINDOWS\tasks\At9.job
C:\WINDOWS\tasks\At11.job
C:\WINDOWS\tasks\At22.job
C:\WINDOWS\tasks\At23.job
C:\WINDOWS\tasks\At24.job
C:\WINDOWS\tasks\At10.job
C:\WINDOWS\tasks\At15.job
C:\WINDOWS\tasks\At17.job
C:\WINDOWS\tasks\At18.job
C:\WINDOWS\tasks\At19.job
C:\WINDOWS\tasks\At20.job
C:\WINDOWS\tasks\At21.job
C:\WINDOWS\System32\B42bD4SS.exe
C:\WINDOWS\system32\sockins32.dll
C:\WINDOWS\system32\sockots64.dll
C:\Programmi\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
files to move:
C:\Programmi\AntiVir PersonalEdition Classic\bak\avgnt.exe | C:\Programmi\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programmi\Google\GoogleToolbarNotifier\1.2.1128 .5462\bak\GoogleToolbarNotifier.exe | C:\Programmi\Google\GoogleToolbarNotifier\1.2.1128 .5462\GoogleToolbarNotifier.exe
C:\Programmi\Java\jre1.5.0_09\bin\bak\jusched.exe | C:\Programmi\Java\jre1.5.0_09\bin\jusched.exe
C:\Programmi\Real\RealPlayer\bak\RealPlay.exe | C:\Programmi\Real\RealPlayer\RealPlay.exe
C:\Programmi\Skype\Phone\bak\Skype.exe | C:\Programmi\Skype\Phone\Skype.exe
C:\Programmi\Thomson\SpeedTouch USB\bak\Dragdiag.exe | C:\Programmi\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Programmi\Winamp\bak\Winampa.exe
C:\WINDOWS\bak\SiSUSBrg.exe | C:\WINDOWS\SiSUSBrg.exe
C:\WINDOWS\system32\bak\ctfmon.exe | C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\bak\NeroCheck.exe | C:\WINDOWS\system32\NeroCheck.exe
folders to delete:
C:\Programmi\VirusDifesa
C:\Programmi\File comuni\VirusDifesa
C:\Documents and Settings\Mirko\Dati applicazioni\VirusDifesa
registry values to delete:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run | ugac
HKLM\Software\Microsoft\Windows\CurrentVersion\Run | BMN
HKLM\Software\Microsoft\Windows\CurrentVersion\Run | ptask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ShellServiceObjectDelayLoad | WebProxy
registry keys to delete:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{5C3F6257-3E00-45C2-88D5-CB0F3A17BF0E}
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{FFFFFFFF-BBBB-4146-86FD-A722E8AB3489}
programs to launch on reboot:
c:\fix.reg
Rispondi quotando