www.MegaLab.it

[Max1]

ciao ragazzi, come potete vedere sono nuovissimo in questo forum e sono venuto per chiedere un vostro aiuto. Forse ho beccato il worm Bagle, non posso aprire programmi che subito mi salta fuori l'errore. Vi posto qui il mio log file e vi chiedo se potete vederlo un attimo per sapere cosa dovrei cancellare, Grazie Mille:
Questo è il mio log http://www.mediafire.com/file/newmomeihmf/logGmer.log

[crazy.cat]

Utilizza findykill
http://www.MegaLab.it/3724/3/il-worm-ba ... -rimozione
Mi sa comunque che non ci sia solo bagle nel tuo pc ma anche dell'altro, ma lo vedremo dopo.

[Max1]

grazie crazy, faccio una ricerca?

[Max1]

ecco il log:

############################## | FindyKill V5.021 |

# User : alicetuttoincluso (Administrators) # YOUR-A47779BE2C
# Update on 10/12/2009 by Chiquitine29
# Start at: 11.33.28 | 13/12/2009
# Website : http://pagesperso-orange.fr/NosTools/index.html
# Contact : FindyKill.Contact@gmail.com

# Intel(R) Celeron(R) M CPU 430 @ 1.73GHz
# Microsoft Windows XP Home Edition (5.1.2600 32-bit) # Service Pack 2
# Internet Explorer 6.0.2900.2180
# Windows Firewall Status : Enabled
# FW : Norton Internet Worm Protection[ (!) Disabled ]2006

# C:\ # Disco rigido locale # 63,32 Go (6,71 Go free) # NTFS
# D:\ # Disco rigido locale # 11,18 Go (3,67 Go free) [HP_RECOVERY] # FAT32
# E:\ # Disco CD-ROM

############################## | Active Processes |

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\DllHost.exe
C:\Programmi\HPQ\IAM\bin\asghost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Microsoft ActiveSync\wcescomm.exe
C:\Programmi\File comuni\InstallShield\UpdateService\ISUSPM.exe
C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\winupgro.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\File comuni\LightScribe\LSSrvc.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe
C:\Programmi\Telecom Italia\WanMiniport1st\WanMiniport1st_srv.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Programmi\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\autorun.exe
C:\Documents and Settings\alicetuttoincluso\Desktop\gmer\gmer.exe
C:\WINDOWS\wintems.exe
C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\flec003.exe
C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\flec006.exe
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe

############################## | Infected processes stopped |

"C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\winupgro.exe" (604)
"C:\WINDOWS\wintems.exe" (2720)
"C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\flec003.exe" (1448)
"C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\flec006.exe" (4012)

################## | C: |

Found ! C:\autorun.inf
Found ! D:\autorun.inf

################## | C:\WINDOWS |

Found ! C:\WINDOWS\ban_list.txt
Found ! C:\WINDOWS\mdelk.exe
Found ! C:\WINDOWS\wintems.exe

################## | C:\WINDOWS\system32 |

Found ! C:\WINDOWS\system32\ban_list.txt
Found ! C:\WINDOWS\system32\mdelk.exe
Found ! C:\WINDOWS\system32\wintems.exe

################## | C:\WINDOWS\system32\drivers |


################## | C:\Documents and Settings\alicetuttoincluso\Dati applicazioni |

Found ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers
Found ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld
Found ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\srosa2.sys
Found ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\wfsintwq.sys
Found ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\winupgro.exe
Found ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires
Found ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\config
Found ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\downloads.txt
Found ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\file.exe
Found ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\flec003.exe
Found ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\Incoming
Found ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\lang
Found ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\names.txt
Found ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\server.txt
Found ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\skins
Found ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\Temp
Found ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR
Found ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\webserver
Found ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m
Found ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\data.oct
Found ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\flec006.exe
Found ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\list.oct
Found ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\srvlist.oct
Found ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared
################## | Temporary Internet Files |


################## | Registry / Infected keys |

Found ! [HKLM\SYSTEM\CurrentControlSet\Services\srosa]
Found ! [HKLM\SYSTEM\ControlSet002\Services\srosa]
Found ! [HKLM\SYSTEM\ControlSet003\Services\srosa]
Found ! [HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA]
Found ! [HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA]
Found ! [HKCU\Software\bisoft]
Found ! [HKCU\Software\DateTime4]
Found ! [HKCU\Software\MuleAppData]
Found ! [HKCU\Software\WS35]
Found ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Run] "drvsyskit"
Found ! [HKU\S-1-5-21-741867169-4238644361-2322194384-1006\Software\Microsoft\Windows\CurrentVersion\Run] "drvsyskit"
Found ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Run] "german.exe"
Found ! [HKU\S-1-5-21-741867169-4238644361-2322194384-1006\Software\Microsoft\Windows\CurrentVersion\Run] "german.exe"
Found ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Run] "mule_st_key"
Found ! [HKU\S-1-5-21-741867169-4238644361-2322194384-1006\Software\Microsoft\Windows\CurrentVersion\Run] "mule_st_key"
Found ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Run] "flec003.exe"
Found ! [HKU\S-1-5-21-741867169-4238644361-2322194384-1006\Software\Microsoft\Windows\CurrentVersion\Run] "flec003.exe"
Found ! [HKU\S-1-5-21-741867169-4238644361-2322194384-1006\Software\bisoft]
Found ! [HKU\S-1-5-21-741867169-4238644361-2322194384-1006\Software\DateTime4]
Found ! [HKU\S-1-5-21-741867169-4238644361-2322194384-1006\Software\MuleAppData]
Found ! [HKCU\Software\Local AppWizard-Generated Applications\winupgro]
Found ! [HKU\S-1-5-21-741867169-4238644361-2322194384-1006\Software\Local AppWizard-Generated Applications\winupgro]
Found ! [HKLM\software\microsoft\security center] "AntiVirusDisableNotify"
Found ! [HKLM\software\microsoft\security center] "AntiVirusOverride"
Found ! [HKLM\software\microsoft\security center] "FirewallDisableNotify"
Found ! [HKLM\software\microsoft\security center] "FirewallOverride"
Found ! [HKLM\software\microsoft\security center] "UpdatesDisableNotify"

################## | State / Service / Information |

# Showing of hidden files : OK

Missing key : HKLM\...\SafeBoot | Safe boot mode disabled !

# (!) Ndisuio -> Start = 4 ( Good = 3 | Bad = 4 )
# (!) Ip6Fw -> Start = 4 ( Good = 2 | Bad = 4 )
# (!) SharedAccess -> Start = 4 ( Good = 2 | Bad = 4 )
# (!) wuauserv -> Start = 4 ( Good = 2 | Bad = 4 )
# (!) wscsvc -> Start = 4 ( Good = 2 | Bad = 4 )


################## | Cracks / Keygens / Serials |

"C:\Programmi\eMule\Incoming\[App - ITA] - Corel Paint Shop Pro Photo X2 v12.01 + Keygen [Test OK]\[COREL] - Paint Shop Pro Photo X2 v12.01 + Keygen [ITA - Test OK]\autorun.exe"
15/08/2007 20.10 |Size 2409800 |Crc32 6c2e119d |Md5 a3cb4f462c86270b345295b39747be7c

"C:\Programmi\eMule\Incoming\[App - ITA] - Corel Paint Shop Pro Photo X2 v12.01 + Keygen [Test OK]\[COREL] - Paint Shop Pro Photo X2 v12.01 + Keygen [ITA - Test OK]\CORE\CR-PSP12.exe"
09/09/2007 00.52 |Size 136704 |Crc32 d90f293e |Md5 b9c7d4cfe5a1619435b6904d565fae76

"C:\Programmi\eMule\Incoming\[App - ITA] - Corel Paint Shop Pro Photo X2 v12.01 + Keygen [Test OK]\[COREL] - Paint Shop Pro Photo X2 v12.01 + Keygen [ITA - Test OK]\Corel Paint Shop Pro Photo\installer.exe"
17/08/2007 11.47 |Size 279880 |Crc32 56356485 |Md5 680d9e38839ca50281aeafa1ffc8d663

"C:\Programmi\eMule\Incoming\[App - ITA] - Corel Paint Shop Pro Photo X2 v12.01 + Keygen [Test OK]\[COREL] - Paint Shop Pro Photo X2 v12.01 + Keygen [ITA - Test OK]\Corel Paint Shop Pro Photo\msi31.exe"
14/03/2007 15.07 |Size 2584848 |Crc32 24214ed6 |Md5 ffd49c51dde6fde37c9949bc6de0ef46

"C:\Programmi\eMule\Incoming\[App - ITA] - Corel Paint Shop Pro Photo X2 v12.01 + Keygen [Test OK]\[COREL] - Paint Shop Pro Photo X2 v12.01 + Keygen [ITA - Test OK]\Corel Paint Shop Pro Photo\setup.exe"
17/08/2007 11.47 |Size 316744 |Crc32 aae27b57 |Md5 6b2825a084e4f899406c36de69bfedb8

"C:\Programmi\eMule\Incoming\[App - ITA] - Corel Paint Shop Pro Photo X2 v12.01 + Keygen [Test OK]\[COREL] - Paint Shop Pro Photo X2 v12.01 + Keygen [ITA - Test OK]\Nik Filters\NIK200_Corel_EN_FR_DE_ES_ESD.exe"
06/08/2007 18.50 |Size 5758296 |Crc32 eb144431 |Md5 6bda672b89d9d36d498c892f3255ce90

"C:\Programmi\eMule\Incoming\[App - ITA] - Corel Paint Shop Pro Photo X2 v12.01 + Keygen [Test OK]\[COREL] - Paint Shop Pro Photo X2 v12.01 + Keygen [ITA - Test OK]\PATCH_12.01 - Italiano\PSPP12_Corel_Update_EN_IE_FR_DE_ES_IT_NL_ESD.exe"
11/12/2007 21.00 |Size 45653536 |Crc32 ca5e8cbf |Md5 d0e0fe95149275faeb2c1d82457564e4

"C:\Programmi\eMule\Incoming\[App - ITA] - Corel Paint Shop Pro Photo X2 v12.01 + Keygen [Test OK]\[COREL] - Paint Shop Pro Photo X2 v12.01 + Keygen [ITA - Test OK]\Ulead VideoStudio\instmsia.exe"
17/05/2006 01.58 |Size 1708856 |Crc32 3ccaccf9 |Md5 43f7305c2e5dd4a8f3c5abeb2ffe4833

"C:\Programmi\eMule\Incoming\[App - ITA] - Corel Paint Shop Pro Photo X2 v12.01 + Keygen [Test OK]\[COREL] - Paint Shop Pro Photo X2 v12.01 + Keygen [ITA - Test OK]\Ulead VideoStudio\instmsiw.exe"
17/05/2006 01.58 |Size 1822520 |Crc32 be716ace |Md5 61a5fb191ae2ae876db31dcce75e4183

"C:\Programmi\eMule\Incoming\[App - ITA] - Corel Paint Shop Pro Photo X2 v12.01 + Keygen [Test OK]\[COREL] - Paint Shop Pro Photo X2 v12.01 + Keygen [ITA - Test OK]\Ulead VideoStudio\setup.exe"
16/03/2007 14.51 |Size 372632 |Crc32 7150491f |Md5 84beb7ae7ae342250ee2a00d9b437b64

"C:\Programmi\eMule\Incoming\[App - ITA] - Corel Paint Shop Pro Photo X2 v12.01 + Keygen [Test OK]\[COREL] - Paint Shop Pro Photo X2 v12.01 + Keygen [ITA - Test OK]\Ulead VideoStudio\Setup\OEM\TargetMain\All\uvPL.exe"
03/03/2007 14.12 |Size 341488 |Crc32 21539c52 |Md5 ed912845ce42dab2aaa854e3923f0e07

"C:\Programmi\eMule\Incoming\[App - ITA] - Corel Paint Shop Pro Photo X2 v12.01 + Keygen [Test OK]\[COREL] - Paint Shop Pro Photo X2 v12.01 + Keygen [ITA - Test OK]\Ulead VideoStudio\Setup\OEM\TargetMain\All\vstudio.exe"
16/03/2007 12.46 |Size 1254896 |Crc32 b6be85f4 |Md5 dfca03fb4416a7ee69247a36170725e3

"C:\Programmi\eMule\Incoming\[App - ITA] - Corel Paint Shop Pro Photo X2 v12.01 + Keygen [Test OK]\[COREL] - Paint Shop Pro Photo X2 v12.01 + Keygen [ITA - Test OK]\Ulead VideoStudio\Utilities\AVControlSDK\AVControl.exe"
06/03/2007 11.59 |Size 34699936 |Crc32 5d35e2f6 |Md5 2bc7f6c357735ae456e232e429319136

"C:\Programmi\eMule\Incoming\[App - ITA] - Corel Paint Shop Pro Photo X2 v12.01 + Keygen [Test OK]\[COREL] - Paint Shop Pro Photo X2 v12.01 + Keygen [ITA - Test OK]\Ulead VideoStudio\Utilities\Flash Player\flashplayer7_winax.exe"
04/09/2003 15.18 |Size 548352 |Crc32 28afbf8e |Md5 6e233b6151fd3e9858e168eb07896ffa

"C:\Programmi\eMule\Incoming\[App - ITA] - Corel Paint Shop Pro Photo X2 v12.01 + Keygen [Test OK]\[COREL] - Paint Shop Pro Photo X2 v12.01 + Keygen [ITA - Test OK]\Video Training\Lynda.exe"
15/08/2007 14.51 |Size 2404352 |Crc32 518038b5 |Md5 df0e9f2a337bc3add4d7be679b8d1555


################## | End of Report # FindyKill V5.021 ! |

[crazy.cat]

C'è parecchio di brutto in quel pc C:\autorun.exe.

Vai con la voce 2 per rimuovere bagle, poi vedremo per il resto.

[Max1]

ecco cosa significa a prestare un po' il pc...prrrrr
Ok grazie vado con l'opzione 2 e ti faccio sapere.

[Max1]

Ecco il log:

############################## | FindyKill V5.021 |

# User : alicetuttoincluso (Administrators) # YOUR-A47779BE2C
# Update on 10/12/2009 by Chiquitine29
# Start at: 11.52.07 | 13/12/2009
# Website : http://pagesperso-orange.fr/NosTools/index.html
# Contact : FindyKill.Contact@gmail.com

# Intel(R) Celeron(R) M CPU 430 @ 1.73GHz
# Microsoft Windows XP Home Edition (5.1.2600 32-bit) # Service Pack 2
# Internet Explorer 6.0.2900.2180
# Windows Firewall Status : Enabled
# FW : Norton Internet Worm Protection[ (!) Disabled ]2006

# C:\ # Disco rigido locale # 63,32 Go (6,71 Go free) # NTFS
# D:\ # Disco rigido locale # 11,18 Go (3,67 Go free) [HP_RECOVERY] # FAT32
# E:\ # Disco CD-ROM

############################## | Active Processes |

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\DllHost.exe
C:\Programmi\HPQ\IAM\bin\asghost.exe
C:\WINDOWS\system32\drivers\services.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\Google\Update\GoogleUpdate.exe
C:\Programmi\File comuni\LightScribe\LSSrvc.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe
C:\Programmi\Telecom Italia\WanMiniport1st\WanMiniport1st_srv.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Programmi\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

################## | C: |

Deleted ! C:\"autorun.inf"
Deleted ! D:\"autorun.inf"

################## | C:\WINDOWS |

Deleted ! C:\WINDOWS\ban_list.txt
Deleted ! C:\WINDOWS\system32\ban_list.txt
Deleted ! C:\WINDOWS\mdelk.exe
Deleted ! C:\WINDOWS\system32\mdelk.exe
Deleted ! C:\WINDOWS\wintems.exe
Deleted ! C:\WINDOWS\system32\wintems.exe

################## | C:\WINDOWS\system32 |


################## | C:\WINDOWS\system32\drivers |


################## | C:\Documents and Settings\alicetuttoincluso\Dati applicazioni |

Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\12555218.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\12557812.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\12559640.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\12617421.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\12620593.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\12621781.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\12674937.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\12676484.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\12676515.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\12710687.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\15285687.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\15325093.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\15330828.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\15332937.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\15335875.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\15336718.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\15341609.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\15373609.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\15374859.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\15375546.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\15409734.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\15421796.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\15424625.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\15449453.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\15466593.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\15468546.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\15469859.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\15534203.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\15535843.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\15537000.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\15574609.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\15574703.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\15574765.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\15594687.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\15721656.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\15800109.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\15830281.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\15830312.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\15830359.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\15841109.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\15841125.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\15841234.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\347250.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\391796.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\396265.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\397187.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\402718.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\431671.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\433875.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\435093.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\457718.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\461421.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\476109.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\479671.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\481359.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\50578000.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\50602812.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\50606093.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\50607703.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\50608718.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\50627671.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\50629671.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\50630734.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\50665640.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\50668265.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\50674156.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\50776734.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\50779015.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\50780421.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\50861718.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\50864703.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\50866218.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\50916656.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\50917890.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\50918031.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\50981218.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\51122640.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\51123109.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\51123156.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\51206218.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\51231531.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\51232656.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\51233015.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\51246109.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\51247406.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\51247500.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\535468.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\538500.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\539687.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\5502000.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\5509125.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\583406.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\584703.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\584765.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\615171.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\744000.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\744593.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\744609.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\7679703.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\7723281.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\7728109.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\7752796.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\7757328.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\7763843.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\827375.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\866078.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\867062.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\867125.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\880640.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld\881812.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\downld
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\srosa2.sys
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\wfsintwq.sys
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\winupgro.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\downloads.txt
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\config\cancelled.met
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\config\clients.met
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\config\cryptkey.dat
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\config\emfriends.met
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\config\known.met
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\config\known2_64.met
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\config\preferences.ini
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\config\server.met
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\config\server_met.old
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\config\statistics.ini
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\config
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\file.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\flec003.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\Incoming
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\lang
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\names.txt
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\server.txt
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\skins
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\Temp
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\4Easysoft Mod to AVI Converter 3.1.06.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\50-681 Downloadable Exam Simulator 2.1 [Serial].zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\A-Z AVI DIVX XVID Converter 5.74 [Key].zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Abdio PSP Converter 5.2.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Abilities Builder Math Facts 7.1.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Absolute Video Converter 2.9.6.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Account Pro 8.3.300.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\AD Picture Viewer 3.8.1.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\AK-Player 6.2.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\AmoK Playlist Copy 2.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Audio Recorder deluxe 2.2.55.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\AVIExtract 1.00.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\BeamYourScreen 2.0.7.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Beyond Sync 3.8.14.169.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\BibleTrees 1.1.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Block Replace 2007 (With Crack).zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\BookReader 4.5.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Boomerang Data Recovery 1.0.5.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Broker Guide 3.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\CallWave Internet Answering Machine 3.09.10 (Serial).zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Catalyst Internet Mail Control 4.5 Key+Serial.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\ChordWizard Music Theory 3.01f.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Christmas Clock ScreenSaver 1.1.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\CleanUninstaller 1.72.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\ClipHint 2.1.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Command & Conquer Tiberian Sun demo.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Compare It! 3.04.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Concert Schedule 1.2.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Crazy Water Skiing 1.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\CryptoSharp 1.0 Beta.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Cut 1D X 3.0 Patch.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Cyberia Radio 3.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Da Vinci Code generator 1.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Data Stash 1.5.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Desktop Zoom Tool 2.9.2.30.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\DigiMode GoldMine 1.50 KeyGen.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Display Calibrator 0.9.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Dungeon Siege The Circle of Lorent v1.0 Mod.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Eie-manager 2.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\EMS SQL Manager 2007 Lite for PostgreSQL 4.5.08.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Flash2X Flash Player 1.1.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Future City 3D Screensaver 1.01.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Gaiabar 2.2.2.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Get Selected Messages 0.5.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\GetByMail 1.4.1.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Go-Go Quotations 1.203 (With Crack).zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\GoldWave 5.20.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Grandfather Clock 1.2.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\HeadShot001 ScreenSaver 1.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\HSLAB Access Control TSE 4.0.89.223 Beta.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Image Anvil 2.0.5.28421.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\ImTOO DVD Copy Express 1.1.25.0509.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Kaspersky.Antivirus.v6.0.1.411.Final.crack.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Keep On Yahoo 1.0.0 Build 58.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Kill or Be Killed 1.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\KingConvert For Video Disc Player 4.01.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\LingoLite French.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\LingvoSoft Picture Dictionary 2008 French - Korean 1.2.26.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\LittleFTP Free FTP Client For Windows 1.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Looper Puzzle 1.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\MacOrtho 1.00.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Macros 1.01.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Magic Math Time Travel for the Age 10-11 1.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Mapsoft Automator 1.5.1.0 (Cracked).zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\MB Free Numerology Marriage Vibration Software 1.55.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\MetriQ Professional 7.1.5.1.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\MG-Shadow 2.0 Serial.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\MicroCounter 1.00.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Milliliter Converter 1 Patch.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\MobiPassword 2.03.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\MP3 Cutter 1.1.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\mp4UI 1.0 RC2.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\mpTwist3 3.1.1.1 (With Crack).zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\myNotes 1.2.2.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\MySQL Maestro 1.9.5.1.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Need4 Video Converter 5.9.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\NetUSB 3.04.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Network Inventory Expert 3.1 (With Crack).zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\NewLive All Video To Mp3 Converter 5.1.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\OpenGL Mistake No.2 1.00.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Outlook Connector for MDaemon 2.1.5.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\OverCAD Blocks 1.21 (Serial).zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\PanoModules Free 1.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\PasswordsPro 2.3.2.0 Cracked.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\PCB123 2.1.0.7.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\PDF2XL OCR Scanned PDF to Excel Conversion 3.2.4.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\PDFiller 5.60.eh KeyGen.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\PhotoMix Collage 5.3.2.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Physicam StrikeZone 1.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Polroid DMC Driver 2.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\PowerPointPipe 2.8 Crack.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\ProjectTrack Personal Edition 2007.5.0.1800.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\QB - Math 2.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\QDBF 1.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Queen. A night at the opera 1.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Recover Data for Novell Netware 1.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Red Skull Distortion 2.01.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\RegistryEasy 2.0 Cracked.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\ReminderFox 1.4.1.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Retroweaver 2.0.7 Build 411.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\River Past Crazi Video Pro 2.7.1.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\RJT Quote 1.3.0.1.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\SegPlayPC 1.5.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Slim Browser 4.11 Build 029.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\SmartBreak 1.2 Serial.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Softstunt Apple TV Converter 4.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Solvit 1 1.4.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\SPEAKit 1.0 [Key+Serial].zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Stellar Phoenix Zip Recovery 1.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\StockChartX Professional 5.7.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Stylin Concepts 1.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\TimeCalcPro 3.08.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\TrafMeter 7.5.444.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\TrayURL 1.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Typesee 1.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\UnderworldsEvil 2.2.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\VBA Password Recovery 1.0 [Key+Serial].zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Victoria Clothes Organizer 1.1 (Serial).zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Web Page Thumbnail Generator 1.0.5.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\WebGalleryMagic 1.2.0 Build 021023.6.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\WinSpeedUp 2.8 KeyGen.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\wodCrypt 1.4.3.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\WWW2Image 1.7 (Serial).zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR\Xilisoft Apple TV Video Converter 5.1.23.0515.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\WDIR
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires\webserver
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\hidires
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\data.oct
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\flec006.exe
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\list.oct
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\3DM_Export_for_Solid_Edge_1.0_With_Crack.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Advanced_Time_Reports_Personal_Edition_6.3.104.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\AirDefense Personal 3.2.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\aiSee 2.2 R04.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Aitor 1.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Arabesk_1.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Attach Plus 2.2.12.16.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Australia_and_New_Zealand_1.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Author_Max_1.0_[Patch].zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Bajsmaskin.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Basal Metabolic Rate 1.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Best Kakuro 3.6.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Big red indian 0.1.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Boldcenter_Operator_Client_.NET_4.23.2077.17209.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\BootFlashDOS 1.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\CafeTime_5.0_[Serial].zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Caveman_Sound_1.1.1.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Chrysanth_Mail_Manager_2.3.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\ClockBar 0.1.4.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Coloring Book 10 Baby Animals 1.02.24 (Patch).zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Contacts Clinic for Microsoft Outlook 3.1.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Cool Audio to OGG Converter 5.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\CoolSpeech_5.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Courtney_Cox_1.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\CWM Clock 2.1g.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\CyberMatrix_Class_Scheduler_5.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\DAO ( Data Access Object ) -Generator 1.2.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Deep_Notes_1.2.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Detonator 30.xx To 40.xx Fix 1.1.1.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\DHealth_Ultimate_1.2.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\DUN_Manager_3.2.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\DupeWatcher_2.3_(With_Crack).zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Email Spy Monitor 6.3.2.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\eStatsXtreme_1.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Explorestart 1.00.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\FastTrack Schedule 9.2.2.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Financial Calculator 2.10.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Fix_Registry_Errors_3.0.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Flash-Creator_1.0_[Cracked].zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Folder_Guard_Professional_7.91_(Cracked).zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Folder_Notes_1.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Forexchange_3.2.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Freez_3GP_Video_Converter_2.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Funds_Selector_1.1.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Gizmo_Synchronization_2.0.3.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\GM_Scripter_1.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Harmony@Work_2.0.4_(Key).zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Hexprobe_2.41.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Imperium Galactica II Alliances 'Second chance' bonus scenario.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Isr_Toolbar_4.5.104.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\JFunctionViewer 0.7.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Jot98_2.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Keyword_Expander_1.1.1.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Kids Mask Print 1.0.5.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Koala_Screen_Saver_2.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Launch_Express_1.10.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Leet Key 1.4.1.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\LimeWire Music 2.1.7.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Linkages Preview 1.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Magicbit DVD Ripper Standard 6.2.50.401.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\MagicScore_Classic_5_5.2560_[KeyGen].zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Marbleous_1.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\MathCalc 2.1.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\MBA Software for Avon Reps 2.06.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\McAfee.Virusscan.7.1.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Media_Library_Studio_1.00.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\MemProfiler_1.1.0.1.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\MessengerLog 360 7.16.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Microsoft_.NET_Framework_3.5_Beta_2.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\MixVibes_Pro_6.290.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Moonlight Shadow Lake Screensaver 1.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\MP3_Audio_Batch_Converter_2.00.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\MRIM Protocol Implementation Library 0.15.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Multilingual Speaking Clock 2.6.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\MZMM_1.1.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Namtia_0.1.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Nee3Space_1.3.5.34.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Neowin Note 0.5.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Network Auditor 1.08 Crack.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\NetXed_Full_3.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\NT_Filemonitor_1.1.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\ODBC Router DR3-M16.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\On_Line_Timer_1.20_(Key).zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Outline3D_Offline_Version_4.5_[Patch].zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Panda.AntiVirus.FileSecure.Enterprise.(2006).para.servers.win2000.2003.NT.(shareware.espanol).zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\PDF-Pro 2.7.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\PDF2SVG_3.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\PhishGuard for Firefox 2.0.143.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Photo to Cartoon 1.2.2712.26629.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Php2Html 1.0.0.25.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Platypus_for_Firefox_0.64.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Popup Blocker Free Edition 1.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Postscript to Text Converter 2.0 (Key+Serial).zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Powerpoint Backgrounds 1.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Power_Video_Converter_1.5.45.2.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\PSI-Plot_8.11a_[Patch].zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\PSPOP3 Inspector 1.3.1 Build 397.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Quake_II_Action_Quake_II.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Rentaccom_9.5.111206_(Key+Serial).zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Retrology - Motown Music & Film 1.1 r1.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\RProtect_S7_1.0.1112.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Samplorizor 0.3 Beta.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Scenes of Egypt Screen Saver 1.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\SP_ST_3.20.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\StaticX_2.4.1_Serial.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\StudyMinder Homework System 3.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Sync Ops 1.21.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\t@b_ZS4_Video_Editor_for_win32_0.958.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\The HotBar - Hotbar-Travel 1.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\TheOne_SysLog_Manager_Lite_2.5.0_(KeyGen).zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\The_Sims_-_Biker_Babe_skin.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\The_Ultimate_Splitter_1.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\TMoneyEdit & TDBMoneyEdit 1.1.1.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Trust Backup 1.4.1.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Unreal_Tournament_2003_Dark_Harvest_mod_UMOD.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\UnWind 0.9.0.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\UserToolInfo_0.7_[Key+Serial].zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\VEDIT_6.13.1_(Cracked).zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\VistaNoteMSM 1.0.0.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Visual LightBox 1.8.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\VisualPulse Server 6.0c Build 3084.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Website_Blocker_1.1.3.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Web_Link_Validator_4.7_build_471.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\Win32Pad_1.5.10.2.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\World of Warcraft v1.10.0 French patch.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\WP Clipart Viewer 2.6.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared\x0xb0x 1.0.zip
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\shared
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m\srvlist.oct
Deleted ! C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\m

################## | Reference of comparaison Bagle MD5 : |

File : C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\srosa2.sys
-> Crc32 : 00000000 | Md5 : d41d8cd98f00b204e9800998ecf8427e


File : C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\wfsintwq.sys
-> Crc32 : 00000000 | Md5 : d41d8cd98f00b204e9800998ecf8427e


File : C:\Documents and Settings\alicetuttoincluso\Dati applicazioni\drivers\winupgro.exe
-> Crc32 : cc8bdae7 | Md5 : 36d7781a91bd43f2c745f0688a825f36


################## | Other deleting ... |

Deleted ! "C:\Documents and Settings\alicetuttoincluso\Impostazioni locali\Temp\minime.exe"
-> Size : 0 | Crc32 : 00000000 | Md5 : d41d8cd98f00b204e9800998ecf8427e

Deleted ! "C:\Programmi\Windows Live\Messenger\msnmsgr.exe"
-> Size : 864256 | Crc32 : cc8bdae7 | Md5 : 36d7781a91bd43f2c745f0688a825f36

Deleted ! "C:\RECYCLER\S-1-5-21-741867169-4238644361-2322194384-1006\Dc15.50\crac.exe"
-> Size : 864256 | Crc32 : cc8bdae7 | Md5 : 36d7781a91bd43f2c745f0688a825f36

Deleted ! "C:\SwSetup\InetSec06\IT\NAV\External\NORTON\NAVAPW32.exe"
-> Size : 0 | Crc32 : 00000000 | Md5 : d41d8cd98f00b204e9800998ecf8427e

Deleted ! "C:\SwSetup\InetSec06\NAV\External\NORTON\NAVAPW32.exe"
-> Size : 0 | Crc32 : 00000000 | Md5 : d41d8cd98f00b204e9800998ecf8427e

################## | Temporary Internet Files |


################## | Registry / Infected keys |

Deleted ! [HKLM\SYSTEM\ControlSet003\Services\srosa]
Deleted ! [HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA]
Deleted ! [HKCU\Software\bisoft]
Deleted ! [HKCU\Software\DateTime4]
Deleted ! [HKCU\Software\MuleAppData]
Deleted ! [HKCU\Software\WS35]
Deleted ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Run] "drvsyskit"
Deleted ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Run] "german.exe"
Deleted ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Run] "mule_st_key"
Deleted ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Run] "flec003.exe"
Deleted ! [HKCU\Software\Local AppWizard-Generated Applications\winupgro]
Deleted ! [HKLM\software\microsoft\security center] "AntiVirusDisableNotify"
Deleted ! [HKLM\software\microsoft\security center] "AntiVirusOverride"
Deleted ! [HKLM\software\microsoft\security center] "FirewallDisableNotify"
Deleted ! [HKLM\software\microsoft\security center] "FirewallOverride"
Deleted ! [HKLM\software\microsoft\security center] "UpdatesDisableNotify"

################## | State / Service / Information |

# Safe boot mode restored restauré !

# Showing of hidden files : OK

# Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )
# Ip6Fw -> Start = 2 ( Good = 2 | Bad = 4 )
# SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 )
# wuauserv -> Start = 2 ( Good = 2 | Bad = 4 )
# wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )

################## | PEH ... |

Corrupted : C:\Documents and Settings\alicetuttoincluso\Desktop\avenger\avenger.exe
[Offset = 00000084 - Value = 0x0001]

Corrupted : C:\Programmi\Spybot - Search & Destroy\SpybotSD.exe
[Offset = 00000104 - Value = 0x0001]

Corrupted : C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
[Offset = 00000104 - Value = 0x0001]

Corrupted : C:\Programmi\Trend Micro\HijackThis\HijackThis.exe
[Offset = 000000C4 - Value = 0x0001]


################## | Cracks / Keygens / Serials |

"C:\Programmi\eMule\Incoming\[App - ITA] - Corel Paint Shop Pro Photo X2 v12.01 + Keygen [Test OK]\[COREL] - Paint Shop Pro Photo X2 v12.01 + Keygen [ITA - Test OK]\autorun.exe"
15/08/2007 20.10 |Size 2409800 |Crc32 6c2e119d |Md5 a3cb4f462c86270b345295b39747be7c

"C:\Programmi\eMule\Incoming\[App - ITA] - Corel Paint Shop Pro Photo X2 v12.01 + Keygen [Test OK]\[COREL] - Paint Shop Pro Photo X2 v12.01 + Keygen [ITA - Test OK]\CORE\CR-PSP12.exe"
09/09/2007 00.52 |Size 136704 |Crc32 d90f293e |Md5 b9c7d4cfe5a1619435b6904d565fae76

"C:\Programmi\eMule\Incoming\[App - ITA] - Corel Paint Shop Pro Photo X2 v12.01 + Keygen [Test OK]\[COREL] - Paint Shop Pro Photo X2 v12.01 + Keygen [ITA - Test OK]\Corel Paint Shop Pro Photo\installer.exe"
17/08/2007 11.47 |Size 279880 |Crc32 56356485 |Md5 680d9e38839ca50281aeafa1ffc8d663

"C:\Programmi\eMule\Incoming\[App - ITA] - Corel Paint Shop Pro Photo X2 v12.01 + Keygen [Test OK]\[COREL] - Paint Shop Pro Photo X2 v12.01 + Keygen [ITA - Test OK]\Corel Paint Shop Pro Photo\msi31.exe"
14/03/2007 15.07 |Size 2584848 |Crc32 24214ed6 |Md5 ffd49c51dde6fde37c9949bc6de0ef46

"C:\Programmi\eMule\Incoming\[App - ITA] - Corel Paint Shop Pro Photo X2 v12.01 + Keygen [Test OK]\[COREL] - Paint Shop Pro Photo X2 v12.01 + Keygen [ITA - Test OK]\Corel Paint Shop Pro Photo\setup.exe"
17/08/2007 11.47 |Size 316744 |Crc32 aae27b57 |Md5 6b2825a084e4f899406c36de69bfedb8

"C:\Programmi\eMule\Incoming\[App - ITA] - Corel Paint Shop Pro Photo X2 v12.01 + Keygen [Test OK]\[COREL] - Paint Shop Pro Photo X2 v12.01 + Keygen [ITA - Test OK]\Nik Filters\NIK200_Corel_EN_FR_DE_ES_ESD.exe"
06/08/2007 18.50 |Size 5758296 |Crc32 eb144431 |Md5 6bda672b89d9d36d498c892f3255ce90

"C:\Programmi\eMule\Incoming\[App - ITA] - Corel Paint Shop Pro Photo X2 v12.01 + Keygen [Test OK]\[COREL] - Paint Shop Pro Photo X2 v12.01 + Keygen [ITA - Test OK]\PATCH_12.01 - Italiano\PSPP12_Corel_Update_EN_IE_FR_DE_ES_IT_NL_ESD.exe"
11/12/2007 21.00 |Size 45653536 |Crc32 ca5e8cbf |Md5 d0e0fe95149275faeb2c1d82457564e4

"C:\Programmi\eMule\Incoming\[App - ITA] - Corel Paint Shop Pro Photo X2 v12.01 + Keygen [Test OK]\[COREL] - Paint Shop Pro Photo X2 v12.01 + Keygen [ITA - Test OK]\Ulead VideoStudio\instmsia.exe"
17/05/2006 01.58 |Size 1708856 |Crc32 3ccaccf9 |Md5 43f7305c2e5dd4a8f3c5abeb2ffe4833

"C:\Programmi\eMule\Incoming\[App - ITA] - Corel Paint Shop Pro Photo X2 v12.01 + Keygen [Test OK]\[COREL] - Paint Shop Pro Photo X2 v12.01 + Keygen [ITA - Test OK]\Ulead VideoStudio\instmsiw.exe"
17/05/2006 01.58 |Size 1822520 |Crc32 be716ace |Md5 61a5fb191ae2ae876db31dcce75e4183

"C:\Programmi\eMule\Incoming\[App - ITA] - Corel Paint Shop Pro Photo X2 v12.01 + Keygen [Test OK]\[COREL] - Paint Shop Pro Photo X2 v12.01 + Keygen [ITA - Test OK]\Ulead VideoStudio\setup.exe"
16/03/2007 14.51 |Size 372632 |Crc32 7150491f |Md5 84beb7ae7ae342250ee2a00d9b437b64

"C:\Programmi\eMule\Incoming\[App - ITA] - Corel Paint Shop Pro Photo X2 v12.01 + Keygen [Test OK]\[COREL] - Paint Shop Pro Photo X2 v12.01 + Keygen [ITA - Test OK]\Ulead VideoStudio\Setup\OEM\TargetMain\All\uvPL.exe"
03/03/2007 14.12 |Size 341488 |Crc32 21539c52 |Md5 ed912845ce42dab2aaa854e3923f0e07

"C:\Programmi\eMule\Incoming\[App - ITA] - Corel Paint Shop Pro Photo X2 v12.01 + Keygen [Test OK]\[COREL] - Paint Shop Pro Photo X2 v12.01 + Keygen [ITA - Test OK]\Ulead VideoStudio\Setup\OEM\TargetMain\All\vstudio.exe"
16/03/2007 12.46 |Size 1254896 |Crc32 b6be85f4 |Md5 dfca03fb4416a7ee69247a36170725e3

"C:\Programmi\eMule\Incoming\[App - ITA] - Corel Paint Shop Pro Photo X2 v12.01 + Keygen [Test OK]\[COREL] - Paint Shop Pro Photo X2 v12.01 + Keygen [ITA - Test OK]\Ulead VideoStudio\Utilities\AVControlSDK\AVControl.exe"
06/03/2007 11.59 |Size 34699936 |Crc32 5d35e2f6 |Md5 2bc7f6c357735ae456e232e429319136

"C:\Programmi\eMule\Incoming\[App - ITA] - Corel Paint Shop Pro Photo X2 v12.01 + Keygen [Test OK]\[COREL] - Paint Shop Pro Photo X2 v12.01 + Keygen [ITA - Test OK]\Ulead VideoStudio\Utilities\Flash Player\flashplayer7_winax.exe"
04/09/2003 15.18 |Size 548352 |Crc32 28afbf8e |Md5 6e233b6151fd3e9858e168eb07896ffa

"C:\Programmi\eMule\Incoming\[App - ITA] - Corel Paint Shop Pro Photo X2 v12.01 + Keygen [Test OK]\[COREL] - Paint Shop Pro Photo X2 v12.01 + Keygen [ITA - Test OK]\Video Training\Lynda.exe"
15/08/2007 14.51 |Size 2404352 |Crc32 518038b5 |Md5 df0e9f2a337bc3add4d7be679b8d1555


################## | End of Report # FindyKill V5.021 ! |

[crazy.cat]

Reinstalla un antivirus (se stavi utilizzando Norton Internet Worm Protection[ (!) Disabled ]2006 è meglio se metti qualcosa di più nuovo come avira freeware)
e tutti i programmi di sicurezza danneggiati e fai una scansione completa rimuovendo quello che trova.
Dopo la scansione del tuo antivirus fai la scansione anche con combofix che vediamo se è rimasto qualcosa.

[Max1]

ok, provvedo subito. Grazie

[Max1]

non riesco a trovare un link valido per scaricare combofix...

[crazy.cat]

non riesco a trovare un link valido per scaricare combofix...

http://www.bleepingcomputer.com/combofi ... e-combofix

[Max1]

vabbhè in tanto sto facendo la scansione c on antivir e mi ci vorrà un po' di tempo. Quando finirà ti farò sapere x ora è già a 42 file sospetti...vedremo poi, grazie mille.

[Max1]

non riesco a scaricare combofix, ho cercato ma nessun link me lo fa scaricare...coe faccio

[Max1]

Riuscito a scaricare combofix e il file log è il seguente:

ComboFix 09-09-25.01 - alicetuttoincluso 13/12/2009 19.09.34.1.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.39.1040.18.1015.655 [GMT 1:00]
Eseguito da: c:\documents and settings\alicetuttoincluso\Desktop\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {00000002-0002-0000-3C24-9E7C08000A00}
FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
.
- MODALITÀ CON FUNZIONALITÀ RIDOTTE -
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\autorun.inf
D:\Autorun.inf

.
((((((((((((((((((((((((( Files Creati Da 2009-11-13 al 2009-12-13 )))))))))))))))))))))))))))))))))))
.

2009-12-13 15:24 . 2009-02-15 10:09 418 ----a-w- c:\windows\system32\mcp.cmd
2009-12-13 15:24 . 2009-12-13 16:00 -------- d-s---w- c:\programmi\BlackBerry Master Control Program
2009-12-13 15:24 . 2009-12-13 16:26 -------- d-----w- c:\programmi\BBSAK
2009-12-13 12:57 . 2009-12-13 12:57 -------- d-----w- c:\documents and settings\alicetuttoincluso\Dati applicazioni\Uniblue
2009-12-13 11:37 . 2009-03-30 08:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-12-13 11:37 . 2009-11-25 10:19 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-12-13 11:37 . 2009-02-13 10:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2009-12-13 11:37 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2009-12-13 11:37 . 2009-12-13 11:37 -------- d-----w- c:\programmi\Avira
2009-12-13 11:37 . 2009-12-13 11:37 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Avira
2009-12-13 10:31 . 2009-12-13 11:03 -------- d-----w- C:\FindyKill
2009-12-12 23:40 . 2009-12-13 17:30 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2009-12-12 23:40 . 2009-12-13 17:25 -------- d-----w- c:\programmi\Spybot - Search & Destroy
2009-12-12 23:04 . 2009-12-12 23:10 -------- d-----w- c:\documents and settings\alicetuttoincluso\Dati applicazioni\GetRightToGo
2009-12-12 20:34 . 2009-12-12 20:34 -------- d-----w- c:\programmi\Widget vodafone.it
2009-12-06 21:12 . 2009-12-07 16:07 -------- d-----w- c:\documents and settings\alicetuttoincluso\Impostazioni locali\Dati applicazioni\Corel
2009-12-06 21:11 . 2009-12-07 16:21 900 --sha-w- c:\windows\system32\KGyGaAvL.sys
2009-12-06 21:11 . 2009-12-06 21:11 -------- d-----w- c:\documents and settings\alicetuttoincluso\Dati applicazioni\Corel
2009-12-06 21:10 . 2009-12-06 21:10 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Corel
2009-12-06 21:01 . 2009-12-06 21:04 -------- d-----w- c:\programmi\File comuni\Corel
2009-12-06 21:01 . 2009-12-06 21:01 -------- d-----w- c:\programmi\Corel

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-13 18:06 . 2004-08-30 11:20 75474 ----a-w- c:\windows\system32\perfc010.dat
2009-12-13 18:06 . 2004-08-30 11:20 451016 ----a-w- c:\windows\system32\perfh010.dat
2009-12-13 17:54 . 2008-10-03 23:31 -------- d-----w- c:\programmi\eMule
2009-12-13 17:21 . 2009-01-31 18:16 256 ----a-w- c:\windows\system32\pool.bin
2009-12-13 16:19 . 2009-01-31 17:58 -------- d-----w- c:\programmi\File comuni\Research In Motion
2009-12-13 14:00 . 2008-12-03 18:26 -------- d-----w- c:\programmi\Burn4Free Toolbar
2009-12-13 11:10 . 2006-08-21 11:06 91200 ----a-w- c:\documents and settings\alicetuttoincluso\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2009-12-13 10:52 . 2006-08-21 09:27 -------- d-----w- c:\programmi\Google
2009-12-07 21:51 . 2006-08-21 10:54 -------- d-----w- c:\programmi\Virgilio Desktop Search
2009-12-07 21:49 . 2008-10-31 07:59 -------- d-----w- c:\programmi\Superenalotto 3000
2009-12-07 21:49 . 2006-04-17 01:59 -------- d--h--w- c:\programmi\InstallShield Installation Information
2009-12-07 21:46 . 2006-08-21 11:05 -------- d-----w- c:\programmi\Telecom Italia
2009-12-07 21:44 . 2008-07-31 14:18 -------- d-----w- c:\programmi\Alice ti aiuta
2009-11-15 11:22 . 2008-10-31 14:16 -------- d-----w- c:\programmi\myphotobook
2009-10-26 15:27 . 2009-10-10 18:20 -------- d-----w- c:\programmi\Yahoo!
2009-10-10 20:25 . 2009-10-10 20:25 411368 ----a-w- c:\windows\system32\deploytk.dll
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{63edf383-94e6-4b71-869e-40a373d3395b}"= "c:\programmi\radiogibson\tbrad0.dll" [2009-07-26 2215960]

[HKEY_CLASSES_ROOT\clsid\{63edf383-94e6-4b71-869e-40a373d3395b}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{63edf383-94e6-4b71-869e-40a373d3395b}]
2009-07-26 07:42 2215960 ----a-w- c:\programmi\radiogibson\tbrad0.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{63edf383-94e6-4b71-869e-40a373d3395b}"= "c:\programmi\radiogibson\tbrad0.dll" [2009-07-26 2215960]

[HKEY_CLASSES_ROOT\clsid\{63edf383-94e6-4b71-869e-40a373d3395b}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{63EDF383-94E6-4B71-869E-40A373D3395B}"= "c:\programmi\radiogibson\tbrad0.dll" [2009-07-26 2215960]

[HKEY_CLASSES_ROOT\clsid\{63edf383-94e6-4b71-869e-40a373d3395b}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"="c:\programmi\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
"ISUSPM"="c:\programmi\File comuni\InstallShield\UpdateService\ISUSPM.exe" [2008-10-24 206112]
"SpybotSD TeaTimer"="c:\programmi\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BlackBerryAutoUpdate"="c:\programmi\File comuni\Research In Motion\Auto Update\RIMAutoUpdate.exe" [2009-07-03 623960]
"RoxWatchTray"="c:\programmi\File comuni\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2009-04-11 236016]
"QuickTime Task"="c:\programmi\QuickTime\QTTask.exe" [2009-09-04 417792]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2009-10-10 149280]
"avgnt"="c:\programmi\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"Corel Photo Downloader"="c:\programmi\File comuni\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" [2007-08-16 531272]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-19 15360]

c:\documents and settings\alicetuttoincluso\Menu Avvio\Programmi\Esecuzione automatica\
Widget vodafone.lnk - c:\programmi\Widget vodafone.it\Widget vodafone.it.exe [2009-12-12 95744]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="c:\windows\system32\userinit.exe,c:\windows\system32\drivers\services.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard]
2005-07-25 18:41 40960 ----a-w- c:\programmi\HPQ\IAM\Bin\AsWlnPkg.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli AsWlnPkg

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Avvio veloce di Adobe Reader.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Avvio veloce di Adobe Reader.lnk
backup=c:\windows\pss\Avvio veloce di Adobe Reader.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^BTTray.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\BTTray.lnk
backup=c:\windows\pss\BTTray.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^DVD Check.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\DVD Check.lnk
backup=c:\windows\pss\DVD Check.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\SMINST\\Scheduler.exe"=
"c:\\WINDOWS\\ESUpdate.exe"=
"c:\\Programmi\\WinMX\\WinMX.exe"=
"c:\programmi\Microsoft ActiveSync\rapimgr.exe"= c:\programmi\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\programmi\Microsoft ActiveSync\wcescomm.exe"= c:\programmi\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\programmi\Microsoft ActiveSync\WCESMgr.exe"= c:\programmi\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Programmi\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Programmi\\Messenger\\msmsgs.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"5606:TCP"= 5606:TCP:hdmkq

R2 ASChannel;Canale di comunicazione locale;c:\windows\System32\svchost.exe -k Cognizance [19/08/2004 9.00.00 14336]
S2 edeuks;dukcdg;c:\windows\system32\svchost.exe -k netsvcs [19/08/2004 9.00.00 14336]
S2 Network WanMiniport First Position;Network WanMiniport First Position;c:\programmi\Telecom Italia\WanMiniport1st\srvany.exe [13/10/2008 10.07.28 8192]
S3 AVSim;Cx2388x Multifunction Helper driver;c:\windows\system32\drivers\AVSim.sys [30/08/2008 10.31.24 13312]
S3 OmniTV;Cx2388x AvStream Video Capture;c:\windows\system32\drivers\OmniTV.sys [04/10/2006 9.37.16 198528]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Cognizance REG_MULTI_SZ ASChannel

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
edeuks

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1bd906e8-a999-11dd-a628-001a732822cb}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1fe3712a-311c-11db-85cf-0016417ef8c1}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{29f04836-4718-11de-a6b5-001a732822cb}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{36bb6efa-b68b-11de-a700-001a732822cb}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4df42656-b5c9-11de-a6fe-001a732822cb}]
\Shell\AutoRun\command - F:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4df42659-b5c9-11de-a6fe-001a732822cb}]
\Shell\AutoRun\command - H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4df4265a-b5c9-11de-a6fe-001a732822cb}]
\Shell\AutoRun\command - F:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4df4265d-b5c9-11de-a6fe-001a732822cb}]
\Shell\AutoRun\command - H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4e8257e4-310d-11db-85c8-0016417ef8c1}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{51065967-76e8-11dd-a5d9-001a732822cb}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RUNdLl32.ExE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{51065968-76e8-11dd-a5d9-001a732822cb}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6199df8e-334f-11db-85e6-0014a5b5cab3}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{706eac14-25c4-11de-a695-001a732822cb}]
\Shell\AutoRun\command - F:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{706eac15-25c4-11de-a695-001a732822cb}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{711af11c-ed5f-11dd-a677-001a732822cb}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7e5b59a6-327b-11db-85d2-0014a5b5cab3}]
\Shell\AutoRun\command - d:\hpsecure\Windows\HPSecure30.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a0db70a4-4161-11de-a6af-001a732822cb}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b5b725da-4acc-11de-a6ba-001a732822cb}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b5b725dd-4acc-11de-a6ba-001a732822cb}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c0239ef8-495e-11db-94b6-0014a5e3ede8}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d5f6cc4a-464b-11de-a6b3-001a732822cb}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d7345e46-a885-11de-a6f9-001a732822cb}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e2be3630-3284-11db-85d7-0014a5b5cab3}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e2ed4954-9559-11dd-a60e-001a732822cb}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e2ed4955-9559-11dd-a60e-001a732822cb}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f807906a-748e-11dd-a5d1-001a732822cb}]
\Shell\AutoRun\command - F:\lcw.exe
\Shell\open\Command - F:\lcw.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f8a22842-328b-11db-85da-0014a5b5cab3}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
uInternet Connection Wizard,ShellNext = hxxp://www.virgilio.it/
uInternet Settings,ProxyOverride = 127.0.0.1
uSearchURL,(Default) = hxxp://uk.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
IE: Invia a &Bluetooth - c:\programmi\WIDCOMM\Software Bluetooth\btsendto_ie_ctx.htm
TCP: {9AAB51EE-A0CD-42B0-AC27-54EAE3ABF37F} = 151.99.125.1
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\alicetuttoincluso\Dati applicazioni\Mozilla\Firefox\Profiles\3wvqu3e1.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.google.it/
FF - prefs.js: keyword.URL - hxxp://uk.search.yahoo.com/search?ei=UT ... ff-ytie&p=
FF - plugin: c:\documents and settings\alicetuttoincluso\Dati applicazioni\Mozilla\Firefox\Profiles\3wvqu3e1.default\extensions\StreamingPlugin@conviva.com\platform\WINNT_x86-msvc\plugins\npconviva.4.dll
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

WebBrowser-{4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - c:\programmi\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll
HKCU-Run-msnmsgr - c:\programmi\Windows Live\Messenger\msnmsgr.exe
HKLM-Run-Pinnacle WebUpdater - c:\programmi\Pinnacle\Shared Files\Programs\WebUpdater\WebUpdater.exe
HKU-Default-Run-[system] - c:\windows\system32\drivers\services.exe
AddRemove-RoboMX - c:\documents and settings\alicetuttoincluso\Desktop\RoboMX\uninst-RoboMX.exe
AddRemove-RSS Reader - c:\programmi\RSS Reader\Uninstall.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-13 19:09
Windows 5.1.2600 Service Pack 2 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\edeuks]
"ServiceDll"="c:\windows\system32\doztys.dll"
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"cd042efbbd7f7af1647644e76e06692b"=hex:e2,63,26,f1,3f,c8,ff,68,12,3e,8c,91,bf,
d3,20,97,e2,63,26,f1,3f,c8,ff,68,01,a8,49,e8,4f,7f,95,5a,e2,63,26,f1,3f,c8,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"bca643cdc5c2726b20d2ecedcc62c59b"=hex:46,47,15,b0,92,4b,c7,ef,8b,34,2e,4c,80,
8d,40,42,6a,9c,d6,61,af,45,84,18,61,47,bb,d9,60,32,27,6a,6a,9c,d6,61,af,45,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2c81e34222e8052573023a60d06dd016"=hex:ff,7c,85,e0,43,d4,0e,fe,0b,f0,dc,ea,0e,
5d,bc,65,ff,7c,85,e0,43,d4,0e,fe,0d,3e,41,50,71,ac,27,6e,ff,7c,85,e0,43,d4,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2582ae41fb52324423be06337561aa48"=hex:3e,1e,9e,e0,57,5a,93,61,96,46,cc,b8,63,
77,19,4d,86,8c,21,01,be,91,eb,e7,19,a9,8e,ae,39,37,e9,75,86,8c,21,01,be,91,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"caaeda5fd7a9ed7697d9686d4b818472"=hex:f5,1d,4d,73,a8,13,5c,05,66,ee,10,b2,94,
4b,5f,dc,f5,1d,4d,73,a8,13,5c,05,d4,62,fb,18,92,e0,08,d7,f5,1d,4d,73,a8,13,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:b0,18,ed,a7,3f,8d,37,a4,12,4d,da,c8,e6,
f5,46,a1,df,20,58,62,78,6b,cf,c8,43,ae,b7,c6,28,08,64,2a,df,20,58,62,78,6b,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"4d370831d2c43cd13623e232fed27b7b"=hex:97,20,4e,9a,c7,f1,35,ee,07,07,0e,23,e6,
d6,ff,f0,fb,a7,78,e6,12,2f,9a,ea,62,f8,e0,85,3d,b1,4b,5c,fb,a7,78,e6,12,2f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1d68fe701cdea33e477eb204b76f993d"=hex:01,3a,48,fc,e8,04,4a,f1,f1,d5,3b,34,c4,
1a,76,b5,01,3a,48,fc,e8,04,4a,f1,93,e3,cd,af,85,53,f0,b4,01,3a,48,fc,e8,04,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1fac81b91d8e3c5aa4b0a51804d844a3"=hex:51,fa,6e,91,28,9e,14,cc,57,5c,3c,4f,43,
ea,db,de,f6,0f,4e,58,98,5b,89,c9,c5,85,63,88,6b,8c,ea,ab,f6,0f,4e,58,98,5b,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"f5f62a6129303efb32fbe080bb27835b"=hex:3d,ce,ea,26,2d,45,aa,78,02,ce,ec,c4,30,
2e,63,95,3d,ce,ea,26,2d,45,aa,78,52,15,01,14,90,71,c2,a1,3d,ce,ea,26,2d,45,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:e3,0e,66,d5,eb,bc,2f,6b,a6,1a,e5,7e,26,
5d,d9,c5,2a,b7,cc,b5,b9,7f,41,e7,91,73,b8,2d,d2,b2,1a,08,2a,b7,cc,b5,b9,7f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"8a8aec57dd6508a385616fbc86791ec2"=hex:6c,43,2d,1e,aa,22,2f,9c,19,c8,0a,38,21,
69,6a,4c,6c,43,2d,1e,aa,22,2f,9c,23,36,ed,31,15,80,f2,52,6c,43,2d,1e,aa,22,\

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'winlogon.exe'(900)
c:\programmi\HPQ\IAM\Bin\AsWlnPkg.dll
c:\windows\system32\msi.dll

- - - - - - - > 'lsass.exe'(960)
c:\programmi\HPQ\IAM\bin\AsWlnPkg.dll
.
Ora fine scansione: 2009-12-13 19.11.29
ComboFix-quarantined-files.txt 2009-12-13 18:11

Pre-Run: 7.866.073.088 byte disponibili
Post-Run: 8.226.123.776 byte disponibili

WindowsXP-KB310994-SP2-Home-BootDisk-ITA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

319 --- E O F --- 2009-03-12 02:01

[crazy.cat]

Come va adesso il pc?

disattiva il ripristino della configurazione e riavvia il pc. Lascialo disattivato sino al termine delle pulizie.
http://www.MegaLab.it/2330

Scarica Avenger
Estrailo in una cartella a tua scelta
Esegui il file avenger.exe con la figura di una spada
Ora incolla queste righe nella box bianca che si è aperta:

Codice: Seleziona tutto

Files to delete:
c:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx
c:\windows\system32\doztys.dll

Registry keys to delete:
HKLM\SYSTEM\CurrentControlSet\Services\edeuks

Togli il segno di spunta dalla voce Scan for Rootkits
Premi il pulsante Execute
Rispondi di Si alle due richieste di Avenger
Adesso il tuo computer dovrebbe riavviarsi, nel caso non succedesse, riavvialo tu manualmente
Al riavvio del computer, copia e incolla qui il contenuto del blocco note che apparirà.

[Max1]

Ciao crazy, Inizio nel scusarmi se non ho postato più ma non avevo più una connessione internet e quindi ero impossibilitato ad accedere al sito, poi visto la giornata volevo farti i miei auguri di buon natale a te e a tutti i membri del forum. Bene, ritornando a noi, ho fatto quello che hai detto e questo è il log che mi è comparso dopo il riavvio del portatile

Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:


Error: could not open file "c:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx"
Deletion of file "c:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
bad path / the parent directory does not exist


Error: file "c:\windows\system32\doztys.dll" not found!
Deletion of file "c:\windows\system32\doztys.dll" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
the object does not exist

Registry key "HKLM\SYSTEM\CurrentControlSet\Services\edeuks" deleted successfully.

Completed script processing.

*******************

Finished! Terminate.