Wsnpoem me ha jodido el sistema

Las lineas que no puedas eliminar borra el archivo al que hacen referencia y asi dejaran de funcionar aunque sigan activas. Lo más facil es borrarlas con un antivirus si son virus. Si no son virus tendras que borrarlas arrancando el ordenador con el CD de instalación de Windows XP y seguiendo el procedimieto de esta web http://support.microsoft.com/kb/307654/es mediante esta Consola de recuperación y el comando DEL podras borrar cualquier archivo

Gracais! ya hice lo que me dijiste, pero aun no veo que funcione bien, podrias, por favor darle una mirada al nuevo log de hijack que hice?
Ademas analizando con el ant me sale que tengo un spyware en el puerto 1034 mydoom.a troyano
y el puerto 1025 otros tres troyanos, que no me los detecta ningun programa antivirus/malare.
 Como deshabilito esos puertos?
Gracias!
Hstar
Scan saved at 9:41:36 AM, on 3/13/2008
Platform: Windows XP SP2 Home Edition Service Pack 2 (Build 2600)
MSIE: Internet Explorer (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRAMMI\Grisoft\AVG ANTI-SPYWARE 7.5\guard.exe
C:\Programmi\Grisoft\AVG Free\avgamsvr.exe
C:\Programmi\Grisoft\AVG Free\avgupsvc.exe
C:\WINDOWS\system32\cisvc.exe
C:\PROGRAMMI\FILE COMUNI\MICROSOFT SHARED\VS7Debug\mdm.exe
C:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin
SvcLog.exe
C:\WINDOWS\system32
vsvc32.exe
C:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin
SvcIp.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\explorer.exe
C:\PROGRAMMI\Grisoft\AVG ANTI-SPYWARE 7.5\avgas.exe
C:\PROGRAMMI\Java\JRE1.6.0_03\bin\jusched.exe
C:\PROGRAMMI\BILLP STUDIOS\WINPATROL\WINPATROL.EXE
C:\Programmi\Grisoft\AVG Free\avgcc.exe
C:\Programmi\Grisoft\AVG Free\avgemc.exe
C:\PROGRAMMI\U.S. ROBOTICS\USB INTERNET MINI PHONE\USROBOTICS USB INTERNET MINI PHONE.EXE
C:\PROGRAMMI\LEXMARK 1200 SERIES\lxczbmgr.exe
C:\PROGRAMMI\LEXMARK 1200 SERIES\lxczbmon.exe
C:\PROGRAMMI\FILE COMUNI\Real\UPDATE_OB\REALSCHED.EXE
C:\Programmi\Nero\Nero PhotoShow 4\data\Xtras\mssysmgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRAMMI\SPYBOT - SEARCH & DESTROY\TeaTimer.exe
C:\PROGRAMMI\BILLP STUDIOS\WINPATROL\WINPATROLEX.EXE
C:\ARCHIVOS DE PROGRAMA\SUPERANTI\SUPERANTISPYWARE.EXE
C:\PROGRAMMI\MOZILLA FIREFOX\firefox.exe
C:\WINDOWS\system32\cmd.exe
C:\PROGRAMMI\ADSLNet\NAVIGATION TOOLS\ADSLNETTOOLS.EXE
C:\WINDOWS\system32
undll32.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
O4 - HKLM\..\Run: [!AVG Anti-Spyware]C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\avgas.exe /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched]C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [WinPatrol]C:\Programmi\BillP Studios\WinPatrol\winpatrol.exe
O4 - HKLM\..\Run: [AVG7_CC]C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC]C:\Programmi\Grisoft\AVG Free\avgemc.exe
O4 - HKLM\..\Run: [USRobotics USB Internet Mini Phone]C:\Programmi\U.S. Robotics\USB Internet Mini Phone\USRobotics USB Internet Mini Phone.exe
O4 - HKLM\..\Run: [Lexmark 1200 Series]C:\Programmi\Lexmark 1200 Series\lxczbmgr.exe
O4 - HKLM\..\Run: [TkBellExe]C:\Programmi\File comuni\Real\Update_OB
ealsched.exe -osboot
O4 - HKLM\..\Run: [NvCplDaemon]C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz]nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter]C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Nero PhotoShow Media Manager]C:\Programmi\Nero\Nero PhotoShow 4\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [ctfmon.exe]C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer]C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [JustVoip]C:\Programmi\JustVoip.com\JustVoip\JustVoip.exe -nosplash -minimized
O4 - HKCU\..\Run: [ares]C:\Programmi\Ares\Ares.exe -h
O4 - HKCU\..\Run: [SUPERAntiSpyware]C:\Archivos de Programa\superanti\SUPERAntiSpyware.exe
O4 - Global Startup: Microsoft Office.lnk=C:\Programmi\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O11 - Options group: [] -
O11 - Options group: [] -
O11 - Options group: [Java (Sun)] Java (Sun) - C:\Programmi\Java\jre1.6.0_03\bin
O14 - IERESET.INF: START_PAGE_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
O14 - IERESET.INF: SEARCH_PAGE_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
O14 - IERESET.INF:HKCU, Start Page = %START_PAGE_URL%
O14 - IERESET.INF:HKLM, Default_Page_URL = %START_PAGE_URL%
O14 - IERESET.INF:HKLM, Default_Search_URL = %SEARCH_PAGE_URL%
O14 - IERESET.INF:HKLM, Search Page = %SEARCH_PAGE_URL%
O14 - IERESET.INF:HKCU, Search Page = %SEARCH_PAGE_URL%
O16 - DPF: Microsoft XML Parser for Java (xmldso) - file://C:\WINDOWS\Java\classes\xmldso.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (http://download.macromedia.com/pub/shockwave/cabs/director/sw) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} (http://download.macromedia.com/pub/shockwave/cabs/director/sw) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/cabs/ascstubie.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_03) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} (Java Plug-in 1.6.0_01) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} (Java Plug-in 1.6.0_03) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_03) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O21 - UPnPMonitor - UPnP Tray Monitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll
O23 - Service: Servizio helper IPv6 - Microsoft Corporation - C:\WINDOWS\system32\6to4svc.dll
O23 - Service: Avvisi - Microsoft Corporation - C:\WINDOWS\system32\alrsvc.dll
O23 - Service: Servizio Gateway di livello applicazione - Microsoft Corporation - C:\WINDOWS\system32\alg.exe
O23 - Service: Gestione applicazione - - C:\WINDOWS\System32\appmgmts.dll
O23 - Service: Ares Chatroom server - Ares Development Group - C:\Programmi\Ares\chatServer.exe
O23 - Service: Servizio stato di ASP.NET - Microsoft Corporation - C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
O23 - Service: Audio Windows - Microsoft Corporation - C:\WINDOWS\system32\audiosrv.dll
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server - GRISOFT, s.r.o. - C:\Programmi\Grisoft\AVG Free\avgamsvr.exe
O23 - Service: AVG7 Update Service - GRISOFT, s.r.o. - C:\Programmi\Grisoft\AVG Free\avgupsvc.exe
O23 - Service: Servizio trasferimento intelligente in background - Microsoft Corporation - C:\WINDOWS\system32\qmgr.dll
O23 - Service: Browser di computer - Microsoft Corporation - C:\WINDOWS\system32\browser.dll
O23 - Service: Servizio di indicizzazione - Microsoft Corporation - C:\WINDOWS\system32\cisvc.exe
O23 - Service: ClipBook - Microsoft Corporation - C:\WINDOWS\system32\clipsrv.exe
O23 - Service: Applicazione di sistema COM+ - - C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
O23 - Service: Servizi di crittografia - Microsoft Corporation - C:\WINDOWS\system32\cryptsvc.dll
O23 - Service: Utilità di avvio processo server DCOM - Microsoft Corporation - C:\WINDOWS\system32
pcss.dll
O23 - Service: Client DHCP - Microsoft Corporation - C:\WINDOWS\system32\dhcpcsvc.dll
O23 - Service: Servizio amministrativo di Gestione disco logico - - C:\WINDOWS\System32\dmadmin.exe /com
O23 - Service: Gestione dischi logici - Microsoft Corp. - C:\WINDOWS\system32\dmserver.dll
O23 - Service: Client DNS - Microsoft Corporation - C:\WINDOWS\system32\dnsrslvr.dll
O23 - Service: Servizio di segnalazione errori - Microsoft Corporation - C:\WINDOWS\system32\ersvc.dll
O23 - Service: Registro eventi - Microsoft Corporation - C:\WINDOWS\system32\services.exe
O23 - Service: Sistema di eventi COM+ - Microsoft Corporation - C:\WINDOWS\system32\es.dll
O23 - Service: Compatibilità di Cambio rapido utente - Microsoft Corporation - C:\WINDOWS\system32\shsvcs.dll
O23 - Service: Guida in linea e supporto tecnico - Microsoft Corporation - C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
O23 - Service: HID Input Service - Microsoft Corporation - C:\WINDOWS\system32\hidserv.dll
O23 - Service: SSL HTTP - Microsoft Corporation - C:\WINDOWS\system32\w3ssl.dll
O23 - Service: Servizio COM di masterizzazione CD IMAPI - Microsoft Corporation - C:\WINDOWS\system32\imapi.exe
O23 - Service: Servizio iPod - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: Monitor infrarossi - Microsoft Corporation - C:\WINDOWS\system32\irmon.dll
O23 - Service: Server - Microsoft Corporation - C:\WINDOWS\system32\srvsvc.dll
O23 - Service: Workstation - Microsoft Corporation - C:\WINDOWS\system32\wkssvc.dll
O23 - Service: LexBce Server - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Helper NetBIOS di TCP/IP - Microsoft Corporation - C:\WINDOWS\system32\lmhsvc.dll
O23 - Service: Machine Debug Manager - Microsoft Corporation - C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
O23 - Service: Messenger - Microsoft Corporation - C:\WINDOWS\system32\msgsvc.dll
O23 - Service: Condivisione desktop remoto di NetMeeting - Microsoft Corporation - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: Distributed Transaction Coordinator - Microsoft Corporation - C:\WINDOWS\system32\msdtc.exe
O23 - Service: Windows Installer - - C:\WINDOWS\system32\msiexec.exe /V
O23 - Service: DDE di rete - Microsoft Corporation - C:\WINDOWS\system32
etdde.exe
O23 - Service: DDE DSDM di rete - Microsoft Corporation - C:\WINDOWS\system32
etdde.exe
O23 - Service: Accesso rete - Microsoft Corporation - C:\WINDOWS\system32\lsass.exe
O23 - Service: Connessioni di rete - Microsoft Corporation - C:\WINDOWS\system32
etman.dll
O23 - Service: NLA (Network Location Awareness) - Microsoft Corporation - C:\WINDOWS\system32\mswsock.dll
O23 - Service: ForceWare IP service - NVIDIA Corporation - C:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin
SvcIp.exe
O23 - Service: ForceWare user log service - NVIDIA Corporation - C:\Programmi\NVIDIA Corporation\NetworkAccessManager\bin
SvcLog.exe
O23 - Service: Provider supporto protezione LM NT - Microsoft Corporation - C:\WINDOWS\system32\lsass.exe
O23 - Service: Archivi rimovibili - Microsoft Corporation - C:\WINDOWS\system32
tmssvc.dll
O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: Agente SAP - Microsoft Corporation - C:\WINDOWS\system32\ipxsap.dll
O23 - Service: Plug and Play - Microsoft Corporation - C:\WINDOWS\system32\services.exe
O23 - Service: Servizi IPSEC - Microsoft Corporation - C:\WINDOWS\system32\lsass.exe
O23 - Service: Archiviazione protetta - Microsoft Corporation - C:\WINDOWS\system32\lsass.exe
O23 - Service: Auto Connection Manager di Accesso remoto - Microsoft Corporation - C:\WINDOWS\system32
asauto.dll
O23 - Service: Connection Manager di Accesso remoto - Microsoft Corporation - C:\WINDOWS\system32
asmans.dll
O23 - Service: Gestione sessione di assistenza mediante desktop remoto - Microsoft Corporation - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Routing e Accesso remoto - Microsoft Corporation - C:\WINDOWS\system32\mprdim.dll
O23 - Service: RPC Locator - Microsoft Corporation - C:\WINDOWS\system32\locator.exe
O23 - Service: RPC (Remote Procedure Call) - Microsoft Corporation - C:\WINDOWS\system32
pcss.dll
O23 - Service: QoS RSVP - Microsoft Corporation - C:\WINDOWS\system32
svp.exe
O23 - Service: Gestione account di protezione (SAM) - Microsoft Corporation - C:\WINDOWS\system32\lsass.exe
O23 - Service: smart card - Microsoft Corporation - C:\WINDOWS\system32\scardsvr.exe
O23 - Service: Utilità di pianificazione - Microsoft Corporation - C:\WINDOWS\system32\schedsvc.dll
O23 - Service: Accesso secondario - Microsoft Corporation - C:\WINDOWS\system32\seclogon.dll
O23 - Service: Notifica eventi di sistema - Microsoft Corporation - C:\WINDOWS\system32\sens.dll
O23 - Service: Windows Firewall / Condivisione connessione Internet (ICS) - Microsoft Corporation - C:\WINDOWS\system32\ipnathlp.dll
O23 - Service: Rilevamento hardware shell - Microsoft Corporation - C:\WINDOWS\system32\shsvcs.dll
O23 - Service: Spooler di stampa - Microsoft Corporation - C:\WINDOWS\system32\spoolsv.exe
O23 - Service: Servizio Ripristino configurazione di sistema - Microsoft Corporation - C:\WINDOWS\system32\srsvc.dll
O23 - Service: Servizio di rilevamento SSDP - Microsoft Corporation - C:\WINDOWS\system32\ssdpsrv.dll
O23 - Service: Acquisizione di immagini di Windows (WIA) - Microsoft Corporation - C:\WINDOWS\system32\wiaservc.dll
O23 - Service: MS Software Shadow Copy Provider - - C:\WINDOWS\system32\dllhost.exe /Processid:{FD25C8CF-D2C3-4E96-9357-383272B24301}
O23 - Service: Avvisi e registri di prestazioni - Microsoft Corporation - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Telefonia - Microsoft Corporation - C:\WINDOWS\system32\tapisrv.dll
O23 - Service: Servizi terminal - Microsoft Corporation - C:\WINDOWS\system32\termsrv.dll
O23 - Service: Temi - Microsoft Corporation - C:\WINDOWS\system32\shsvcs.dll
O23 - Service: Manutenzione collegamenti distribuiti client - Microsoft Corporation - C:\WINDOWS\system32\trkwks.dll
O23 - Service: Host di periferiche Plug and Play universali - Microsoft Corporation - C:\WINDOWS\system32\upnphost.dll
O23 - Service: Gruppo di continuità - Microsoft Corporation - C:\WINDOWS\system32\ups.exe
O23 - Service: Messenger Sharing Folders USN Journal Reader service - Microsoft Corporation - C:\Programmi\MSN Messenger\usnsvc.exe
O23 - Service: Copia replicata del volume - Microsoft Corporation - C:\WINDOWS\system32\vssvc.exe
O23 - Service: Ora di Windows - Microsoft Corporation - C:\WINDOWS\system32\w32time.dll
O23 - Service: WebClient - Microsoft Corporation - C:\WINDOWS\system32\webclnt.dll
O23 - Service: Strumentazione gestione Windows - Microsoft Corporation - C:\WINDOWS\system32\wbem\wmisvc.dll
O23 - Service: Servizio Numero di serie per dispositivi multimediali portatili - Microsoft Corporation - C:\WINDOWS\system32\mspmsnsv.dll
O23 - Service: Scheda WMI Performance - Microsoft Corporation - C:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Centro sicurezza PC - Microsoft Corporation - C:\WINDOWS\system32\wscsvc.dll
O23 - Service: Aggiornamenti automatici - Microsoft Corporation - C:\WINDOWS\system32\wuauserv.dll
O23 - Service: Windows Driver Foundation - User-mode Driver Framework - Microsoft Corporation - C:\WINDOWS\system32\WudfSvc.dll
O23 - Service: Zero Configuration reti senza fili - Microsoft Corporation - C:\WINDOWS\system32\wzcsvc.dll
O23 - Service: Servizio Provisioning di rete - Microsoft Corporation - C:\WINDOWS\system32\xmlprov.dll
O24 - Desktop Component 0: Pagina iniziale corrente - About:Home
--- Additional WinPatrol Info ---
Default Browser: Firefox - Firefox version 2.0.0.12
MSIE: Internet Explorer (6.00.2900.2180)
Firefox 2.0.0.12 installed in C:\Programmi\Mozilla Firefox.
1 IE Cookies in Folder: C:\Documents and Settings\hugo.ESTRELLA-1B6035\Cookies\
0 Mozilla Cookies in Folder: C:\Documents and Settings\hugo.ESTRELLA-1B6035\Dati applicazioni\Mozilla\FireFox\Profiles\bfq59zes.default
WP00 - HKLM\CS1: BootExecute = autocheck autochk *
WP00 - HKLM\CCS: BootExecute = autocheck autochk *
WP02 - HKLM\CCS: Command = C:\WINDOWS\system32\cmd.exe
WP03 - Windows Automatic Update = 4:Automatically download recommended updates for my computer and install them.
WP08 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix: Default = http://
WP08 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes: www = http://
WP32 - Hidden File: C:\boot.ini
WP32 - Hidden File: C:\Bootfont.bin
WP32 - Hidden File: C:\IO.SYS
WP32 - Hidden File: C:\MSDOS.SYS
WP32 - Hidden File: C:\NTDETECT.COM
WP32 - Hidden File: C:
tldr
WP32 - Hidden File: C:\pagefile.sys
WP32 - Hidden File: C:\WINDOWS\WindowsShell.Manifest
WP32 - Hidden File: C:\WINDOWS\winnt.bmp
WP32 - Hidden File: C:\WINDOWS\winnt256.bmp
WP32 - Hidden File: C:\WINDOWS\system32\29A5CD40B7.sys
WP32 - Hidden File: C:\WINDOWS\system32\cdplayer.exe.manifest
WP32 - Hidden File: C:\WINDOWS\system32\config\DEFAULT.LOG
WP32 - Hidden File: C:\WINDOWS\system32\config\SAM.LOG
WP32 - Hidden File: C:\WINDOWS\system32\config\SECURITY.LOG
WP32 - Hidden File: C:\WINDOWS\system32\config\SOFTWARE.LOG
WP32 - Hidden File: C:\WINDOWS\system32\config\SYSTEM.LOG
WP32 - Hidden File: C:\WINDOWS\system32\config\userdiff.LOG
WP32 - Hidden File: C:\WINDOWS\system32\config\userdifr.LOG
WP32 - Hidden File: C:\WINDOWS\system32\KGyGaAvL.sys
WP32 - Hidden File: C:\WINDOWS\system32\logonui.exe.manifest
WP32 - Hidden File: C:\WINDOWS\system32
cpa.cpl.manifest
WP32 - Hidden File: C:\WINDOWS\system32\NTICDMK32.dll
WP32 - Hidden File: C:\WINDOWS\system32
wc.cpl.manifest
WP32 - Hidden File: C:\WINDOWS\system32\Restore\filelist.xml
WP32 - Hidden File: C:\WINDOWS\system32\sapi.cpl.manifest
WP32 - Hidden File: C:\WINDOWS\system32\WindowsLogon.manifest
WP32 - Hidden File: C:\WINDOWS\system32\wuaucpl.cpl.manifest
WP33 - File Type .AVI: [Video clip]C:\Programmi\Windows Media Player\wmplayer.exe /prefetch:8 /Open %L
WP33 - File Type .BAT: [File batch MS-DOS]%1 %*
WP33 - File Type .CAB: [File cabinet]C:\WINDOWS\Explorer.exe /idlist,%I,%L
WP33 - File Type .CAT: [Catalogo protezione]rundll32.exe cryptext.dll,CryptExtOpenCAT %1
WP33 - File Type .CHM: [File di HTML Help compilato]C:\WINDOWS\hh.exe %1
WP33 - File Type .COM: [Applicazione per MS-DOS]%1 %*
WP33 - File Type .CMD: [Script di comandi Windows NT]%1 %*
WP33 - File Type .CSS: [Documento CSS]C:\PROGRA~1\MICROS~2\Office10\FRONTPG.EXE %1
WP33 - File Type .DOC: [Documento di Microsoft Word]C:\Programmi\Microsoft Office\Office10\WINWORD.EXE /n /dde
WP33 - File Type .EML: [Internet E-Mail Message]C:\Programmi\Outlook Express\msimn.exe /eml:%1
WP33 - File Type .EXE: [Applicazione]%1 %*
WP33 - File Type .INF: [Informazioni di installazione]C:\WINDOWS\System32\NOTEPAD.EXE %1
WP33 - File Type .JS: [File di script JScript]C:\WINDOWS\System32\WScript.exe %1 %*
WP33 - File Type .LOG: [Documento di testo]C:\WINDOWS\system32\NOTEPAD.EXE %1
WP33 - File Type .MSI: [Windows Installer Package]C:\WINDOWS\System32\msiexec.exe /i %1 %*
WP33 - File Type .MSG: [Elemento di Outlook]C:\Programmi\Microsoft Office\Office10\OUTLOOK.EXE /f %1
WP33 - File Type .MID: [ALLPlayer]C:\Programmi\MarBit\ALLPlayer\ALLPlayer.exe %1
WP33 - File Type .MP3: [ALLPlayer]C:\Programmi\MarBit\ALLPlayer\ALLPlayer.exe %1
WP33 - File Type .MP3: [Audio formato MP3]C:\Programmi\Windows Media Player\wmplayer.exe /prefetch:6 /Open %L
WP33 - File Type .PIF: [Collegamento ad un programma per MS-DOS]%1 %*
WP33 - File Type .RAM: [RealPlayer Presentation]C:\Program Files\Real\RealPlayer\RealPlay.exe %1
WP33 - File Type .REG: [Voci di registrazione]regedit.exe %1
WP33 - File Type .RTF: [RTF (Rich Text Format)]C:\Programmi\Microsoft Office\Office10\WINWORD.EXE /n /dde
WP33 - File Type .SBS: [Spyware supplemental file]C:\Programmi\Spybot - Search & Destroy\SpybotSD.exe %1
WP33 - File Type .SCR: [Screen saver]%1 /S
WP33 - File Type .TXT: [Documento di testo]C:\WINDOWS\system32\NOTEPAD.EXE %1
WP33 - File Type .URL: [Collegamento Internet]rundll32.exe shdocvw.dll,OpenURL %l
WP33 - File Type .VBS: [File di script VBScript]C:\WINDOWS\System32\WScript.exe %1 %*
WP33 - File Type .VBE: [File di script codificato in VBScript]C:\WINDOWS\System32\WScript.exe %1 %*
WP33 - File Type .WSF: [File di script Windows]C:\WINDOWS\System32\WScript.exe %1 %*
WP33 - File Type .WSH: [File di impostazioni di Windows Script Host]C:\WINDOWS\System32\WScript.exe %1 %*
WP33 - File Type .XLS: [Foglio di lavoro di Microsoft Excel]C:\Programmi\Microsoft Office\Office10\EXCEL.EXE /e
Memory currently in use: 63%
Physical Memory Free: 166,040 KB
Paging File Free: 586,956 KB
Virtual Memory Free: 2,051,800 KB
--
End of file