Aiutamici Forum
Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Aiutamici Forum » Computer & Internet » Problemi Informatici » Mi controllate i LOG che mi avete indicato di postare...!!!!

Mi controllate i LOG che mi avete indicato di postare...!!!! Opzioni
Topic Precedente · Topic Sucessivo
cavalieredaniele
Inviato: Friday, March 13, 2009 12:36:55 PM
Rank: Newbie

Iscritto dal : 3/12/2009
Posts: 0
Spero di aver fatto correttamente tutte le operazioni che r16 mi ha indicato........!!!



Malwarebytes' Anti-Malware 1.34
Versione del database: 1842
Windows 5.1.2600 Service Pack 3

13/03/2009 11.59.19
mbam-log-2009-03-13 (11-59-19).txt

Tipo di scansione: Scansione completa (C:\|E:\|)
Elementi scansionati: 290789
Tempo trascorso: 2 hour(s), 49 minute(s), 48 second(s)

Processi delle memoria infetti: 0
Moduli della memoria infetti: 0
Chiavi di registro infette: 0
Valori di registro infetti: 1
Elementi dato del registro infetti: 0
Cartelle infette: 0
File infetti: 0

Processi delle memoria infetti:
(Nessun elemento malevolo rilevato)

Moduli della memoria infetti:
(Nessun elemento malevolo rilevato)

Chiavi di registro infette:
(Nessun elemento malevolo rilevato)

Valori di registro infetti:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\IMJPMIG8.2 (Trojan.Agent) -> Quarantined and deleted successfully.

Elementi dato del registro infetti:
(Nessun elemento malevolo rilevato)

Cartelle infette:
(Nessun elemento malevolo rilevato)

File infetti:
(Nessun elemento malevolo rilevato)








ComboFix 09-03-10.03 - Alessandro 2009-03-13 12.16.18.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1040.18.1247.611 [GMT 1:00]
Eseguito da: c:\documents and settings\Alessandro\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)
* Creato nuovo punto di ripristino

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Alessandro\Dati applicazioni\inst.exe
C:\fun.xls.exe
c:\programmi\QUAD Utilities
c:\windows\recover.reg
c:\windows\system32\algsrvs.exe
c:\windows\system32\WINPAR360.dll.dll

.
((((((((((((((((((((((((( Files Creati Da 2009-02-13 al 2009-03-13 )))))))))))))))))))))))))))))))))))
.

2009-03-12 18:26 . 2009-03-12 18:26 <DIR> d-------- c:\documents and settings\Alessandro\Dati applicazioni\Malwarebytes
2009-03-12 18:26 . 2009-02-11 10:19 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-03-12 18:26 . 2009-02-11 10:19 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-03-12 18:25 . 2009-03-12 18:26 <DIR> d-------- c:\programmi\Malwarebytes' Anti-Malware
2009-03-12 18:25 . 2009-03-12 18:25 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2009-03-12 11:36 . 2009-03-12 11:36 <DIR> d-------- c:\programmi\CCleaner
2009-03-11 09:50 . 2009-03-11 10:09 <DIR> d-------- c:\programmi\Eusing Free Registry Cleaner
2009-03-10 19:06 . 2009-03-10 19:06 <DIR> d-------- c:\programmi\Trend Micro
2009-03-10 12:05 . 2009-03-10 12:05 <DIR> d-------- c:\programmi\LuckyTender
2009-03-07 12:40 . 2009-03-07 12:40 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\MANAGER FLAW EXIT JUMP
2009-03-07 12:35 . 2009-03-07 12:35 <DIR> d-------- c:\programmi\Objmfcd
2009-03-07 12:35 . 2009-03-07 12:42 <DIR> d-------- c:\documents and settings\Alessandro\Dati applicazioni\Objmfcd
2009-03-07 10:25 . 2009-03-07 10:25 25 --a------ c:\windows\WebEasy.INI
2009-03-07 10:03 . 2009-03-07 10:24 <DIR> d-------- c:\documents and settings\Alessandro\Dati applicazioni\Avanquest
2009-03-07 09:53 . 2009-03-07 09:53 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Avanquest
2009-03-07 09:10 . 2009-03-10 18:39 <DIR> d-------- C:\Downloads
2009-03-07 09:09 . 2009-03-12 18:19 <DIR> d-------- c:\programmi\BitComet
2009-03-04 16:16 . 2009-03-04 16:16 <DIR> d-------- c:\programmi\Voobys
2009-02-26 17:07 . 2005-09-20 10:36 151,552 --a------ c:\windows\system32\igfxres.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-13 11:13 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\avg8
2009-03-13 07:59 --------- d-----w c:\programmi\Lavasoft
2009-03-13 07:59 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\Lavasoft
2009-03-11 07:55 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\Microsoft Help
2009-03-10 08:49 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\Google Updater
2009-03-07 08:55 --------- d--h--w c:\programmi\InstallShield Installation Information
2009-03-04 17:06 --------- d-----w c:\programmi\Docfa30
2009-03-04 17:04 --------- d-----w c:\programmi\Docfa307
2009-03-04 17:02 --------- d-----w c:\programmi\Docfa305
2009-03-04 15:18 --------- d-----w c:\programmi\3GP Player
2009-03-02 09:02 --------- d--h--w c:\programmi\eMule
2009-02-26 14:50 --------- d-----w c:\programmi\Microsoft Silverlight
2009-02-25 18:35 --------- d-----w c:\programmi\Windows Live
2009-02-25 18:35 --------- d-----w c:\programmi\Microsoft
2009-02-10 10:05 --------- d-----w c:\programmi\Windows Live SkyDrive
2009-02-10 09:20 --------- d-----w c:\programmi\File comuni\Windows Live
2009-02-10 08:51 --------- d-----w c:\programmi\Google
2009-02-09 14:04 1,846,784 ----a-w c:\windows\system32\win32k.sys
2009-02-06 17:52 49,504 ----a-w c:\windows\system32\sirenacm.dll
2009-02-04 16:33 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\MailFrontier
2009-02-03 17:04 325,128 ----a-w c:\windows\system32\drivers\avgldx86.sys
2009-02-03 17:04 107,272 ----a-w c:\windows\system32\drivers\avgtdix.sys
2009-02-03 17:04 10,520 ----a-w c:\windows\system32\avgrsstx.dll
2009-01-29 10:27 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\MyHeritage
2009-01-29 10:23 --------- d-----w c:\programmi\MyHeritage
2009-01-29 10:18 --------- d-----w c:\documents and settings\Alessandro\Dati applicazioni\MyHeritage
2009-01-29 10:17 --------- d-----w c:\documents and settings\Alessandro\Dati applicazioni\The Complete Genealogy Reporter - FTB
2009-01-27 16:31 --------- d-----w c:\programmi\Defraggler
2009-01-23 16:05 --------- d-----w c:\programmi\File comuni\Wise Installation Wizard
2008-12-18 09:13 47,360 ----a-w c:\documents and settings\Alessandro\Dati applicazioni\pcouffin.sys
2008-12-10 11:10 0 ---h--w c:\documents and settings\All Users\Dati applicazioni\PKP_DLdu.DAT
2005-03-31 20:17 40,960 -c--a-w c:\programmi\Uninstall_CDS.exe
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-10-09 68856]
"Bind 4"="c:\docume~1\ALESSA~1\DATIAP~1\Objmfcd\01tooluser.exe" [2009-03-07 12:35 671744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Gtwatch"="c:\windows\gtwatch.exe" [2001-08-24 45056]
"JobHisInit"="c:\programmi\RMClient\JobHisInit.exe" [2001-04-06 135168]
"MplSetUp"="c:\programmi\RMClient\MplSetUp.exe" [2000-11-04 40960]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"GrooveMonitor"="c:\programmi\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"Synchronization Manager"="c:\windows\system32\mobsync.exe" [2008-04-13 143872]
"Promemoria"="c:\programmi\NEXT AGENDA 2\Promemoria.exe" [2004-06-29 73728]
"Allarmi"="c:\programmi\NEXT AGENDA 2\Allarmi.exe" [2004-06-20 110592]
"TkBellExe"="c:\programmi\File comuni\Real\Update_OB\realsched.exe" [2008-06-03 180269]
"Acrobat Assistant 7.0"="c:\programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2008-04-23 483328]
"Family Tree Builder Update"="c:\programmi\MyHeritage\Bin\FTBCheckUpdates.exe" [2009-01-14 113680]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-02-03 1601304]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-09-20 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-20 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688]
"Exit Jump Bone Mp3"="c:\documents and settings\All Users\Dati applicazioni\MANAGER FLAW EXIT JUMP\creative okay.exe" [2009-03-13 778240]
"SoundMan"="SOUNDMAN.EXE" [2003-03-27 c:\windows\SOUNDMAN.EXE]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-13 c:\windows\system32\bthprops.cpl]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-13 15360]

c:\documents and settings\Alessandro\Menu Avvio\Programmi\Esecuzione automatica\
Adobe Gamma.lnk - c:\programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe [2004-10-29 110592]
NEXT AGENDA 2.lnk - c:\programmi\NEXT AGENDA 2\NextAgenda.exe [2007-01-26 4259840]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Avvio veloce di Adobe Acrobat.lnk - c:\windows\Installer\{AC76BA86-1034-4700-7760-000000000002}\SC_Acrobat.exe [2008-07-28 25214]
Avvio veloce di Adobe Reader.lnk - c:\programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-02-03 18:04 10520 c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.I420"= i420vfw.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^BlueSoleil.lnk]
backup=c:\windows\pss\BlueSoleil.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Programmi\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Programmi\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\WINDOWS\\system32\\fxsclnt.exe"=
"c:\\Programmi\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Programmi\\Packard Bell NetStore\\NetStore.exe"=
"c:\\Programmi\\Messenger\\msmsgs.exe"=
"c:\\Programmi\\xerox\\nwwia\\XrxFTPLt.exe"=
"c:\\Programmi\\Bonjour\\mDNSResponder.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\eMule\\emule.exe"=
"c:\\Programmi\\AVG\\AVG8\\avgemc.exe"=
"c:\\Programmi\\AVG\\AVG8\\avgupd.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\BitComet\\BitComet.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"8345:TCP"= 8345:TCP:BitComet 8345 TCP
"8345:UDP"= 8345:UDP:BitComet 8345 UDP

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-01-31 325128]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-01-31 107272]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-01-31 903960]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-01-31 298264]
R2 CPUSB;CPUsb.Sys driver;c:\windows\system32\drivers\CPUSB.sys [2003-09-02 17080]
R2 cpwnt;cpwnt;c:\windows\system32\drivers\CPWNT.SYS [2004-10-29 21824]
R2 DdsSched;Dds Scheduler Deamon;c:\programmi\RDS\DdsSchedNT.exe [2008-03-19 36864]
R2 eusk2par;EUTRON SmartKey Parallel Driver;c:\windows\system32\drivers\eusk2par.sys [2008-05-23 16695]
R2 RsiSvc;Ridoc Server Information Service;c:\programmi\RDS\RsiSvc.exe [2008-03-19 65536]
R2 ScanRouterDriverV2;ScanRouterDriverV2;c:\programmi\RDS\SrScanDr.exe [2008-03-19 188416]
R3 PMObserv;PMObserv;c:\windows\system32\PMObserv.exe [2004-10-29 135168]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S2 gupdate1c98b59b7df8880;Google Update Service (gupdate1c98b59b7df8880);c:\programmi\Google\Update\GoogleUpdate.exe [2009-02-10 133104]
S2 LxrSII1d;Secure II Driver;\??\c:\windows\system32\Drivers\LxrSII1d.sys --> c:\windows\system32\Drivers\LxrSII1d.sys [?]
S2 SOption;SOption;c:\programmi\RDS\SOption.exe [2008-03-19 98304]
S3 {5C8B2B62-A385-11d5-A78B-00104B672758};AIM 3.0 Part 01 Codec Driver CH-7017-A;c:\windows\system32\drivers\a311.sys [2004-06-04 33335]
S3 {5C8B2B65-A385-11d5-A78B-00104B672758};AIM 3.0 Part 01 Codec Driver CH-7017-B;c:\windows\system32\drivers\a310.sys [2004-06-04 33335]
S3 GT681x;%GrandTechICNameNT%;c:\windows\system32\drivers\gt681x.sys [2004-10-29 18120]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1017a9d0-891f-11dc-b60b-0090f516dc13}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Knight.exe open

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4d1f65e2-dbc3-11dc-b6c5-0018e408e415}]
\Shell\AutoRun\command - .\run\autorun.exe
\Shell\open\Command - .\run\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b9b10f6e-d619-11dc-b6b3-0018e408e415}]
\Shell\AutoRun\command - EXPLORER.EXE
\Shell\explore\Command - EXPLORER.EXE
\Shell\open\Command - EXPLORER.EXE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e9b58e9c-db4d-11dd-b36b-0018e408e415}]
\Shell\AutoRun\command - xih9.cmd
\Shell\explore\Command - xih9.cmd
\Shell\open\Command - xih9.cmd
.
Contenuto della cartella 'Scheduled Tasks'

2009-03-13 c:\windows\Tasks\AAC9A770916A583C.job
- c:\docume~1\alessa~1\datiap~1\objmfcd\viewplaypop.exe [2009-03-07 12:42]

2009-03-10 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\programmi\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe []

2009-03-13 c:\windows\Tasks\Google Software Updater.job
- c:\programmi\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-30 15:48]

2009-03-13 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2009-02-10 09:29]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/ig?hl=it
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
mStart Page = hxxp://search.myheritage.com
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Converti destinazione link in Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Converti destinazione link in file PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Converti i link selezionati in Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Converti i link selezionati in file PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Converti in Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Converti nel file PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Converti selezione in Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Converti selezione in file PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Scarica tutti i video usando BitComet - c:\programmi\BitComet\BitComet.exe/AddVideo.htm
IE: Scarica tutto usando BitComet - c:\programmi\BitComet\BitComet.exe/AddAllLink.htm
IE: Scarica usando &BitComet - c:\programmi\BitComet\BitComet.exe/AddLink.htm
TCP: {3C9B2E06-A8A3-43B9-9116-31469E59BFEE} = 212.216.112.222,212.216.172.162
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-13 12:19:40
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
Ora fine scansione: 2009-03-13 12.21.36
ComboFix-quarantined-files.txt 2009-03-13 11:21:17

Pre-Run: 28 812 304 384 byte disponibili
Post-Run: 28,997,459,968 byte disponibili

220 --- E O F --- 2009-03-11 18:44:31







Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12.22.59, on 13/03/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PMObserv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Google\Update\GoogleUpdate.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programmi\RDS\RsiSvc.exe
C:\Programmi\RDS\srscandr.exe
C:\Programmi\File comuni\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Programmi\RDS\ddsschednt.exe
C:\WINDOWS\gtwatch.exe
C:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe
C:\Programmi\NEXT AGENDA 2\Promemoria.exe
C:\Programmi\NEXT AGENDA 2\Allarmi.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Programmi\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/ig?hl=it
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.myheritage.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Programmi\BitComet\tools\BitCometBHO_1.3.1.15.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmi\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programmi\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programmi\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programmi\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programmi\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Gtwatch] C:\WINDOWS\gtwatch.exe
O4 - HKLM\..\Run: [JobHisInit] C:\Programmi\RMClient\JobHisInit.exe
O4 - HKLM\..\Run: [MplSetUp] C:\Programmi\RMClient\MplSetUp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Promemoria] C:\Programmi\NEXT AGENDA 2\Promemoria.exe
O4 - HKLM\..\Run: [Allarmi] C:\Programmi\NEXT AGENDA 2\Allarmi.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [Family Tree Builder Update] C:\Programmi\MyHeritage\Bin\FTBCheckUpdates.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Exit Jump Bone Mp3] C:\Documents and Settings\All Users\Dati applicazioni\MANAGER FLAW EXIT JUMP\creative okay.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Bind 4] C:\DOCUME~1\ALESSA~1\DATIAP~1\Objmfcd\01tooluser.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: NEXT AGENDA 2.lnk = C:\Programmi\NEXT AGENDA 2\NextAgenda.exe
O4 - Global Startup: Avvio veloce di Adobe Acrobat.lnk = ?
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Converti destinazione link in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti destinazione link in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Converti i link selezionati in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Converti i link selezionati in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Converti in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti nel file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Converti selezione in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti selezione in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Scarica tutti i video usando BitComet - res://C:\Programmi\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Scarica tutto usando BitComet - res://C:\Programmi\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Scarica usando &BitComet - res://C:\Programmi\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Programmi\BitComet\tools\BitCometBHO_1.3.1.15.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1213808602190
O17 - HKLM\System\CCS\Services\Tcpip\..\{3C9B2E06-A8A3-43B9-9116-31469E59BFEE}: NameServer = 212.216.112.222,212.216.172.162
O17 - HKLM\System\CS1\Services\Tcpip\..\{3C9B2E06-A8A3-43B9-9116-31469E59BFEE}: NameServer = 212.216.112.222,212.216.172.162
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programmi\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmi\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Dds Scheduler Deamon (DdsSched) - RICOH Company Ltd. - C:\Programmi\RDS\ddsschednt.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate1c98b59b7df8880) (gupdate1c98b59b7df8880) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Lexar Secure II (LxrSII1s) - Unknown owner - LxrSII1s.exe (file missing)
O23 - Service: PMObserv - RICOH CO.,LTD. - C:\WINDOWS\system32\PMObserv.exe
O23 - Service: Ridoc Server Information Service (RsiSvc) - RICOH Company Ltd. - C:\Programmi\RDS\RsiSvc.exe
O23 - Service: ScanRouterDriverV2 - Ricoh Co.,Ltd. - C:\Programmi\RDS\srscandr.exe
O23 - Service: Sentinel Protection Server (SentinelProtectionServer) - SafeNet, Inc - C:\Programmi\File comuni\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: SOption - RICOH Company Ltd. - C:\Programmi\RDS\SOption.exe

--
End of file - 11893 bytes
Torna in alto
 
Sponsor
Inviato: Friday, March 13, 2009 12:36:55 PM

 
Torna in alto
 
wolfestein
Inviato: Friday, March 13, 2009 1:50:45 PM

Rank: AiutAmico

Iscritto dal : 2/15/2009
Posts: 16,007
Questi log era meglio se li mettevi in Virus sicurezza e privacy che è il forum dedicato ai virus.
Torna in alto
 
r16
Inviato: Friday, March 13, 2009 4:51:00 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,017
Ciao cavalieredaniele .
Si, la prossima volta che hai problemi di virus,posta le tue richieste in "virus e Privacy.
Oltretutto,per rispondere, NON aprire altri topic, ma rispondi sempre qui.
Hai il pc un pò incasinato.
Hai dei programmi che non conosco, e non sò se li hai installati tu:

c:\programmi\Objmfcd
c:\programmi\MyHeritage
c:\programmi\Uninstall_CDS.exe

Hai una chiavetta USB, o un HD esterno infettato dal virus Knight.
Non inserire niente nelle periferiche USB,prima sistemiamo il pc, poi penseremo alle chiavette.

Disattiva il ripristino configurazione di sistema, e tienilo disattivato, fino alla soluzione del problema http://guide.aiutamici.com/guide?C1=7&C2=68&ID=80121
Se non sai "fixare"le voci,segui questa guida dettagliata: http://www.aiutaamici.com/software?ID=11175
Avvia hijackthis, metti la spunta alle voci che andrò ad elencarti e con tutte le applicazioni chiuse e disconnesso da Internet,premi su fix checked

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.myheritage.com
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O4 - HKLM\..\Run: [Family Tree Builder Update] C:\Programmi\MyHeritage\Bin\FTBCheckUpdates.exe
O4 - HKLM\..\Run: [Exit Jump Bone Mp3] C:\Documents and Settings\All Users\Dati applicazioni\MANAGER FLAW EXIT JUMP\creative okay.exe
O4 - HKCU\..\Run: [Bind 4] C:\DOCUME~1\ALESSA~1\DATIAP~1\Objmfcd\01tooluser.exe
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Programmi\BitComet\tools\BitCometBHO_1.3.1.15.dll/206 (file missing)
O23 - Service: Lexar Secure II (LxrSII1s) - Unknown owner - LxrSII1s.exe (file missing)

Riavvia il pc per confermare le modifiche.
*********************************************************************************************************
Dai una pulita (registro compreso)con CCleaner http://www.aiutaamici.com/software?ID=11223
Poi:
Start\Esegui\copia e incolla la stringa %temp% clicca su Ok, svuota la cartella temp. (non eliminare la cartella)
Poi:
Provvedi a svuotare del suo contenuto la cartella Prefetch :
clicca su Risorse del Computer
clicca su Disco locale C:
cerca, all’interno delle cartelle che saranno visualizzate la cartella Windows, aprila ed, al suo interno, cerca la cartella Prefetch, la apri ed elimina tutte le voci conservate al suo interno ( non eliminare la cartella)
SVUOTA IL CESTINO
Poi:
Lancia Hijackthis e pulisci gli ADS in questo modo:
clicca sulla voce Open the misc tool section
clicca su Open ads spy
togli la spunta alla voce Quick scan (windows base folder only)
clicca su Scan
se venissero rilevati ADS, spunta tutte le caselline e clicca su Remove selected
*********************************************************************************************************
Apri un file di testo sul Desktop (start\esegui\digita: notepad.exe\ Ok
Ci incolli il codice che vedi qui sotto, e salvi il file di testo obbligatoriamente con il nome CFScript.txt

File::
c:\windows\Tasks\AAC9A770916A583C.job

Registry::
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1017a9d0-891f-11dc-b60b-0090f516dc13}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4d1f65e2-dbc3-11dc-b6c5-0018e408e415}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b9b10f6e-d619-11dc-b6b3-0018e408e415}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e9b58e9c-db4d-11dd-b36b-0018e408e415}]

e trascinalo sull'icona di ComboFix.
Attendi la fine dei lavori, senza toccare tastiera, mouse o altro.
Posta il log aggiornato di combofix
*********************************************************************************************************
Poi:
Bisogna disattivare momentaneamente il riconoscimento automatico delle periferiche USB;
serve il programma TweakUI scaricabile in questa pagina (lo trovi sulla destra verso metà pagina) e installalo:
http://www.microsoft.com/windowsxp/downloads/powertoys/xppowertoys.mspx
Una volta installato, eseguilo e procedi con questi passaggi:

clicca sul simbolo + la sezione My Computer
clicca sul simbolo [+] la sottosezione Autoplay
Spostati in Types
Togli il segno di spunta a Enable Autoplay for removable drives
Clicca su Apply
Chiudi TweakUI

Da questo momento tutti gli apparati USB smetteranno di avviarsi automaticamente.
Inserisci le tue chiavette e fai una scansione delle stesse, con il tuo antivirus.
Quando sei sicuro che tutto è a posto, puoi riabilitare l'avvio automatico, rifacendo lo stesso percorso che ti ho indicato.

Lo sò le operazioni da fare sono molte.
Ma anche il pc è molto infettato.
Fai con calma, e attenzione,parti dal principio,e prosegui cronologicamente.
Se ti blocchi, e non sai come fare, oppure hai dei bubbi, fermati e chiedi.
Torna in alto
 
cavalieredaniele
Inviato: Friday, March 13, 2009 6:50:28 PM
Rank: Newbie

Iscritto dal : 3/12/2009
Posts: 0
Grazie mille r16 fin ora tutto bene....!!! però arrivato aquesto punto mi sono bloccato.....


Lancia Hijackthis e pulisci gli ADS in questo modo:
clicca sulla voce Open the misc tool section
clicca su Open ads spy
togli la spunta alla voce Quick scan (windows base folder only)
clicca su Scan
se venissero rilevati ADS, spunta tutte le caselline e clicca su Remove selected

devo cancellarle tutte queste righe????????


C:\Documents and Settings\Alessandro\Dati applicazioni\Adobe\FileBrowser\Photoshop7\FEAAAAAA2 : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Adobe\FileBrowser\Photoshop7\FEAAAAAA2M : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Adobe\FileBrowser\Photoshop7\index.dat : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Adobe\Photoshop\7.0\Impostazioni Adobe Photoshop 7.0\Actions Palette.psp : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Adobe\Photoshop\7.0\Impostazioni Adobe Photoshop 7.0\Campioni.psp : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Adobe\Photoshop\7.0\Impostazioni Adobe Photoshop 7.0\Contorni.psp : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Adobe\Photoshop\7.0\Impostazioni Adobe Photoshop 7.0\FormePersonali.psp : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Adobe\Photoshop\7.0\Impostazioni Adobe Photoshop 7.0\Impostazioni colore : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Adobe\Photoshop\7.0\Impostazioni Adobe Photoshop 7.0\Pattern.psp : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Adobe\Photoshop\7.0\Impostazioni Adobe Photoshop 7.0\Pennelli.psp : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Adobe\Photoshop\7.0\Impostazioni Adobe Photoshop 7.0\PluginCache.psp : KAVICHS (68 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Adobe\Photoshop\7.0\Impostazioni Adobe Photoshop 7.0\Sfumature.psp : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Adobe\Photoshop\7.0\Impostazioni Adobe Photoshop 7.0\Stili.psp : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Adobe\Photoshop\7.0\Impostazioni Adobe Photoshop 7.0\StrumentiPredefiniti.psp : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Autodesk\AutoCAD 2008\R17.1\ita\Recent\Seleziona file\001_OP Progetto di Massima ok.dwg.lnk : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Autodesk\AutoCAD 2008\R17.1\ita\Support\acetmain.mnr : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Autodesk\AutoCAD 2008\R17.1\ita\Support\custom.mnr : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Autodesk\AutoCAD 2008\R17.1\ita\Support\Profiles\FixedProfile.aws : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\desktop.ini : KAVICHS (68 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Microsoft\CLR Security Config\v1.1.4322\security.config.cch : KAVICHS (68 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Microsoft\CryptnetUrlCache\Content\E6024EAC88E6B6165D49FE3C95ADD735 : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Microsoft\CryptnetUrlCache\MetaData\E6024EAC88E6B6165D49FE3C95ADD735 : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Microsoft\Internet Explorer\Quick Launch\Adobe Photoshop 7.0.lnk : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Microsoft\Internet Explorer\Quick Launch\AutoCAD 2008 - Italiano.lnk : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Microsoft\Internet Explorer\Quick Launch\Calcolatrice.lnk : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Microsoft\Internet Explorer\Quick Launch\Collegamento a Cestino.lnk : KAVICHS (68 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Microsoft\Internet Explorer\Quick Launch\desktop.ini : KAVICHS (68 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Microsoft\Internet Explorer\Quick Launch\Documenti.lnk : KAVICHS (68 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Microsoft\Internet Explorer\Quick Launch\Firma e Verifica.lnk : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Microsoft\Internet Explorer\Quick Launch\Internet Explorer.lnk : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Microsoft\Internet Explorer\Quick Launch\Mostra Desktop.scf : KAVICHS (68 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Microsoft\Internet Explorer\Quick Launch\NEXT AGENDA 2.lnk : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Microsoft\Internet Explorer\Quick Launch\PriMus.lnk : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Microsoft\Internet Explorer\Quick Launch\Risorse del computer.lnk : KAVICHS (68 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Microsoft\Internet Explorer\Quick Launch\Risorse di rete.lnk : KAVICHS (68 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Microsoft\Office\MSO1040.acl : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Microsoft\Protect\CREDHIST : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Microsoft\Protect\S-1-5-21-163748893-1987657003-3825228898-1005\13d55045-ea68-4c95-ab91-852196dad0ee : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Microsoft\Protect\S-1-5-21-163748893-1987657003-3825228898-1005\164dfec2-8f7c-4509-9efe-066bbc81fa58 : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Microsoft\Protect\S-1-5-21-163748893-1987657003-3825228898-1005\273e9c3f-4cfb-45fc-9162-e977908b50de : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Microsoft\Protect\S-1-5-21-163748893-1987657003-3825228898-1005\2f1656be-d520-4910-8a90-844e0c3ef4eb : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Microsoft\Protect\S-1-5-21-163748893-1987657003-3825228898-1005\5d95e607-dddb-4dba-b87c-0982961b0ff9 : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Microsoft\Protect\S-1-5-21-163748893-1987657003-3825228898-1005\5dab8757-9e70-44d6-bdc3-216b844f818c : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Microsoft\Protect\S-1-5-21-163748893-1987657003-3825228898-1005\628585ac-bde6-43f4-8f0e-8bff34087430 : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Microsoft\Protect\S-1-5-21-163748893-1987657003-3825228898-1005\87b90ca6-bb09-46d6-a701-d95872c1f540 : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Microsoft\Protect\S-1-5-21-163748893-1987657003-3825228898-1005\98db58aa-737a-4fb3-aa82-4ffcc74c71be : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Microsoft\Protect\S-1-5-21-163748893-1987657003-3825228898-1005\a2d524c3-1580-4f49-b763-2fe306f59f2e : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Microsoft\Protect\S-1-5-21-163748893-1987657003-3825228898-1005\a873ec7a-5f8e-44a8-8998-2dd0f2d290bc : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Microsoft\Protect\S-1-5-21-163748893-1987657003-3825228898-1005\b49175ef-e71b-4483-9da3-f01f864faade : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Microsoft\Protect\S-1-5-21-163748893-1987657003-3825228898-1005\d15895f9-8962-4c56-b843-3f26adea6ab6 : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Microsoft\Protect\S-1-5-21-163748893-1987657003-3825228898-1005\ebd40e43-4107-46b2-b986-7a41d573f4ab : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Microsoft\Protect\S-1-5-21-163748893-1987657003-3825228898-1005\Preferred : KAVICHS (68 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Microsoft\SystemCertificates\My\Certificates\FED9BBF67E16645782AB0F4705425430C4A0ADCE : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Microsoft\Templates\Normal.dotm : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Microsoft\Templates\~$Normal.dotm : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Microsoft\UProof\CUSTOM.DIC : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Dati applicazioni\Roxio\PlayList\$CD D : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\desktop.ini : KAVICHS (100 bytes)
C:\Documents and Settings\Alessandro\Desktop\Fogli di Mappa\Foiano\Foglio 09 (FO)\Foglio 09 (FO) NE.tif : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Fogli di Mappa\Foiano\Foglio 09 (FO)\Foglio 09 (FO) NW.tif : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Fogli di Mappa\Foiano\Foglio 09 (FO)\Foglio 09 (FO) SE.tif : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Fogli di Mappa\Foiano\Foglio 09 (FO)\Foglio 09 (FO) SW.tif : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Fogli di Mappa\Foiano\Foglio 09 (FO)\Thumbs.db : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Fogli di Mappa\Foiano\Foglio 10 (FO)\Foglio 10 (FO) NE.tif : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Fogli di Mappa\Foiano\Foglio 10 (FO)\Foglio 10 (FO) NW.tif : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Fogli di Mappa\Foiano\Foglio 10 (FO)\Foglio 10 (FO) SE.tif : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Fogli di Mappa\Foiano\Foglio 10 (FO)\Foglio 10 (FO) SW.tif : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Fogli di Mappa\Foiano\Foglio 10 (FO)\Thumbs.db : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Fogli di Mappa\Foiano\Foglio 11 (FO)\Foglio 11 (FO) Vecchio\Foglio 11 (FO) NE.tif : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Fogli di Mappa\Foiano\Foglio 11 (FO)\Foglio 11 (FO) Vecchio\Foglio 11 (FO) NW.tif : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Fogli di Mappa\Foiano\Foglio 11 (FO)\Foglio 11 (FO) Vecchio\Foglio 11 (FO) SE.tif : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Fogli di Mappa\Foiano\Foglio 11 (FO)\Foglio 11 (FO) Vecchio\Foglio 11 (FO) SW.tif : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Fogli di Mappa\Foiano\Foglio 11 (FO)\Thumbs.db : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Lavori da fare\Thumbs.db : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Modelli di Stampa\De Ieso Federico.dwg : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Modelli di Stampa\Fogli di Mappa in DWG (SB)\ExportDxf.rtf : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Modelli di Stampa\Fogli di Mappa in DWG (SB)\H764_000100.DXF : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Modelli di Stampa\Fogli di Mappa in DWG (SB)\H764_000100.LOG : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Modelli di Stampa\Fogli di Mappa in DWG (SB)\H764_000100.tif : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Modelli di Stampa\Fogli di Mappa in DWG (SB)\H764_000200.DXF : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Modelli di Stampa\Fogli di Mappa in DWG (SB)\H764_000200.LOG : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Modelli di Stampa\Fogli di Mappa in DWG (SB)\H764_000300.DXF : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Modelli di Stampa\Fogli di Mappa in DWG (SB)\H764_000300.tif : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Modelli di Stampa\Fogli di Mappa in DWG (SB)\H764_000400.DXF : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Modelli di Stampa\Fogli di Mappa in DWG (SB)\H764_000500.DXF : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Modelli di Stampa\Fogli di Mappa in DWG (SB)\H764_000500.tif : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Modelli di Stampa\Fogli di Mappa in DWG (SB)\H764_000600.DXF : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Modelli di Stampa\Fogli di Mappa in DWG (SB)\H764_000600.LOG : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Modelli di Stampa\Fogli di Mappa in DWG (SB)\H764_000700.DXF : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Modelli di Stampa\Fogli di Mappa in DWG (SB)\H764_000700.tif : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Modelli di Stampa\Fogli di Mappa in DWG (SB)\H764_000800.DXF : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Modelli di Stampa\Fogli di Mappa in DWG (SB)\H764_000900.DXF : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Modelli di Stampa\Fogli di Mappa in DWG (SB)\H764_001000.LOG : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Modelli di Stampa\Fogli di Mappa in DWG (SB)\H764_001100.DXF : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Modelli di Stampa\Fogli di Mappa in DWG (SB)\H764_001100.tif : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Modelli di Stampa\Fogli di Mappa in DWG (SB)\H764_001200.DXF : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Modelli di Stampa\Fogli di Mappa in DWG (SB)\H764_001300.LOG : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Modelli di Stampa\Fogli di Mappa in DWG (SB)\H764_001400.LOG : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Modelli di Stampa\Fogli di Mappa in DWG (SB)\H764_001400.tif : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Modelli di Stampa\Fogli di Mappa in DWG (SB)\H764_001500.DXF : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Modelli di Stampa\Fogli di Mappa in DWG (SB)\H764_001500.tif : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Modelli di Stampa\Fogli di Mappa in DWG (SB)\raster_QNALGU61A08A783E_3611.zip : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Modelli di Stampa\Fogli di Mappa in DWG (SB)\raster_QNALGU61A08A783E_3612.zip : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Modelli di Stampa\Fogli di Mappa in DWG (SB)\raster_QNALGU61A08A783E_3613.zip : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Modelli di Stampa\Fogli di Mappa in DWG (SB)\raster_QNALGU61A08A783E_3614.zip : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Modelli di Stampa\Fogli di Mappa in DWG (SB)\raster_QNALGU61A08A783E_3615.zip : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Modelli di Stampa\Fogli di Mappa in DWG (SB)\vector_QNALGU61A08A783E_3611.zip : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Modelli di Stampa\Fogli di Mappa in DWG (SB)\vector_QNALGU61A08A783E_3612.zip : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Modelli di Stampa\Fogli di Mappa in DWG (SB)\vector_QNALGU61A08A783E_3613.zip : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Modelli di Stampa\Fogli di Mappa in DWG (SB)\vector_QNALGU61A08A783E_3614.zip : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Modelli di Stampa\Fogli di Mappa in DWG (SB)\vector_QNALGU61A08A783E_3615.zip : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Modelli di Stampa\Modello Stampa.dwg : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Modelli di Stampa\PRGvigente (TAVOLA).dwg : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Modelli di Stampa\sezione_vert_tipo_2.dwg : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Modelli di Stampa\unione5000.dwg : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Desktop\Modelli di Stampa\unione_1000.dwg : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Documenti\desktop.ini : KAVICHS (68 bytes)
C:\Documents and Settings\Alessandro\Documenti\Immagini\Desktop.ini : KAVICHS (68 bytes)
C:\Documents and Settings\Alessandro\Documenti\Immagini\Immagini campione.lnk : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Impostazioni locali\Dati applicazioni\ApplicationHistory\acstart16.exe.cdd1300.ini : KAVICHS (68 bytes)
C:\Documents and Settings\Alessandro\Impostazioni locali\Dati applicazioni\Autodesk\AutoCAD 2008\R17.1\ita\acad2008.cfg : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Impostazioni locali\Dati applicazioni\Autodesk\AutoCAD 2008\R17.1\ita\Registro di stampa e pubblicazione.CSV : KAVICHS (68 bytes)
C:\Documents and Settings\Alessandro\Impostazioni locali\Dati applicazioni\Microsoft\Internet Explorer\MSIMGSIZ.DAT : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Impostazioni locali\Dati applicazioni\Microsoft\OFFICE\Word.qat : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Impostazioni locali\desktop.ini : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Menu Avvio\desktop.ini : KAVICHS (68 bytes)
C:\Documents and Settings\Alessandro\Menu Avvio\Programmi\Accessori\Accesso facilitato\desktop.ini : KAVICHS (68 bytes)
C:\Documents and Settings\Alessandro\Menu Avvio\Programmi\Accessori\desktop.ini : KAVICHS (68 bytes)
C:\Documents and Settings\Alessandro\Menu Avvio\Programmi\Accessori\Svago\desktop.ini : KAVICHS (68 bytes)
C:\Documents and Settings\Alessandro\Menu Avvio\Programmi\Assistenza remota.lnk : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Menu Avvio\Programmi\desktop.ini : KAVICHS (68 bytes)
C:\Documents and Settings\Alessandro\Menu Avvio\Programmi\Esecuzione automatica\Adobe Gamma.lnk : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Menu Avvio\Programmi\Esecuzione automatica\desktop.ini : KAVICHS (68 bytes)
C:\Documents and Settings\Alessandro\Menu Avvio\Programmi\Esecuzione automatica\NEXT AGENDA 2.lnk : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Menu Avvio\Programmi\Fast Image Resizer\Online Documentation.lnk : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Menu Avvio\Programmi\Fast Image Resizer\Website.lnk : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Menu Avvio\Programmi\Strumenti di amministrazione\desktop.ini : KAVICHS (68 bytes)
C:\Documents and Settings\Alessandro\ntuser.ini : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Preferiti\Agenzia del Territorio - Home.url : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Preferiti\Composer3D.url : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Preferiti\Desktop.ini : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Preferiti\Documenti Utente.lnk : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Preferiti\Google.url : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Preferiti\IlSoftware.it.url : KAVICHS (36 bytes)
C:\Documents and Settings\Alessandro\Preferiti\librerie retini e simboli per autocad.url : KAVICHS (36 bytes)
C:\Documents and Settings\All Users\Dati applicazioni\Autodesk\Software Licenses\B492F000.dat : KAVICHS (36 bytes)
C:\Documents and Settings\All Users\Dati applicazioni\desktop.ini : KAVICHS (68 bytes)
C:\Documents and Settings\All Users\Dati applicazioni\Microsoft\Crypto\RSA\S-1-5-18\6dea747ed38eabf371282d88992c2768_23a922b0-6e1a-4c07-a05f-81f1559150a6 : KAVICHS (36 bytes)
C:\Documents and Settings\All Users\Dati applicazioni\Microsoft\IdentityCRL\ppcrlconfig.dll : KAVICHS (36 bytes)
C:\Documents and Settings\All Users\Dati applicazioni\Microsoft\Machine Debug Manager\mdm.ini : KAVICHS (68 bytes)
C:\Documents and Settings\All Users\Dati applicazioni\Microsoft\OFFICE\DATA\OPA12.BAK : KAVICHS (36 bytes)
C:\Documents and Settings\All Users\Dati applicazioni\Microsoft\OFFICE\DATA\opa12.dat : KAVICHS (36 bytes)
C:\Documents and Settings\All Users\Dati applicazioni\Microsoft\User Account Pictures\Alessandro.bmp : KAVICHS (36 bytes)
C:\Documents and Settings\All Users\Documenti\desktop.ini : KAVICHS (68 bytes)
C:\Documents and Settings\All Users\Documenti\Immagini\Desktop.ini : KAVICHS (68 bytes)
C:\Documents and Settings\All Users\Documenti\Immagini\Immagini campione\desktop.ini : KAVICHS (36 bytes)
C:\Documents and Settings\All Users\Documenti\Immagini\Immagini campione\Thumbs.db : KAVICHS (36 bytes)
C:\Documents and Settings\All Users\Documenti\Musica\Desktop.ini : KAVICHS (68 bytes)
C:\Documents and Settings\All Users\Documenti\Video\Desktop.ini : KAVICHS (68 bytes)
C:\Documents and Settings\All Users\Menu Avvio\Catalogo di Windows.lnk : KAVICHS (36 bytes)
C:\Documents and Settings\All Users\Menu Avvio\desktop.ini : KAVICHS (36 bytes)
C:\Documents and Settings\All Users\Menu Avvio\Programmi\Accessori\Accesso facilitato\desktop.ini : KAVICHS (68 bytes)
C:\Documents and Settings\All Users\Menu Avvio\Programmi\Accessori\Comunicazioni\desktop.ini : KAVICHS (68 bytes)
C:\Documents and Settings\All Users\Menu Avvio\Programmi\Accessori\Comunicazioni\Fax\desktop.ini : KAVICHS (68 bytes)
C:\Documents and Settings\All Users\Menu Avvio\Programmi\Accessori\desktop.ini : KAVICHS (68 bytes)
C:\Documents and Settings\All Users\Menu Avvio\Programmi\Accessori\Svago\desktop.ini : KAVICHS (68 bytes)
C:\Documents and Settings\All Users\Menu Avvio\Programmi\Accessori\Utilità di sistema\desktop.ini : KAVICHS (68 bytes)
C:\Documents and Settings\All Users\Menu Avvio\Programmi\Acrobat Reader 5.0.lnk : KAVICHS (36 bytes)
C:\Documents and Settings\All Users\Menu Avvio\Programmi\Adobe Help Center.lnk : KAVICHS (36 bytes)
C:\Documents and Settings\All Users\Menu Avvio\Programmi\Adobe ImageReady 7.0.lnk : KAVICHS (36 bytes)
C:\Documents and Settings\All Users\Menu Avvio\Programmi\Adobe Photoshop 7.0.lnk : KAVICHS (36 bytes)
C:\Documents and Settings\All Users\Menu Avvio\Programmi\Adobe Reader 7.0.lnk : KAVICHS (36 bytes)
C:\Documents and Settings\All Users\Menu Avvio\Programmi\Applicazioni ACCA\CLEAR.BAT CerTus-CAD Trial Version.lnk : KAVICHS (36 bytes)
C:\Documents and Settings\All Users\Menu Avvio\Programmi\DeskTopBinder V2\ScanRouter V2 Link.lnk : KAVICHS (36 bytes)
C:\Documents and Settings\All Users\Menu Avvio\Programmi\DeskTopBinder V2\ScanRouterV2 Link Guida.lnk : KAVICHS (36 bytes)
C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Avvio veloce di Adobe Reader.lnk : KAVICHS (36 bytes)
C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\desktop.ini : KAVICHS (68 bytes)
C:\Documents and Settings\All Users\Menu Avvio\Programmi\Firma e Verifica.lnk : KAVICHS (36 bytes)
C:\Documents and Settings\All Users\Menu Avvio\Programmi\MSN Explorer.lnk : KAVICHS (36 bytes)
C:\Documents and Settings\All Users\Menu Avvio\Programmi\RealPlayer.lnk : KAVICHS (36 bytes)
C:\Documents and Settings\All Users\Menu Avvio\Programmi\Strumenti di amministrazione\desktop.ini : KAVICHS (68 bytes)
C:\Documents and Settings\All Users\Menu Avvio\Windows Update.lnk : KAVICHS (36 bytes)
C:\Documents and Settings\LocalService\Impostazioni locali\Cronologia\History.IE5\index.dat : KAVICHS (36 bytes)
C:\Documents and Settings\LocalService\Impostazioni locali\desktop.ini : KAVICHS (36 bytes)
C:\Documents and Settings\NetworkService\Impostazioni locali\desktop.ini : KAVICHS (36 bytes)
C:\HMV9Inst.log : KAVICHS (36 bytes)
C:\LeicaOfficeDatabaseProfile.ini : KAVICHS (36 bytes)
C:\PDOXUSRS.NET : KAVICHS (36 bytes)
C:\plot.log : KAVICHS (36 bytes)
C:\Programmi\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx : KAVICHS (68 bytes)
C:\Programmi\Adobe\Acrobat 7.0\ActiveX\pdfshell.dll : KAVICHS (36 bytes)
C:\Programmi\Adobe\Acrobat 7.0\Reader\ACE.dll : KAVICHS (36 bytes)
C:\Programmi\Adobe\Acrobat 7.0\Reader\AcroRd32.dll : KAVICHS (36 bytes)
C:\Programmi\Adobe\Acrobat 7.0\Reader\AcroRd32.exe : KAVICHS (36 bytes)
C:\Programmi\Adobe\Acrobat 7.0\Reader\AGM.dll : KAVICHS (36 bytes)
C:\Programmi\Adobe\Acrobat 7.0\Reader\BIB.dll : KAVICHS (36 bytes)
C:\Programmi\Adobe\Acrobat 7.0\Reader\CoolType.dll : KAVICHS (36 bytes)
C:\Programmi\Adobe\Acrobat 7.0\Reader\plug_ins\Accessibility.api : KAVICHS (36 bytes)
C:\Programmi\Adobe\Acrobat 7.0\Reader\plug_ins\AcroForm.api : KAVICHS (36 bytes)
C:\Programmi\Adobe\Acrobat 7.0\Reader\plug_ins\Annots.api : KAVICHS (36 bytes)
C:\Programmi\Adobe\Acrobat 7.0\Reader\plug_ins\Checkers.api : KAVICHS (36 bytes)
C:\Programmi\Adobe\Acrobat 7.0\Reader\plug_ins\DigSig.api : KAVICHS (36 bytes)
C:\Programmi\Adobe\Acrobat 7.0\Reader\plug_ins\eBook.api : KAVICHS (36 bytes)
C:\Programmi\Adobe\Acrobat 7.0\Reader\plug_ins\EScript.api : KAVICHS (36 bytes)
C:\Programmi\Adobe\Acrobat 7.0\Reader\plug_ins\EWH32.api : KAVICHS (36 bytes)
C:\Programmi\Adobe\Acrobat 7.0\Reader\plug_ins\HLS.api : KAVICHS (36 bytes)
C:\Programmi\Adobe\Acrobat 7.0\Reader\plug_ins\IA32.api : KAVICHS (36 bytes)
C:\Programmi\Adobe\Acrobat 7.0\Reader\plug_ins\LegalPDF.api : KAVICHS (36 bytes)
C:\Programmi\Adobe\Acrobat 7.0\Reader\plug_ins\MakeAccessible.api : KAVICHS (36 bytes)
C:\Programmi\Adobe\Acrobat 7.0\Reader\plug_ins\Multimedia.api : KAVICHS (36 bytes)
C:\Programmi\Adobe\Acrobat 7.0\Reader\plug_ins\PDDom.api : KAVICHS (36 bytes)
C:\Programmi\Adobe\Acrobat 7.0\Reader\plug_ins\PictureTasks.api : KAVICHS (36 bytes)
C:\Programmi\Adobe\Acrobat 7.0\Reader\plug_ins\PPKLite.api : KAVICHS (36 bytes)
C:\Programmi\Adobe\Acrobat 7.0\Reader\plug_ins\reflow.api : KAVICHS (36 bytes)
C:\Programmi\Adobe\Acrobat 7.0\Reader\plug_ins\SaveAsRTF.api : KAVICHS (36 bytes)
C:\Programmi\Adobe\Acrobat 7.0\Reader\plug_ins\Search.api : KAVICHS (36 bytes)
C:\Programmi\Adobe\Acrobat 7.0\Reader\plug_ins\Search5.api : KAVICHS (36 bytes)
C:\Programmi\Adobe\Acrobat 7.0\Reader\plug_ins\SendMail.api : KAVICHS (36 bytes)
C:\Programmi\Adobe\Acrobat 7.0\Reader\plug_ins\Soap.api : KAVICHS (36 bytes)
C:\Programmi\Adobe\Acrobat 7.0\Reader\plug_ins\Spelling.api : KAVICHS (36 bytes)
C:\Programmi\Adobe\Acrobat 7.0\Reader\plug_ins\Updater.api : KAVICHS (36 bytes)
C:\Programmi\Adobe\Acrobat 7.0\Reader\plug_ins\weblink.api : KAVICHS (36 bytes)
C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe : KAVICHS (68 bytes)
C:\Programmi\Adobe\Photoshop 7.0\ACE.dll : KAVICHS (36 bytes)
C:\Programmi\Adobe\Photoshop 7.0\AGM.dll : KAVICHS (36 bytes)
C:\Programmi\Adobe\Photoshop 7.0\Asn.er.dll : KAVICHS (36 bytes)
C:\Programmi\Adobe\Photoshop 7.0\Bib.dll : KAVICHS (36 bytes)
C:\Programmi\Adobe\Photoshop 7.0\CoolType.dll : KAVICHS (36 bytes)
C:\Programmi\Adobe\Photoshop 7.0\DIGIMARC.INI : KAVICHS (36 bytes)
C:\Programmi\Adobe\Photoshop 7.0\ImageReady.exe : KAVICHS (36 bytes)
C:\Programmi\Adobe\Photoshop 7.0\OPP.dll : KAVICHS (36 bytes)
C:\Programmi\Adobe\Photoshop 7.0\PDFL50.dll : KAVICHS (36 bytes)
C:\Programmi\Adobe\Photoshop 7.0\Photoshop.dll : KAVICHS (36 bytes)
C:\Programmi\Adobe\Photoshop 7.0\Photoshop.exe : KAVICHS (36 bytes)
C:\Programmi\Adobe\Photoshop 7.0\Photoshop.fon : KAVICHS (68 bytes)
C:\Programmi\Adobe\Photoshop 7.0\Plug-In\Adobe Photoshop Only\Estensioni\Estensione multiprocessore.8BX : KAVICHS (36 bytes)
C:\Programmi\Adobe\Photoshop 7.0\Plug-In\Adobe Photoshop Only\Estensioni\FastCore.8BX : KAVICHS (36 bytes)
C:\Programmi\Adobe\Photoshop 7.0\Plug-In\Adobe Photoshop Only\Estensioni\MMXCore.8BX : KAVICHS (36 bytes)
C:\Programmi\Adobe\Photoshop 7.0\Plug-In\Conversione\Importa immagine PDF.8BI : KAVICHS (36 bytes)
C:\Programmi\Adobe\Photoshop 7.0\Plug-In\Digimarc\Rileva copyright.8BE : KAVICHS (36 bytes)
C:\Programmi\Adobe\Photoshop 7.0\Plugin.dll : KAVICHS (36 bytes)
C:\Programmi\Adobe\Photoshop 7.0\Predefiniti\Guide colori\Colori ANPA.acb : KAVICHS (36 bytes)
C:\Programmi\Adobe\Photoshop 7.0\Predefiniti\Guide colori\Colori DIC.acb : KAVICHS (36 bytes)
C:\Programmi\Adobe\Photoshop 7.0\Predefiniti\Guide colori\FOCOLTONE.acb : KAVICHS (36 bytes)
C:\Programmi\Adobe\Photoshop 7.0\Predefiniti\Guide colori\HKS E.acb : KAVICHS (36 bytes)
C:\Programmi\Adobe\Photoshop 7.0\Predefiniti\Guide colori\HKS K.acb : KAVICHS (36 bytes)
C:\Programmi\Adobe\Photoshop 7.0\Predefiniti\Guide colori\HKS N.acb : KAVICHS (36 bytes)
C:\Programmi\Adobe\Photoshop 7.0\Predefiniti\Guide colori\HKS Z.acb : KAVICHS (36 bytes)
C:\Programmi\Adobe\Photoshop 7.0\Predefiniti\Guide colori\PANTONE metallic coated.acb : KAVICHS (36 bytes)
C:\Programmi\Adobe\Photoshop 7.0\Predefiniti\Guide colori\PANTONE pastel coated.acb : KAVICHS (36 bytes)
C:\Programmi\Adobe\Photoshop 7.0\Predefiniti\Guide colori\PANTONE pastel uncoated.acb : KAVICHS (36 bytes)
C:\Programmi\Adobe\Photoshop 7.0\Predefiniti\Guide colori\PANTONE process coated.acb : KAVICHS (36 bytes)
C:\Programmi\Adobe\Photoshop 7.0\Predefiniti\Guide colori\PANTONE solid coated.acb : KAVICHS (36 bytes)
C:\Programmi\Adobe\Photoshop 7.0\Predefiniti\Guide colori\PANTONE solid matte.acb : KAVICHS (36 bytes)
C:\Programmi\Adobe\Photoshop 7.0\Predefiniti\Guide colori\PANTONE solid to process.acb : KAVICHS (36 bytes)
C:\Programmi\Adobe\Photoshop 7.0\Predefiniti\Guide colori\PANTONE solid uncoated.acb : KAVICHS (36 bytes)
C:\Programmi\Adobe\Photoshop 7.0\Predefiniti\Guide colori\TOYO color finder.acb : KAVICHS (36 bytes)
C:\Programmi\Adobe\Photoshop 7.0\Predefiniti\Guide colori\TRUMATCH.acb : KAVICHS (36 bytes)
C:\Programmi\Adobe\Photoshop 7.0\PSViews.dll : KAVICHS (36 bytes)
C:\Programmi\Adobe\Photoshop 7.0\Required\ADMPlugin.apl : KAVICHS (36 bytes)
C:\Programmi\Adobe\Photoshop 7.0\Required\ADMUI3.fon : KAVICHS (68 bytes)
C:\Programmi\Adobe\Photoshop 7.0\Required\ASDataStream.apl : KAVICHS (36 bytes)
C:\Programmi\Adobe\Photoshop 7.0\Required\Dimensioni Nuovo predef.txt : KAVICHS (36 bytes)
C:\Programmi\Adobe\Photoshop 7.0\Required\PNGIcons.apl : KAVICHS (36 bytes)
C:\Programmi\Adobe\Photoshop 7.0\Required\PS.sif : KAVICHS (36 bytes)
C:\Programmi\Adobe\Photoshop 7.0\Shfolder.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\ac1st17.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\acad.exe : KAVICHS (68 bytes)
C:\Programmi\AutoCAD 2008\acad.exe.config : KAVICHS (68 bytes)
C:\Programmi\AutoCAD 2008\acadbtn.xmx : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\acadficn.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\acadres.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\AcApp.arx : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\AcAppRes.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\acdb17.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\acdb17itares.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\AcDblClkEditPe.arx : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\AcDblClkEditRes.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\acdbmgd.dll : KAVICHS (68 bytes)
C:\Programmi\AutoCAD 2008\AcDgnIO.dbx : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\AcDgnRes.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\AcDgnUI.arx : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\AcDim.arx : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\AcDimRes.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\aceplotx.arx : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\AcEPlotXRes.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\AcExpressRes.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\AcFdUi.arx : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\AcFieldRes.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\acge17.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\acgs.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\AcGsConfig.arx : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\acgsConfigRes.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\acgsimage.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\acgsRes.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\achapi17.dbx : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\achlnkui.arx : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\achlnkuiRes.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\AcInfoCenterConn.DLL : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\acismobj17.dbx : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\acISMui.arx : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\acISMuiRes.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\AcLayer.dll : KAVICHS (68 bytes)
C:\Programmi\AutoCAD 2008\acmgd.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\acmgdinternal.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\AcMgdShared.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\AcMPolygonObj17itaRes.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\AcObjClassImp.arx : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\AcObjClassImpRes.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\AcOcSchemaUtil.arx : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\acopm.arx : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\AcOpmExt.arx : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\AcOpmExtRes.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\acopmRes.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\AcPEXCtl.arx : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\AcPEXCtlRes.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\acpi.arx : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\acpires.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\AcPlotGui.arx : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\AcPltRes.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\AcPltStamp.arx : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\AcPltStampRes.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\AcPrevInput.arx : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\AcPrevInputRes.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\AcProject17.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\AcProject17Res.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\AcSceneOE.dbx : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\AcSign.arx : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\AcSignRes.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\acui17.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\acui17res.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\acurlutl17.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\AcUt.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\AcWipeoutObj17.dbx : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\AcWipeoutRes.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\AcXrefEsw.arx : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\AcXrefEswRes.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\AcXrefService.arx : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\AcXrefUtil.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\AcXrefVaultUI.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\AcXrefVaultUIRes.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\adctrls.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\adctrlsRes.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\AdEreg.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\AdFTP.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\AdFTPRes.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\AdImaging.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\AdImagingRes.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\AdInfoCenter.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\AdIntImgServices.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\adlmdll.dll : KAVICHS (68 bytes)
C:\Programmi\AutoCAD 2008\adlmres.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\adui17.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\adui17res.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\anav.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\anavRes.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\apperr.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\apperrRes.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\architectural.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\architectural.mi : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\Autodesk.Interop.AcInetEngine.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\ax17enures.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\ax17itares.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\axdb.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\color.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\colorRes.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\dlint9.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\Drv\AdskHwCertificationDatabase.xml : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\Drv\direct3d9.hdi : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\Drv\gdi9.hdi : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\Drv\gdi9Res.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\Drv\gdifont9.hdi : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\Drv\gdiplot9.hdi : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\Drv\hlr9.hdi : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\Drv\jitter9.hdi : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\Drv\mentalray9.hdi : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\Drv\overhang9.hdi : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\Drv\paint9.hdi : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\Drv\rblast9.hdi : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\Drv\rfx9.hdi : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\Drv\szb9.hdi : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\dswhip.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\dswhipRes.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\express\acetauto.lsp : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\express\acettest.fas : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\express\acetutil.arx : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\express\acetutil.fas : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\Fonts\monotxt.shx : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\Fonts\txt.shx : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\hcreg9.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\hcreg9Res.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\heidi9.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\Help\acad171.chm : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\identity.ini : KAVICHS (68 bytes)
C:\Programmi\AutoCAD 2008\it-IT\AcLayer.resources.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\it-IT\AdInfoCenter.resources.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\lacads.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\light9.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\mtl9.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\Nexus.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\oleaprot.arx : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\oletohdi9.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\pctres9.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\plcferr.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\plcfmgr.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\plcfmgrRes.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\plotcfg9.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\pm9.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\pmres9.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\pmutil9.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\prntprog.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\prntprogRes.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\shareac.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\sharemfc.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\styleeng.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\Support\acad2008.lsp : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\Support\acad2008doc.lsp : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\Support\Mtextmap.ini : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\texture9.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\userdata.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\vl.arx : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\vlinit.fsl : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\vllib.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\vlmsg.dll : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\whohas.arx : KAVICHS (36 bytes)
C:\Programmi\AutoCAD 2008\whohasRes.dll : KAVICHS (36 bytes)
C:\Programmi\Digisoft AntiDialer\AntiDialer.exe : KAVICHS (68 bytes)
C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe : KAVICHS (36 bytes)
C:\Programmi\File comuni\Adobe\Color\Profiles\Recommended\USWebCoatedSWOP.icc : KAVICHS (36 bytes)
C:\Programmi\File comuni\Adobe\TypeSpt\FntNames.db : KAVICHS (36 bytes)
C:\Programmi\File comuni\Adobe\TypeSpt\MojiKumi\Photoshop6MojiKumi : KAVICHS (36 bytes)
C:\Programmi\File comuni\Adobe\Web\adobeonlineprefs : KAVICHS (36 bytes)
C:\Programmi\File comuni\Adobe\Web\AdobeWeb.dll : KAVICHS (36 bytes)
C:\Programmi\File comuni\Adobe\Web\AdobeWeb57ita.awe : KAVICHS (36 bytes)
C:\Programmi\File comuni\Adobe\Workflow\ARM.dll : KAVICHS (36 bytes)
C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe : KAVICHS (36 bytes)
C:\Programmi\File comuni\Autodesk Shared\AcSignCore16.dll : KAVICHS (68 bytes)
C:\Programmi\File comuni\Autodesk Shared\DWF Common\DWFShellExtension.dll : KAVICHS (36 bytes)
C:\Programmi\File comuni\Autodesk Shared\DWF Common\DWFShellExtensionRes.dll : KAVICHS (36 bytes)
C:\Programmi\File comuni\Autodesk Shared\DWF Common\msvcp71.dll : KAVICHS (36 bytes)
C:\Programmi\File comuni\Autodesk Shared\DWF Common\msvcr71.dll : KAVICHS (36 bytes)
C:\Programmi\File comuni\Autodesk Shared\Thumbnail\AcThumbnail16.dll : KAVICHS (36 bytes)
C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe : KAVICHS (36 bytes)
C:\Programmi\File comuni\Microsoft Shared\EQUATION\MTEXTRA.TTF : KAVICHS (36 bytes)
C:\Programmi\File comuni\Microsoft Shared\OFFICE11\1040\msxml5r.dll : KAVICHS (36 bytes)
C:\Programmi\File comuni\Microsoft Shared\PROOF\MSLID.DLL : KAVICHS (36 bytes)
C:\Programmi\File comuni\Microsoft Shared\PROOF\MSSP3IT.LEX : KAVICHS (36 bytes)
C:\Programmi\File comuni\Microsoft Shared\Source Engine\OSE.EXE : KAVICHS (36 bytes)
C:\Programmi\File comuni\Microsoft Shared\VBA\VBA6\1040\VBE6INTL.DLL : KAVICHS (36 bytes)
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\1040\MDMUI.DLL : KAVICHS (68 bytes)
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE : KAVICHS (36 bytes)
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MSDBG2.DLL : KAVICHS (36 bytes)
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\PDM.DLL : KAVICHS (36 bytes)
C:\Programmi\File comuni\Real\Common\objb3201.dll : KAVICHS (36 bytes)
C:\Programmi\File comuni\Real\Common\pnrs3260.dll : KAVICHS (36 bytes)
C:\Programmi\File comuni\Real\Plugins\httpfsys.dll : KAVICHS (36 bytes)
C:\Programmi\File comuni\Real\RCAPlugins\uisy3201.dll : KAVICHS (36 bytes)
C:\Programmi\File comuni\Real\Update_OB\realsched.exe : KAVICHS (68 bytes)
C:\Programmi\File comuni\Real\Update_OB\rnad3201.dll : KAVICHS (36 bytes)
C:\Programmi\File comuni\Real\Update_OB\rnms3270.dll : KAVICHS (36 bytes)
C:\Programmi\File comuni\Real\Update_OB\rnqu3270.dll : KAVICHS (36 bytes)
C:\Programmi\File comuni\Real\Update_OB\setu3270.dll : KAVICHS (36 bytes)
C:\Programmi\File comuni\SafeNet Sentinel\Sentinel Protection Server\WinNT\libeay32.dll : KAVICHS (36 bytes)
C:\Programmi\File comuni\SafeNet Sentinel\Sentinel Protection Server\WinNT\MD5CHAP.dll : KAVICHS (68 bytes)
C:\Programmi\File comuni\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe : KAVICHS (68 bytes)
C:\Programmi\IVT Corporation\BlueSoleil\back.bmp : KAVICHS (36 bytes)
C:\Programmi\IVT Corporation\BlueSoleil\BlueSoleil.exe : KAVICHS (68 bytes)
C:\Programmi\IVT Corporation\BlueSoleil\btav.ini : KAVICHS (36 bytes)
C:\Programmi\IVT Corporation\BlueSoleil\btfunc.dll : KAVICHS (36 bytes)
C:\Programmi\IVT Corporation\BlueSoleil\btpcfg.dll : KAVICHS (36 bytes)
C:\Programmi\IVT Corporation\BlueSoleil\btpres.dll : KAVICHS (36 bytes)
C:\Programmi\IVT Corporation\BlueSoleil\bttl.ini : KAVICHS (68 bytes)
C:\Programmi\IVT Corporation\BlueSoleil\btwin.dll : KAVICHS (36 bytes)
C:\Programmi\IVT Corporation\BlueSoleil\device\Win2k\BTNetFilter.sys : KAVICHS (68 bytes)
C:\Programmi\IVT Corporation\BlueSoleil\driver\usb\btcusb.dll : KAVICHS (36 bytes)
C:\Programmi\IVT Corporation\BlueSoleil\GdiPlus.dll : KAVICHS (36 bytes)
C:\Programmi\IVT Corporation\BlueSoleil\hid2hci.exe : KAVICHS (36 bytes)
C:\Programmi\IVT Corporation\BlueSoleil\Msvcp60.dll : KAVICHS (36 bytes)
C:\Programmi\IVT Corporation\BlueSoleil\PlayerCtrl.dll : KAVICHS (36 bytes)
C:\Programmi\IVT Corporation\BlueSoleil\setup.dll : KAVICHS (36 bytes)
C:\Programmi\IVT Corporation\BlueSoleil\versit.dll : KAVICHS (36 bytes)
C:\Programmi\Microsoft Office\Office12\1040\WWINTL.DLL : KAVICHS (36 bytes)
C:\Programmi\Microsoft Office\Office12\ID_00030.DPC : KAVICHS (36 bytes)
C:\Programmi\Microsoft Office\Office12\MSOHEVI.DLL : KAVICHS (36 bytes)
C:\Programmi\Microsoft Office\Office12\msproof6.dll : KAVICHS (36 bytes)
C:\Programmi\Microsoft Office\Office12\REFBAR.ICO : KAVICHS (36 bytes)
C:\Programmi\Microsoft Office\Office12\REFBARH.ICO : KAVICHS (36 bytes)
C:\Programmi\NEXT AGENDA 2\Allarmi.exe : KAVICHS (68 bytes)
C:\Programmi\NEXT AGENDA 2\begin.htm : KAVICHS (68 bytes)
C:\Programmi\NEXT AGENDA 2\begin2.htm : KAVICHS (36 bytes)
C:\Programmi\NEXT AGENDA 2\Database\fisco.mdb : KAVICHS (68 bytes)
C:\Programmi\NEXT AGENDA 2\Database\promemoria.mdb : KAVICHS (36 bytes)
C:\Programmi\NEXT AGENDA 2\Dati Utente\Daniele\Daniele.mdb : KAVICHS (68 bytes)
C:\Programmi\NEXT AGENDA 2\Frecciaup.GIF : KAVICHS (36 bytes)
C:\Programmi\NEXT AGENDA 2\HTMLCards\Classica.htm : KAVICHS (68 bytes)
C:\Programmi\NEXT AGENDA 2\HTMLCards\oggi.BMP : KAVICHS (68 bytes)
C:\Programmi\NEXT AGENDA 2\NextAgenda.exe : KAVICHS (68 bytes)
C:\Programmi\NEXT AGENDA 2\Promemoria.exe : KAVICHS (68 bytes)
C:\Programmi\RDS\DdsSchedNT.exe : KAVICHS (68 bytes)
C:\Programmi\RDS\DistUtil.dll : KAVICHS (68 bytes)
C:\Programmi\RDS\DmTkErrorLog.dll : KAVICHS (68 bytes)
C:\Programmi\RDS\FMRule.dll : KAVICHS (36 bytes)
C:\Programmi\RDS\FMXml.dll : KAVICHS (36 bytes)
C:\Programmi\RDS\PLAuWrap.dll : KAVICHS (36 bytes)
C:\Programmi\RDS\PLRCAuWrap.dll : KAVICHS (36 bytes)
C:\Programmi\RDS\PLTBar.exe : KAVICHS (36 bytes)
C:\Programmi\RDS\PLTbMenu.dll : KAVICHS (36 bytes)
C:\Programmi\RDS\PLTbRes.dll : KAVICHS (36 bytes)
C:\Programmi\RDS\PMCodeCv.dll : KAVICHS (36 bytes)
C:\Programmi\RDS\PMXMLDOM.dll : KAVICHS (36 bytes)
C:\Programmi\RDS\PMXMLHdl.dll : KAVICHS (36 bytes)
C:\Programmi\RDS\PMXMLMan.dll : KAVICHS (36 bytes)
C:\Programmi\RDS\PMXMLPas.dll : KAVICHS (36 bytes)
C:\Programmi\RDS\RdmCommon.dll : KAVICHS (68 bytes)
C:\Programmi\RDS\RdsMisc.dll : KAVICHS (68 bytes)
C:\Programmi\RDS\RsiSvc.exe : KAVICHS (68 bytes)
C:\Programmi\RDS\RSvrInfo.dll : KAVICHS (68 bytes)
C:\Programmi\RDS\ScanConf.ini : KAVICHS (36 bytes)
C:\Programmi\RDS\SOption.exe : KAVICHS (36 bytes)
C:\Programmi\RDS\SrScanDr.exe : KAVICHS (68 bytes)
C:\Programmi\Real\RealPlayer\lang\gemctl_it.dll : KAVICHS (36 bytes)
C:\Programmi\Real\RealPlayer\realplay.exe : KAVICHS (68 bytes)
C:\Programmi\RMClient\JobHisInit.exe : KAVICHS (36 bytes)
C:\Programmi\RMClient\MplSetUp.exe : KAVICHS (36 bytes)
C:\Programmi\RMClient\MplSetUp.ini : KAVICHS (36 bytes)
C:\Programmi\RMClient\PMJobHis\endjob.lst : KAVICHS (36 bytes)
C:\Programmi\RMClient\PMJobHis\jobfilename : KAVICHS (36 bytes)
C:\Programmi\RMClient\PMJobHis.dll : KAVICHS (36 bytes)
C:\Programmi\RMClient\PMJobHisit.dll : KAVICHS (36 bytes)
C:\Programmi\RMClient\PMPrnLog.dll : KAVICHS (36 bytes)
C:\Programmi\RMClient\PMUsrMsg.dll : KAVICHS (36 bytes)
C:\Programmi\RMClient\PMUsrMsgit.dll : KAVICHS (36 bytes)
C:\Programmi\RMClient\UsrMsgCar.ini : KAVICHS (36 bytes)
C:\Programmi\WinRAR\RarExt.dll : KAVICHS (36 bytes)
C:\Programmi\WinRAR\rarreg.key : KAVICHS (36 bytes)
C:\Programmi\WinRAR\WinRAR.exe : KAVICHS (36 bytes)
C:\RDCab\PL\data\PLCtrl.dat : KAVICHS (36 bytes)
C:\RDCab\PL\data\PLTBData.dat : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\acgenral.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\acgenral.dll.000 : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\acpi.sys : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\activeds.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\actxprxy.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\adsldpc.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\advapi32.dll : KAVICHS (100 bytes)
C:\WINDOWS\$NtServicePackUninstall$\advpack.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\aec.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\alg.exe : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\apphelp.dll : KAVICHS (100 bytes)
C:\WINDOWS\$NtServicePackUninstall$\ariblk.ttf : KAVICHS (100 bytes)
C:\WINDOWS\$NtServicePackUninstall$\asycfilt.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\asyncmac.sys : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\atapi.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\atl.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\atmarpc.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\atmfd.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\atmlib.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\audiosrv.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\authz.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\autochk.exe : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\basesrv.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\batmeter.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\browselc.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\browser.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\browseui.dll : KAVICHS (100 bytes)
C:\WINDOWS\$NtServicePackUninstall$\cabinet.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\ccdecode.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\cdfs.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\certcli.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\cfgmgr32.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\cimwin32.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\cisvc.exe : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\clbcatq.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\clipsrv.exe : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\clusapi.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\cmd.exe : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\cnbjmon.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\colbact.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\comctl32.dll : KAVICHS (100 bytes)
C:\WINDOWS\$NtServicePackUninstall$\comdlg32.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\comic.ttf : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\compstui.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\comres.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\comsvcs.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\credui.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\crypt32.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\cryptdll.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\cryptnet.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\cryptui.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\cscdll.dll : KAVICHS (100 bytes)
C:\WINDOWS\$NtServicePackUninstall$\cscui.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\csrsrv.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\csrss.exe : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\ctfmon.exe : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\d3d8thk.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\dao360.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\davclnt.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\dciman32.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\ddraw.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\desk.cpl : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\devenum.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\devmgr.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\dhcpcsvc.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\disk.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\dllhost.exe : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\dmadmin.exe : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\dmboot.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\dmio.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\dmserver.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\dmusic.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\dnsrslvr.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\dpcdll.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\drmk.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\drmkaud.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\drprov.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\drvmain.sdb : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\drvmain.sdb.000 : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\dsound.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\dssenh.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\dumprep.exe : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\duser.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\dxg.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\ersvc.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\esent.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\esscli.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\explorer.exe : KAVICHS (100 bytes)
C:\WINDOWS\$NtServicePackUninstall$\expsrv.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\fastprox.dll : KAVICHS (100 bytes)
C:\WINDOWS\$NtServicePackUninstall$\faultrep.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\fdc.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\fips.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\flpydisk.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\framedyn.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\fxsapi.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\fxsevent.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\fxsmon.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\fxsocm.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\fxsst.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\fxssvc.exe : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\fxst30.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\fxstiff.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\gdi32.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\glu32.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\h323.tsp : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\hal.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\hid.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\hidphone.tsp : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\hidusb.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\hnetcfg.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\http.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\i8042prt.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\icaapi.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\iccvid.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\icm32.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\icmp.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\ie4uinit.exe : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\iepeers.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\iexplore.exe : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\imaadp32.acm : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\imagehlp.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\imapi.exe : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\imapi.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\imgutil.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\imm32.dll : KAVICHS (100 bytes)
C:\WINDOWS\$NtServicePackUninstall$\impact.ttf : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\inetcpl.cpl : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\inetpp.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\intelppm.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\ipconf.tsp : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\iphlpapi.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\ipinip.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\ipnat.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\ipnathlp.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\ipsec.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\ipsecsvc.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\irenum.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\iyuv_32.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\kbdclass.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\kerberos.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\kernel32.dll : KAVICHS (100 bytes)
C:\WINDOWS\$NtServicePackUninstall$\kmddsp.tsp : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\kmixer.sys : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\ks.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\l3codeca.acm : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\linkinfo.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\lmhsvc.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\locale.nls : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\localspl.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\locator.exe : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\logon.scr : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\logonui.exe : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\lsasrv.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\lsass.exe : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\luna.msstyles : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\mdminst.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\micross.ttf : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\midimap.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\mlang.dll : KAVICHS (100 bytes)
C:\WINDOWS\$NtServicePackUninstall$\mnmsrvc.exe : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\mobsync.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\mobsync.exe : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\modem.sys : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\modemui.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\moricons.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\mouclass.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\mpr.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\mprapi.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\mrxdav.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\mrxsmb.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\msacm32.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\msadox.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\msadp32.acm : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\msasn1.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\msaud32.acm : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\msctf.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\msdmo.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\msdtc.exe : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\msfs.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\msgina.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\msgpc.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\msh261.drv : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\msh263.drv : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\mshtml.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\mshtml.tlb : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\mshtmled.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\msi.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\msidle.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\msiexec.exe : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\msimg32.dll : KAVICHS (100 bytes)
C:\WINDOWS\$NtServicePackUninstall$\msimtf.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\msisip.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\msjet40.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\msjint40.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\msjter40.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\msjtes40.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\mskssrv.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\mspatcha.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\mspclock.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\mspqm.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\msprivs.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\msrating.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\msrle32.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\mssmbios.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\mstee.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\mstlsapi.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\msutb.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\msv1_0.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\msvbvm60.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\msvcirt.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\msvcp60.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\msvcrt.dll : KAVICHS (100 bytes)
C:\WINDOWS\$NtServicePackUninstall$\msvfw32.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\mswstr10.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\msxml3.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\msxml6r.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\msyuv.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\mtxclu.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\mydocs.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\nabtsfec.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\ncobjapi.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\ncprov.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\nddeapi.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\ndisip.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\ndistapi.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\ndisuio.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\ndiswan.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\ndproxy.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\ndptsp.tsp : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\netapi32.dll : KAVICHS (100 bytes)
C:\WINDOWS\$NtServicePackUninstall$\netbios.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\netbt.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\netcfgx.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\netdde.exe : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\netman.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\netrap.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\netshell.dll : KAVICHS (100 bytes)
C:\WINDOWS\$NtServicePackUninstall$\netui0.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\netui1.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\npfs.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\ntdll.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\ntdsapi.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\ntkrnlpa.exe : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\ntlanman.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\ntlsapi.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\ntmarta.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\ntoskrnl.exe : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\ntshrui.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\ntvdm.exe : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\oakley.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\odbc32.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\odbcint.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\oleaut32.dll : KAVICHS (100 bytes)
C:\WINDOWS\$NtServicePackUninstall$\oledlg.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\oleprn.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\olepro32.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\opengl32.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\parport.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\pchsvc.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\pci.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\pcmcia.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\pjlmon.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\pngfilt.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\portcls.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\powrprof.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\printui.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\processr.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\profmap.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\progman.exe : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\psapi.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\psbase.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\psched.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\pstorec.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\pstorsvc.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\rasadhlp.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\rasapi32.dll : KAVICHS (100 bytes)
C:\WINDOWS\$NtServicePackUninstall$\raschap.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\rasdlg.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\rasl2tp.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\rasman.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\rasmans.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\rasppp.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\raspppoe.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\raspptp.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\rastapi.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\rastls.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\rdbss.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\rdpdr.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\redbook.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\regapi.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\regsvc.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\regsvr32.exe : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\repdrvfs.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\resutils.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\riched20.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\rpcrt4.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\rsaenh.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\rshx32.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\rsvpsp.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\rtutils.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\rundll32.exe : KAVICHS (100 bytes)
C:\WINDOWS\$NtServicePackUninstall$\samlib.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\samsrv.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\scardsvr.exe : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\scecli.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\scesrv.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\schannel.dll : KAVICHS (100 bytes)
C:\WINDOWS\$NtServicePackUninstall$\schedsvc.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\sclgntfy.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\scsiport.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\secdrv.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\seclogon.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\secur32.dll : KAVICHS (100 bytes)
C:\WINDOWS\$NtServicePackUninstall$\security.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\sens.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\sensapi.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\serenum.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\serial.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\services.exe : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\sessmgr.exe : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\setupapi.dll : KAVICHS (132 bytes)
C:\WINDOWS\$NtServicePackUninstall$\sfc.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\sfcfiles.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\sfc_os.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\sfloppy.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\shdoclc.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\shdocvw.dll : KAVICHS (100 bytes)
C:\WINDOWS\$NtServicePackUninstall$\shell32.dll : KAVICHS (100 bytes)
C:\WINDOWS\$NtServicePackUninstall$\shfolder.dll : KAVICHS (100 bytes)
C:\WINDOWS\$NtServicePackUninstall$\shgina.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\shimeng.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\shimgvw.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\shlwapi.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\shmgrate.exe : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\shsvcs.dll : KAVICHS (100 bytes)
C:\WINDOWS\$NtServicePackUninstall$\slip.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\sl_anet.acm : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\smlogsvc.exe : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\smss.exe : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\sorttbls.nls : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\splitter.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\spoolss.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\spoolsv.exe : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\sptip.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\sr.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\srsvc.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\srv.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\srvsvc.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\ssdpapi.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\ssdpsrv.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\stdole2.tlb : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\sti.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\stobject.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\streamip.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\svchost.exe : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\swenum.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\swmidi.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\sxs.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\sysaudio.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\sysmain.sdb : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\sysmain.sdb.000 : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\tahoma.ttf : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\tahomabd.ttf : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\tapi32.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\tapisrv.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\tcpmon.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\termdd.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\termsrv.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\themeui.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\trkwks.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\tunga.ttf : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\twain_32.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\umpnpmgr.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\unidrv.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\unimdm.tsp : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\unimdmat.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\uniplat.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\unregmp2.exe : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\update.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\upnp.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\upnpui.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\ups.exe : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\url.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\urlmon.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\usbaudio.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\usbccgp.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\usbehci.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\usbhub.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\usbmon.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\usbport.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\usbscan.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\usbstor.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\usbuhci.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\user32.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\userenv.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\userinit.exe : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\usp10.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\uxtheme.dll : KAVICHS (100 bytes)
C:\WINDOWS\$NtServicePackUninstall$\vbajet32.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\vdmdbg.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\version.dll : KAVICHS (100 bytes)
C:\WINDOWS\$NtServicePackUninstall$\vfwwdm32.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\videoprt.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\vssapi.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\vssvc.exe : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\w32time.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\wanarp.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\watchdog.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\wbemcomn.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\wbemcons.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\wbemcore.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\wbemess.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\wbemprox.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\wbemsvc.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\wdigest.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\wdmaud.drv : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\wdmaud.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\webcheck.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\webclnt.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\wiadss.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\wiaservc.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\wiashext.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\win32k.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\win32spl.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\wininet.dll : KAVICHS (100 bytes)
C:\WINDOWS\$NtServicePackUninstall$\winipsec.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\winmm.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\winrnr.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\winscard.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\winspool.drv : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\winsrv.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\winsta.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\wintrust.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\wkssvc.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\wldap32.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\wlnotify.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\wmi.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\wmiapsrv.exe : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\wmipcima.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\wmiprvsd.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\wmiprvse.exe : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\wmisvc.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\wmiutils.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\wow32.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\ws2help.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\wshext.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\wshtcpip.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\wsock32.dll : KAVICHS (100 bytes)
C:\WINDOWS\$NtServicePackUninstall$\wstcodec.sys : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\wtsapi32.dll : KAVICHS (100 bytes)
C:\WINDOWS\$NtServicePackUninstall$\wzcdlg.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\wzcsapi.dll : KAVICHS (36 bytes)
C:\WINDOWS\$NtServicePackUninstall$\wzcsvc.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\xpsp2res.dll : KAVICHS (68 bytes)
C:\WINDOWS\$NtServicePackUninstall$\zipfldr.dll : KAVICHS (36 bytes)
C:\WINDOWS\assembly\GAC\Accessibility\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini : KAVICHS (36 bytes)
C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\sortkey.nlp : KAVICHS (36 bytes)
C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\sorttbls.nlp : KAVICHS (36 bytes)
C:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll : KAVICHS (36 bytes)
C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll : KAVICHS (36 bytes)
C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll : KAVICHS (36 bytes)
C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll : KAVICHS (36 bytes)
C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll : KAVICHS (36 bytes)
C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll : KAVICHS (36 bytes)
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\bab24a7faaeaa3469f1d70ed1e2c3e84\Accessibility.ni.dll : KAVICHS (36 bytes)
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\300e0ed02a742a4d941891b5b761bd25\mscorlib.ni.dll : KAVICHS (36 bytes)
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\64371385c8b93e4f8325d7229c73f908\System.ni.dll : KAVICHS (36 bytes)
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\6636f99dac631a48abf04a8ccc6380b1\System.Configuration.ni.dll : KAVICHS (36 bytes)
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\dcbcc89ea597834dbb666f2b868a8fa0\System.Drawing.ni.dll : KAVICHS (36 bytes)
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cc71b48e7de2a64f9ca67e295641b822\System.Windows.Forms.ni.dll : KAVICHS (36 bytes)
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\cf28e8d6b6c8ad4ab2fccc62705fede4\System.Xml.ni.dll : KAVICHS (36 bytes)
C:\WINDOWS\ATM.INI : KAVICHS (36 bytes)
C:\WINDOWS\bootstat.dat : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\21205___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\2120A___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\35191___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\40240___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\46152___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\50416___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\5041A___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\51253___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\52162___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\54151___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\5415A___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\57930___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\57961___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\59250___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\63193___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\65659___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\70214___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\70729___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\75678___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\75749___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\78640___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\78936___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\8514fix.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\8514fixe.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\8514fixg.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\8514fixr.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\8514fixt.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\8514oem.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\8514oeme.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\8514oemg.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\8514oemr.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\8514oemt.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\8514sys.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\8514syse.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\8514sysg.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\8514sysr.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\8514syst.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\85775.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\85855.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\85f1257.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\85s1257.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\89198___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\AdobeFnt09.lst : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\AGENCYB.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\AGENCYR.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\ALGER.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\AMAZB___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\AMAZI___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\AMAZR___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\ANTQUAB.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\ANTQUABI.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\ANTQUAI.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\app775.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\app850.fon : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\app852.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\app855.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\app857.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\app866.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\arial.ttf : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\arialbd.ttf : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\arialbi.ttf : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\ariali.ttf : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\ARIALN.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\ARIALNB.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\ARIALNBI.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\ARIALNI.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\ARIALUNI.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\ARLRDBD.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\BANGB___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\BANGI___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\BANGN___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\BARTB___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\BARTI___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\BARTN___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\BASKVILL.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\BAUHS93.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\BELL.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\BELLB.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\BELLI.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\BERNHC.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\BIMINB__.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\BIMINI__.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\BIMINR__.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\BKANT.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\BOD_B.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\BOD_BI.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\BOD_BLAI.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\BOD_BLAR.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\BOD_CB.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\BOD_CBI.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\BOD_CI.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\BOD_CR.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\BOD_I.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\BOD_PSTC.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\BOD_R.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\BOOKOS.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\BOOKOSB.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\BOOKOSBI.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\BOOKOSI.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\BRADHITC.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\BRITANIC.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\BRLNSB.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\BRLNSDB.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\BRLNSR.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\BROADW.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\BRUSHSCI.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\BSSYM7.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\CALIBRI.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\CALIBRIB.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\CALIBRII.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\CALIBRIZ.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\CALIFB.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\CALIFI.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\CALIFR.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\CALIST.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\CALISTB.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\CALISTBI.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\CALISTI.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\CAMBRIA.TTC : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\CAMBRIAB.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\CAMBRIAI.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\CAMBRIAZ.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\CANDARA.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\CANDARAB.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\CANDARAI.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\CANDARAZ.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\CASTELAR.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\CENSCBK.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\CENTAUR.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\CENTURY.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\cga40737.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\cga40850.fon : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\cga40852.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\cga40857.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\cga40866.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\cga40869.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\cga40woa.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\cga80737.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\cga80850.fon : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\cga80852.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\cga80857.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\cga80866.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\cga80869.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\cga80woa.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\CHASB___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\CHASI___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\CHASN___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\CHILLER.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\COLONNA.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\comicbd.ttf : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\CONSOLA.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\CONSOLAB.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\CONSOLAI.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\CONSOLAZ.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\CONSTAN.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\CONSTANB.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\CONSTANI.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\CONSTANZ.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\COOPBL.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\COPRGTB.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\COPRGTL.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\CORBEL.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\CORBELB.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\CORBELI.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\CORBELZ.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\coue1257.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\couf1257.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\cour.ttf : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\courbd.ttf : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\courbi.ttf : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\coure.fon : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\couree.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\coureg.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\courer.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\couret.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\courf.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\courfe.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\courfg.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\courfr.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\courft.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\couri.ttf : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\CURLZ___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\desktop.ini : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\DOLPHB__.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\DOLPHI__.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\DOLPHR__.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\dos737.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\dosapp.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\ega40737.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\ega40850.fon : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\ega40852.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\ega40857.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\ega40866.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\ega40869.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\ega40woa.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\ega80737.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\ega80850.fon : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\ega80852.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\ega80857.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\ega80866.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\ega80869.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\ega80woa.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\ELEPHNT.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\ELEPHNTI.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\ENGR.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\ERASBD.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\ERASDEMI.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\ERASLGHT.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\ERASMD.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\estre.ttf : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\EURAB___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\EURAI___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\EURAN___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\FELIXTI.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\FLATBB__.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\FLATBI__.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\FLATBN__.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\FORTE.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\FRABK.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\FRABKIT.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\FRADM.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\FRADMCN.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\FRADMIT.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\FRAHV.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\FRAHVIT.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\framd.ttf : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\FRAMDCN.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\framdit.ttf : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\FREESCPT.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\FRSCRIPT.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\FTLTLT.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\GALAB___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\GALAI___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\GALAN___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\GARA.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\GARABD.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\GARAIT.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\gautami.ttf : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\GAZEB___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\GAZEI___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\GAZEN___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\georgia.ttf : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\georgiab.ttf : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\georgiai.ttf : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\georgiaz.ttf : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\GIGI.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\GILBI___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\GILB____.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\GILC____.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\GILI____.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\GILLUBCD.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\GILSANUB.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\GIL_____.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\GLECB.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\GLSNECB.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\GOTHIC.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\GOTHICB.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\GOTHICBI.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\GOTHICI.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\GOUDOS.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\GOUDOSB.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\GOUDOSI.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\GOUDYSTO.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\HARLOWSI.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\HARNGTON.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\HATTEN.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\HTOWERT.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\HTOWERTI.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\IMPRISHA.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\INFROMAN.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\ITCBLKAD.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\ITCEDSCR.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\ITCKRIST.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\JOKERMAN.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\JUICE___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\kartika.ttf : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\KELTB___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\KELTI___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\KELTN___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\KUNSTLER.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\latha.ttf : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\LATINWD.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\LBRITE.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\LBRITED.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\LBRITEDI.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\LBRITEI.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\LCALLIG.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\LFAX.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\LFAXD.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\LFAXDI.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\LFAXI.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\LHANDW.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\LIBEB___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\LIBEN___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\LSANS.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\LSANSD.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\LSANSDI.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\LSANSI.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\LTYPE.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\LTYPEB.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\LTYPEBO.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\LTYPEO.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\lucon.ttf : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\LYNDCB__.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\LYNDCN__.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\l_10646.ttf : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\MAGNETOB.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\MAIAN.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\mangal.ttf : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\marlett.ttf : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\MATURASC.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\MIRRB___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\MIRRI___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\MIRRN___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\MISTRAL.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\MOD20.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\modern.fon : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\MSMINCHO.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\MTCORSVA.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\mvboli.ttf : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\NIAGENG.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\NIAGSOL.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\NOTESR__.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\OCRAEXT.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\OLDENGL.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\ONYX.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\Orange.ttf : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\OUTLOOK.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\pala.ttf : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\palab.ttf : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\palabi.ttf : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\palai.ttf : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\PALSCRI.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\PAPYRUS.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\PARCHM.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\PARISB__.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\PARISI__.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\PARISR__.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\PERBI___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\PERB____.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\PERI____.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\PERTIBD.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\PERTILI.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\PER_____.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\PLAYBILL.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\POORICH.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\PRISTINA.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\Quixley.ttf : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\raavi.ttf : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\RAGE.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\RAVIE.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\REFSAN.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\REFSPCL.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\ROCCB___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\ROCC____.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\ROCK.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\ROCKB.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\ROCKBI.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\ROCKEB.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\ROCKI.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\roman.fon : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\SCHLBKB.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\SCHLBKBI.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\SCHLBKI.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\script.fon : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\SCRIPTBL.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\SEGOEUI.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\SEGOEUIB.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\SEGOEUII.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\SEGOEUIZ.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\sere1257.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\serf1257.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\serife.fon : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\serifee.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\serifeg.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\serifer.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\serifet.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\seriff.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\seriffe.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\seriffg.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\seriffr.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\serifft.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\SHORHB__.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\SHORHI__.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\SHORHN__.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\SHOWG.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\shruti.ttf : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\SIGNSR__.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\SIMPB___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\SIMPI___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\SIMPN___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\smae1257.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\smaf1257.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\smalle.fon : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\smallee.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\smalleg.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\smaller.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\smallet.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\smallf.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\smallfe.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\smallfg.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\smallfr.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\smallft.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\SNAP____.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\ssee1257.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\ssef1257.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\sserife.fon : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\sserifee.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\sserifeg.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\sserifer.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\sserifet.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\sseriff.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\sseriffe.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\sseriffg.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\sseriffr.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\sserifft.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\STENCIL.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\SURFB___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\SURFI___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\SURFN___.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\sylfaen.ttf : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\symbol.ttf : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\symbole.fon : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\TCBI____.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\TCB_____.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\TCCB____.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\TCCEB.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\TCCM____.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\TCMI____.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\TCM_____.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\TEMPSITC.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\times.ttf : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\timesbd.ttf : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\timesbi.ttf : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\timesi.ttf : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\trebuc.ttf : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\trebucbd.ttf : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\trebucbi.ttf : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\trebucit.ttf : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\TT0131M_.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\TT0246M_.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\TT0362M_.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\TT0610M_.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\TT0952M_.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\TT1044M_.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\TT1139M_.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\TT1221M_.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\TT7009M_.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\TT9832L_.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\verdana.ttf : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\verdanab.ttf : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\verdanai.ttf : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\verdanaz.ttf : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\vga737.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\vga775.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\vga850.fon : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\vga852.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\vga855.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\vga857.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\vga860.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\vga863.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\vga865.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\vga866.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\vga869.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\vgaf1257.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\vgafix.fon : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\vgafixe.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\vgafixg.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\vgafixr.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\vgafixt.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\vgaoem.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\vgas1257.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\vgasys.fon : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\vgasyse.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\vgasysg.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\vgasysr.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\vgasyst.fon : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\VINERITC.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\VIVALDII.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\VLADIMIR.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\vrinda.ttf : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\webdings.ttf : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\wingding.ttf : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\WINGDNG2.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\WINGDNG3.TTF : KAVICHS (36 bytes)
C:\WINDOWS\Fonts\wst_czec.fon : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\wst_engl.fon : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\wst_fren.fon : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\wst_germ.fon : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\wst_ital.fon : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\wst_span.fon : KAVICHS (68 bytes)
C:\WINDOWS\Fonts\wst_swed.fon : KAVICHS (68 bytes)
C:\WINDOWS\Gtwatch.exe : KAVICHS (68 bytes)
C:\WINDOWS\Media\Windows XP - Aggiunta hardware.wav : KAVICHS (36 bytes)
C:\WINDOWS\Media\Windows XP - Arresto critico.wav : KAVICHS (36 bytes)
C:\WINDOWS\Media\Windows XP - Avvio.wav : KAVICHS (36 bytes)
C:\WINDOWS\Media\Windows XP - Chiusura.wav : KAVICHS (36 bytes)
C:\WINDOWS\Media\Windows XP - Esecuzione automatica.wav : KAVICHS (36 bytes)
C:\WINDOWS\Media\Windows XP - Messaggio o avviso 2.wav : KAVICHS (36 bytes)
C:\WINDOWS\Media\windows xp - popup bloccato.wav : KAVICHS (36 bytes)
C:\WINDOWS\Media\Windows XP - Promemoria.wav : KAVICHS (36 bytes)
C:\WINDOWS\Media\Windows XP Ding.wav : KAVICHS (68 bytes)
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CharInfo.nlp : KAVICHS (36 bytes)
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CONFIG\machine.config : KAVICHS (36 bytes)
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\msvcr71.dll : KAVICHS (36 bytes)
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW936\_mscorsn.dll : KAVICHS (36 bytes)
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW936\_msvcr71.dll : KAVICHS (36 bytes)
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\sortkey.nlp : KAVICHS (36 bytes)
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\sorttbls.nlp : KAVICHS (36 bytes)
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\alink.dll : KAVICHS (36 bytes)
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe : KAVICHS (36 bytes)
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CONFIG\machine.config : KAVICHS (36 bytes)
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\csc.exe : KAVICHS (36 bytes)
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\csc.exe.config : KAVICHS (36 bytes)
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscomp.dll : KAVICHS (36 bytes)
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll : KAVICHS (36 bytes)
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cvtres.exe : KAVICHS (36 bytes)
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fusion.dll : KAVICHS (68 bytes)
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll : KAVICHS (36 bytes)
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll : KAVICHS (36 bytes)
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll : KAVICHS (36 bytes)
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll : KAVICHS (36 bytes)
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe : KAVICHS (36 bytes)
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll : KAVICHS (68 bytes)
C:\WINDOWS\PMCApi.dll : KAVICHS (36 bytes)
C:\WINDOWS\PMCCom.dll : KAVICHS (36 bytes)
C:\WINDOWS\PMCMisc.dll : KAVICHS (68 bytes)
C:\WINDOWS\PMDvCopy.ini : KAVICHS (36 bytes)
C:\WINDOWS\PMDvDev.ini : KAVICHS (36 bytes)
C:\WINDOWS\PMDvFax.ini : KAVICHS (36 bytes)
C:\WINDOWS\PMDvPrn.ini : KAVICHS (36 bytes)
C:\WINDOWS\PMDvScan.ini : KAVICHS (36 bytes)
C:\WINDOWS\PMHostMb.ini : KAVICHS (36 bytes)
C:\WINDOWS\PMJobCli.ini : KAVICHS (36 bytes)
C:\WINDOWS\PMMib2Mb.ini : KAVICHS (36 bytes)
C:\WINDOWS\PMPrtMb.ini : KAVICHS (36 bytes)
C:\WINDOWS\PMRicMb.ini : KAVICHS (36 bytes)
C:\WINDOWS\PMRicPMb.ini : KAVICHS (36 bytes)
C:\WINDOWS\PMSnmpMb.ini : KAVICHS (36 bytes)
C:\WINDOWS\repair\setup.log : KAVICHS (36 bytes)
C:\WINDOWS\Resources\Themes\Luna\Shell\Metallic\shellstyle.dll : KAVICHS (36 bytes)
C:\WINDOWS\sl.lng : KAVICHS (36 bytes)
C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb : KAVICHS (68 bytes)
C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.chk : KAVICHS (36 bytes)
C:\WINDOWS\SoftwareDistribution\Download\93c97e05e2ff2e87aa2b3a93580dfdd5\backup\sp2gdr\dao360.dll : KAVICHS (36 bytes)
C:\WINDOWS\SoftwareDistribution\Download\93c97e05e2ff2e87aa2b3a93580dfdd5\backup\sp2gdr\msjet40.dll : KAVICHS (36 bytes)
C:\WINDOWS\SoftwareDistribution\Download\93c97e05e2ff2e87aa2b3a93580dfdd5\backup\sp2gdr\msjint40.dll : KAVICHS (36 bytes)
C:\WINDOWS\SoftwareDistribution\Download\93c97e05e2ff2e87aa2b3a93580dfdd5\backup\sp2gdr\msjter40.dll : KAVICHS (36 bytes)
C:\WINDOWS\SoftwareDistribution\Download\93c97e05e2ff2e87aa2b3a93580dfdd5\backup\sp2gdr\msjtes40.dll : KAVICHS (68 bytes)
C:\WINDOWS\SoftwareDistribution\Download\93c97e05e2ff2e87aa2b3a93580dfdd5\backup\sp2gdr\mswstr10.dll : KAVICHS (36 bytes)
C:\WINDOWS\SoftwareDistribution\Download\93c97e05e2ff2e87aa2b3a93580dfdd5\backup\sp2qfe\msjet40.dll : KAVICHS (36 bytes)
C:\WINDOWS\SoftwareDistribution\Download\93c97e05e2ff2e87aa2b3a93580dfdd5\backup\sp2qfe\msjint40.dll : KAVICHS (36 bytes)
C:\WINDOWS\SoftwareDistribution\Download\93c97e05e2ff2e87aa2b3a93580dfdd5\backup\sp2qfe\msjter40.dll : KAVICHS (36 bytes)
C:\WINDOWS\SoftwareDistribution\Download\93c97e05e2ff2e87aa2b3a93580dfdd5\backup\sp2qfe\msjtes40.dll : KAVICHS (68 bytes)
C:\WINDOWS\SoftwareDistribution\Download\93c97e05e2ff2e87aa2b3a93580dfdd5\backup\sp2qfe\mswstr10.dll : KAVICHS (36 bytes)
C:\WINDOWS\SoftwareDistribution\EventCache\{B03485FF-4919-4770-8427-70E8C382DC39}.bin : KAVICHS (36 bytes)
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log : KAVICHS (36 bytes)
C:\WINDOWS\SOUNDMAN.EXE : KAVICHS (36 bytes)
C:\WINDOWS\SWWATER.INI : KAVICHS (36 bytes)
C:\WINDOWS\system\BPEnhan.dll : KAVICHS (36 bytes)
C:\WINDOWS\system\crlds3d.dll : KAVICHS (36 bytes)
C:\WINDOWS\system32\$winnt$.inf : KAVICHS (36 bytes)
C:\WINDOWS\system32\A32usd.dll : KAVICHS (68 bytes)
C:\WINDOWS\system32\AcSignIcon.dll : KAVICHS (68 bytes)
C:\WINDOWS\system32\atl71.dll : KAVICHS (36 bytes)
C:\WINDOWS\system32\avicap32.dll : KAVICHS (36 bytes)
C:\WINDOWS\system32\bootvid.dll : KAVICHS (36 bytes)
C:\WINDOWS\system32\Comdlg32.ocx : KAVICHS (68 bytes)
C:\WINDOWS\system32\comm.drv : KAVICHS (36 bytes)
C:\WINDOWS\system32\config\AppEvent.Evt : KAVICHS (36 bytes)
C:\WINDOWS\system32\config\ODiag.evt : KAVICHS (68 bytes)
C:\WINDOWS\system32\config\OSession.evt : KAVICHS (36 bytes)
C:\WINDOWS\system32\config\SecEvent.Evt : KAVICHS (68 bytes)
C:\WINDOWS\system32\config\SysEvent.Evt : KAVICHS (36 bytes)
C:\WINDOWS\system32\config\systemprofile\Menu Avvio\Programmi\Esecuzione automatica\desktop.ini : KAVICHS (36 bytes)
C:\WINDOWS\system32\ctype.nls : KAVICHS (36 bytes)
C:\WINDOWS\system32\c_1250.nls : KAVICHS (36 bytes)
C:\WINDOWS\system32\c_1251.nls : KAVICHS (36 bytes)
C:\WINDOWS\system32\c_1253.nls : KAVICHS (36 bytes)
C:\WINDOWS\system32\c_28591.nls : KAVICHS (36 bytes)
C:\WINDOWS\system32\d3dx9_30.dll : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\a310.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\a311.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\A32fw.usb : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\ALCXWDM.SYS : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\audstub.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\beep.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\blueletaudio.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\BlueletSCOAudio.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\btcusb.sys : KAVICHS (68 bytes)
C:\WINDOWS\system32\drivers\BTHidMgr.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\btnetdrv.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\CDAC11BA.EXE : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\CDAC15BA.SYS : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\cdaudio.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\CPWNT.SYS : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\dmload.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\dxapi.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\dxgthk.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\etc\hosts : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\eusk2par.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\fs_rec.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\ftdisk.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\gt681x.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\ialmkchw.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\ialmsbw.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\ipfltdrv.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\MASPINT.SYS : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\mnmdd.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\MODEMCSA.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\mouhid.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\mtlmnt5.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\mtlstrm.sys : KAVICHS (68 bytes)
C:\WINDOWS\system32\drivers\ntmtlfax.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\null.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\nwlnkflt.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\nwlnkfwd.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\parvdm.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\pciide.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\pfc.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\ptilink.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\R8139n51.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\rasacd.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\raspti.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\rdpcdd.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\recagent.sys : KAVICHS (68 bytes)
C:\WINDOWS\system32\drivers\rootmdm.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\sentinel.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\sermouse.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\serscan.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\slntamr.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\slnthal.sys : KAVICHS (68 bytes)
C:\WINDOWS\system32\drivers\slwdmsup.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\sonypvs1.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\usbd.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\vbtenum.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\VComm.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\VcommMgr.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\wceusbsh.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\drivers\wmilib.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\drwtsn32.exe : KAVICHS (36 bytes)
C:\WINDOWS\system32\ega.cpi : KAVICHS (36 bytes)
C:\WINDOWS\system32\FNTCACHE.DAT : KAVICHS (36 bytes)
C:\WINDOWS\system32\fxsroute.dll : KAVICHS (36 bytes)
C:\WINDOWS\system32\geo.nls : KAVICHS (36 bytes)
C:\WINDOWS\system32\icmui.dll : KAVICHS (36 bytes)
C:\WINDOWS\system32\ir32_32.dll : KAVICHS (36 bytes)
C:\WINDOWS\system32\Ir50_32.DLL : KAVICHS (36 bytes)
C:\WINDOWS\system32\javasup.vxd : KAVICHS (36 bytes)
C:\WINDOWS\system32\kbdit.dll : KAVICHS (36 bytes)
C:\WINDOWS\system32\kbdus.dll : KAVICHS (36 bytes)
C:\WINDOWS\system32\keyboard.drv : KAVICHS (36 bytes)
C:\WINDOWS\system32\LCodcCMP.dll : KAVICHS (36 bytes)
C:\WINDOWS\system32\lz32.dll : KAVICHS (36 bytes)
C:\WINDOWS\system32\l_intl.nls : KAVICHS (36 bytes)
C:\WINDOWS\system32\mapi32.dll : KAVICHS (36 bytes)
C:\WINDOWS\system32\mfc42loc.dll : KAVICHS (36 bytes)
C:\WINDOWS\system32\MFC71.dll : KAVICHS (36 bytes)
C:\WINDOWS\system32\MFC71ITA.DLL : KAVICHS (36 bytes)
C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\9ee79d7b-2775-4685-ae70-e4f7fac7a4f6 : KAVICHS (36 bytes)
C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\Preferred : KAVICHS (36 bytes)
C:\WINDOWS\system32\mlang.dat : KAVICHS (36 bytes)
C:\WINDOWS\system32\mmdrv.dll : KAVICHS (36 bytes)
C:\WINDOWS\system32\mmsystem.dll : KAVICHS (36 bytes)
C:\WINDOWS\system32\mouse.drv : KAVICHS (36 bytes)
C:\WINDOWS\system32\mprui.dll : KAVICHS (68 bytes)
C:\WINDOWS\system32\msacm32.drv : KAVICHS (68 bytes)
C:\WINDOWS\system32\Mscc2it.dll : KAVICHS (68 bytes)
C:\WINDOWS\system32\mscomct2.ocx : KAVICHS (36 bytes)
C:\WINDOWS\system32\mscomctl.ocx : KAVICHS (36 bytes)
C:\WINDOWS\system32\msg711.acm : KAVICHS (68 bytes)
C:\WINDOWS\system32\msg723.acm : KAVICHS (68 bytes)
C:\WINDOWS\system32\msgsm32.acm : KAVICHS (68 bytes)
C:\WINDOWS\system32\msls31.dll : KAVICHS (68 bytes)
C:\WINDOWS\system32\MsPMSPSv.exe : KAVICHS (68 bytes)
C:\WINDOWS\system32\msratelc.dll : KAVICHS (36 bytes)
C:\WINDOWS\system32\MSVCP71.dll : KAVICHS (68 bytes)
C:\WINDOWS\system32\MSVCR71.dll : KAVICHS (68 bytes)
C:\WINDOWS\system32\msvidc32.dll : KAVICHS (36 bytes)
C:\WINDOWS\system32\msxml3r.dll : KAVICHS (68 bytes)
C:\WINDOWS\system32\NeroCheck.exe : KAVICHS (36 bytes)
C:\WINDOWS\system32\netevent.dll : KAVICHS (36 bytes)
C:\WINDOWS\system32\netmsg.dll : KAVICHS (68 bytes)
C:\WINDOWS\system32\netui2.dll : KAVICHS (68 bytes)
C:\WINDOWS\system32\OEMINFO.INI : KAVICHS (36 bytes)
C:\WINDOWS\system32\OEMLOGO.BMP : KAVICHS (36 bytes)
C:\WINDOWS\system32\oleacc.dll : KAVICHS (100 bytes)
C:\WINDOWS\system32\oleaccrc.dll : KAVICHS (36 bytes)
C:\WINDOWS\system32\olesvr32.dll : KAVICHS (36 bytes)
C:\WINDOWS\system32\olethk32.dll : KAVICHS (36 bytes)
C:\WINDOWS\system32\PMObserv.exe : KAVICHS (68 bytes)
C:\WINDOWS\system32\pncrt.dll : KAVICHS (36 bytes)
C:\WINDOWS\system32\rc4mon.dll : KAVICHS (68 bytes)
C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\i386\bthpan.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\i386\intelppm.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\i386\BthEnum.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\i386\irprops.cpl : KAVICHS (36 bytes)
C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\i386\rfcomm.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\i386\wshBth.dll : KAVICHS (36 bytes)
C:\WINDOWS\system32\ReinstallBackups\0013\DriverFiles\i386\intelppm.sys : KAVICHS (36 bytes)
C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\hccutils.dll : KAVICHS (68 bytes)
C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\hkcmd.exe : KAVICHS (68 bytes)
C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\ialmdd5.dll : KAVICHS (36 bytes)
C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\ialmdev5.dll : KAVICHS (36 bytes)
C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\ialmdnt5.dll : KAVICHS (36 bytes)
C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\ialmrnt5.dll : KAVICHS (68 bytes)
C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\igfxdev.dll : KAVICHS (68 bytes)
C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\igfxpph.dll : KAVICHS (36 bytes)
C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\igfxress.dll : KAVICHS (68 bytes)
C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\igfxsrvc.dll : KAVICHS (68 bytes)
C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\igfxtray.exe : KAVICHS (68 bytes)
C:\WINDOWS\system32\riched32.dll : KAVICHS (36 bytes)
C:\WINDOWS\system32\rpmjobs.dll : KAVICHS (36 bytes)
C:\WINDOWS\system32\rpmsend.dll : KAVICHS (36 bytes)
C:\WINDOWS\system32\rpnv2it.dll : KAVICHS (68 bytes)
C:\WINDOWS\system32\rpnv2mon.dll : KAVICHS (36 bytes)
C:\WINDOWS\system32\rpnvwait.avi : KAVICHS (36 bytes)
C:\WINDOWS\system32\rsvp.exe : KAVICHS (36 bytes)
C:\WINDOWS\system32\rtcpf.dll : KAVICHS (36 bytes)
C:\WINDOWS\system32\R_DK_PCLXL_600_11.csv : KAVICHS (36 bytes)
C:\WINDOWS\system32\serwvdrv.dll : KAVICHS (68 bytes)
C:\WINDOWS\system32\slextspk.dll : KAVICHS (36 bytes)
C:\WINDOWS\system32\SLGen.dll : KAVICHS (36 bytes)
C:\WINDOWS\system32\SLLights.dll : KAVICHS (68 bytes)
C:\WINDOWS\system32\slserv.exe : KAVICHS (68 bytes)
C:\WINDOWS\system32\softpub.dll : KAVICHS (36 bytes)
C:\WINDOWS\system32\sortkey.nls : KAVICHS (36 bytes)
C:\WINDOWS\system32\sound.drv : KAVICHS (36 bytes)
C:\WINDOWS\system32\spool\drivers\color\sRGB Color Space Profile.icm : KAVICHS (68 bytes)
C:\WINDOWS\system32\spool\drivers\w32x86\3\INF630C.DLL : KAVICHS (36 bytes)
C:\WINDOWS\system32\spool\drivers\w32x86\3\INF630J.DLL : KAVICHS (36 bytes)
C:\WINDOWS\system32\spool\drivers\w32x86\3\INF630K.DLL : KAVICHS (36 bytes)
C:\WINDOWS\system32\spool\drivers\w32x86\3\INF630L.DLL : KAVICHS (36 bytes)
C:\WINDOWS\system32\spool\drivers\w32x86\3\INF630P.DLL : KAVICHS (36 bytes)
C:\WINDOWS\system32\spool\drivers\w32x86\3\INF630S.DLL : KAVICHS (36 bytes)
C:\WINDOWS\system32\spool\drivers\w32x86\3\INF630U.DLL : KAVICHS (36 bytes)
C:\WINDOWS\system32\spool\drivers\w32x86\3\INF630WK.DLL : KAVICHS (36 bytes)
C:\WINDOWS\system32\spool\drivers\w32x86\3\INF630WU.DLL : KAVICHS (36 bytes)
C:\WINDOWS\system32\spool\drivers\w32x86\3\INF630X.DLL : KAVICHS (36 bytes)
C:\WINDOWS\system32\spool\drivers\w32x86\3\INF630ZK.DLL : KAVICHS (36 bytes)
C:\WINDOWS\system32\spool\drivers\w32x86\3\INF630ZU.DLL : KAVICHS (36 bytes)
C:\WINDOWS\system32\spool\drivers\w32x86\3\TRACKID.DLL : KAVICHS (36 bytes)
C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll : KAVICHS (68 bytes)
C:\WINDOWS\system32\system.drv : KAVICHS (36 bytes)
C:\WINDOWS\system32\TABCTL32.OCX : KAVICHS (36 bytes)
C:\WINDOWS\system32\timer.drv : KAVICHS (36 bytes)
C:\WINDOWS\system32\tsbyuv.dll : KAVICHS (36 bytes)
C:\WINDOWS\system32\tsccvid.dll : KAVICHS (36 bytes)
C:\WINDOWS\system32\tsd32.dll : KAVICHS (36 bytes)
C:\WINDOWS\system32\tssoft32.acm : KAVICHS (68 bytes)
C:\WINDOWS\system32\umdmxfrm.dll : KAVICHS (68 bytes)
C:\WINDOWS\system32\unicode.nls : KAVICHS (36 bytes)
C:\WINDOWS\system32\vb6it.dll : KAVICHS (36 bytes)
C:\WINDOWS\system32\vga.dll : KAVICHS (68 bytes)
C:\WINDOWS\system32\vga.drv : KAVICHS (36 bytes)
C:\WINDOWS\system32\wbem\Repository\$WinMgmt.CFG : KAVICHS (68 bytes)
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR : KAVICHS (36 bytes)
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP : KAVICHS (36 bytes)
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP : KAVICHS (36 bytes)
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP : KAVICHS (36 bytes)
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA : KAVICHS (36 bytes)
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP : KAVICHS (36 bytes)
C:\WINDOWS\system32\wfwnet.drv : KAVICHS (36 bytes)
C:\WINDOWS\system32\WgaLogon.dll : KAVICHS (68 bytes)
C:\WINDOWS\system32\wndtc32.dll : KAVICHS (36 bytes)
C:\WINDOWS\system32\wpa.dbl : KAVICHS (36 bytes)
C:\WINDOWS\system32\wshit.dll : KAVICHS (68 bytes)
C:\WINDOWS\twain_32\L3U16\mtwm.ini : KAVICHS (36 bytes)
C:\WINDOWS\twain_32\L3U16\Scanobj.dll : KAVICHS (36 bytes)
C:\WINDOWS\twain_32\L3U16\Scanobj.ds : KAVICHS (36 bytes)
C:\WINDOWS\twain_32\mfsc_a4s\maspi_sp.dll : KAVICHS (36 bytes)
C:\WINDOWS\twain_32\mfsc_a4s\mfsc_a4s.ds : KAVICHS (36 bytes)
C:\WINDOWS\twain_32\Ricoh_V3\NeoRC2E\rtwain32.ds : KAVICHS (36 bytes)
C:\WINDOWS\twain_32\Ricoh_V3\NeoRC2E\scset.ini : KAVICHS (36 bytes)
C:\WINDOWS\twain_32\wiatwain.ds : KAVICHS (36 bytes)
C:\WINDOWS\twunk_16.exe : KAVICHS (36 bytes)
C:\WINDOWS\TWUNK_16.old : KAVICHS (36 bytes)
C:\WINDOWS\win.ini : KAVICHS (68 bytes)
C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474.manifest : KAVICHS (36 bytes)
C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700.manifest : KAVICHS (36 bytes)
C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303.manifest : KAVICHS (68 bytes)
C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05.manifest : KAVICHS (68 bytes)
C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6c18549a.manifest : KAVICHS (36 bytes)
C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9.cat : KAVICHS (36 bytes)
C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9.Manifest : KAVICHS (36 bytes)
C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82.cat : KAVICHS (36 bytes)
C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82.Manifest : KAVICHS (100 bytes)
C:\WINDOWS\WinSxS\Policies\x86_policy.1.0.Microsoft.Windows.GdiPlus_6595b64144ccf1df_x-ww_4e8510ac\1.0.2600.2180.Policy : KAVICHS (68 bytes)
C:\WINDOWS\WinSxS\Policies\x86_policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_x-ww_5ddad775\6.0.2600.2180.Policy : KAVICHS (36 bytes)
C:\WINDOWS\WinSxS\Policies\x86_policy.8.0.Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_x-ww_5f0bbcff\8.0.50727.762.policy : KAVICHS (36 bytes)
C:\WINDOWS\WinSxS\Policies\x86_policy.8.0.Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_x-ww_77c24773\8.0.50727.762.policy : KAVICHS (36 bytes)
C:\WINDOWS\WinSxS\Policies\x86_policy.8.0.Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_x-ww_caeee150\8.0.50727.762.policy : KAVICHS (68 bytes)
C:\WINDOWS\WinSxS\Policies\x86_policy.8.0.Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_x-ww_0f75c32e\8.0.50727.762.policy : KAVICHS (68 bytes)
C:\WINDOWS\WinSxS\Policies\x86_policy.8.0.Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_x-ww_7d81c9f9\8.0.50727.762.policy : KAVICHS (36 bytes)
C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll : KAVICHS (36 bytes)
C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcm80.dll : KAVICHS (36 bytes)
C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll : KAVICHS (68 bytes)
C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll : KAVICHS (68 bytes)
C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll : KAVICHS (36 bytes)
C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll : KAVICHS (36 bytes)
C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll : KAVICHS (36 bytes)
C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll : KAVICHS (36 bytes)
C:\WINDOWS\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6c18549a\vcomp.dll : KAVICHS (36 bytes)
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll : KAVICHS (100 bytes)
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\GdiPlus.dll : KAVICHS (100 bytes)



poi un'altra cosa!!!! da quando ho fatto le operazioni che mi hai indicato, quando riavvio il PC, questo mi funziona alla perfezione......solo che sulla barra delle applicazioni in basso, quando ci passo col mouse mi compare la clessidra e non mi funzionano i comandi.....finisce di caricare solo dopo un buon quarto d'ora.............!!!

Grazie ancora della disponibilità.....:-))

P.S. la prossima volta sarò più attento nel postare le mie richieste
Torna in alto
 
r16
Inviato: Friday, March 13, 2009 7:00:17 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,017
Ciao
Sicuro di avere tolto la spunta alla voce Quick scan (windows base folder only) ?
Comunque non ci sono ADS, lascia tutto com'è, e procedi.
Torna in alto
 
cavalieredaniele
Inviato: Friday, March 13, 2009 7:07:07 PM
Rank: Newbie

Iscritto dal : 3/12/2009
Posts: 0
si l'ho tolta sicuro....!!! Quindi procedo non cancellando.......grazie!!!
Torna in alto
 
cavalieredaniele
Inviato: Friday, March 13, 2009 7:22:59 PM
Rank: Newbie

Iscritto dal : 3/12/2009
Posts: 0
ComboFix 09-03-10.03 - Alessandro 2009-03-13 19.15.38.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1040.18.1247.687 [GMT 1:00]
Eseguito da: c:\documents and settings\Alessandro\Desktop\ComboFix.exe
Opzioni usate :: c:\documents and settings\Alessandro\Desktop\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)
* Creato nuovo punto di ripristino

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!

FILE ::
c:\windows\Tasks\AAC9A770916A583C.job
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\Tasks\AAC9A770916A583C.job

.
((((((((((((((((((((((((( Files Creati Da 2009-02-13 al 2009-03-13 )))))))))))))))))))))))))))))))))))
.

2009-03-12 18:26 . 2009-03-12 18:26 <DIR> d-------- c:\documents and settings\Alessandro\Dati applicazioni\Malwarebytes
2009-03-12 18:26 . 2009-02-11 10:19 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-03-12 18:26 . 2009-02-11 10:19 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-03-12 18:25 . 2009-03-12 18:26 <DIR> d-------- c:\programmi\Malwarebytes' Anti-Malware
2009-03-12 18:25 . 2009-03-12 18:25 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2009-03-12 11:36 . 2009-03-12 11:36 <DIR> d-------- c:\programmi\CCleaner
2009-03-11 09:50 . 2009-03-11 10:09 <DIR> d-------- c:\programmi\Eusing Free Registry Cleaner
2009-03-10 19:06 . 2009-03-10 19:06 <DIR> d-------- c:\programmi\Trend Micro
2009-03-10 12:05 . 2009-03-10 12:05 <DIR> d-------- c:\programmi\LuckyTender
2009-03-07 12:40 . 2009-03-07 12:40 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\MANAGER FLAW EXIT JUMP
2009-03-07 12:35 . 2009-03-07 12:42 <DIR> d-------- c:\documents and settings\Alessandro\Dati applicazioni\Objmfcd
2009-03-07 10:25 . 2009-03-07 10:25 25 --a------ c:\windows\WebEasy.INI
2009-03-07 10:03 . 2009-03-07 10:24 <DIR> d-------- c:\documents and settings\Alessandro\Dati applicazioni\Avanquest
2009-03-07 09:53 . 2009-03-07 09:53 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Avanquest
2009-03-07 09:10 . 2009-03-10 18:39 <DIR> d-------- C:\Downloads
2009-03-07 09:09 . 2009-03-12 18:19 <DIR> d-------- c:\programmi\BitComet
2009-03-04 16:16 . 2009-03-04 16:16 <DIR> d-------- c:\programmi\Voobys
2009-02-26 17:07 . 2005-09-20 10:36 151,552 --a------ c:\windows\system32\igfxres.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-13 11:13 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\avg8
2009-03-13 07:59 --------- d-----w c:\programmi\Lavasoft
2009-03-13 07:59 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\Lavasoft
2009-03-11 07:55 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\Microsoft Help
2009-03-10 08:49 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\Google Updater
2009-03-07 08:55 --------- d--h--w c:\programmi\InstallShield Installation Information
2009-03-04 17:06 --------- d-----w c:\programmi\Docfa30
2009-03-04 17:04 --------- d-----w c:\programmi\Docfa307
2009-03-04 17:02 --------- d-----w c:\programmi\Docfa305
2009-03-04 15:18 --------- d-----w c:\programmi\3GP Player
2009-03-02 09:02 --------- d--h--w c:\programmi\eMule
2009-02-26 14:50 --------- d-----w c:\programmi\Microsoft Silverlight
2009-02-25 18:35 --------- d-----w c:\programmi\Windows Live
2009-02-25 18:35 --------- d-----w c:\programmi\Microsoft
2009-02-10 10:05 --------- d-----w c:\programmi\Windows Live SkyDrive
2009-02-10 09:20 --------- d-----w c:\programmi\File comuni\Windows Live
2009-02-10 08:51 --------- d-----w c:\programmi\Google
2009-02-09 14:04 1,846,784 ----a-w c:\windows\system32\win32k.sys
2009-02-06 17:52 49,504 ----a-w c:\windows\system32\sirenacm.dll
2009-02-04 16:33 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\MailFrontier
2009-02-03 17:04 325,128 ----a-w c:\windows\system32\drivers\avgldx86.sys
2009-02-03 17:04 107,272 ----a-w c:\windows\system32\drivers\avgtdix.sys
2009-02-03 17:04 10,520 ----a-w c:\windows\system32\avgrsstx.dll
2009-01-29 10:27 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\MyHeritage
2009-01-29 10:18 --------- d-----w c:\documents and settings\Alessandro\Dati applicazioni\MyHeritage
2009-01-27 16:31 --------- d-----w c:\programmi\Defraggler
2009-01-23 16:05 --------- d-----w c:\programmi\File comuni\Wise Installation Wizard
2008-12-18 09:13 47,360 ----a-w c:\documents and settings\Alessandro\Dati applicazioni\pcouffin.sys
2008-12-10 11:10 0 ---h--w c:\documents and settings\All Users\Dati applicazioni\PKP_DLdu.DAT
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-10-09 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Gtwatch"="c:\windows\gtwatch.exe" [2001-08-24 45056]
"JobHisInit"="c:\programmi\RMClient\JobHisInit.exe" [2001-04-06 135168]
"MplSetUp"="c:\programmi\RMClient\MplSetUp.exe" [2000-11-04 40960]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"GrooveMonitor"="c:\programmi\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"Synchronization Manager"="c:\windows\system32\mobsync.exe" [2008-04-13 143872]
"Promemoria"="c:\programmi\NEXT AGENDA 2\Promemoria.exe" [2004-06-29 73728]
"Allarmi"="c:\programmi\NEXT AGENDA 2\Allarmi.exe" [2004-06-20 110592]
"TkBellExe"="c:\programmi\File comuni\Real\Update_OB\realsched.exe" [2008-06-03 180269]
"Acrobat Assistant 7.0"="c:\programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2008-04-23 483328]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-02-03 1601304]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-09-20 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-20 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688]
"SoundMan"="SOUNDMAN.EXE" [2003-03-27 c:\windows\SOUNDMAN.EXE]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-13 c:\windows\system32\bthprops.cpl]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-13 15360]

c:\documents and settings\Alessandro\Menu Avvio\Programmi\Esecuzione automatica\
Adobe Gamma.lnk - c:\programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe [2004-10-29 110592]
NEXT AGENDA 2.lnk - c:\programmi\NEXT AGENDA 2\NextAgenda.exe [2007-01-26 4259840]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Avvio veloce di Adobe Acrobat.lnk - c:\windows\Installer\{AC76BA86-1034-4700-7760-000000000002}\SC_Acrobat.exe [2008-07-28 25214]
Avvio veloce di Adobe Reader.lnk - c:\programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-02-03 18:04 10520 c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.I420"= i420vfw.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^BlueSoleil.lnk]
backup=c:\windows\pss\BlueSoleil.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Programmi\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Programmi\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\WINDOWS\\system32\\fxsclnt.exe"=
"c:\\Programmi\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Programmi\\Packard Bell NetStore\\NetStore.exe"=
"c:\\Programmi\\Messenger\\msmsgs.exe"=
"c:\\Programmi\\xerox\\nwwia\\XrxFTPLt.exe"=
"c:\\Programmi\\Bonjour\\mDNSResponder.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\eMule\\emule.exe"=
"c:\\Programmi\\AVG\\AVG8\\avgemc.exe"=
"c:\\Programmi\\AVG\\AVG8\\avgupd.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\BitComet\\BitComet.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"8345:TCP"= 8345:TCP:BitComet 8345 TCP
"8345:UDP"= 8345:UDP:BitComet 8345 UDP

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-01-31 325128]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-01-31 107272]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-01-31 903960]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-01-31 298264]
R2 cpwnt;cpwnt;c:\windows\system32\drivers\CPWNT.SYS [2004-10-29 21824]
R2 DdsSched;Dds Scheduler Deamon;c:\programmi\RDS\DdsSchedNT.exe [2008-03-19 36864]
R2 eusk2par;EUTRON SmartKey Parallel Driver;c:\windows\system32\drivers\eusk2par.sys [2008-05-23 16695]
R2 RsiSvc;Ridoc Server Information Service;c:\programmi\RDS\RsiSvc.exe [2008-03-19 65536]
R2 ScanRouterDriverV2;ScanRouterDriverV2;c:\programmi\RDS\SrScanDr.exe [2008-03-19 188416]
R3 PMObserv;PMObserv;c:\windows\system32\PMObserv.exe [2004-10-29 135168]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S2 CPUSB;CPUsb.Sys driver;c:\windows\system32\drivers\CPUSB.sys [2003-09-02 17080]
S2 gupdate1c98b59b7df8880;Google Update Service (gupdate1c98b59b7df8880);c:\programmi\Google\Update\GoogleUpdate.exe [2009-02-10 133104]
S2 LxrSII1d;Secure II Driver;\??\c:\windows\system32\Drivers\LxrSII1d.sys --> c:\windows\system32\Drivers\LxrSII1d.sys [?]
S2 SOption;SOption;c:\programmi\RDS\SOption.exe [2008-03-19 98304]
S3 {5C8B2B62-A385-11d5-A78B-00104B672758};AIM 3.0 Part 01 Codec Driver CH-7017-A;c:\windows\system32\drivers\a311.sys [2004-06-04 33335]
S3 {5C8B2B65-A385-11d5-A78B-00104B672758};AIM 3.0 Part 01 Codec Driver CH-7017-B;c:\windows\system32\drivers\a310.sys [2004-06-04 33335]
S3 GT681x;%GrandTechICNameNT%;c:\windows\system32\drivers\gt681x.sys [2004-10-29 18120]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1017a9d0-891f-11dc-b60b-0090f516dc13}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Knight.exe open

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4d1f65e2-dbc3-11dc-b6c5-0018e408e415}]
\Shell\AutoRun\command - .\run\autorun.exe
\Shell\open\Command - .\run\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b9b10f6e-d619-11dc-b6b3-0018e408e415}]
\Shell\AutoRun\command - EXPLORER.EXE
\Shell\explore\Command - EXPLORER.EXE
\Shell\open\Command - EXPLORER.EXE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e9b58e9c-db4d-11dd-b36b-0018e408e415}]
\Shell\AutoRun\command - xih9.cmd
\Shell\explore\Command - xih9.cmd
\Shell\open\Command - xih9.cmd
.
Contenuto della cartella 'Scheduled Tasks'

2009-03-10 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\programmi\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe []

2009-03-13 c:\windows\Tasks\Google Software Updater.job
- c:\programmi\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-30 15:48]

2009-03-13 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2009-02-10 09:29]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/webhp?rls=ig
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Converti destinazione link in Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Converti destinazione link in file PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Converti i link selezionati in Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Converti i link selezionati in file PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Converti in Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Converti nel file PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Converti selezione in Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Converti selezione in file PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Scarica tutti i video usando BitComet - c:\programmi\BitComet\BitComet.exe/AddVideo.htm
IE: Scarica tutto usando BitComet - c:\programmi\BitComet\BitComet.exe/AddAllLink.htm
IE: Scarica usando &BitComet - c:\programmi\BitComet\BitComet.exe/AddLink.htm
TCP: {3C9B2E06-A8A3-43B9-9116-31469E59BFEE} = 212.216.112.222,212.216.172.162
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-13 19:17:03
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
Ora fine scansione: 2009-03-13 19.18.53
ComboFix-quarantined-files.txt 2009-03-13 18:18:33
ComboFix2.txt 2009-03-13 11:21:37

Pre-Run: 29 056 675 840 byte disponibili
Post-Run: 29,045,891,072 byte disponibili

209 --- E O F --- 2009-03-11 18:44:31
Torna in alto
 
r16
Inviato: Friday, March 13, 2009 8:14:31 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,017
Ciao cavalieredaniele .
L'eliminazione , è avvenuta parzialmente.

Apri un file di testo sul Desktop (start\esegui\digita: notepad.exe\ Ok
Ci incolli il codice che vedi qui sotto, e salvi il file di testo obbligatoriamente con il nome CFScript.txt

Registry::
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1017a9d0-891f-11dc-b60b-0090f516dc13}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4d1f65e2-dbc3-11dc-b6c5-0018e408e415}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b9b10f6e-d619-11dc-b6b3-0018e408e415}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e9b58e9c-db4d-11dd-b36b-0018e408e415}]

e trascinalo sull'icona di ComboFix.
Attendi la fine dei lavori, senza toccare tastiera, mouse o altro.
Posta il log aggiornato di combofix
Torna in alto
 
cavalieredaniele
Inviato: Saturday, March 14, 2009 8:39:23 AM
Rank: Newbie

Iscritto dal : 3/12/2009
Posts: 0
Ciao r16, eco il nuovo log di Combo fix



ComboFix 09-03-10.03 - Alessandro 2009-03-14 8.29.00.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1040.18.1247.731 [GMT 1:00]
Eseguito da: c:\documents and settings\Alessandro\Desktop\ComboFix.exe
Opzioni usate :: c:\documents and settings\Alessandro\Desktop\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)
* Creato nuovo punto di ripristino

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.

((((((((((((((((((((((((( Files Creati Da 2009-02-14 al 2009-03-14 )))))))))))))))))))))))))))))))))))
.

2009-03-12 18:26 . 2009-03-12 18:26 <DIR> d-------- c:\documents and settings\Alessandro\Dati applicazioni\Malwarebytes
2009-03-12 18:26 . 2009-02-11 10:19 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-03-12 18:26 . 2009-02-11 10:19 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-03-12 18:25 . 2009-03-12 18:26 <DIR> d-------- c:\programmi\Malwarebytes' Anti-Malware
2009-03-12 18:25 . 2009-03-12 18:25 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2009-03-12 11:36 . 2009-03-12 11:36 <DIR> d-------- c:\programmi\CCleaner
2009-03-11 09:50 . 2009-03-11 10:09 <DIR> d-------- c:\programmi\Eusing Free Registry Cleaner
2009-03-10 19:06 . 2009-03-10 19:06 <DIR> d-------- c:\programmi\Trend Micro
2009-03-10 12:05 . 2009-03-10 12:05 <DIR> d-------- c:\programmi\LuckyTender
2009-03-07 12:40 . 2009-03-07 12:40 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\MANAGER FLAW EXIT JUMP
2009-03-07 12:35 . 2009-03-07 12:42 <DIR> d-------- c:\documents and settings\Alessandro\Dati applicazioni\Objmfcd
2009-03-07 10:25 . 2009-03-07 10:25 25 --a------ c:\windows\WebEasy.INI
2009-03-07 10:03 . 2009-03-07 10:24 <DIR> d-------- c:\documents and settings\Alessandro\Dati applicazioni\Avanquest
2009-03-07 09:53 . 2009-03-07 09:53 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Avanquest
2009-03-07 09:10 . 2009-03-10 18:39 <DIR> d-------- C:\Downloads
2009-03-07 09:09 . 2009-03-12 18:19 <DIR> d-------- c:\programmi\BitComet
2009-03-04 16:16 . 2009-03-04 16:16 <DIR> d-------- c:\programmi\Voobys
2009-02-26 17:07 . 2005-09-20 10:36 151,552 --a------ c:\windows\system32\igfxres.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-13 11:13 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\avg8
2009-03-13 07:59 --------- d-----w c:\programmi\Lavasoft
2009-03-13 07:59 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\Lavasoft
2009-03-11 07:55 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\Microsoft Help
2009-03-10 08:49 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\Google Updater
2009-03-07 08:55 --------- d--h--w c:\programmi\InstallShield Installation Information
2009-03-04 17:06 --------- d-----w c:\programmi\Docfa30
2009-03-04 17:04 --------- d-----w c:\programmi\Docfa307
2009-03-04 17:02 --------- d-----w c:\programmi\Docfa305
2009-03-04 15:18 --------- d-----w c:\programmi\3GP Player
2009-03-02 09:02 --------- d--h--w c:\programmi\eMule
2009-02-26 14:50 --------- d-----w c:\programmi\Microsoft Silverlight
2009-02-25 18:35 --------- d-----w c:\programmi\Windows Live
2009-02-25 18:35 --------- d-----w c:\programmi\Microsoft
2009-02-10 10:05 --------- d-----w c:\programmi\Windows Live SkyDrive
2009-02-10 09:20 --------- d-----w c:\programmi\File comuni\Windows Live
2009-02-10 08:51 --------- d-----w c:\programmi\Google
2009-02-09 14:04 1,846,784 ----a-w c:\windows\system32\win32k.sys
2009-02-06 17:52 49,504 ----a-w c:\windows\system32\sirenacm.dll
2009-02-04 16:33 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\MailFrontier
2009-02-03 17:04 325,128 ----a-w c:\windows\system32\drivers\avgldx86.sys
2009-02-03 17:04 107,272 ----a-w c:\windows\system32\drivers\avgtdix.sys
2009-02-03 17:04 10,520 ----a-w c:\windows\system32\avgrsstx.dll
2009-01-29 10:27 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\MyHeritage
2009-01-29 10:18 --------- d-----w c:\documents and settings\Alessandro\Dati applicazioni\MyHeritage
2009-01-27 16:31 --------- d-----w c:\programmi\Defraggler
2009-01-23 16:05 --------- d-----w c:\programmi\File comuni\Wise Installation Wizard
2008-12-18 09:13 47,360 ----a-w c:\documents and settings\Alessandro\Dati applicazioni\pcouffin.sys
2008-12-10 11:10 0 ---h--w c:\documents and settings\All Users\Dati applicazioni\PKP_DLdu.DAT
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-10-09 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Gtwatch"="c:\windows\gtwatch.exe" [2001-08-24 45056]
"JobHisInit"="c:\programmi\RMClient\JobHisInit.exe" [2001-04-06 135168]
"MplSetUp"="c:\programmi\RMClient\MplSetUp.exe" [2000-11-04 40960]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"GrooveMonitor"="c:\programmi\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"Synchronization Manager"="c:\windows\system32\mobsync.exe" [2008-04-13 143872]
"Promemoria"="c:\programmi\NEXT AGENDA 2\Promemoria.exe" [2004-06-29 73728]
"Allarmi"="c:\programmi\NEXT AGENDA 2\Allarmi.exe" [2004-06-20 110592]
"TkBellExe"="c:\programmi\File comuni\Real\Update_OB\realsched.exe" [2008-06-03 180269]
"Acrobat Assistant 7.0"="c:\programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2008-04-23 483328]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-02-03 1601304]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-09-20 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-20 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688]
"SoundMan"="SOUNDMAN.EXE" [2003-03-27 c:\windows\SOUNDMAN.EXE]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-13 c:\windows\system32\bthprops.cpl]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-13 15360]

c:\documents and settings\Alessandro\Menu Avvio\Programmi\Esecuzione automatica\
Adobe Gamma.lnk - c:\programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe [2004-10-29 110592]
NEXT AGENDA 2.lnk - c:\programmi\NEXT AGENDA 2\NextAgenda.exe [2007-01-26 4259840]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Avvio veloce di Adobe Acrobat.lnk - c:\windows\Installer\{AC76BA86-1034-4700-7760-000000000002}\SC_Acrobat.exe [2008-07-28 25214]
Avvio veloce di Adobe Reader.lnk - c:\programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-02-03 18:04 10520 c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.I420"= i420vfw.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^BlueSoleil.lnk]
backup=c:\windows\pss\BlueSoleil.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Programmi\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Programmi\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\WINDOWS\\system32\\fxsclnt.exe"=
"c:\\Programmi\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Programmi\\Packard Bell NetStore\\NetStore.exe"=
"c:\\Programmi\\Messenger\\msmsgs.exe"=
"c:\\Programmi\\xerox\\nwwia\\XrxFTPLt.exe"=
"c:\\Programmi\\Bonjour\\mDNSResponder.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\eMule\\emule.exe"=
"c:\\Programmi\\AVG\\AVG8\\avgemc.exe"=
"c:\\Programmi\\AVG\\AVG8\\avgupd.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\BitComet\\BitComet.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"8345:TCP"= 8345:TCP:BitComet 8345 TCP
"8345:UDP"= 8345:UDP:BitComet 8345 UDP

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-01-31 325128]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-01-31 107272]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-01-31 903960]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-01-31 298264]
R2 cpwnt;cpwnt;c:\windows\system32\drivers\CPWNT.SYS [2004-10-29 21824]
R2 DdsSched;Dds Scheduler Deamon;c:\programmi\RDS\DdsSchedNT.exe [2008-03-19 36864]
R2 eusk2par;EUTRON SmartKey Parallel Driver;c:\windows\system32\drivers\eusk2par.sys [2008-05-23 16695]
R2 RsiSvc;Ridoc Server Information Service;c:\programmi\RDS\RsiSvc.exe [2008-03-19 65536]
R2 ScanRouterDriverV2;ScanRouterDriverV2;c:\programmi\RDS\SrScanDr.exe [2008-03-19 188416]
R3 PMObserv;PMObserv;c:\windows\system32\PMObserv.exe [2004-10-29 135168]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S2 CPUSB;CPUsb.Sys driver;c:\windows\system32\drivers\CPUSB.sys [2003-09-02 17080]
S2 gupdate1c98b59b7df8880;Google Update Service (gupdate1c98b59b7df8880);c:\programmi\Google\Update\GoogleUpdate.exe [2009-02-10 133104]
S2 LxrSII1d;Secure II Driver;\??\c:\windows\system32\Drivers\LxrSII1d.sys --> c:\windows\system32\Drivers\LxrSII1d.sys [?]
S2 SOption;SOption;c:\programmi\RDS\SOption.exe [2008-03-19 98304]
S3 {5C8B2B62-A385-11d5-A78B-00104B672758};AIM 3.0 Part 01 Codec Driver CH-7017-A;c:\windows\system32\drivers\a311.sys [2004-06-04 33335]
S3 {5C8B2B65-A385-11d5-A78B-00104B672758};AIM 3.0 Part 01 Codec Driver CH-7017-B;c:\windows\system32\drivers\a310.sys [2004-06-04 33335]
S3 GT681x;%GrandTechICNameNT%;c:\windows\system32\drivers\gt681x.sys [2004-10-29 18120]
.
Contenuto della cartella 'Scheduled Tasks'

2009-03-10 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\programmi\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe []

2009-03-14 c:\windows\Tasks\Google Software Updater.job
- c:\programmi\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-30 15:48]

2009-03-14 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2009-02-10 09:29]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/webhp?rls=ig
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Converti destinazione link in Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Converti destinazione link in file PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Converti i link selezionati in Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Converti i link selezionati in file PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Converti in Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Converti nel file PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Converti selezione in Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Converti selezione in file PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Scarica tutti i video usando BitComet - c:\programmi\BitComet\BitComet.exe/AddVideo.htm
IE: Scarica tutto usando BitComet - c:\programmi\BitComet\BitComet.exe/AddAllLink.htm
IE: Scarica usando &BitComet - c:\programmi\BitComet\BitComet.exe/AddLink.htm
TCP: {3C9B2E06-A8A3-43B9-9116-31469E59BFEE} = 212.216.112.222,212.216.172.162
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-14 08:31:53
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
Ora fine scansione: 2009-03-14 8.33.33
ComboFix-quarantined-files.txt 2009-03-14 07:33:17
ComboFix2.txt 2009-03-13 18:18:55
ComboFix3.txt 2009-03-13 11:21:37

Pre-Run: 29 019 103 232 byte disponibili
Post-Run: 29,004,869,632 byte disponibili

191 --- E O F --- 2009-03-11 18:44:31
Torna in alto
 
r16
Inviato: Saturday, March 14, 2009 1:06:40 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,017
Ciao.
Bene.
Ho bisogno di un log di HijackThis .
Che problemi riscontri?
Torna in alto
 
cavalieredaniele
Inviato: Monday, March 16, 2009 9:05:19 AM
Rank: Newbie

Iscritto dal : 3/12/2009
Posts: 0
Ciao r16, le pagiene che mi si aprivano di continuo non si aprono più...!!!! Grazie Millle....!!!!!!!!!!

L'unica cosa è che da quando ho fatto queste operazioni, quando avvio il PC la barra delle applicazioni in basso finisce di caricare solo dopo un buon quarto d'ora e non mi da la possibilita di aprire le applicazioni........!!! Però dopo quel buon quarto d'ora il PC và alla perfezione......!!!! Grazie ancora per la pazienza.....:-)), ti mando il log che mi hai chiesto.....



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9.05.03, on 16/03/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Google\Update\GoogleUpdate.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programmi\RDS\RsiSvc.exe
C:\Programmi\RDS\srscandr.exe
C:\Programmi\File comuni\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Programmi\RDS\ddsschednt.exe
C:\Programmi\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\gtwatch.exe
C:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe
C:\Programmi\NEXT AGENDA 2\Promemoria.exe
C:\Programmi\NEXT AGENDA 2\Allarmi.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\PMObserv.exe
C:\Programmi\internet explorer\iexplore.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/webhp?rls=ig
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Programmi\BitComet\tools\BitCometBHO_1.3.1.15.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmi\AVG\AVG8\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programmi\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programmi\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programmi\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programmi\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Gtwatch] C:\WINDOWS\gtwatch.exe
O4 - HKLM\..\Run: [JobHisInit] C:\Programmi\RMClient\JobHisInit.exe
O4 - HKLM\..\Run: [MplSetUp] C:\Programmi\RMClient\MplSetUp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Promemoria] C:\Programmi\NEXT AGENDA 2\Promemoria.exe
O4 - HKLM\..\Run: [Allarmi] C:\Programmi\NEXT AGENDA 2\Allarmi.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: NEXT AGENDA 2.lnk = C:\Programmi\NEXT AGENDA 2\NextAgenda.exe
O4 - Global Startup: Avvio veloce di Adobe Acrobat.lnk = ?
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Converti destinazione link in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti destinazione link in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Converti i link selezionati in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Converti i link selezionati in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Converti in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti nel file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Converti selezione in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti selezione in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Scarica tutti i video usando BitComet - res://C:\Programmi\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Scarica tutto usando BitComet - res://C:\Programmi\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Scarica usando &BitComet - res://C:\Programmi\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1213808602190
O17 - HKLM\System\CCS\Services\Tcpip\..\{3C9B2E06-A8A3-43B9-9116-31469E59BFEE}: NameServer = 212.216.112.222,212.216.172.162
O17 - HKLM\System\CS1\Services\Tcpip\..\{3C9B2E06-A8A3-43B9-9116-31469E59BFEE}: NameServer = 212.216.112.222,212.216.172.162
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programmi\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmi\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Dds Scheduler Deamon (DdsSched) - RICOH Company Ltd. - C:\Programmi\RDS\ddsschednt.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate1c98b59b7df8880) (gupdate1c98b59b7df8880) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Lexar Secure II (LxrSII1s) - Unknown owner - LxrSII1s.exe (file missing)
O23 - Service: PMObserv - RICOH CO.,LTD. - C:\WINDOWS\system32\PMObserv.exe
O23 - Service: Ridoc Server Information Service (RsiSvc) - RICOH Company Ltd. - C:\Programmi\RDS\RsiSvc.exe
O23 - Service: ScanRouterDriverV2 - Ricoh Co.,Ltd. - C:\Programmi\RDS\srscandr.exe
O23 - Service: Sentinel Protection Server (SentinelProtectionServer) - SafeNet, Inc - C:\Programmi\File comuni\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: SOption - RICOH Company Ltd. - C:\Programmi\RDS\SOption.exe

--
End of file - 11368 bytes
Torna in alto
 
r16
Inviato: Monday, March 16, 2009 3:11:53 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,017
Ciao cavalieredaniele.
Il problema della barra, dipende probabilmente da un software di difesa che hai installato, e che è danneggiato.
Forse è questo:
SafeNet Sentinel
Prova a disistallarlo completamente ,fare una pulizia con CCleaner,riavviare il pc e reistallarlo.
N.B: quando lo hai disistallato, fai una prova per vedere se è lui il problema.
Torna in alto
 
cavalieredaniele
Inviato: Tuesday, March 17, 2009 6:32:27 PM
Rank: Newbie

Iscritto dal : 3/12/2009
Posts: 0
Ciao r16
ho disinstallato SafeNet Sentinel ma il problema persiste....
Ho provato anche a disattivare il ripristino di configurazione sistema e fare una pulizia con CCleaner in modalità provvisoria ma niente da fare.....
ripeto...il PC va alla perfezione....però solo dopo un quarto d'ora DALL'AVVIO...!!! se potessi risolvere anche questo problema sarebbe il massimo.....

COMUNQUE GRAZIE ANCORA PER LE INDICAZIONI PRECEDENTI...!!!!

DAVVERO....
Torna in alto
 
Utenti presenti in questo topic
Guest

Aiutamici Forum » Computer & Internet » Problemi Informatici » Mi controllate i LOG che mi avete indicato di postare...!!!!


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.