Indice del forum Olimpo Informatico
I Forum di Zeus News
Leggi la newsletter gratuita - Attiva il Menu compatto
 
 FAQFAQ   CercaCerca   Lista utentiLista utenti   GruppiGruppi   RegistratiRegistrati 
 ProfiloProfilo   Messaggi privatiMessaggi privati   Log inLog in 

    Newsletter RSS Facebook Twitter Contatti Ricerca
log gmer
Nuovo argomento   Quest'argomento è chiuso: Non puoi inserire, rispondere o modificare i messaggi.    Indice del forum -> Pronto Soccorso Virus
Precedente :: Successivo  
Autore Messaggio
klaus124
Eroe in grazia degli dei
Eroe in grazia degli dei


Registrato: 12/03/07 12:08
Messaggi: 106
Residenza: ROMA
MessaggioInviato: 03 Apr 2007 11:33    Oggetto: log gmer Rispondi citando
GMER 1.0.12.12011 - http://www.gmer.net
Rootkit scan 2007-04-03 11:23:08
Windows 5.1.2600 Service Pack 2


---- System - GMER 1.0.12 ----

SSDT \SystemRoot\System32\vsdatant.sys ZwConnectPort
SSDT \SystemRoot\System32\vsdatant.sys ZwCreateFile
SSDT \SystemRoot\System32\vsdatant.sys ZwCreateKey
SSDT \SystemRoot\System32\vsdatant.sys ZwCreatePort
SSDT \SystemRoot\System32\vsdatant.sys ZwCreateProcess
SSDT \SystemRoot\System32\vsdatant.sys ZwCreateProcessEx
SSDT \SystemRoot\System32\vsdatant.sys ZwCreateSection
SSDT \SystemRoot\System32\vsdatant.sys ZwCreateWaitablePort
SSDT \SystemRoot\System32\vsdatant.sys ZwDeleteFile
SSDT \SystemRoot\System32\vsdatant.sys ZwDeleteKey
SSDT \SystemRoot\System32\vsdatant.sys ZwDeleteValueKey
SSDT \SystemRoot\System32\vsdatant.sys ZwDuplicateObject
SSDT \SystemRoot\System32\vsdatant.sys ZwLoadDriver
SSDT \SystemRoot\System32\vsdatant.sys ZwLoadKey
SSDT \SystemRoot\System32\vsdatant.sys ZwMapViewOfSection
SSDT \SystemRoot\System32\vsdatant.sys ZwOpenFile
SSDT \SystemRoot\System32\vsdatant.sys ZwOpenProcess
SSDT \SystemRoot\System32\vsdatant.sys ZwOpenThread
SSDT \SystemRoot\System32\vsdatant.sys ZwReplaceKey
SSDT \SystemRoot\System32\vsdatant.sys ZwRequestWaitReplyPort
SSDT \SystemRoot\System32\vsdatant.sys ZwRestoreKey
SSDT \SystemRoot\System32\vsdatant.sys ZwSecureConnectPort
SSDT \SystemRoot\System32\vsdatant.sys ZwSetInformationFile
SSDT \SystemRoot\System32\vsdatant.sys ZwSetSystemInformation
SSDT \SystemRoot\System32\vsdatant.sys ZwSetValueKey
SSDT \SystemRoot\System32\vsdatant.sys ZwTerminateProcess
SSDT \SystemRoot\System32\vsdatant.sys ZwUnloadDriver

INT 0x20 srescan.sys F76379D0

---- Kernel code sections - GMER 1.0.12 ----

.text ntoskrnl.exe!ZwYieldExecution + 12E 804E4968 12 Bytes [ F0, 01, FD, EE, 80, 64, FD, ... ]
.text ntoskrnl.exe!ZwYieldExecution + 16E 804E49A8 8 Bytes [ A0, CE, FC, EE, A0, 86, FD, ... ]
.text ntoskrnl.exe!ZwYieldExecution + 1FA 804E4A34 8 Bytes [ 60, A3, FC, EE, E0, 89, FD, ... ]
.text ntoskrnl.exe!ZwYieldExecution + 12E 804E4968 12 Bytes [ F0, 01, FD, EE, 80, 64, FD, ... ]
.text ntoskrnl.exe!ZwYieldExecution + 16E 804E49A8 8 Bytes [ A0, CE, FC, EE, A0, 86, FD, ... ]
.text ...

---- User code sections - GMER 1.0.12 ----

.text C:\WINDOWS\system32\ZoneLabs\vsmon.exe[1536] ntdll.dll!KiFastSystemCall + 2 7C91EB8D 2 Bytes [ CD, 20 ]

---- Devices - GMER 1.0.12 ----

Device \Driver\Tcpip \Device\Ip IRP_MJ_CREATE [EEFE18A0] vsdatant.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_CLOSE [EEFE18A0] vsdatant.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CONTROL [EEFE18A0] vsdatant.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_INTERNAL_DEVICE_CONTROL [EEFE18A0] vsdatant.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_CLEANUP [EEFE18A0] vsdatant.sys
Device \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE [EEFE18A0] vsdatant.sys
Device \Driver\Tcpip \Device\Tcp IRP_MJ_CLOSE [EEFE18A0] vsdatant.sys
Device \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CONTROL [EEFE18A0] vsdatant.sys
Device \Driver\Tcpip \Device\Tcp IRP_MJ_INTERNAL_DEVICE_CONTROL [EEFE18A0] vsdatant.sys
Device \Driver\Tcpip \Device\Tcp IRP_MJ_CLEANUP [EEFE18A0] vsdatant.sys
Device \Driver\Tcpip \Device\Udp IRP_MJ_CREATE [EEFE18A0] vsdatant.sys
Device \Driver\Tcpip \Device\Udp IRP_MJ_CLOSE [EEFE18A0] vsdatant.sys
Device \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CONTROL [EEFE18A0] vsdatant.sys
Device \Driver\Tcpip \Device\Udp IRP_MJ_INTERNAL_DEVICE_CONTROL [EEFE18A0] vsdatant.sys
Device \Driver\Tcpip \Device\Udp IRP_MJ_CLEANUP [EEFE18A0] vsdatant.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE [EEFE18A0] vsdatant.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_CLOSE [EEFE18A0] vsdatant.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CONTROL [EEFE18A0] vsdatant.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_INTERNAL_DEVICE_CONTROL [EEFE18A0] vsdatant.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_CLEANUP [EEFE18A0] vsdatant.sys
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CREATE [EEFE18A0] vsdatant.sys
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CLOSE [EEFE18A0] vsdatant.sys
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_DEVICE_CONTROL [EEFE18A0] vsdatant.sys
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_INTERNAL_DEVICE_CONTROL [EEFE18A0] vsdatant.sys
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CLEANUP [EEFE18A0] vsdatant.sys

---- Registry - GMER 1.0.12 ----

Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System@OODEFRAG08.00.00.01WORKSTATION 805FDB70D62DE89CA1EE7AA227D442E58658FCF01FA6044D5068CB9B03B74C621B582637B60FF44CDD9CA68A88BE492C9F45218C528C04A57DF3C4E7E22D23667DDE1A8DB8120349B55F4B6292BF55803D173672CB3A5C587222DE36837FFE05105B1DE89F1025FB102AAFF0940D6DEBE2680C59855E29306F578C4EAEF231E8ED1BE5C0A006019384D27100D0FA2C3DC4BAC37AF1471CBC67DA16FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C8EDD5E5BE2F6E667C038D530D6EB34525D575E7D6A3B98085D575E7D6A3B9808C74F10909EF803EE46895CDFABAEF10442566377F898739D7D49D7742DE413D685A43A0D65749D8D6D2B48586F17D54C8E5976DC1F27B985E4D8756FAA69CF95F04ED36594448F22317AA594AE424FBEA7213BA4A9EA47E5F14AF22EAEDEA642E9498D2B92D5B2C6631F9ABA91DB7E1871A375AB9E6AA543B7814BE2C2CA27C5D5833888894A416ADB35F40802BF666CD24888654BE043F3D0539AD43364C95C1FE1CCB667F75A4D74CDA24D3003F1A1B7EBFB54BF3F7126D70A24DD9399E897B2396585DFE602848B6B39ED0E6AEB738FE10093CF28E3D66FE4CD6C368AC15B8455405866571F7C8486EEE154F105EF4EEBE24F14F236DBBB932081B60B78E0867541A5B6B7FC70450C22B67DC6D1796C461B4A6

---- Files - GMER 1.0.12 ----

ADS C:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\TEMP:2A81F9CE
ADS C:\Documents and Settings\io.IO-E05FD2476A1D\Impostazioni locali\Dati applicazioni\Microsoft\Messenger\giulis93@hotmail.it\SharingMetadata\alessio_ersorko@hotmail.it\DFSR\Staging\CS{62E65DC5-0397-4E61-AAFA-A0BC391CF491}\01\13-{62E65DC5-0397-4E61-AAFA-A0BC391CF491}-v1-{62AA26FB-45D1-468E-AD52-B2ED942AF415}-v13-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\io.IO-E05FD2476A1D\Impostazioni locali\Dati applicazioni\Microsoft\Messenger\giulis93@hotmail.it\SharingMetadata\giulis_93@hotmail.it\DFSR\Staging\CS{6492581E-9FDD-D625-A8F1-7FAB20E127ED}\01\12-{6492581E-9FDD-D625-A8F1-7FAB20E127ED}-v1-{62AA26FB-45D1-468E-AD52-B2ED942AF415}-v12-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\io.IO-E05FD2476A1D\Impostazioni locali\Dati applicazioni\Microsoft\Messenger\giulis93@hotmail.it\SharingMetadata\nikkia93@virgilio.it\DFSR\Staging\CS{4F9FFB64-CACE-1579-8139-6D17334DE11F}\01\10-{4F9FFB64-CACE-1579-8139-6D17334DE11F}-v1-{62AA26FB-45D1-468E-AD52-B2ED942AF415}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\io.IO-E05FD2476A1D\Impostazioni locali\Dati applicazioni\Microsoft\Messenger\mukky89irriducibili@hotmail.it\SharingMetadata\giulia_mazzolini@hotmail.it\DFSR\Staging\CS{DA5E1E71-20DB-0B5B-367E-186C182AF015}\01\10-{DA5E1E71-20DB-0B5B-367E-186C182AF015}-v1-{99DDB807-45C4-4E1C-9007-6F476D01B576}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS

---- EOF - GMER 1.0.12 ----
GMER 1.0.12.12011 - http://www.gmer.net
Autostart scan 2007-04-03 11:24:48
Windows 5.1.2600 Service Pack 2


HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems@Windows = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon@Userinit = C:\WINDOWS\system32\userinit.exe,

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent@DLLName = Ati2evxx.dll

HKLM\SYSTEM\CurrentControlSet\Services\ >>>
aswUpdSv /*avast! iAVS4 Control Service*/@ = "C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe"
Ati HotKey Poller@ = %SystemRoot%\system32\Ati2evxx.exe
avast! Antivirus /*avast! Antivirus*/@ = "C:\Programmi\Alwil Software\Avast4\ashServ.exe"
O&O Defrag /*O&O Defrag*/@ = C:\WINDOWS\system32\oodag.exe
Spooler /*Spooler di stampa*/@ = %SystemRoot%\system32\spoolsv.exe
vsmon /*TrueVector Internet Monitor*/@ = C:\WINDOWS\system32\ZoneLabs\vsmon.exe -service

HKLM\Software\Microsoft\Windows\CurrentVersion\Run >>>
@CnxTrApprundll32.exe "C:\Programmi\StarModem\StarModem USB Network\CnxTrApp.dll",AppEntry -REG "Conexant\Conexant USB Network" = rundll32.exe "C:\Programmi\StarModem\StarModem USB Network\CnxTrApp.dll",AppEntry -REG "Conexant\Conexant USB Network"
@avast!C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe = C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
@ZoneAlarm Client"C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe" = "C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe"
@MSConfigC:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto = C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto

HKCU\Software\Microsoft\Windows\CurrentVersion\Run@CTFMON.EXE = C:\WINDOWS\system32\ctfmon.exe

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks@{57B86673-276A-48B2-BAE7-C6DBB3020EB8} = C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved >>>
@{42071714-76d4-11d1-8b24-00a0c9068ff3} /*Estensione panoramica video del Pannello di controllo*/deskpan.dll /*file not found*/ = deskpan.dll /*file not found*/
@{596AB062-B4D2-4215-9F74-E9109B0A8153} /*Pagina proprietà versioni precedenti*/%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll
@{9DB7A13C-F208-4981-8353-73CC61AE2783} /*Versioni precedenti*/%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll
@{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} /*Autoplay for SlideShow*/(null) =
@{692F0339-CBAA-47e6-B5B5-3B84DB604E87} /*Extensions Manager Folder*/%SystemRoot%\system32\extmgr.dll = %SystemRoot%\system32\extmgr.dll
@{B41DB860-8EE4-11D2-9906-E49FADC173CA} /*WinRAR shell extension*/C:\Programmi\WinRAR\rarext.dll = C:\Programmi\WinRAR\rarext.dll
@{e82a2d71-5b2f-43a0-97b8-81be15854de8} /*ShellLink for Application References*/C:\WINDOWS\system32\dfshim.dll = C:\WINDOWS\system32\dfshim.dll
@{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} /*Shell Icon Handler for Application References*/C:\WINDOWS\system32\dfshim.dll = C:\WINDOWS\system32\dfshim.dll
@{45670FA8-ED97-4F44-BC93-305082590BFB} /*Microsoft.XPS.Shell.Metadata.1*/%SystemRoot%\System32\XPSSHHDR.DLL = %SystemRoot%\System32\XPSSHHDR.DLL
@{44121072-A222-48f2-A58A-6D9AD51EBBE9} /*Microsoft.XPS.Shell.Thumbnail.1*/%SystemRoot%\System32\XPSSHHDR.DLL = %SystemRoot%\System32\XPSSHHDR.DLL
@{BDEADF00-C265-11D0-BCED-00A0C90AB50F} /*Cartelle Web*/C:\PROGRA~1\FILECO~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL = C:\PROGRA~1\FILECO~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
@{00020D75-0000-0000-C000-000000000046} /*Microsoft Office Outlook Desktop Icon Handler*/C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL = C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL
@{0006F045-0000-0000-C000-000000000046} /*Microsoft Office Outlook Custom Icon Handler*/C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL = C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL
@{42042206-2D85-11D3-8CFF-005004838597} /*Microsoft Office HTML Icon Handler*/C:\Programmi\Microsoft Office\OFFICE11\msohev.dll = C:\Programmi\Microsoft Office\OFFICE11\msohev.dll
@{B327765E-D724-4347-8B16-78AE18552FC3} /*NeroDigitalIconHandler*/C:\Programmi\File comuni\Ahead\Lib\NeroDigitalExt.dll = C:\Programmi\File comuni\Ahead\Lib\NeroDigitalExt.dll
@{7F1CF152-04F8-453A-B34C-E609530A9DC8} /*NeroDigitalPropSheetHandler*/C:\Programmi\File comuni\Ahead\Lib\NeroDigitalExt.dll = C:\Programmi\File comuni\Ahead\Lib\NeroDigitalExt.dll
@{A155339D-CCCD-4714-85EB-3754B804C9DF} /*a-squared Free Context Menu Shell Extension*/(null) =
@{BD88A479-9623-4897-8546-BC62B9628F44} /*SPTHandler*/(null) =
@{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D} /*Messenger Sharing Folders*/C:\Programmi\MSN Messenger\fsshext.8.0.0812.00.dll = C:\Programmi\MSN Messenger\fsshext.8.0.0812.00.dll
@{32020A01-506E-484D-A2A8-BE3CF17601C3} /*AlcoholShellEx*/(null) =
@{472083B0-C522-11CF-8763-00608CC02F24} /*avast*/C:\Programmi\Alwil Software\Avast4\ashShell.dll = C:\Programmi\Alwil Software\Avast4\ashShell.dll
@{35786D3C-B075-49b9-88DD-029876E11C01} /*Portable Devices*/%SystemRoot%\system32\wpdshext.dll = %SystemRoot%\system32\wpdshext.dll
@{D6791A63-E7E2-4fee-BF52-5DED8E86E9B8} /*Portable Devices Menu*/%SystemRoot%\system32\wpdshext.dll = %SystemRoot%\system32\wpdshext.dll

HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ >>>
avast@{472083B0-C522-11CF-8763-00608CC02F24} = C:\Programmi\Alwil Software\Avast4\ashShell.dll
AVG Anti-Spyware@{8934FCEF-F5B8-468f-951F-78A921CD3920} = C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\context.dll
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Programmi\WinRAR\rarext.dll

HKLM\Software\Classes\*\shellex\ContextMenuHandlers@{EB4D3CFE-E2AA-4C6E-B2FE-2A749F95D208} = C:\Programmi\Nero\Nero 7\Nero BackItUp\NBShell.dll

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ >>>
AVG Anti-Spyware@{8934FCEF-F5B8-468f-951F-78A921CD3920} = C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\context.dll
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Programmi\WinRAR\rarext.dll

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ >>>
a2FreeContMenu@{A155339D-CCCD-4714-85EB-3754B804C9DF} =
ALSongContext@{CBE49257-71F8-44B4-B536-FF5359F0AEAA} =
avast@{472083B0-C522-11CF-8763-00608CC02F24} = C:\Programmi\Alwil Software\Avast4\ashShell.dll
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Programmi\WinRAR\rarext.dll

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers@{EB4D3CFE-E2AA-4C6E-B2FE-2A749F95D208} = C:\Programmi\Nero\Nero 7\Nero BackItUp\NBShell.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects >>>
@{02478D38-C3F9-4EFB-9B51-7695ECA05670}C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll = C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
@{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll = C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
@{195c5499-fc60-40e3-8eec-72831ad6e5c5}C:\Programmi\ilsoftware\tbils1.dll = C:\Programmi\ilsoftware\tbils1.dll
@{53707962-6F74-2D53-2644-206D7942484F}C:\PROGRA~1\SPYBOT~1\SDHelper.dll = C:\PROGRA~1\SPYBOT~1\SDHelper.dll
@{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}C:\Programmi\Java\jre1.5.0_11\bin\ssv.dll = C:\Programmi\Java\jre1.5.0_11\bin\ssv.dll
@{9030D464-4C02-4ABF-8ECC-5164760863C6}C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll = C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

HKCU\Control Panel\Desktop@SCRNSAVE.EXE = C:\WINDOWS\System32\logon.scr

HKLM\Software\Microsoft\Internet Explorer\Main >>>
@Default_Page_URLhttp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
@Start Pagehttp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home

HKCU\Software\Microsoft\Internet Explorer\Main >>>
@Default_Page_URLhttp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
@Start Pagehttp://www.libero.it/ = http://www.libero.it/

HKLM\Software\Classes\PROTOCOLS\Filter\text/xml@CLSID = C:\Programmi\File comuni\Microsoft Shared\OFFICE11\MSOXMLMF.DLL

HKLM\Software\Classes\PROTOCOLS\Handler\ >>>
dvd@CLSID = C:\WINDOWS\system32\msvidctl.dll
its@CLSID = C:\WINDOWS\system32\itss.dll
livecall@CLSID = C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
mhtml@CLSID = %SystemRoot%\system32\inetcomm.dll
ms-its@CLSID = C:\WINDOWS\system32\itss.dll
msnim@CLSID = C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
mso-offdap@CLSID = C:\PROGRA~1\FILECO~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
mso-offdap11@CLSID = C:\PROGRA~1\FILECO~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
tv@CLSID = C:\WINDOWS\system32\msvidctl.dll

HKLM\Software\Classes\PROTOCOLS\Handler\wia@CLSID = C:\WINDOWS\system32\wiascr.dll

C:\Documents and Settings\io.IO-E05FD2476A1D\Menu Avvio\Programmi\Esecuzione automatica = ERUNT AutoBackup.lnk

---- EOF - GMER 1.0.12 ----mi date una controllata? grazie
Top
Profilo Invia messaggio privato
chemicalbit
Dio maturo
Dio maturo


Registrato: 01/04/05 18:59
Messaggi: 18597
Residenza: Milano
MessaggioInviato: 03 Apr 2007 12:47    Oggetto: Rispondi
Avevi già una discussione aperta
(e nella più adatta sezione "Pronto Soccorso Zeus" questo è in "Sicurezza", ora lo sposto)
Proseguiamo di là.

Chiudo qui.
Top
Profilo Invia messaggio privato
Mostra prima i messaggi di:   
Nuovo argomento   Quest'argomento è chiuso: Non puoi inserire, rispondere o modificare i messaggi.    Indice del forum -> Pronto Soccorso Virus Tutti i fusi orari sono GMT + 2 ore
Pagina 1 di 1

 
Vai a:  
Non puoi inserire nuovi argomenti
Non puoi rispondere a nessun argomento
Non puoi modificare i tuoi messaggi
Non puoi cancellare i tuoi messaggi
Non puoi votare nei sondaggi