GMER 1.0.12.12027 -
http://www.gmer.net
Rootkit scan 2007-02-22 17:13:38
Windows 5.1.2600 Service Pack 1
---- System - GMER 1.0.12 ----
SSDT \??\C:\Programmi\ewido anti-spyware 4.0\guard.sys
ZwOpenProcess
SSDT \??\C:\Programmi\ewido anti-spyware 4.0\guard.sys
ZwTerminateProcess
---- Kernel code sections - GMER 1.0.12 ----
.text ntoskrnl.exe!_abnormal_termination + 44D
804DF0CC 2 Bytes [ 12, 18 ]
.text ntoskrnl.exe!_abnormal_termination + 450
804DF0CF 1 Byte [ F8 ]
.text ntdll.dll!NtClose
77F658AA 5 Bytes JMP
7203407A
.text ntdll.dll!NtCreateProcess
77F659F4 5 Bytes JMP
72034205
.text ntdll.dll!NtCreateProcessEx
77F65A03 5 Bytes JMP
720340E9
.text ntdll.dll!NtCreateSection
77F65A21 5 Bytes JMP
72034098
---- User code sections - GMER 1.0.12 ----
.text C:\Programmi\MSN Messenger\msnmsgr.exe[2224]
kernel32.dll!SizeofResource
77E4D2CF 7 Bytes JMP
27001C20 C:\Programmi\Messenger Plus!
Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[2224]
kernel32.dll!FindResourceW
77E4D339 7 Bytes JMP
27001A60 C:\Programmi\Messenger Plus!
Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[2224]
kernel32.dll!CreateEventA
77E54DE5 5 Bytes JMP
27001840 C:\Programmi\Messenger Plus!
Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[2224]
kernel32.dll!LoadResource
77E5638B 7 Bytes JMP
27001B70 C:\Programmi\Messenger Plus!
Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[2224]
kernel32.dll!FindResourceExW
77E563D4 7 Bytes JMP
27001AE0 C:\Programmi\Messenger Plus!
Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[2224]
kernel32.dll!LockResource
77E5E351 7 Bytes JMP
27001CD0 C:\Programmi\Messenger Plus!
Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[2224]
kernel32.dll!SetUnhandledExceptionFilter
77E5E5A1 9 Bytes JMP
004DE392 C:\Programmi\MSN Messenger\msnmsgr.exe
.text C:\Programmi\MSN Messenger\msnmsgr.exe[2224]
ADVAPI32.dll!CryptDecrypt
77DAE737 7 Bytes JMP
27001050 C:\Programmi\Messenger Plus!
Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[2224]
ADVAPI32.dll!CryptDeriveKey
77DAE7E7 7 Bytes JMP
27001000 C:\Programmi\Messenger Plus!
Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[2224]
USER32.dll!PeekMessageW
77D18BDE 5 Bytes JMP
27003760 C:\Programmi\Messenger Plus!
Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[2224]
USER32.dll!CreateWindowExW
77D1DADF 5 Bytes JMP
27003270 C:\Programmi\Messenger Plus!
Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[2224]
USER32.dll!SetWindowPlacement
77D1F678 5 Bytes JMP
270049D0 C:\Programmi\Messenger Plus!
Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[2224]
USER32.dll!SetWindowRgn
77D22319 7 Bytes JMP
27004AB0 C:\Programmi\Messenger Plus!
Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[2224]
USER32.dll!CreateDialogParamW
77D2A3FA 5 Bytes JMP
27004E30 C:\Programmi\Messenger Plus!
Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[2224]
USER32.dll!MessageBoxIndirectW
77D426D2 5 Bytes JMP
27004F90 C:\Programmi\Messenger Plus!
Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[2224]
USER32.dll!TrackPopupMenuEx
77D4D934 5 Bytes JMP
27003F30 C:\Programmi\Messenger Plus!
Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[2224]
USER32.dll!FlashWindow
77D5E54A 5 Bytes JMP
27004B50 C:\Programmi\Messenger Plus!
Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[2224]
WS2_32.dll!WSARecv
71A319A0 5 Bytes JMP
27009390 C:\Programmi\Messenger Plus!
Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[2224]
WS2_32.dll!closesocket
71A31A6D 14 Bytes JMP
27009930 C:\Programmi\Messenger Plus!
Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[2224]
WS2_32.dll!send
71A31AF4 6 Bytes JMP
270095A0 C:\Programmi\Messenger Plus!
Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[2224]
WS2_32.dll!recv
71A35690 6 Bytes JMP
27009200 C:\Programmi\Messenger Plus!
Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[2224]
WS2_32.dll!WSASend
71A35722 5 Bytes JMP
27009720 C:\Programmi\Messenger Plus!
Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[2224]
SHELL32.dll!Shell_NotifyIconW
7CD1E128 5 Bytes JMP
27002BA0 C:\Programmi\Messenger Plus!
Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[2224]
ole32.dll!CoInitializeEx
4FEDDC81 5 Bytes JMP
27001D30 C:\Programmi\Messenger Plus!
Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[2224]
ole32.dll!CoRegisterClassObject
4FF014E4 5 Bytes JMP
27001E30 C:\Programmi\Messenger Plus!
Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[2224]
WININET.dll!HttpOpenRequestA
6300B019 6 Bytes JMP
27008180 C:\Programmi\Messenger Plus!
Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[2224]
WININET.dll!HttpSendRequestA
6300BF64 5 Bytes JMP
270083B0 C:\Programmi\Messenger Plus!
Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[2224]
WININET.dll!InternetCloseHandle
6300EF54 5 Bytes JMP
27008460 C:\Programmi\Messenger Plus!
Live\MsgPlusLive.dll
.text C:\Programmi\MSN Messenger\msnmsgr.exe[2224]
WININET.dll!InternetReadFile
630124CF 6 Bytes JMP
270082E0 C:\Programmi\Messenger Plus!
Live\MsgPlusLive.dll
---- Files - GMER 1.0.12 ----
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\alof_99@yahoo.com\Sharin
gMetadata\jelelangel@hotmail.com\DFSR\Staging\CS{EADFE093
-CB22-CC0E-984F-8F1643250115}\01\10-{EADFE093-CB22-CC0E-9
84F-8F1643250115}-v1-{40C1D072-9DB1-4294-8303-332080E1038
0}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5
d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\danila.arcifa@hotmail.it\DFSR\Staging\CS{8
D994C37-2C1D-0D6D-DDCB-8407762DBE74}\01\19-{8D994C37-2C1D
-0D6D-DDCB-8407762DBE74}-v1-{250CF285-61EC-414C-9AD7-78AC
928176E5}-v19-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51
ad66eb5d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\jelelangel@hotmail.com\DFSR\Staging\CS{F12
04FEC-1C4A-4208-69D0-67B1439C28FC}\01\32-{F1204FEC-1C4A-4
208-69D0-67B1439C28FC}-v1-{250CF285-61EC-414C-9AD7-78AC92
8176E5}-v32-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad
66eb5d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\ma_lu_78@hotmail.com\DFSR\Staging\CS{FDB55
60F-193E-4DCC-06B8-363368176D14}\01\29-{FDB5560F-193E-4DC
C-06B8-363368176D14}-v1-{250CF285-61EC-414C-9AD7-78AC9281
76E5}-v29-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66
eb5d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\ma_lu_78@hotmail.com\DFSR\Staging\CS{FDB55
60F-193E-4DCC-06B8-363368176D14}\30\30-{250CF285-61EC-414
C-9AD7-78AC928176E5}-v30-{250CF285-61EC-414C-9AD7-78AC928
176E5}-v30-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad6
6eb5d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\sopravento@hotmail.com\DFSR\Staging\CS{254
C6B5C-68FE-0BE1-410A-15E19F48F160}\01\21-{254C6B5C-68FE-0
BE1-410A-15E19F48F160}-v1-{250CF285-61EC-414C-9AD7-78AC92
8176E5}-v21-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad
66eb5d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\sopravento@hotmail.com\DFSR\Staging\CS{254
C6B5C-68FE-0BE1-410A-15E19F48F160}\11\149-{DB20375C-A951-
4653-9FCE-322A691F3456}-v11-{DB20375C-A951-4653-9FCE-322A
691F3456}-v149-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b5
1ad66eb5d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\sopravento@hotmail.com\DFSR\Staging\CS{254
C6B5C-68FE-0BE1-410A-15E19F48F160}\12\26-{DB20375C-A951-4
653-9FCE-322A691F3456}-v12-{250CF285-61EC-414C-9AD7-78AC9
28176E5}-v26-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51a
d66eb5d3}.rdc.1
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\sopravento@hotmail.com\DFSR\Staging\CS{254
C6B5C-68FE-0BE1-410A-15E19F48F160}\12\26-{DB20375C-A951-4
653-9FCE-322A691F3456}-v12-{250CF285-61EC-414C-9AD7-78AC9
28176E5}-v26-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51a
d66eb5d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\sopravento@hotmail.com\DFSR\Staging\CS{254
C6B5C-68FE-0BE1-410A-15E19F48F160}\13\61-{DB20375C-A951-4
653-9FCE-322A691F3456}-v13-{DB20375C-A951-4653-9FCE-322A6
91F3456}-v61-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51a
d66eb5d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\sopravento@hotmail.com\DFSR\Staging\CS{254
C6B5C-68FE-0BE1-410A-15E19F48F160}\14\63-{DB20375C-A951-4
653-9FCE-322A691F3456}-v14-{DB20375C-A951-4653-9FCE-322A6
91F3456}-v63-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51a
d66eb5d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\sopravento@hotmail.com\DFSR\Staging\CS{254
C6B5C-68FE-0BE1-410A-15E19F48F160}\15\65-{DB20375C-A951-4
653-9FCE-322A691F3456}-v15-{DB20375C-A951-4653-9FCE-322A6
91F3456}-v65-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51a
d66eb5d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\sopravento@hotmail.com\DFSR\Staging\CS{254
C6B5C-68FE-0BE1-410A-15E19F48F160}\16\67-{DB20375C-A951-4
653-9FCE-322A691F3456}-v16-{DB20375C-A951-4653-9FCE-322A6
91F3456}-v67-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51a
d66eb5d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\sopravento@hotmail.com\DFSR\Staging\CS{254
C6B5C-68FE-0BE1-410A-15E19F48F160}\17\69-{DB20375C-A951-4
653-9FCE-322A691F3456}-v17-{DB20375C-A951-4653-9FCE-322A6
91F3456}-v69-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51a
d66eb5d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\sopravento@hotmail.com\DFSR\Staging\CS{254
C6B5C-68FE-0BE1-410A-15E19F48F160}\18\71-{DB20375C-A951-4
653-9FCE-322A691F3456}-v18-{DB20375C-A951-4653-9FCE-322A6
91F3456}-v71-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51a
d66eb5d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\sopravento@hotmail.com\DFSR\Staging\CS{254
C6B5C-68FE-0BE1-410A-15E19F48F160}\19\73-{DB20375C-A951-4
653-9FCE-322A691F3456}-v19-{DB20375C-A951-4653-9FCE-322A6
91F3456}-v73-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51a
d66eb5d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\sopravento@hotmail.com\DFSR\Staging\CS{254
C6B5C-68FE-0BE1-410A-15E19F48F160}\20\75-{DB20375C-A951-4
653-9FCE-322A691F3456}-v20-{DB20375C-A951-4653-9FCE-322A6
91F3456}-v75-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51a
d66eb5d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\sopravento@hotmail.com\DFSR\Staging\CS{254
C6B5C-68FE-0BE1-410A-15E19F48F160}\21\77-{DB20375C-A951-4
653-9FCE-322A691F3456}-v21-{DB20375C-A951-4653-9FCE-322A6
91F3456}-v77-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51a
d66eb5d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\sopravento@hotmail.com\DFSR\Staging\CS{254
C6B5C-68FE-0BE1-410A-15E19F48F160}\22\79-{DB20375C-A951-4
653-9FCE-322A691F3456}-v22-{DB20375C-A951-4653-9FCE-322A6
91F3456}-v79-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51a
d66eb5d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\sopravento@hotmail.com\DFSR\Staging\CS{254
C6B5C-68FE-0BE1-410A-15E19F48F160}\23\81-{DB20375C-A951-4
653-9FCE-322A691F3456}-v23-{DB20375C-A951-4653-9FCE-322A6
91F3456}-v81-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51a
d66eb5d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\sopravento@hotmail.com\DFSR\Staging\CS{254
C6B5C-68FE-0BE1-410A-15E19F48F160}\24\83-{DB20375C-A951-4
653-9FCE-322A691F3456}-v24-{DB20375C-A951-4653-9FCE-322A6
91F3456}-v83-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51a
d66eb5d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\sopravento@hotmail.com\DFSR\Staging\CS{254
C6B5C-68FE-0BE1-410A-15E19F48F160}\25\85-{DB20375C-A951-4
653-9FCE-322A691F3456}-v25-{DB20375C-A951-4653-9FCE-322A6
91F3456}-v85-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51a
d66eb5d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\sopravento@hotmail.com\DFSR\Staging\CS{254
C6B5C-68FE-0BE1-410A-15E19F48F160}\26\87-{DB20375C-A951-4
653-9FCE-322A691F3456}-v26-{DB20375C-A951-4653-9FCE-322A6
91F3456}-v87-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51a
d66eb5d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\sopravento@hotmail.com\DFSR\Staging\CS{254
C6B5C-68FE-0BE1-410A-15E19F48F160}\27\89-{DB20375C-A951-4
653-9FCE-322A691F3456}-v27-{DB20375C-A951-4653-9FCE-322A6
91F3456}-v89-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51a
d66eb5d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\sopravento@hotmail.com\DFSR\Staging\CS{254
C6B5C-68FE-0BE1-410A-15E19F48F160}\28\91-{DB20375C-A951-4
653-9FCE-322A691F3456}-v28-{DB20375C-A951-4653-9FCE-322A6
91F3456}-v91-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51a
d66eb5d3}.rdc.1
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\sopravento@hotmail.com\DFSR\Staging\CS{254
C6B5C-68FE-0BE1-410A-15E19F48F160}\28\91-{DB20375C-A951-4
653-9FCE-322A691F3456}-v28-{DB20375C-A951-4653-9FCE-322A6
91F3456}-v91-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51a
d66eb5d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\sopravento@hotmail.com\DFSR\Staging\CS{254
C6B5C-68FE-0BE1-410A-15E19F48F160}\29\93-{DB20375C-A951-4
653-9FCE-322A691F3456}-v29-{DB20375C-A951-4653-9FCE-322A6
91F3456}-v93-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51a
d66eb5d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\sopravento@hotmail.com\DFSR\Staging\CS{254
C6B5C-68FE-0BE1-410A-15E19F48F160}\30\95-{DB20375C-A951-4
653-9FCE-322A691F3456}-v30-{DB20375C-A951-4653-9FCE-322A6
91F3456}-v95-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51a
d66eb5d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\sopravento@hotmail.com\DFSR\Staging\CS{254
C6B5C-68FE-0BE1-410A-15E19F48F160}\31\97-{DB20375C-A951-4
653-9FCE-322A691F3456}-v31-{DB20375C-A951-4653-9FCE-322A6
91F3456}-v97-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51a
d66eb5d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\sopravento@hotmail.com\DFSR\Staging\CS{254
C6B5C-68FE-0BE1-410A-15E19F48F160}\32\99-{DB20375C-A951-4
653-9FCE-322A691F3456}-v32-{DB20375C-A951-4653-9FCE-322A6
91F3456}-v99-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51a
d66eb5d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\sopravento@hotmail.com\DFSR\Staging\CS{254
C6B5C-68FE-0BE1-410A-15E19F48F160}\33\101-{DB20375C-A951-
4653-9FCE-322A691F3456}-v33-{DB20375C-A951-4653-9FCE-322A
691F3456}-v101-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b5
1ad66eb5d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\sopravento@hotmail.com\DFSR\Staging\CS{254
C6B5C-68FE-0BE1-410A-15E19F48F160}\34\103-{DB20375C-A951-
4653-9FCE-322A691F3456}-v34-{DB20375C-A951-4653-9FCE-322A
691F3456}-v103-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b5
1ad66eb5d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\sopravento@hotmail.com\DFSR\Staging\CS{254
C6B5C-68FE-0BE1-410A-15E19F48F160}\35\105-{DB20375C-A951-
4653-9FCE-322A691F3456}-v35-{DB20375C-A951-4653-9FCE-322A
691F3456}-v105-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b5
1ad66eb5d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\sopravento@hotmail.com\DFSR\Staging\CS{254
C6B5C-68FE-0BE1-410A-15E19F48F160}\36\107-{DB20375C-A951-
4653-9FCE-322A691F3456}-v36-{DB20375C-A951-4653-9FCE-322A
691F3456}-v107-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b5
1ad66eb5d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\sopravento@hotmail.com\DFSR\Staging\CS{254
C6B5C-68FE-0BE1-410A-15E19F48F160}\37\109-{DB20375C-A951-
4653-9FCE-322A691F3456}-v37-{DB20375C-A951-4653-9FCE-322A
691F3456}-v109-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b5
1ad66eb5d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\sopravento@hotmail.com\DFSR\Staging\CS{254
C6B5C-68FE-0BE1-410A-15E19F48F160}\38\111-{DB20375C-A951-
4653-9FCE-322A691F3456}-v38-{DB20375C-A951-4653-9FCE-322A
691F3456}-v111-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b5
1ad66eb5d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\sopravento@hotmail.com\DFSR\Staging\CS{254
C6B5C-68FE-0BE1-410A-15E19F48F160}\39\113-{DB20375C-A951-
4653-9FCE-322A691F3456}-v39-{DB20375C-A951-4653-9FCE-322A
691F3456}-v113-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b5
1ad66eb5d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\sopravento@hotmail.com\DFSR\Staging\CS{254
C6B5C-68FE-0BE1-410A-15E19F48F160}\40\115-{DB20375C-A951-
4653-9FCE-322A691F3456}-v40-{DB20375C-A951-4653-9FCE-322A
691F3456}-v115-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b5
1ad66eb5d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\sopravento@hotmail.com\DFSR\Staging\CS{254
C6B5C-68FE-0BE1-410A-15E19F48F160}\41\117-{DB20375C-A951-
4653-9FCE-322A691F3456}-v41-{DB20375C-A951-4653-9FCE-322A
691F3456}-v117-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b5
1ad66eb5d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\sopravento@hotmail.com\DFSR\Staging\CS{254
C6B5C-68FE-0BE1-410A-15E19F48F160}\42\119-{DB20375C-A951-
4653-9FCE-322A691F3456}-v42-{DB20375C-A951-4653-9FCE-322A
691F3456}-v119-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b5
1ad66eb5d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\sopravento@hotmail.com\DFSR\Staging\CS{254
C6B5C-68FE-0BE1-410A-15E19F48F160}\43\121-{DB20375C-A951-
4653-9FCE-322A691F3456}-v43-{DB20375C-A951-4653-9FCE-322A
691F3456}-v121-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b5
1ad66eb5d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\sopravento@hotmail.com\DFSR\Staging\CS{254
C6B5C-68FE-0BE1-410A-15E19F48F160}\44\123-{DB20375C-A951-
4653-9FCE-322A691F3456}-v44-{DB20375C-A951-4653-9FCE-322A
691F3456}-v123-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b5
1ad66eb5d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\sopravento@hotmail.com\DFSR\Staging\CS{254
C6B5C-68FE-0BE1-410A-15E19F48F160}\45\125-{DB20375C-A951-
4653-9FCE-322A691F3456}-v45-{DB20375C-A951-4653-9FCE-322A
691F3456}-v125-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b5
1ad66eb5d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\sopravento@hotmail.com\DFSR\Staging\CS{254
C6B5C-68FE-0BE1-410A-15E19F48F160}\46\127-{DB20375C-A951-
4653-9FCE-322A691F3456}-v46-{DB20375C-A951-4653-9FCE-322A
691F3456}-v127-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b5
1ad66eb5d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\sopravento@hotmail.com\DFSR\Staging\CS{254
C6B5C-68FE-0BE1-410A-15E19F48F160}\47\129-{DB20375C-A951-
4653-9FCE-322A691F3456}-v47-{DB20375C-A951-4653-9FCE-322A
691F3456}-v129-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b5
1ad66eb5d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\sopravento@hotmail.com\DFSR\Staging\CS{254
C6B5C-68FE-0BE1-410A-15E19F48F160}\48\131-{DB20375C-A951-
4653-9FCE-322A691F3456}-v48-{DB20375C-A951-4653-9FCE-322A
691F3456}-v131-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b5
1ad66eb5d3}.rdc.1
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\sopravento@hotmail.com\DFSR\Staging\CS{254
C6B5C-68FE-0BE1-410A-15E19F48F160}\48\131-{DB20375C-A951-
4653-9FCE-322A691F3456}-v48-{DB20375C-A951-4653-9FCE-322A
691F3456}-v131-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b5
1ad66eb5d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\sopravento@hotmail.com\DFSR\Staging\CS{254
C6B5C-68FE-0BE1-410A-15E19F48F160}\49\141-{DB20375C-A951-
4653-9FCE-322A691F3456}-v49-{DB20375C-A951-4653-9FCE-322A
691F3456}-v141-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b5
1ad66eb5d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\sopravento@hotmail.com\DFSR\Staging\CS{254
C6B5C-68FE-0BE1-410A-15E19F48F160}\50\143-{DB20375C-A951-
4653-9FCE-322A691F3456}-v50-{DB20375C-A951-4653-9FCE-322A
691F3456}-v143-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b5
1ad66eb5d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\sopravento@hotmail.com\DFSR\Staging\CS{254
C6B5C-68FE-0BE1-410A-15E19F48F160}\51\145-{DB20375C-A951-
4653-9FCE-322A691F3456}-v51-{DB20375C-A951-4653-9FCE-322A
691F3456}-v145-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b5
1ad66eb5d3}.rdc.1
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\sopravento@hotmail.com\DFSR\Staging\CS{254
C6B5C-68FE-0BE1-410A-15E19F48F160}\51\145-{DB20375C-A951-
4653-9FCE-322A691F3456}-v51-{DB20375C-A951-4653-9FCE-322A
691F3456}-v145-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b5
1ad66eb5d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\sopravento@hotmail.com\DFSR\Staging\CS{254
C6B5C-68FE-0BE1-410A-15E19F48F160}\52\147-{DB20375C-A951-
4653-9FCE-322A691F3456}-v52-{DB20375C-A951-4653-9FCE-322A
691F3456}-v147-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b5
1ad66eb5d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\sopravento@hotmail.com\DFSR\Staging\CS{254
C6B5C-68FE-0BE1-410A-15E19F48F160}\53\133-{DB20375C-A951-
4653-9FCE-322A691F3456}-v53-{DB20375C-A951-4653-9FCE-322A
691F3456}-v133-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b5
1ad66eb5d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\sopravento@hotmail.com\DFSR\Staging\CS{254
C6B5C-68FE-0BE1-410A-15E19F48F160}\54\135-{DB20375C-A951-
4653-9FCE-322A691F3456}-v54-{DB20375C-A951-4653-9FCE-322A
691F3456}-v135-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b5
1ad66eb5d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\sopravento@hotmail.com\DFSR\Staging\CS{254
C6B5C-68FE-0BE1-410A-15E19F48F160}\55\137-{DB20375C-A951-
4653-9FCE-322A691F3456}-v55-{DB20375C-A951-4653-9FCE-322A
691F3456}-v137-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b5
1ad66eb5d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\eioneanche@hotmail.com\S
haringMetadata\sopravento@hotmail.com\DFSR\Staging\CS{254
C6B5C-68FE-0BE1-410A-15E19F48F160}\56\139-{DB20375C-A951-
4653-9FCE-322A691F3456}-v56-{DB20375C-A951-4653-9FCE-322A
691F3456}-v139-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b5
1ad66eb5d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\essed0n@hotmail.com\Shar
ingMetadata\sostanza@hotmail.com\DFSR\Staging\CS{0531D599
-D454-4B10-CDA8-478E52B722BA}\01\10-{0531D599-D454-4B10-C
DA8-478E52B722BA}-v1-{2E533371-7093-43F3-8310-41EC52F220F
A}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5
d3}.XPRESS
ADS C:\Documents and
Settings\internetteria\Impostazioni locali\Dati
applicazioni\Microsoft\Messenger\ma_lu_78@hotmail.com\Sha
ringMetadata\eioneanche@hotmail.com\DFSR\Staging\CS{FDB55
60F-193E-4DCC-06B8-363368176D14}\01\10-{FDB5560F-193E-4DC
C-06B8-363368176D14}-v1-{BAA93EEC-CA21-4C88-A035-9D6C21CA
E0D4}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66
eb5d3}.XPRESS
ADS E:\Preferiti\Dagospia.com - 29-04-2003 - COME TI
SLOGANIZZO LE ELEZIONI AMMINISTRATIVE DA VIVIANA
BECCALOSSI (:KAVICHS
ADS E:\Preferiti\Maporama.com :KAVICHS
ADS
E:\RECYCLER\S-1-5-21-839522115-920026266-854245398-1003\D
e4\Preferiti\Dagospia.com - 29-04-2003 - COME TI
SLOGANIZZO LE ELEZIONI AMMINISTRATIVE DA VIVIANA
BECCALOSSI (:KAVICHS
ADS
E:\RECYCLER\S-1-5-21-839522115-920026266-854245398-1003\D
e4\Preferiti\Maporama.com :KAVICHS
---- EOF - GMER 1.0.12 ----
GMER 1.0.12.12027 -
http://www.gmer.net
Autostart scan 2007-02-22 17:18:18
Windows 5.1.2600 Service Pack 1
HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems@Windows = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon@Userinit = C:\WINDOWS\SYSTEM32\Userinit.exe,
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SASWinLogon@DLLName = C:\Programmi\SUPERAntiSpyware\SASWINLO.dll
HKLM\SYSTEM\CurrentControlSet\Services\ >>>
Brother XP spl Service /*BrSplService*/@ = C:\WINDOWS\System32\brsvc01a.exe
btwdins /*Bluetooth Service*/@ = C:\Programmi\Software Bluetooth\bin\btwdins.exe
ewido anti-spyware 4.0 guard /*ewido anti-spyware 4.0 guard*/@ = C:\Programmi\ewido anti-spyware 4.0\guard.exe
Fax /*Fax*/@ = %systemroot%\system32\fxssvc.exe
InCDsrvR /*InCD Helper (read only)*/@ = C:\Programmi\Ahead\InCD\InCDsrv.exe -r
LexBceS /*LexBce Server*/@ = C:\WINDOWS\system32\LEXBCES.EXE
NOD32krn /*NOD32 Kernel Service*/@ = "C:\Programmi\Eset\nod32krn.exe"
SimpTcp /*Servizi semplici TCP/IP*/@ = %SystemRoot%\System32\tcpsvcs.exe
SNMP /*Servizio SNMP*/@ = %SystemRoot%\System32\snmp.exe
Spooler /*Spooler di stampa*/@ = %SystemRoot%\system32\spoolsv.exe
UMWdf /*Windows User Mode Driver Framework*/@ = C:\WINDOWS\System32\wdfmgr.exe
wfxsvc /*WinFax PRO*/@ = C:\WINDOWS\System32\WFXSVC.EXE
HKLM\Software\Microsoft\Windows\CurrentVersion\Run >>>
@nod32kui"C:\Programmi\Eset\nod32kui.exe" /WAITSERVICE = "C:\Programmi\Eset\nod32kui.exe" /WAITSERVICE
@Lexmark X5100 Series"C:\Programmi\Lexmark X5100 Series\lxbabmgr.exe" = "C:\Programmi\Lexmark X5100 Series\lxbabmgr.exe"
@SunJavaUpdateSched"C:\Programmi\Java\jre1.5.0_10\bin\jusched.exe" = "C:\Programmi\Java\jre1.5.0_10\bin\jusched.exe"
@Samsung PanelMgrC:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe /autorun = C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe /autorun
@WFXSwtchC:\PROGRA~1\WinFax\WFXSWTCH.exe = C:\PROGRA~1\WinFax\WFXSWTCH.exe
@MSConfigC:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto = C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
HKCU\Software\Microsoft\Windows\CurrentVersion\Run >>>
@CTFMON.EXEC:\WINDOWS\System32\ctfmon.exe = C:\WINDOWS\System32\ctfmon.exe
@Caffe-ServerC:\Program Files\Caffe\Server.exe = C:\Program Files\Caffe\Server.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad@UPnPMonitor = C:\WINDOWS\System32\upnpui.dll
HKLM\Software\Classes\.scr@ = C:\WINDOWS\NOTEPAD.EXE "%1"
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks >>>
@{A213B520-C6C2-11d0-AF9D-008029E1027E}C:\Programmi\WinFax\WfxSeh32.Dll = C:\Programmi\WinFax\WfxSeh32.Dll
@{57B86673-276A-48B2-BAE7-C6DBB3020EB8}C:\Programmi\ewido anti-spyware 4.0\shellexecutehook.dll = C:\Programmi\ewido anti-spyware 4.0\shellexecutehook.dll
@{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}C:\Programmi\SUPERAntiSpyware\SASSEH.DLL = C:\Programmi\SUPERAntiSpyware\SASSEH.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved >>>
@{42071714-76d4-11d1-8b24-00a0c9068ff3} /*Estensione panoramica video del Pannello di controllo*/deskpan.dll /*file not found*/ = deskpan.dll /*file not found*/
@{B41DB860-8EE4-11D2-9906-E49FADC173CA} /*WinRAR shell extension*/C:\Programmi\WinRAR\rarext.dll = C:\Programmi\WinRAR\rarext.dll
@{e57ce731-33e8-4c51-8354-bb4de9d215d1} /*Periferiche Plug and Play universali*/C:\WINDOWS\System32\upnpui.dll = C:\WINDOWS\System32\upnpui.dll
@{E0D79304-84BE-11CE-9641-444553540000} /*WinZip*/C:\PROGRA~1\WINZIP\WZSHLSTB.DLL = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
@{E0D79305-84BE-11CE-9641-444553540000} /*WinZip*/C:\PROGRA~1\WINZIP\WZSHLSTB.DLL = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
@{E0D79306-84BE-11CE-9641-444553540000} /*WinZip*/C:\PROGRA~1\WINZIP\WZSHLSTB.DLL = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
@{E0D79307-84BE-11CE-9641-444553540000} /*WinZip*/C:\PROGRA~1\WINZIP\WZSHLSTB.DLL = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
@{BDEADF00-C265-11D0-BCED-00A0C90AB50F} /*Cartelle Web*/C:\PROGRA~1\FILECO~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL = C:\PROGRA~1\FILECO~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
@{00020D75-0000-0000-C000-000000000046} /*Microsoft Office Outlook Desktop Icon Handler*/C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL = C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL
@{0006F045-0000-0000-C000-000000000046} /*Microsoft Office Outlook Custom Icon Handler*/C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL = C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL
@{42042206-2D85-11D3-8CFF-005004838597} /*Microsoft Office HTML Icon Handler*/C:\Programmi\Microsoft Office\OFFICE11\msohev.dll = C:\Programmi\Microsoft Office\OFFICE11\msohev.dll
@{792F0537-F929-4eb7-AC1D-FB6334C71550} /*LG Phone*/(null) =
@{950FF917-7A57-46BC-8017-59D9BF474000} /*Shell Extension for CDRW*/C:\Programmi\Ahead\InCD\incdshx.dll = C:\Programmi\Ahead\InCD\incdshx.dll
@CorelDRAW Shell Extension Component /*CorelDRAW Shell Extension Component*/(null) =
@{6af09ec9-b429-11d4-a1fb-0090960218cb} /*My Bluetooth Places*/C:\WINDOWS\System32\BTNEIG~1.DLL = C:\WINDOWS\System32\BTNEIG~1.DLL
@{45AC2688-0253-4ED8-97DE-B5370FA7D48A} /*Shell Extension for Malware scanning*/(null) =
@{B089FE88-FB52-11d3-BDF1-0050DA34150D} /*NOD32 Context Menu Shell Extension*/C:\Programmi\Eset\nodshex.dll = C:\Programmi\Eset\nodshex.dll
@{1C311AAA-D8B1-4A0A-BEE5-2387FEC583DA} /*ShellPlusContextMenu*/C:\WINDOWS\system32\b4fm.dll /*file not found*/ = C:\WINDOWS\system32\b4fm.dll /*file not found*/
@{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D} /*Messenger Sharing Folders*/C:\Programmi\MSN Messenger\fsshext.8.1.0178.00.dll = C:\Programmi\MSN Messenger\fsshext.8.1.0178.00.dll
@{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} /*iTunes*/C:\Programmi\iTunes\iTunesMiniPlayer.dll /*file not found*/ = C:\Programmi\iTunes\iTunesMiniPlayer.dll /*file not found*/
HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ >>>
ewido anti-spyware@{8934FCEF-F5B8-468f-951F-78A921CD3920} = C:\Programmi\ewido anti-spyware 4.0\context.dll
ICQLiteMenu@{73B24247-042E-4EF5-ADC2-42F62E6FD654} = C:\Programmi\ICQLite\ICQLiteShell.dll
NOD32 Context Menu Shell Extension@{B089FE88-FB52-11d3-BDF1-0050DA34150D} = C:\Programmi\Eset\nodshex.dll
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Programmi\WinRAR\rarext.dll
WinZip@{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ >>>
ewido anti-spyware@{8934FCEF-F5B8-468f-951F-78A921CD3920} = C:\Programmi\ewido anti-spyware 4.0\context.dll
ICQLiteMenu@{73B24247-042E-4EF5-ADC2-42F62E6FD654} = C:\Programmi\ICQLite\ICQLiteShell.dll
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Programmi\WinRAR\rarext.dll
WinZip@{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ >>>
NOD32 Context Menu Shell Extension@{B089FE88-FB52-11d3-BDF1-0050DA34150D} = C:\Programmi\Eset\nodshex.dll
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Programmi\WinRAR\rarext.dll
WinZip@{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
HKCU\Control Panel\Desktop@SCRNSAVE.EXE = C:\WINDOWS\System32\logon.scr
HKLM\Software\Microsoft\Internet Explorer\Main >>>
@Default_Page_URLhttp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome =
http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
@Start
Pagehttp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home =
http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
@Local Page%SystemRoot%\system32\blank.htm = %SystemRoot%\system32\blank.htm
HKCU\Software\Microsoft\Internet Explorer\Main >>>
@Start
Pagehttp://www.google.com/ =
http://www.google.com/
@Local PageC:\WINDOWS\System32\blank.htm = C:\WINDOWS\System32\blank.htm
HKLM\Software\Classes\PROTOCOLS\Filter\text/xml@CLSID = C:\Programmi\File comuni\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
HKLM\Software\Classes\PROTOCOLS\Handler\ >>>
dvd@CLSID = C:\WINDOWS\System32\msvidctl.dll
its@CLSID = C:\WINDOWS\System32\itss.dll
livecall@CLSID = C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
mhtml@CLSID = %SystemRoot%\System32\inetcomm.dll
ms-its@CLSID = C:\WINDOWS\System32\itss.dll
msnim@CLSID = C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
mso-offdap@CLSID = C:\PROGRA~1\FILECO~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
mso-offdap11@CLSID = C:\PROGRA~1\FILECO~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
tv@CLSID = C:\WINDOWS\System32\msvidctl.dll
vnd.ms.radio@CLSID = C:\WINDOWS\System32\msdxm.ocx
wia@CLSID = C:\WINDOWS\System32\wiascr.dll
HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{2FFA27DF-3492-4A06-9733-C61E4D66A21D} /*Connessione alla rete locale (LAN) 3*/ >>>
@IPAddress192.168.1.150 = 192.168.1.150
@NameServer62.211.69.150,212.48.4.15 = 62.211.69.150,212.48.4.15
@DefaultGateway192.168.1.1 = 192.168.1.1
@Domain =
HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{A2C1FB77-9963-47C0-80CD-99D286902C78} /*Connessione alla rete locale (LAN) 2*/ >>>
@IPAddress192.168.1.150 = 192.168.1.150
@NameServer62.211.69.150,212.48.4.15 = 62.211.69.150,212.48.4.15
@DefaultGateway192.168.1.1 = 192.168.1.1
@Domain =
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\ >>>
000000000001@PackedCatalogItem = imon.dll
000000000002@PackedCatalogItem = imon.dll
000000000003@PackedCatalogItem = imon.dll
000000000004@PackedCatalogItem = imon.dll
000000000005@PackedCatalogItem = imon.dll
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000012@PackedCatalogItem = imon.dll
C:\Documents and Settings\internetteria\Menu Avvio\Programmi\Esecuzione automatica = NOD32.lnk
---- EOF - GMER 1.0.12 ----