Condividi:        

Cosa succede?

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: m.paolo, kadosh, Luke57

Cosa succede?

Postdi @manu@ » 15/03/07 12:27

Non so cosa succede al mio pc...Non posso piu installare antivirus di qualunque genere.Ho provato a installare kaspersky antivir panda avg avast antivir ecc.... ma tutti durante l'istallazzione mi danno un errore.Ho fatto scansioni con ewido ashampoo antispywere spybot e ad-aware e ho rimosso parecche infezioni ma mi fa sempre lo stesso problema.Non mi fa fare neanche scansioni on-line.Come posso fare?
@manu@
Utente Senior
 
Post: 145
Iscritto il: 11/06/06 20:12

Sponsor
 

Postdi Luke57 » 15/03/07 12:53

Ciao, scarica Gmer da qui:
http://www.majorgeeks.com/GMER_d5198.html
scompatta il file .zip e avvia gmer.exe, con tutte le altre applicazioni chiuse.
Per entrare in Avanzate premi il tab>>>>. Poi scegli il tab Rootkit, spunta anche la casella ADS , fai uno Scan completo. Al termine clicca Copy e incolla il report in un file di testo.
Ritorna su Gmer, premi il tab Autostart (non spuntare la casella show all) e premi Scan. Al termine click su Copy e incolla il report nel medesimo foglio di testo.
Poi, copia e incolla i due report in un post nel forum.
Luke57
Moderatore
 
Post: 6415
Iscritto il: 11/08/05 19:10

Postdi @manu@ » 15/03/07 14:31

Ciao!Ho fatto cio che mi avevi detto...questo è il primo log

GMER 1.0.12.12086 - http://www.gmer.net
Rootkit scan 2007-03-15 14:29:10
Windows 5.1.2600 Service Pack 2


---- User code sections - GMER 1.0.12 ----

.text C:\DOCUME~1\EMANUE~1\IMPOST~1\Temp\Rar$EX00.078\gmer.exe[2484] kernel32.dll!FreeLibrary + 15 7C80AA7B 4 Bytes [ BD, 55, EF, F4 ]
.text C:\Programmi\MSN Messenger\usnsvc.exe[2720] kernel32.dll!FreeLibrary + 15 7C80AA7B 4 Bytes [ BD, 55, EF, F4 ]
.text C:\PROGRA~1\Mozilla Firefox\firefox.exe[3076] kernel32.dll!FreeLibrary + 15 7C80AA7B 4 Bytes [ BD, 55, EF, F4 ]

---- Kernel code sections - GMER 1.0.12 ----

? C:\WINDOWS\system32\Drivers\mchInjDrv.sys Impossibile trovare il file specificato.

---- Devices - GMER 1.0.12 ----

Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_CLEANUP 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_CLOSE 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_CREATE 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_CREATE_MAILSLOT 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_CREATE_NAMED_PIPE 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_DEVICE_CHANGE 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_DEVICE_CONTROL 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_DIRECTORY_CONTROL 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_FILE_SYSTEM_CONTROL 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_FLUSH_BUFFERS 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_INTERNAL_DEVICE_CONTROL 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_LOCK_CONTROL 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_PNP 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_POWER 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_QUERY_EA 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_QUERY_INFORMATION 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_QUERY_QUOTA 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_QUERY_SECURITY 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_QUERY_VOLUME_INFORMATION 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_READ 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_SET_EA 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_SET_INFORMATION 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_SET_QUOTA 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_SET_SECURITY 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_SET_VOLUME_INFORMATION 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_SHUTDOWN 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_SYSTEM_CONTROL 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_WRITE 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_CLEANUP 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_CLOSE 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_CREATE 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_CREATE_MAILSLOT 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_CREATE_NAMED_PIPE 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_DEVICE_CHANGE 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_DEVICE_CONTROL 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_DIRECTORY_CONTROL 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_FILE_SYSTEM_CONTROL 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_FLUSH_BUFFERS 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_INTERNAL_DEVICE_CONTROL 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_LOCK_CONTROL 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_PNP 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_POWER 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_QUERY_EA 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_QUERY_INFORMATION 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_QUERY_QUOTA 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_QUERY_SECURITY 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_QUERY_VOLUME_INFORMATION 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_READ 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_SET_EA 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_SET_INFORMATION 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_SET_QUOTA 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_SET_SECURITY 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_SET_VOLUME_INFORMATION 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_SHUTDOWN 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_SYSTEM_CONTROL 8200D490
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_WRITE 8200D490
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_CLEANUP 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_CLOSE 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_CREATE 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_CREATE_MAILSLOT 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_CREATE_NAMED_PIPE 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_DEVICE_CHANGE 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_DEVICE_CONTROL 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_DIRECTORY_CONTROL 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_FILE_SYSTEM_CONTROL 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_FLUSH_BUFFERS 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_INTERNAL_DEVICE_CONTROL 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_LOCK_CONTROL 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_PNP 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_POWER 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_QUERY_EA 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_QUERY_INFORMATION 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_QUERY_QUOTA 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_QUERY_SECURITY 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_QUERY_VOLUME_INFORMATION 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_READ 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_SET_EA 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_SET_INFORMATION 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_SET_QUOTA 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_SET_SECURITY 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_SET_VOLUME_INFORMATION 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_SHUTDOWN 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_SYSTEM_CONTROL 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_WRITE 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-f IRP_MJ_CLEANUP 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-f IRP_MJ_CLOSE 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-f IRP_MJ_CREATE 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-f IRP_MJ_CREATE_MAILSLOT 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-f IRP_MJ_CREATE_NAMED_PIPE 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-f IRP_MJ_DEVICE_CHANGE 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-f IRP_MJ_DEVICE_CONTROL 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-f IRP_MJ_DIRECTORY_CONTROL 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-f IRP_MJ_FILE_SYSTEM_CONTROL 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-f IRP_MJ_FLUSH_BUFFERS 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-f IRP_MJ_INTERNAL_DEVICE_CONTROL 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-f IRP_MJ_LOCK_CONTROL 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-f IRP_MJ_PNP 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-f IRP_MJ_POWER 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-f IRP_MJ_QUERY_EA 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-f IRP_MJ_QUERY_INFORMATION 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-f IRP_MJ_QUERY_QUOTA 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-f IRP_MJ_QUERY_SECURITY 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-f IRP_MJ_QUERY_VOLUME_INFORMATION 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-f IRP_MJ_READ 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-f IRP_MJ_SET_EA 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-f IRP_MJ_SET_INFORMATION 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-f IRP_MJ_SET_QUOTA 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-f IRP_MJ_SET_SECURITY 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-f IRP_MJ_SET_VOLUME_INFORMATION 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-f IRP_MJ_SHUTDOWN 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-f IRP_MJ_SYSTEM_CONTROL 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-f IRP_MJ_WRITE 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_CLEANUP 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_CLOSE 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_CREATE 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_CREATE_MAILSLOT 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_CREATE_NAMED_PIPE 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_DEVICE_CHANGE 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_DEVICE_CONTROL 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_DIRECTORY_CONTROL 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_FILE_SYSTEM_CONTROL 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_FLUSH_BUFFERS 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_INTERNAL_DEVICE_CONTROL 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_LOCK_CONTROL 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_PNP 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_POWER 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_QUERY_EA 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_QUERY_INFORMATION 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_QUERY_QUOTA 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_QUERY_SECURITY 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_QUERY_VOLUME_INFORMATION 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_READ 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_SET_EA 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_SET_INFORMATION 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_SET_QUOTA 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_SET_SECURITY 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_SET_VOLUME_INFORMATION 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_SHUTDOWN 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_SYSTEM_CONTROL 820961D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_WRITE 820961D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CLEANUP 820961D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CLOSE 820961D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CREATE 820961D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CREATE_MAILSLOT 820961D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CREATE_NAMED_PIPE 820961D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_DEVICE_CHANGE 820961D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_DEVICE_CONTROL 820961D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_DIRECTORY_CONTROL 820961D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_FILE_SYSTEM_CONTROL 820961D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_FLUSH_BUFFERS 820961D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_INTERNAL_DEVICE_CONTROL 820961D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_LOCK_CONTROL 820961D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_PNP 820961D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_POWER 820961D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_QUERY_EA 820961D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_QUERY_INFORMATION 820961D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_QUERY_QUOTA 820961D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_QUERY_SECURITY 820961D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_QUERY_VOLUME_INFORMATION 820961D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_READ 820961D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SET_EA 820961D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SET_INFORMATION 820961D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SET_QUOTA 820961D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SET_SECURITY 820961D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SET_VOLUME_INFORMATION 820961D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SHUTDOWN 820961D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SYSTEM_CONTROL 820961D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_WRITE 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CLEANUP 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CLOSE 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CREATE 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CREATE_MAILSLOT 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CREATE_NAMED_PIPE 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_DEVICE_CHANGE 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_DEVICE_CONTROL 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_DIRECTORY_CONTROL 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_FILE_SYSTEM_CONTROL 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_FLUSH_BUFFERS 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_INTERNAL_DEVICE_CONTROL 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_LOCK_CONTROL 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_PNP 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_POWER 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_QUERY_EA 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_QUERY_INFORMATION 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_QUERY_QUOTA 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_QUERY_SECURITY 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_QUERY_VOLUME_INFORMATION 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_READ 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SET_EA 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SET_INFORMATION 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SET_QUOTA 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SET_SECURITY 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SET_VOLUME_INFORMATION 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SHUTDOWN 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SYSTEM_CONTROL
@manu@
Utente Senior
 
Post: 145
Iscritto il: 11/06/06 20:12

Postdi @manu@ » 15/03/07 14:35

Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CLEANUP 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CLOSE 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CREATE 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CREATE_MAILSLOT 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CREATE_NAMED_PIPE 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_DEVICE_CHANGE 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_DEVICE_CONTROL 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_DIRECTORY_CONTROL 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_FILE_SYSTEM_CONTROL 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_FLUSH_BUFFERS 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_INTERNAL_DEVICE_CONTROL 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_LOCK_CONTROL 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_PNP 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_POWER 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_QUERY_EA 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_QUERY_INFORMATION 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_QUERY_QUOTA 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_QUERY_SECURITY 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_QUERY_VOLUME_INFORMATION 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_READ 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SET_EA 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SET_INFORMATION 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SET_QUOTA 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SET_SECURITY 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SET_VOLUME_INFORMATION 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SHUTDOWN 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SYSTEM_CONTROL 820961D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_WRITE 820961D8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CLEANUP 82207590
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CLOSE 82207590
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE 82207590
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE_MAILSLOT 82207590
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE_NAMED_PIPE 82207590
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DEVICE_CHANGE 82207590
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DEVICE_CONTROL 82207590
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DIRECTORY_CONTROL 82207590
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_FILE_SYSTEM_CONTROL 82207590
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_FLUSH_BUFFERS 82207590
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_INTERNAL_DEVICE_CONTROL 82207590
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_LOCK_CONTROL 82207590
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_PNP 82207590
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_POWER 82207590
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_EA 82207590
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_INFORMATION 82207590
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_QUOTA 82207590
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_SECURITY 82207590
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_VOLUME_INFORMATION 82207590
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_READ 82207590
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_EA 82207590
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_INFORMATION 82207590
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_QUOTA 82207590
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_SECURITY 82207590
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_VOLUME_INFORMATION 82207590
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SHUTDOWN 82207590
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SYSTEM_CONTROL 82207590
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_WRITE 82207590
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CLEANUP 82207590
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CLOSE 82207590
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE 82207590
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE_MAILSLOT 82207590
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE_NAMED_PIPE 82207590
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DEVICE_CHANGE 82207590
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DEVICE_CONTROL 82207590
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DIRECTORY_CONTROL 82207590
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_FILE_SYSTEM_CONTROL 82207590
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_FLUSH_BUFFERS 82207590
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_INTERNAL_DEVICE_CONTROL 82207590
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_LOCK_CONTROL 82207590
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_PNP 82207590
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_POWER 82207590
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_EA 82207590
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_INFORMATION 82207590
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_QUOTA 82207590
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_SECURITY 82207590
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_VOLUME_INFORMATION 82207590
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_READ 82207590
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_EA 82207590
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_INFORMATION 82207590
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_QUOTA 82207590
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_SECURITY 82207590
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_VOLUME_INFORMATION 82207590
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SHUTDOWN 82207590
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SYSTEM_CONTROL 82207590
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_WRITE 82207590
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CLEANUP 82207590
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CLOSE 82207590
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CREATE 82207590
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CREATE_MAILSLOT 82207590
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CREATE_NAMED_PIPE 82207590
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_DEVICE_CHANGE 82207590
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_DEVICE_CONTROL 82207590
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_DIRECTORY_CONTROL 82207590
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_FILE_SYSTEM_CONTROL 82207590
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_FLUSH_BUFFERS 82207590
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_INTERNAL_DEVICE_CONTROL 82207590
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_LOCK_CONTROL 82207590
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_PNP 82207590
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_POWER 82207590
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_QUERY_EA 82207590
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_QUERY_INFORMATION 82207590
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_QUERY_QUOTA 82207590
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_QUERY_SECURITY 82207590
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_QUERY_VOLUME_INFORMATION 82207590
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_READ 82207590
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SET_EA 82207590
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SET_INFORMATION 82207590
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SET_QUOTA 82207590
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SET_SECURITY 82207590
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SET_VOLUME_INFORMATION 82207590
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SHUTDOWN 82207590
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SYSTEM_CONTROL 82207590
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_WRITE 82207590
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_CLEANUP 82207590
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_CLOSE 82207590
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_CREATE 82207590
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_CREATE_MAILSLOT 82207590
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_CREATE_NAMED_PIPE 82207590
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_DEVICE_CHANGE 82207590
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_DEVICE_CONTROL 82207590
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_DIRECTORY_CONTROL 82207590
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_FILE_SYSTEM_CONTROL 82207590
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_FLUSH_BUFFERS 82207590
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_INTERNAL_DEVICE_CONTROL 82207590
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_LOCK_CONTROL 82207590
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_PNP 82207590
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_POWER 82207590
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_QUERY_EA 82207590
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_QUERY_INFORMATION 82207590
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_QUERY_QUOTA 82207590
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_QUERY_SECURITY 82207590
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_QUERY_VOLUME_INFORMATION 82207590
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_READ 82207590
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_SET_EA 82207590
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_SET_INFORMATION 82207590
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_SET_QUOTA 82207590
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_SET_SECURITY 82207590
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_SET_VOLUME_INFORMATION 82207590
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_SHUTDOWN 82207590
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_SYSTEM_CONTROL 82207590
Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_WRITE 82207590
Device \Driver\VClone \Device\Scsi\VClone1 IRP_MJ_CLEANUP 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1 IRP_MJ_CLOSE 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1 IRP_MJ_CREATE 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1 IRP_MJ_CREATE_MAILSLOT 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1 IRP_MJ_CREATE_NAMED_PIPE 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1 IRP_MJ_DEVICE_CHANGE 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1 IRP_MJ_DEVICE_CONTROL 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1 IRP_MJ_DIRECTORY_CONTROL 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1 IRP_MJ_FILE_SYSTEM_CONTROL 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1 IRP_MJ_FLUSH_BUFFERS 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1 IRP_MJ_INTERNAL_DEVICE_CONTROL 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1 IRP_MJ_LOCK_CONTROL 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1 IRP_MJ_PNP 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1 IRP_MJ_POWER 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1 IRP_MJ_QUERY_EA 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1 IRP_MJ_QUERY_INFORMATION 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1 IRP_MJ_QUERY_QUOTA 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1 IRP_MJ_QUERY_SECURITY 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1 IRP_MJ_QUERY_VOLUME_INFORMATION 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1 IRP_MJ_READ 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1 IRP_MJ_SET_EA 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1 IRP_MJ_SET_INFORMATION 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1 IRP_MJ_SET_QUOTA 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1 IRP_MJ_SET_SECURITY 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1 IRP_MJ_SET_VOLUME_INFORMATION 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1 IRP_MJ_SHUTDOWN 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1 IRP_MJ_SYSTEM_CONTROL 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1 IRP_MJ_WRITE 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1Port0Path0Target0Lun0 IRP_MJ_CLEANUP 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1Port0Path0Target0Lun0 IRP_MJ_CLOSE 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1Port0Path0Target0Lun0 IRP_MJ_CREATE 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1Port0Path0Target0Lun0 IRP_MJ_CREATE_MAILSLOT 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1Port0Path0Target0Lun0 IRP_MJ_CREATE_NAMED_PIPE 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1Port0Path0Target0Lun0 IRP_MJ_DEVICE_CHANGE 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1Port0Path0Target0Lun0 IRP_MJ_DEVICE_CONTROL 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1Port0Path0Target0Lun0 IRP_MJ_DIRECTORY_CONTROL 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1Port0Path0Target0Lun0 IRP_MJ_FILE_SYSTEM_CONTROL 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1Port0Path0Target0Lun0 IRP_MJ_FLUSH_BUFFERS 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1Port0Path0Target0Lun0 IRP_MJ_INTERNAL_DEVICE_CONTROL 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1Port0Path0Target0Lun0 IRP_MJ_LOCK_CONTROL 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1Port0Path0Target0Lun0 IRP_MJ_PNP 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1Port0Path0Target0Lun0 IRP_MJ_POWER 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1Port0Path0Target0Lun0 IRP_MJ_QUERY_EA 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1Port0Path0Target0Lun0 IRP_MJ_QUERY_INFORMATION 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1Port0Path0Target0Lun0 IRP_MJ_QUERY_QUOTA 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1Port0Path0Target0Lun0 IRP_MJ_QUERY_SECURITY 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1Port0Path0Target0Lun0 IRP_MJ_QUERY_VOLUME_INFORMATION 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1Port0Path0Target0Lun0 IRP_MJ_READ 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1Port0Path0Target0Lun0 IRP_MJ_SET_EA 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1Port0Path0Target0Lun0 IRP_MJ_SET_INFORMATION 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1Port0Path0Target0Lun0 IRP_MJ_SET_QUOTA 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1Port0Path0Target0Lun0 IRP_MJ_SET_SECURITY 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1Port0Path0Target0Lun0 IRP_MJ_SET_VOLUME_INFORMATION 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1Port0Path0Target0Lun0 IRP_MJ_SHUTDOWN 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1Port0Path0Target0Lun0 IRP_MJ_SYSTEM_CONTROL 8200D9C8
Device \Driver\VClone \Device\Scsi\VClone1Port0Path0Target0Lun0 IRP_MJ_WRITE 8200D9C8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_READ 82222528
Device \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer IRP_MJ_READ 81ED6788
Device \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer IRP_MJ_READ 81ED6788
Device \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer IRP_MJ_READ
@manu@
Utente Senior
 
Post: 145
Iscritto il: 11/06/06 20:12

Postdi @manu@ » 15/03/07 14:37

Device \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer IRP_MJ_READ 81ED6788
Device \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer IRP_MJ_READ 81ED6788
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_READ 81E49F08
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_READ 81E49F08
Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_READ 81E6F710
Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_READ 81FFB5F8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_READ 82359B08
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_READ 81E4F4A0
Device \FileSystem\Srv \Device\LanmanServer IRP_MJ_READ 820C99F8

---- Modules - GMER 1.0.12 ----

Module _________ F8439000

---- Registry - GMER 1.0.12 ----

Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|WINDOWS|Microsoft.NET|Framework|v1.1.4322|mscorwks.dll@Accessibility,Version="1.0.5000.0",PublicKeyToken="b03f5f7f11d50a3a",Culture="neutral",FileVersion="1.1.4322.573" %EmAj?C%k9W7cNB_.[t[Redist_Package>aPzKX=15Z?*VmZwfL?5??
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|WINDOWS|Microsoft.NET|Framework|v1.1.4322|mscorwks.dll@CustomMarshalers,Version="1.0.5000.0",PublicKeyToken="b03f5f7f11d50a3a",Culture="neutral",FileVersion="1.1.4322.573" %EmAj?C%k9W7cNB_.[t[Redist_Package>e}GvMMOnH@hg(nYnu%p8?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|WINDOWS|Microsoft.NET|Framework|v1.1.4322|mscorwks.dll@IEHost,Version="1.0.5000.0",PublicKeyToken="b03f5f7f11d50a3a",Culture="neutral",FileVersion="1.1.4322.573" %EmAj?C%k9W7cNB_.[t[Redist_Package>R,YAg8Uzf?q9ZRNgCdW.?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|WINDOWS|Microsoft.NET|Framework|v1.1.4322|mscorwks.dll@IIEHost,Version="1.0.5000.0",PublicKeyToken="b03f5f7f11d50a3a",Culture="neutral",FileVersion="1.0.5000.0" %EmAj?C%k9W7cNB_.[t[Redist_Package>nV30Foad^=4D0FLgllXd?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|WINDOWS|Microsoft.NET|Framework|v1.1.4322|mscorwks.dll@ISymWrapper,Version="1.0.5000.0",PublicKeyToken="b03f5f7f11d50a3a",Culture="neutral",FileVersion="1.1.4322.573" %EmAj?C%k9W7cNB_.[t[Redist_Package>W**YR.kDv?kTe!evxZOf?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|WINDOWS|Microsoft.NET|Framework|v1.1.4322|mscorwks.dll@mscorcfg,Version="1.0.5000.0",PublicKeyToken="b03f5f7f11d50a3a",Culture="neutral",FileVersion="1.1.4322.573" %EmAj?C%k9W7cNB_.[t[Redist_Package>{?^lW%IQJ=DGh@&,glnR?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|WINDOWS|Microsoft.NET|Framework|v1.1.4322|mscorwks.dll@mscorlib,Version="1.0.5000.0",PublicKeyToken="b77a5c561934e089",Culture="neutral",FileVersion="1.1.4322.573" %EmAj?C%k9W7cNB_.[t[Redist_Package>v~Yw+7RXK?*n7r]K90Xd?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|WINDOWS|Microsoft.NET|Framework|v1.1.4322|mscorwks.dll@System,Version="1.0.5000.0",PublicKeyToken="b77a5c561934e089",Culture="neutral",FileVersion="1.1.4322.573" %EmAj?C%k9W7cNB_.[t[Redist_Package>6_Lp.YrKG=t~lt)yuC(b?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|WINDOWS|Microsoft.NET|Framework|v1.1.4322|mscorwks.dll@System.Configuration.Install,Version="1.0.5000.0",PublicKeyToken="b03f5f7f11d50a3a",Culture="neutral",FileVersion="1.1.4322.573" %EmAj?C%k9W7cNB_.[t[Redist_Package>]-2y_C5dWAq8t'Ahp=bS?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|WINDOWS|Microsoft.NET|Framework|v1.1.4322|mscorwks.dll@System.Data,Version="1.0.5000.0",PublicKeyToken="b77a5c561934e089",Culture="neutral",FileVersion="1.1.4322.573" %EmAj?C%k9W7cNB_.[t[Redist_Package>=6xEmQ}b$?[kDPAt*+Mv?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|WINDOWS|Microsoft.NET|Framework|v1.1.4322|mscorwks.dll@System.Design,Version="1.0.5000.0",PublicKeyToken="b03f5f7f11d50a3a",Culture="neutral",FileVersion="1.1.4322.573" %EmAj?C%k9W7cNB_.[t[Redist_Package>?7w%[IH(QA(f_Nv)g1+u?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|WINDOWS|Microsoft.NET|Framework|v1.1.4322|mscorwks.dll@System.DirectoryServices,Version="1.0.5000.0",PublicKeyToken="b03f5f7f11d50a3a",Culture="neutral",FileVersion="1.1.4322.573" %EmAj?C%k9W7cNB_.[t[Redist_Package>IvR7u6?dq8g4^Yd4V1J6?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|WINDOWS|Microsoft.NET|Framework|v1.1.4322|mscorwks.dll@System.Drawing,Version="1.0.5000.0",PublicKeyToken="b03f5f7f11d50a3a",Culture="neutral",FileVersion="1.1.4322.573" %EmAj?C%k9W7cNB_.[t[Redist_Package>Av^oip*aw@nLUAKMX6tN?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|WINDOWS|Microsoft.NET|Framework|v1.1.4322|mscorwks.dll@System.Drawing.Design,Version="1.0.5000.0",PublicKeyToken="b03f5f7f11d50a3a",Culture="neutral",FileVersion="1.1.4322.573" %EmAj?C%k9W7cNB_.[t[Redist_Package>8P8fd9s@-?D*V},`V=T3?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|WINDOWS|Microsoft.NET|Framework|v1.1.4322|mscorwks.dll@System.EnterpriseServices,Version="1.0.5000.0",PublicKeyToken="b03f5f7f11d50a3a",Culture="neutral",FileVersion="1.1.4322.573" %EmAj?C%k9W7cNB_.[t[Redist_Package>@IM,Wr2Wa@-nALq*H~JM?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|WINDOWS|Microsoft.NET|Framework|v1.1.4322|mscorwks.dll@System.Management,Version="1.0.5000.0",PublicKeyToken="b03f5f7f11d50a3a",Culture="neutral",FileVersion="1.1.4322.573" %EmAj?C%k9W7cNB_.[t[Redist_Package>PCwF,UKRl=)zd@Q'%%3G?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|WINDOWS|Microsoft.NET|Framework|v1.1.4322|mscorwks.dll@System.Messaging,Version="1.0.5000.0",PublicKeyToken="b03f5f7f11d50a3a",Culture="neutral",FileVersion="1.1.4322.573" %EmAj?C%k9W7cNB_.[t[Redist_Package>vQk-c(tl+9_q.YVyjkqq?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|WINDOWS|Microsoft.NET|Framework|v1.1.4322|mscorwks.dll@System.Runtime.Remoting,Version="1.0.5000.0",PublicKeyToken="b77a5c561934e089",Culture="neutral",FileVersion="1.1.4322.573" %EmAj?C%k9W7cNB_.[t[Redist_Package>oaxX*et~F@1qEj-wm]ZH?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|WINDOWS|Microsoft.NET|Framework|v1.1.4322|mscorwks.dll@System.Runtime.Serialization.Formatters.Soap,Version="1.0.5000.0",PublicKeyToken="b03f5f7f11d50a3a",Culture="neutral",FileVersion="1.1.4322.573" %EmAj?C%k9W7cNB_.[t[Redist_Package>hXM40zsHQ9T~regpU=Bb?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|WINDOWS|Microsoft.NET|Framework|v1.1.4322|mscorwks.dll@System.ServiceProcess,Version="1.0.5000.0",PublicKeyToken="b03f5f7f11d50a3a",Culture="neutral",FileVersion="1.1.4322.573" %EmAj?C%k9W7cNB_.[t[Redist_Package>xY=TG9CqU@W)~p?RO_w[?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|WINDOWS|Microsoft.NET|Framework|v1.1.4322|mscorwks.dll@System.Web,Version="1.0.5000.0",PublicKeyToken="b03f5f7f11d50a3a",Culture="neutral",FileVersion="1.1.4322.573" %EmAj?C%k9W7cNB_.[t[Redist_Package>C)z]OrW%R=wF2GW{Mgf2?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|WINDOWS|Microsoft.NET|Framework|v1.1.4322|mscorwks.dll@System.Web.RegularExpressions,Version="1.0.5000.0",PublicKeyToken="b03f5f7f11d50a3a",Culture="neutral",FileVersion="1.1.4322.573" %EmAj?C%k9W7cNB_.[t[Redist_Package>hWlcu7oG*9ybzp+^-VdU?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|WINDOWS|Microsoft.NET|Framework|v1.1.4322|mscorwks.dll@System.Web.Services,Version="1.0.5000.0",PublicKeyToken="b03f5f7f11d50a3a",Culture="neutral",FileVersion="1.1.4322.573" %EmAj?C%k9W7cNB_.[t[Redist_Package>_FJM`5byo=hcOs8jwB`u?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|WINDOWS|Microsoft.NET|Framework|v1.1.4322|mscorwks.dll@System.Windows.Forms,Version="1.0.5000.0",PublicKeyToken="b77a5c561934e089",Culture="neutral",FileVersion="1.1.4322.573" %EmAj?C%k9W7cNB_.[t[Redist_Package>^'5*]IAel?w8MnWaY[Jf?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|WINDOWS|Microsoft.NET|Framework|v1.1.4322|mscorwks.dll@System.Xml,Version="1.0.5000.0",PublicKeyToken="b77a5c561934e089",Culture="neutral",FileVersion="1.1.4322.573" %EmAj?C%k9W7cNB_.[t[Redist_Package>'.E-h@SP~=w?DXL*AL.m?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\Global@Accessibility,Version="1.0.5000.0",PublicKeyToken="b03f5f7f11d50a3a",Culture="neutral",FileVersion="1.1.4322.573" %EmAj?C%k9W7cNB_.[t[Redist_Package>kgT}+.%vy?ikM)Pm%j(e?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\Global@cscompmgd,Version="7.0.5000.0",PublicKeyToken="b03f5f7f11d50a3a",Culture="neutral",FileVersion="7.10.3052.4" %EmAj?C%k9W7cNB_.[t[Redist_Package>.[PYtUR-d8WP[=+EL+1O?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\Global@CustomMarshalers,Version="1.0.5000.0",PublicKeyToken="b03f5f7f11d50a3a",Culture="neutral",FileVersion="1.1.4322.573" %EmAj?C%k9W7cNB_.[t[Redist_Package>NA^,LBxBWAO8^5,~v&8R?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\Global@IEExecRemote,Version="1.0.5000.0",PublicKeyToken="b03f5f7f11d50a3a",Culture="neutral",FileVersion="1.1.4322.573" %EmAj?C%k9W7cNB_.[t[Redist_Package>bbB7w3YPI?^u?S_0}W8T?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\Global@IEHost,Version="1.0.5000.0",PublicKeyToken="b03f5f7f11d50a3a",Culture="neutral",FileVersion="1.1.4322.573" %EmAj?C%k9W7cNB_.[t[Redist_Package>{e[a-{V).94C1..jDAj.?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\Global@IIEHost,Version="1.0.5000.0",PublicKeyToken="b03f5f7f11d50a3a",Culture="neutral",FileVersion="1.0.5000.0" %EmAj?C%k9W7cNB_.[t[Redist_Package>a+z?fXORD?MQ[Q9IU8rM?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\Global@ISymWrapper,Version="1.0.5000.0",PublicKeyToken="b03f5f7f11d50a3a",Culture="neutral",FileVersion="1.1.4322.573" %EmAj?C%k9W7cNB_.[t[Redist_Package>)FaXaBH81?z8.(n5Ifk0?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\Global@Microsoft.JScript,Version="7.0.5000.0",PublicKeyToken="b03f5f7f11d50a3a",Culture="neutral",FileVersion="7.10.3052.4" %EmAj?C%k9W7cNB_.[t[Redist_Package>2Y]8C*W[d@g,InfZq=QO?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\Global@Microsoft.VisualBasic,Version="7.0.5000.0",PublicKeyToken="b03f5f7f11d50a3a",Culture="neutral",FileVersion="7.10.3052.4" %EmAj?C%k9W7cNB_.[t[Redist_Package>uqOdb3z0A9nOM3DNwRap?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\Global@Microsoft.VisualBasic.Vsa,Version="7.0.5000.0",PublicKeyToken="b03f5f7f11d50a3a",Culture="neutral",FileVersion="7.10.3052.4" %EmAj?C%k9W7cNB_.[t[Redist_Package>dxy+{V6B(@+d{@(0_+AQ?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\Global@Microsoft.VisualC,Version="7.0.5000.0",PublicKeyToken="b03f5f7f11d50a3a",Culture="neutral",FileVersion="7.10.3052.4" %EmAj?C%k9W7cNB_.[t[Redist_Package>w=KLXB[Xr=7Tk@&xP9mc?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\Global@Microsoft.Vsa,Version="7.0.5000.0",PublicKeyToken="b03f5f7f11d50a3a",Culture="neutral",FileVersion="7.10.3052.4" %EmAj?C%k9W7cNB_.[t[Redist_Package>vC~AI=2_U=jP1y7`PgEK?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\Global@Microsoft_VsaVb,Version="7.0.5000.0",PublicKeyToken="b03f5f7f11d50a3a",Culture="neutral",FileVersion="7.10.3052.4" %EmAj?C%k9W7cNB_.[t[Redist_Package>ZYT6Y}7@o?kE(HR+=APT?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\Global@mscorcfg,Version="1.0.5000.0",PublicKeyToken="b03f5f7f11d50a3a",Culture="neutral",FileVersion="1.1.4322.573" %EmAj?C%k9W7cNB_.[t[Redist_Package>?Apg'v4Ao8k8Bcl_)c@q?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\Global@Regcode,Version="1.0.5000.0",PublicKeyToken="b03f5f7f11d50a3a",Culture="neutral",FileVersion="1.1.4322.573" %EmAj?C%k9W7cNB_.[t[Redist_Package>HgVH13*D4=(W~'P?(s2v?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\Global@System,Version="1.0.5000.0",PublicKeyToken="b77a5c561934e089",Culture="neutral",FileVersion="1.1.4322.573" %EmAj?C%k9W7cNB_.[t[Redist_Package>fHeMP]gBr8xqs@n2Co?]?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\Global@System.Configuration.Install,Version="1.0.5000.0",PublicKeyToken="b03f5f7f11d50a3a",Culture="neutral",FileVersion="1.1.4322.573" %EmAj?C%k9W7cNB_.[t[Redist_Package>NLc&){D?)A$1sUX?25sO?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\Global@System.Data,Version="1.0.5000.0",PublicKeyToken="b77a5c561934e089",Culture="neutral",FileVersion="1.1.4322.573" %EmAj?C%k9W7cNB_.[t[Redist_Package>&E8MWjh%YAwnpr?O'Yi%?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\Global@System.Data.OracleClient,Version="1.0.5000.0",PublicKeyToken="b77a5c561934e089",Culture="neutral",FileVersion="1.1.4322.573" %EmAj?C%k9W7cNB_.[t[Redist_Package>LSv0fvZqn=B^x-K9?$ZH?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\Global@System.Design,Version="1.0.5000.0",PublicKeyToken="b03f5f7f11d50a3a",Culture="neutral",FileVersion="1.1.4322.573" %EmAj?C%k9W7cNB_.[t[Redist_Package>C*F%G*9^O@W5=%1gR^8-?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\Global@System.DirectoryServices,Version="1.0.5000.0",PublicKeyToken="b03f5f7f11d50a3a",Culture="neutral",FileVersion="1.1.4322.573" %EmAj?C%k9W7cNB_.[t[Redist_Package>$v^BT?)o-=UTn*mAe$WC?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\Global@System.Drawing,Version="1.0.5000.0",PublicKeyToken="b03f5f7f11d50a3a",Culture="neutral",FileVersion="1.1.4322.573" %EmAj?C%k9W7cNB_.[t[Redist_Package>SksH4=PK%=e-_b0RuAPa?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\Global@System.Drawing.Design,Version="1.0.5000.0",PublicKeyToken="b03f5f7f11d50a3a",Culture="neutral",FileVersion="1.1.4322.573" %EmAj?C%k9W7cNB_.[t[Redist_Package>5FJq?3gMD@zhYonAA7zP?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\Global@System.EnterpriseServices,Version="1.0.5000.0",PublicKeyToken="b03f5f7f11d50a3a",Culture="neutral",FileVersion="1.1.4322.573" %EmAj?C%k9W7cNB_.[t[Redist_Package>e64H(FT9aAe*?nR&Hqu&?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\Global@System.Management,Version="1.0.5000.0",PublicKeyToken="b03f5f7f11d50a3a",Culture="neutral",FileVersion="1.1.4322.573" %EmAj?C%k9W7cNB_.[t[Redist_Package>E-9C,Ky_,=`o0ZsSt.K4?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\Global@System.Messaging,Version="1.0.5000.0",PublicKeyToken="b03f5f7f11d50a3a",Culture="neutral",FileVersion="1.1.4322.573" %EmAj?C%k9W7cNB_.[t[Redist_Package>(GwSNVGT+@7fT)]}SlJ_?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\Global@System.Runtime.Remoting,Version="1.0.5000.0",PublicKeyToken="b77a5c561934e089",Culture="neutral",FileVersion="1.1.4322.573" %EmAj?C%k9W7cNB_.[t[Redist_Package>$AqI^d@FOAa}lhk6lCx6?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\Global@System.Runtime.Serialization.Formatters.Soap,Version="1.0.5000.0",PublicKeyToken="b03f5f7f11d50a3a",Culture="neutral",FileVersion="1.1.4322.573" %EmAj?C%k9W7cNB_.[t[Redist_Package>b(NwVxq^D9N$NykQh&F=?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\Global@System.Security,Version="1.0.5000.0",PublicKeyToken="b03f5f7f11d50a3a",Culture="neutral",FileVersion="1.1.4322.573" %EmAj?C%k9W7cNB_.[t[Redist_Package>,.idGaf+a@p?-Q++qW2k?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\Global@System.ServiceProcess,Version="1.0.5000.0",PublicKeyToken="b03f5f7f11d50a3a",Culture="neutral",FileVersion="1.1.4322.573" %EmAj?C%k9W7cNB_.[t[Redist_Package>&n!BoCXqG=-dnT!D_K^F?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\Global@System.Web,Version="1.0.5000.0",PublicKeyToken="b03f5f7f11d50a3a",Culture="neutral",FileVersion="1.1.4322.573" %EmAj?C%k9W7cNB_.[t[Redist_Package>lWHd$@tF]9]5,Sm%4[C+?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\Global@System.Web.Mobile,Version="1.0.5000.0",PublicKeyToken="b03f5f7f11d50a3a",Culture="neutral",FileVersion="1.1.4322.573" %EmAj?C%k9W7cNB_.[t[Redist_Package>f8hJ=QM?g(Z1z?VXB]2d?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\Global@System.Web.RegularExpressions,Version="1.0.5000.0",PublicKeyToken="b03f5f7f11d50a3a",Culture="neutral",FileVersion="1.1.4322.573" %EmAj?C%k9W7cNB_.[t[Redist_Package>Z4gl`yrv7=muBlQnQKLc?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\Global@System.Web.Services,Version="1.0.5000.0",PublicKeyToken="b03f5f7f11d50a3a",Culture="neutral",FileVersion="1.1.4322.573" %EmAj?C%k9W7cNB_.[t[Redist_Package>aNAK!_!Eo=`)&1S{-9qF?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\Global@System.Windows.Forms,Version="1.0.5000.0",PublicKeyToken="b77a5c561934e089",Culture="neutral",FileVersion="1.1.4322.573" %EmAj?C%k9W7cNB_.[t[Redist_Package>VM.bWln_GA'bH^9b4zy!?
Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\Global@System.Xml,Version="1.0.5000.0",PublicKeyToken="b77a5c561934e089",Culture="neutral",FileVersion="1.1.4322.573" %EmAj?C%k9W7cNB_.[t[Redist_Package>%$f[5O}U(A5g(F1lojgF?
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Documents and Settings\Emanuele_2\Dati applicazioni\Earth Resource Mapping\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Documents and Settings\Emanuele_2\Dati applicazioni\Earth Resource Mapping\Image Web Server\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Documents and Settings\Emanuele_2\Dati applicazioni\Earth Resource Mapping\Image Web Server\Client\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Documents and Settings\Emanuele_2\Dati applicazioni\Earth Resource Mapping\Image Web Server\Client\GDT_Data\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Documents and Settings\Emanuele_2\Dati applicazioni\Microsoft\Installer\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\Activision\Call of Duty 2 Demo\Main\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\File comuni\Microsoft Shared\DW\1025\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\File comuni\Microsoft Shared\DW\1028\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\File comuni\Microsoft Shared\DW\1031\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\File comuni\Microsoft Shared\DW\1033\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\File comuni\Microsoft Shared\DW\1036\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\File comuni\Microsoft Shared\DW\1041\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\File comuni\Microsoft Shared\DW\1042\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\File comuni\Microsoft Shared\DW\2052\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\File comuni\Microsoft Shared\DW\3082\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\Internet Explorer\MUI\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\Internet Explorer\MUI\0409\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Programmi\Puppet Master\ 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\WINDOWS\Installer\{0FF1922C-B6C4-40BB-AF30-BEF75A482444}\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ASP.NETClientFiles\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MUI\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MUI\0409\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\App_Code\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\App_Data\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\App_GlobalResources\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\App_LocalResources\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\AppConfig\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\AppConfig\App_LocalResources\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\Images\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\Providers\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\Providers\App_LocalResources\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\Security\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\Security\App_LocalResources\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\Security\Permissions\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\Security\Permissions\App_LocalResources\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\Security\Roles\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\Security\Roles\App_LocalResources\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\Security\Users\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\Security\Users\App_LocalResources\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\Security\Wizard\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\Security\Wizard\App_LocalResources\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CONFIG\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CONFIG\Browsers\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MSBuild\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MUI\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MUI\0409\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RedistList\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\WINDOWS\system32\MUI\0409\
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\TempPackages@C:\WINDOWS\Installer\36786.mst 0
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\TempPackages@C:\WINDOWS\Installer\{617095DB-B523-4D11-BBFD-2D74C2AD98B8}\NewShortcut1_55F94FDD51A24CC3A8B85DB79CA7DED3.exe 1

---- System - GMER 1.0.12 ----

SSDT \??\C:\Documents and Settings\Emanuele_2\Dati applicazioni\hidires\m_hook.sys ZwCreateFile
SSDT \??\C:\Documents and Settings\Emanuele_2\Dati applicazioni\hidires\m_hook.sys ZwEnumerateKey
SSDT \??\C:\Documents and Settings\Emanuele_2\Dati applicazioni\hidires\m_hook.sys ZwEnumerateValueKey
SSDT \??\C:\Documents and Settings\Emanuele_2\Dati applicazioni\hidires\m_hook.sys ZwQueryDirectoryFile
SSDT \??\C:\Documents and Settings\Emanuele_2\Dati applicazioni\hidires\m_hook.sys ZwQueryKey
SSDT \??\C:\Documents and Settings\Emanuele_2\Dati applicazioni\hidires\m_hook.sys ZwQuerySystemInformation
SSDT a347bus.sys ZwClose
SSDT a347bus.sys ZwCreateKey
SSDT a347bus.sys ZwCreatePagingFile
SSDT a347bus.sys ZwOpenFile
SSDT a347bus.sys ZwOpenKey
SSDT a347bus.sys ZwQueryValueKey
SSDT a347bus.sys ZwSetSystemPowerState

---- Registry - GMER 1.0.12 ----

Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\App_LocalResources\error.aspx.resx 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\Security\Permissions\App_LocalResources\createPermission.aspx.resx 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\Providers\App_LocalResources\providerList.ascx.resx 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\App_GlobalResources\AppConfigCommon.resx 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\Security\Roles\App_LocalResources\manageSingleRole.aspx.resx 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\Security\App_LocalResources\setUpAuthentication.aspx.resx 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\Security\Users\App_LocalResources\editUser.aspx.resx 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\Security\Wizard\App_LocalResources\wizardAddUser.ascx.resx 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\App_Data\GroupedProviders.xml 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\navigationBar.ascx 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\AppConfig\SmtpSettings.aspx 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\App_Code\WebAdminPage.cs 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\WebAdminHelp.aspx 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\Images\requiredBang.gif 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\Security\Permissions\managePermissions.aspx 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\Providers\ProviderList.ascx 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\Security\Roles\manageSingleRole.aspx 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\Security\security.aspx 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\Security\Users\addUser.aspx 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\Security\Wizard\wizardAddUser.ascx 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\alink.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfdll.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\system32\dfshim.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\gacutil.exe.config 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ieexec.exe.config 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\csc.exe.config 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\csc.exe 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscomp.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cvtres.exe 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.tlb 2
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\jsc.exe 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MSBuild.rsp 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Common.Tasks 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.CSharp.targets 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Frame
@manu@
Utente Senior
 
Post: 145
Iscritto il: 11/06/06 20:12

Postdi @manu@ » 15/03/07 14:40

1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MSBuild\Microsoft.Build.Commontypes.xsd 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MSBuild\Microsoft.Build.Core.xsd 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.xsd 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fusion.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\peverify.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Programmi\Internet Explorer\MUI\0409\mscorier.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RedistList\FrameworkList.xml 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ilasm.exe 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CLR.mof 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Security.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonSymbols.h 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\_dataperfcounters_shared12_neutral.h 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\_NetworkingPerfCounters.h 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.XML.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Design.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExec.exe 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEHost.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscoree.tlb 2
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorld.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorlib.tlb 2
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscortim.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\netfxsbs12.hkf 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ngen.exe 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\normalization.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\sbscmp20_mscorwks.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\sbscmp20_perfcounter.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\SharedReg12.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\shfusion.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\SOS.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\_DataOracleClientPerfCounters_shared12_neutral.h 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.tlb 2
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Management.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.tlb 2
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.tlb 2
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.tlb 2
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\XPThemes.manifest 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\corperfmonsymbols.ini 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\_dataperfcounters_shared12_neutral.ini 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\_Networkingperfcounters.ini 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\_DataOracleClientPerfCounters_shared12_neutral.ini 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\system32\MUI\0409\mscorees.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\shfusion.chm 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe.config 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll 1
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\System.Windows.Forms.tlb 4096
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\System.EnterpriseServices.tlb 4096
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\Microsoft.JScript.tlb 4096
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\Microsoft.Vsa.tlb 4096
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\System.Drawing.tlb 4096
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscoree.tlb 4096
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscorlib.tlb 4096
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\System.tlb 4096
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\Microsoft.Vsa.Vb.CodeDOMProcessor.tlb 4096
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe -2147483648
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\system32\psapi.dll 2
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\system32\MFC71.dll 2
Reg \Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\WINDOWS\system32\actskin4.ocx 2
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\megauploadtoolbar\Reports\39118\Objects\5@%7D%7BDNSERROR%3D%3DREDIRECTION%7D%7Bhttp%3A%2F%2Fwww%2Emegaclick%2Ecom%2Fnotfound%2F%3Flg%3Den%26type%3Ddns%26q%3Dcibernegocios 1
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\megauploadtoolbar\Reports\39118\Objects\5@%7D%7BDNSERROR%3D%3DREDIRECTION%7D%7Bhttp%3A%2F%2Fwww%2Emegaclick%2Ecom%2Fnotfound%2F%3Flg%3Den%26type%3Ddns%26q%3Dcof666%252Esh 1
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\megauploadtoolbar\Reports\39118\Objects\5@%7D%7BDNSERROR%3D%3DREDIRECTION%7D%7Bhttp%3A%2F%2Fwww%2Emegaclick%2Ecom%2Fnotfound%2F%3Flg%3Den%26type%3Ddns%26q%3Dvivamodelhobb 1
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\megauploadtoolbar\Reports\39118\Objects\5@%7D%7BDNSERROR%3D%3DREDIRECTION%7D%7Bhttp%3A%2F%2Fwww%2Emegaclick%2Ecom%2Fnotfound%2F%3Flg%3Den%26type%3Ddns%26q%3Dvytukas%252Ec 1
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\megauploadtoolbar\Reports\39118\Objects\5@%7D%7BDNSERROR%3D%3DREDIRECTION%7D%7Bhttp%3A%2F%2Fwww%2Emegaclick%2Ecom%2Fnotfound%2F%3Flg%3Den%26type%3Ddns%26q%3Dcalamarco%252 1
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\megauploadtoolbar\Reports\39118\Objects\5@%7D%7BDNSERROR%3D%3DREDIRECTION%7D%7Bhttp%3A%2F%2Fwww%2Emegaclick%2Ecom%2Fnotfound%2F%3Flg%3Den%26type%3Ddns%26q%3Ddogoodesign%2 1
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\UserDefaults@H:\\?\IDE#CdRomHL-DT-ST_DVDRAM_GSA-4167B_______________DL11____#4636454333353931433034412020202020202020#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}+PlayDVDMovieOnArrival MSPromptEachTime
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\UserDefaults@H:\\?\IDE#CdRomHL-DT-ST_DVD-ROM_GDR8163B_______________0L23____#5&38663351&0&0.1.0#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}+PlayCDAudioOnArrival MSPromptEachTime
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\UserDefaults@H:\\?\IDE#CdRomHL-DT-ST_DVD-ROM_GDR8163B_______________0L23____#5&38663351&0&0.1.0#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}+PlayDVDMovieOnArrival MSPromptEachTime
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\UserDefaults@H:\\?\SCSI#CdRom&Ven_SCSI&Prod_DVD-ROM&Rev_1.0#1&2afd7d61&1&000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}+PlayCDAudioOnArrival MSPromptEachTime
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\UserDefaults@H:\\?\SCSI#CdRom&Ven_SCSI&Prod_DVD-ROM&Rev_1.0#1&2afd7d61&1&000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}+PlayDVDMovieOnArrival MSPromptEachTime
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\UserDefaults@H:\\?\SCSI#CdRom&Ven_AXV&Prod_CD#DVD-ROM&Rev_2.2a#2&20c8176e&0&000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}+PlayCDAudioOnArrival MSPromptEachTime
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\UserDefaults@H:\\?\SCSI#CdRom&Ven_AXV&Prod_CD#DVD-ROM&Rev_2.2a#2&20c8176e&0&000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}+PlayDVDMovieOnArrival MSPromptEachTime
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count@HRZR_EHACNGU:P:\Qbphzragf naq Frggvatf\Rznahryr_2\Qrfxgbc\Nfunzcbb.NagvFclJner.i1.60\xrltra\xrltra.rkr 0x00 0x00 0x00 0x00 ...
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count@HRZR_EHACNGU:P:\Cebtenzzv\Havafgnyy Gbby\hgbby.rkr 0x01 0x00 0x00 0x00 ...
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count@HRZR_EHAPCY 0x01 0x00 0x00 0x00 ...
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count@HRZR_EHAPCY:"P:\JVAQBJF\flfgrz32\nccjvm.pcy",Vafgnyynmvbar nccyvpnmvbav 0x01 0x00 0x00 0x00 ...
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count@HRZR_EHACNGU:Nfunzcbb NagvFclJner.yax 0x02 0x00 0x00 0x00 ...
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count@HRZR_EHACNGU:P:\Cebtenzzv\Nfunzcbb\Nfunzcbb NagvFclJner\NagvFclJner.rkr 0x02 0x00 0x00 0x00 ...
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count@HRZR_EHACNGU:P:\Qbphzragf naq Frggvatf\Rznahryr_2\Qrfxgbc\Flfgrzfpna.rkr 0x00 0x00 0x00 0x00 ...
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count@HRZR_EHACNGU:P:\Cebtenzzv\Erny\ErnyCynlre\ErnyCynl.rkr 0x03 0x00 0x00 0x00 ...
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count@HRZR_EHACNGU:P:\Qbphzragf naq Frggvatf\Rznahryr_2\Qrfxgbc\chyvmvn\UvwnpxGuvf.rkr 0x00 0x00 0x00 0x00 ...
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count@HRZR_EHACNGU:P:\JVAQBJF\flfgrz32\ABGRCNQ.RKR 0x02 0x00 0x00 0x00 ...
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count@HRZR_EHACNGU:P:\Qbphzragf naq Frggvatf\Rznahryr_2\Qrfxgbc\rjvqb-frghc_4.0.0.172p.rkr 0x00 0x00 0x00 0x00 ...
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count@HRZR_EHACVQY:%pfvqy2%\rjvqb argjbexf\rjvqb nagv-fcljner.yax 0x00 0x00 0x00 0x00 ...
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count@HRZR_EHACVQY:%pfvqy2%\rjvqb argjbexf\Freivpr & Fhccbeg.yax 0x00 0x00 0x00 0x00 ...
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count@HRZR_EHACNGU:rjvqb nagv-fcljner.yax 0x00 0x00 0x00 0x00 ...
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count@HRZR_EHACNGU:P:\Cebtenzzv\rjvqb nagv-fcljner 4.0\rjvqb.rkr 0x00 0x00 0x00 0x00 ...
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count@HRZR_EHACNGU:Qbphzragv.yax 0x00 0x00 0x00 0x00 ...
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count@HRZR_EHACVQY:%pfvqy2%\Npprffbev\Oybppb abgr.yax 0x00 0x00 0x00 0x00 ...
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count@HRZR_EHACNGU:P:\Cebtenzzv\Nyjvy Fbsgjner\Ninfg4\nfuNinfg.rkr 0x01 0x00 0x00 0x00 ...
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count@HRZR_EHACVQY:%pfvqy2%\Genqhggber Tnemnagv\Znahgramvbar qryy'Vafgnyynmvbar.yax 0x01 0x00 0x00 0x00 ...
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count@HRZR_EHACNGU:P:\Cebtenzzv\GT 6.0\EhaRkr.rkr 0x01 0x00 0x00 0x00 ...
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count@HRZR_EHACVQY:%pfvqy2%\Genqhggber Tnemnagv 0x01 0x00 0x00 0x00 ...
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count@HRZR_EHACNGU:P:\Cebtenzzv\Vagrearg Rkcybere\vrkcyber.rkr 0x02 0x00 0x00 0x00 ...
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count@HRZR_EHACNGU:P:\Cebtenzzv\Vagrearg Rkcybere\Pbaarpgvba Jvmneq\VFVTAHC.RKR 0x02 0x00 0x00 0x00 ...
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count@HRZR_EHACNGU:P:\Qbphzragf naq Frggvatf\Rznahryr_2\Qrfxgbc\vr6frghc.rkr 0x02 0x00 0x00 0x00 ...
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count@HRZR_EHACVQY:%pfvqy2%\IvqrbYNA\IYP zrqvn cynlre.yax 0x02 0x00 0x00 0x00 ...
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count@HRZR_EHACVQY:%pfvqy2%\IvqrbYNA 0x02 0x00 0x00 0x00 ...
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count@HRZR_EHACNGU:P:\Cebtenzzv\IvqrbYNA\IYP\iyp.rkr 0x02 0x00 0x00 0x00 ...
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count@HRZR_EHACVQY:%pfvqy2%\Npprffbev\Cebzcg qrv pbznaqv.yax 0x02 0x00 0x00 0x00 ...
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count@HRZR_EHACVQY:%pfvqy2%\Npprffbev 0x02 0x00 0x00 0x00 ...
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count@HRZR_EHACNGU:P:\JVAQBJF\flfgrz32\pzq.rkr 0x02 0x00 0x00 0x00 ...
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count@HRZR_EHACNGU:P:\Qbphzragf naq Frggvatf\Rznahryr_2\Qrfxgbc\pyrnare42.rkr 0x02 0x00 0x00 0x00 ...
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count@HRZR_EHACVQY:P:\Qbphzragf naq Frggvatf\Rznahryr_2\Qrfxgbc\Nfunzcbb NagvFclJner.yax 0x02 0x00 0x00 0x00 ...
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count@HRZR_EHACVQY:P:\Qbphzragf naq Frggvatf\Rznahryr_2\Qrfxgbc 0x02 0x00 0x00 0x00 ...
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count@HRZR_EHACNGU:OyhrFbyrvy.yax 0x03 0x00 0x00 0x00 ...
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count@HRZR_EHACNGU:P:\Cebtenzzv\VIG Pbecbengvba\OyhrFbyrvy\OyhrFbyrvy.rkr 0x03 0x00 0x00 0x00 ...
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count@HRZR_EHACNGU:Ercynl Pbairegre.yax 0x02 0x00 0x00 0x00 ...
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count@HRZR_EHACNGU:P:\Cebtenz Svyrf\Ercynl Pbairegre\ErcynlPbairegre.rkr 0x02 0x00 0x00 0x00 ...
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count@HRZR_EHACNGU:FznegZbivr Pbairegre (sbe Flzovna cubarf 0x03 0x00 0x00 0x00 ...
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count@HRZR_EHACNGU:P:\Cebtenzzv\Ybaryl Png Tnzrf\FznegZbivr Pbairegre (sbe Flzovna cubarf)\fznegzbivr.rkr 0x03 0x00 0x00 0x00 ...
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count@HRZR_EHACNGU:P:\Qbphzragf naq Frggvatf\Rznahryr_2\Qrfxgbc\nagvive_jbexfgngvba_jva7h_ra_u.rkr 0x03 0x00 0x00 0x00 ...
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count@HRZR_EHACNGU:P:\Cebtenzzv\Gur Pyrnare\havaf000.rkr 0x03 0x00 0x00 0x00 ...
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count@HRZR_EHACVQY:%pfvqy2%\Gur Pyrnare\GP Npgvir!.yax 0x03 0x00 0x00 0x00 ...
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count@HRZR_EHACVQY:%pfvqy2%\Gur Pyrnare\Gur Pyrnare.yax 0x03 0x00 0x00 0x00 ...
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count@HRZR_EHACNGU:P:\Qbphzragf naq Frggvatf\Rznahryr_2\Qrfxgbc\ehfgosvk.rkr 0x03 0x00 0x00 0x00 ...
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count@HRZR_EHACVQY:%pfvqy2%\Rnfl PQ-QN Rkgenpgbe 10\Rnfl PQ-QN Rkgenpgbe.yax 0x03 0x00 0x00 0x00 ...
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count@HRZR_EHACVQY:%pfvqy2%\Rnfl PQ-QN Rkgenpgbe 10 0x03 0x00 0x00 0x00 ...
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count@HRZR_EHACNGU:P:\Cebtenzzv\Rnfl PQ-QN Rkgenpgbe 10\rmpqqnk.rkr 0x03 0x00 0x00 0x00 ...
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Run@drvsyskit C:\Documents and Settings\Emanuele_2\Dati applicazioni\hidires\hidr.exe
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\UserDefaults@H:\\?\IDE#CdRomHL-DT-ST_DVDRAM_GSA-4167B_______________DL11____#4636454333353931433034412020202020202020#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}+PlayCDAudioOnArrival AutoplayLegacyHandler
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\UserDefaults@H:\\?\IDE#CdRomHL-DT-ST_DVD-ROM_GDR8163B_______________0L23____#5&38663351&0&0.1.0#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}+PlayCDAudioOnArrival AutoplayLegacyHandler
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\UserDefaults@H:\\?\SCSI#CdRom&Ven_AXV&Prod_CD#DVD-ROM&Rev_2.2a#2&20c8176e&0&000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}+PlayCDAudioOnArrival AutoplayLegacyHandler
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1007\Software\Microsoft\Windows\CurrentVersion\Run@hldrrr C:\WINDOWS\system32\hldrrr.exe
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1007\Software\Microsoft\Windows\CurrentVersion\Run@german.exe C:\WINDOWS\system32\wintems.exe
Reg \Registry\USER\S-1-5-21-1993962763-1390067357-839522115-1007\Software\Microsoft\Windows\CurrentVersion\Run@drvsyskit C:\Documents and Settings\Elisa\Dati applicazioni\hidires\hidr.exe

---- Files - GMER 1.0.12 ----

File C:\Documents and Settings\Elisa\Dati applicazioni\hidires
File C:\Documents and Settings\Elisa\Dati applicazioni\hidires\hidr.exe
File C:\Documents and Settings\Elisa\Dati applicazioni\hidires\m_hook.sys
File C:\Documents and Settings\Emanuele_2\Dati applicazioni\hidires
File C:\Documents and Settings\Emanuele_2\Dati applicazioni\hidires\hidr.exe
File C:\Documents and Settings\Emanuele_2\Dati applicazioni\hidires\m_hook.sys <-- ROOTKIT !!!
File C:\Programmi\Movie Maker\shared
File C:\Programmi\Movie Maker\shared\empty.txt
File C:\Programmi\Movie Maker\shared\filters.xml
File C:\Programmi\Movie Maker\shared\news.png
File C:\Programmi\Movie Maker\shared\paint.png
@manu@
Utente Senior
 
Post: 145
Iscritto il: 11/06/06 20:12

Postdi @manu@ » 15/03/07 14:41

File C:\Programmi\Movie Maker\shared\profiles
File C:\Programmi\Movie Maker\shared\profiles\blank.txt
File C:\Programmi\Movie Maker\shared\sample1.jpg
File C:\Programmi\Movie Maker\shared\sample2.jpg
File C:\WINDOWS\ime\shared
File C:\WINDOWS\ime\shared\res
File C:\WINDOWS\system32\wintems.exe

---- Services - GMER 1.0.12 ----

Service C:\Documents and Settings\Emanuele_2\Dati applicazioni\hidires\m_hook.sys [MANUAL] m_hook <-- ROOTKIT !!!

---- EOF - GMER 1.0.12 ----
@manu@
Utente Senior
 
Post: 145
Iscritto il: 11/06/06 20:12

Postdi @manu@ » 15/03/07 14:43

E questo è il secondo

GMER 1.0.12.12086 - http://www.gmer.net
Autostart scan 2007-03-15 14:30:24
Windows 5.1.2600 Service Pack 2


HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems@Windows = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon@Userinit = C:\WINDOWS\system32\userinit.exe,

HKLM\SYSTEM\CurrentControlSet\Services\ >>>
BlueSoleil Hid Service /*BlueSoleil Hid Service*/@ = C:\Programmi\IVT Corporation\BlueSoleil\BTNtService.exe
DirectQajs /*DirectX Service*/@ = C:\WINDOWS\system32\directx.exe /*file not found*/
MDM /*Machine Debug Manager*/@ = "C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe"
NVSvc /*NVIDIA Display Driver Service*/@ = %SystemRoot%\system32\nvsvc32.exe
RichVideo /*Cyberlink RichVideo Service(CRVS)*/@ = "C:\Programmi\CyberLink\Shared Files\RichVideo.exe" ??????????????????????????????????????????????????
ScsiPort@ = %SystemRoot%\system32\drivers\scsiport.sys
Spooler /*Spooler di stampa*/@ = %SystemRoot%\system32\spoolsv.exe
UMWdf /*Windows User Mode Driver Framework*/@ = C:\WINDOWS\system32\wdfmgr.exe

HKLM\Software\Microsoft\Windows\CurrentVersion\Run >>>
@CmaudioRunDll32 cmicnfg.cpl,CMICtrlWnd = RunDll32 cmicnfg.cpl,CMICtrlWnd
@BluetoothAuthenticationAgentrundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent = rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
@NvMediaCenterRUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit = RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
@RemoteControlC:\WINDOWS\system32\rmctrl.exe = C:\WINDOWS\system32\rmctrl.exe
@TkBellExe"C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot = "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
@NvCplDaemonRUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup = RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
@!ewido"C:\Programmi\ewido anti-spyware 4.0\ewido.exe" /minimized = "C:\Programmi\ewido anti-spyware 4.0\ewido.exe" /minimized
@avast!C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe /*file not found*/ = C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe /*file not found*/
@DataLayerC:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe /*file not found*/ = C:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe /*file not found*/
@PCSuiteTrayApplicationC:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray /*file not found*/ = C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray /*file not found*/
@Ashampoo AntiSpyWare GuardC:\Programmi\Ashampoo\Ashampoo AntiSpyWare\AntiSpyWareGuard.exe = C:\Programmi\Ashampoo\Ashampoo AntiSpyWare\AntiSpyWareGuard.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Run >>>
@CTFMON.EXEC:\WINDOWS\system32\ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe
@msnmsgr"C:\Programmi\MSN Messenger\msnmsgr.exe" /background = "C:\Programmi\MSN Messenger\msnmsgr.exe" /background
@AWMON"C:\Programmi\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe" = "C:\Programmi\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"
@PcSyncC:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog /*file not found*/ = C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog /*file not found*/
@drvsyskitC:\Documents and Settings\Emanuele_2\Dati applicazioni\hidires\hidr.exe = C:\Documents and Settings\Emanuele_2\Dati applicazioni\hidires\hidr.exe

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks@{57B86673-276A-48B2-BAE7-C6DBB3020EB8} = C:\Programmi\ewido anti-spyware 4.0\shellexecutehook.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved >>>
@{42071714-76d4-11d1-8b24-00a0c9068ff3} /*Estensione panoramica video del Pannello di controllo*/deskpan.dll /*file not found*/ = deskpan.dll /*file not found*/
@{32683183-48a0-441b-a342-7c2a440a9478} /*Media Band*/(null) =
@{596AB062-B4D2-4215-9F74-E9109B0A8153} /*Previous Versions Property Page*/C:\WINDOWS\System32\twext.dll = C:\WINDOWS\System32\twext.dll
@{9DB7A13C-F208-4981-8353-73CC61AE2783} /*Previous Versions*/C:\WINDOWS\System32\twext.dll = C:\WINDOWS\System32\twext.dll
@{692F0339-CBAA-47e6-B5B5-3B84DB604E87} /*Extensions Manager Folder*/C:\WINDOWS\System32\extmgr.dll = C:\WINDOWS\System32\extmgr.dll
@{BDEADF00-C265-11D0-BCED-00A0C90AB50F} /*Web Folders*/C:\Programmi\File comuni\Microsoft Shared\Web Folders\MSONSEXT.DLL = C:\Programmi\File comuni\Microsoft Shared\Web Folders\MSONSEXT.DLL
@{0006F045-0000-0000-C000-000000000046} /*Microsoft Outlook Custom Icon Handler*/C:\Programmi\Microsoft Office\Office10\OLKFSTUB.DLL = C:\Programmi\Microsoft Office\Office10\OLKFSTUB.DLL
@{42042206-2D85-11D3-8CFF-005004838597} /*Microsoft Office HTML Icon Handler*/C:\Programmi\Microsoft Office\Office12\msohevi.dll = C:\Programmi\Microsoft Office\Office12\msohevi.dll
@{B089FE88-FB52-11d3-BDF1-0050DA34150D} /*NOD32 Context Menu Shell Extension*/(null) =
@{45AC2688-0253-4ED8-97DE-B5370FA7D48A} /*Shell Extension for Malware scanning*/(null) =
@{A70C977A-BF00-412C-90B7-034C51DA2439} /*NvCpl DesktopContext Class*/C:\WINDOWS\system32\nvcpl.dll = C:\WINDOWS\system32\nvcpl.dll
@{FFB699E0-306A-11d3-8BD1-00104B6F7516} /*Play on my TV helper*/C:\WINDOWS\system32\nvcpl.dll = C:\WINDOWS\system32\nvcpl.dll
@{1CDB2949-8F65-4355-8456-263E7C208A5D} /*Desktop Explorer*/C:\WINDOWS\system32\nvshell.dll = C:\WINDOWS\system32\nvshell.dll
@{1E9B04FB-F9E5-4718-997B-B8DA88302A47} /*Desktop Explorer Menu*/C:\WINDOWS\system32\nvshell.dll = C:\WINDOWS\system32\nvshell.dll
@{1E9B04FB-F9E5-4718-997B-B8DA88302A48} /*nView Desktop Context Menu*/C:\WINDOWS\system32\nvshell.dll = C:\WINDOWS\system32\nvshell.dll
@{46E22146-59C0-4136-9233-FB7720E777B2} /*EzCddax extension*/C:\Programmi\Easy CD-DA Extractor 10\ezcddax10.dll = C:\Programmi\Easy CD-DA Extractor 10\ezcddax10.dll
@CLSID\{EBDF1F20-C829-14D1-8234-1420AF3E97A9} /*LeechGet "Copy Here" Shell Extension*/(null) =
@{32020A01-506E-484D-A2A8-BE3CF17601C3} /*AlcoholShellEx*/C:\PROGRA~1\ALCOHO~1\ALCOHO~1\AXShlEx.dll = C:\PROGRA~1\ALCOHO~1\ALCOHO~1\AXShlEx.dll
@{B7056B8E-4F99-44f8-8CBD-282390FE5428} /*VirtualCloneDrive*/C:\Programmi\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll = C:\Programmi\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll
@{B327765E-D724-4347-8B16-78AE18552FC3} /*NeroDigitalIconHandler*/C:\Programmi\File comuni\Ahead\Lib\NeroDigitalExt.dll = C:\Programmi\File comuni\Ahead\Lib\NeroDigitalExt.dll
@{7F1CF152-04F8-453A-B34C-E609530A9DC8} /*NeroDigitalPropSheetHandler*/C:\Programmi\File comuni\Ahead\Lib\NeroDigitalExt.dll = C:\Programmi\File comuni\Ahead\Lib\NeroDigitalExt.dll
@{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} /*Shell Extensions for RealOne Player*/C:\Programmi\Real\RealPlayer\rpshell.dll = C:\Programmi\Real\RealPlayer\rpshell.dll
@{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D} /*Messenger Sharing Folders*/C:\Programmi\MSN Messenger\fsshext.8.1.0178.00.dll = C:\Programmi\MSN Messenger\fsshext.8.1.0178.00.dll
@{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} /*Microsoft Office Metadata Handler*/C:\PROGRA~1\FILECO~1\MICROS~1\OFFICE12\msoshext.dll = C:\PROGRA~1\FILECO~1\MICROS~1\OFFICE12\msoshext.dll
@{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} /*Microsoft Office Thumbnail Handler*/C:\PROGRA~1\FILECO~1\MICROS~1\OFFICE12\msoshext.dll = C:\PROGRA~1\FILECO~1\MICROS~1\OFFICE12\msoshext.dll
@{E0D79304-84BE-11CE-9641-444553540000} /*WinZip*/C:\PROGRA~1\WINZIP\WZSHLSTB.DLL = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
@{E0D79305-84BE-11CE-9641-444553540000} /*WinZip*/C:\PROGRA~1\WINZIP\WZSHLSTB.DLL = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
@{E0D79306-84BE-11CE-9641-444553540000} /*WinZip*/C:\PROGRA~1\WINZIP\WZSHLSTB.DLL = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
@{E0D79307-84BE-11CE-9641-444553540000} /*WinZip*/C:\PROGRA~1\WINZIP\WZSHLSTB.DLL = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
@{B41DB860-8EE4-11D2-9906-E49FADC173CA} /*WinRAR shell extension*/C:\Programmi\WinRAR\rarext.dll = C:\Programmi\WinRAR\rarext.dll
@{e82a2d71-5b2f-43a0-97b8-81be15854de8} /*ShellLink for Application References*/C:\WINDOWS\system32\dfshim.dll = C:\WINDOWS\system32\dfshim.dll
@{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} /*Shell Icon Handler for Application References*/C:\WINDOWS\system32\dfshim.dll = C:\WINDOWS\system32\dfshim.dll
@{472083B0-C522-11CF-8763-00608CC02F24} /*avast*/C:\Programmi\Alwil Software\Avast4\ashShell.dll = C:\Programmi\Alwil Software\Avast4\ashShell.dll

HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ >>>
avast@{472083B0-C522-11CF-8763-00608CC02F24} = C:\Programmi\Alwil Software\Avast4\ashShell.dll
ewido anti-spyware@{8934FCEF-F5B8-468f-951F-78A921CD3920} = C:\Programmi\ewido anti-spyware 4.0\context.dll
EzCddax@{46E22146-59C0-4136-9233-FB7720E777B2} = C:\Programmi\Easy CD-DA Extractor 10\ezcddax10.dll
LeechGet@{EBDF1F20-C829-14D1-8234-1420AF3E97A9} = C:\Programmi\LeechGet 2004\ShellExtension.dll
NOD32 Context Menu Shell Extension@{B089FE88-FB52-11D3-BDF1-0050DA34150D} =
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Programmi\WinRAR\rarext.dll
WinZip@{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL

HKLM\Software\Classes\*\shellex\ContextMenuHandlers@{EB4D3CFE-E2AA-4C6E-B2FE-2A749F95D208} = C:\Programmi\Nero\Nero 7\Nero BackItUp\NBShell.dll

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ >>>
ewido anti-spyware@{8934FCEF-F5B8-468f-951F-78A921CD3920} = C:\Programmi\ewido anti-spyware 4.0\context.dll
LeechGet@{EBDF1F20-C829-14D1-8234-1420AF3E97A9} = C:\Programmi\LeechGet 2004\ShellExtension.dll
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Programmi\WinRAR\rarext.dll
WinZip@{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ >>>
avast@{472083B0-C522-11CF-8763-00608CC02F24} = C:\Programmi\Alwil Software\Avast4\ashShell.dll
LeechGet@{EBDF1F20-C829-14D1-8234-1420AF3E97A9} = C:\Programmi\LeechGet 2004\ShellExtension.dll
NOD32 Context Menu Shell Extension@{B089FE88-FB52-11D3-BDF1-0050DA34150D} =
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Programmi\WinRAR\rarext.dll
WinZip@{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers >>>
@{B33DE746-DEFE-4D7A-87DB-900864B1D3A9}C:\Programmi\Ashampoo\Ashampoo AntiSpyWare\ContextHandler.dll = C:\Programmi\Ashampoo\Ashampoo AntiSpyWare\ContextHandler.dll
@{EB4D3CFE-E2AA-4C6E-B2FE-2A749F95D208}C:\Programmi\Nero\Nero 7\Nero BackItUp\NBShell.dll = C:\Programmi\Nero\Nero 7\Nero BackItUp\NBShell.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects >>>
@{02478D38-C3F9-4EFB-9B51-7695ECA05670}C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll = C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
@{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll = C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
@{53707962-6F74-2D53-2644-206D7942484F}C:\PROGRA~1\SPYBOT~1\SDHelper.dll = C:\PROGRA~1\SPYBOT~1\SDHelper.dll
@{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}C:\Programmi\Java\jre1.5.0_09\bin\ssv.dll = C:\Programmi\Java\jre1.5.0_09\bin\ssv.dll
@{9030D464-4C02-4ABF-8ECC-5164760863C6}C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll = C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

HKCU\Control Panel\Desktop@SCRNSAVE.EXE = C:\WINDOWS\System32\logon.scr

HKLM\Software\Microsoft\Internet Explorer\Main >>>
@Default_Page_URLhttp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
@Start Pagehttp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
@Local Page%SystemRoot%\system32\blank.htm = %SystemRoot%\system32\blank.htm

HKCU\Software\Microsoft\Internet Explorer\Main >>>
@Start Pagehttp://it.yahoo.com/ = http://it.yahoo.com/
@Local PageC:\WINDOWS\system32\blank.htm = C:\WINDOWS\system32\blank.htm

HKLM\Software\Classes\PROTOCOLS\Filter\text/xml@CLSID = C:\PROGRA~1\FILECO~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

HKLM\Software\Classes\PROTOCOLS\Handler\ >>>
cdo@CLSID = C:\Programmi\File comuni\Microsoft Shared\Web Folders\PKMCDO.DLL
dvd@CLSID = C:\WINDOWS\system32\msvidctl.dll
its@CLSID = C:\WINDOWS\System32\itss.dll
livecall@CLSID = C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
mhtml@CLSID = %SystemRoot%\System32\inetcomm.dll
ms-help@CLSID = C:\Programmi\File comuni\Microsoft Shared\Help\hxds.dll
ms-its@CLSID = C:\WINDOWS\System32\itss.dll
ms-itss@CLSID = C:\Programmi\File comuni\Microsoft Shared\Information Retrieval\msitss.dll
msnim@CLSID = C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
mso-offdap@CLSID = C:\PROGRA~1\FILECO~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
tv@CLSID = C:\WINDOWS\system32\msvidctl.dll
wia@CLSID = C:\WINDOWS\System32\wiascr.dll

HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{B75C7608-8E18-4B84-8B3F-14B19657148B} /*Connessione alla rete locale (LAN) 4*/ >>>
@IPAddress192.168.1.2 = 192.168.1.2
@NameServer192.168.1.1 = 192.168.1.1
@DefaultGateway192.168.1.1 = 192.168.1.1
@Domain =

HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000004@LibraryPath = %SystemRoot%\system32\wshbth.dll

C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica >>>
Avvio veloce di Adobe Reader.lnk = Avvio veloce di Adobe Reader.lnk
BlueSoleil.lnk = BlueSoleil.lnk
Microsoft Office.lnk = Microsoft Office.lnk

---- EOF - GMER 1.0.12 ----
@manu@
Utente Senior
 
Post: 145
Iscritto il: 11/06/06 20:12

Postdi Luke57 » 15/03/07 15:29

Ciao, esegui questa procedura
scarica avenger da qui:
http://swandog46.geekstogo.com/avenger.zip
estrai lo zip dove vuoi

Avvia il file avenger.exe
Seleziona l'opzione "Input Script Manually"
Clicca sulla lente di ingrandimento

Ti si apre una finestra "View/edit script"
All'interno del box bianco,copia e incolla (ctrl+v) le scritte in neretto:


Registry values to replace with dummy:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows | AppInit_DLLs

Registry keys to delete:
HKLM\SYSTEM\CurrentControlSet\Services\m_hook
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_M_HOOK

Folders to delete:
C:\Documents and Settings\Emanuele_2\Dati applicazioni\hidires\hidr.exe
C:\WINDOWS\exefld


Files to delete:
C:\WINDOWS\system32\hldrrr.exe
C:\WINDOWS\system32\wintems.exe



Clicca sul pulsante Done
Clicca sull'icona del semaforo verde
Rispondi due volte Yes
Il pc dovrebbe riavviarsi da solo,se così non fosse riavvialo manualmente

Il programma rilascia un log con le operazioni eseguite.

Al riavvio, apri il registro di sistema:
start>esegui>regedit (lo copi nello spazio)>OK
Aperto l’editor del registro ,per prima cosa fai una copia del registro stesso, da File>Esporta, nella finestra Intervallo di esportazione che si apre spunti l’opzione Tutto, dai un nome al file .reg, tipo Salvataggio registro e lo salvi in una cartella permanente del disco fisso (in caso di problemi, speriamo di no, potrai ripristinare la copia del registro con un doppio click su tale file che avrai cura di conservare per qualche giorno)

Fatto ciò, cliccando sul segno + accanto alle singole voci segui questo percorso:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run, click sulla cartella Run, dovresti trovare sulla parte destra questa voce:
drvsyskit
click tasto dx e scegli Elimina.

Cerca anche questi:
HKCU\Software\FirstRRRun HKEY_CURRENT_USER\Software\DateTime4
Se presenti, click tasto dx e scegli Elimina

Posta poi il log di Avenger che troverai in C:/avenger.txt con l´esito dello script
Per la dei Riattivazione dei Servizi terminati
"Aprite la lista dei Servizi (Start --> Esegui --> digitate SERVICES.MSC --> Ok) ed abilitate, ove necessario, questi servizi disabilitati: Avvisi, Centro sicurezza PC, Aggiornamenti automatici, Connessioni di rete, Zero Configuration reti senza fili e Windows Firewall/ Condivisione connessione Internet (ICS). (Per avviare un servizio, dovete cliccare con il tasto destro su Proprietà --> Automatico --> Ok --> Avvia --> Ok).

Poi a questo link
http://www.megalab.it/download.php?id=349
trovi il file .reg per ripristinare la modalità provvisoria, ma prima di usarlo posta il report di Avenger (il pc deve esssere ripulito).
Luke57
Moderatore
 
Post: 6415
Iscritto il: 11/08/05 19:10

Postdi @manu@ » 15/03/07 20:39

eccomi qui.C'è un problema le voci che mi hai indicato nel registro non ci sono,mentre questo è il log di avenger

Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\xaagepaw

*******************

Script file located at: \??\C:\WINDOWS\system32\hnfpybtq.txt
Script file opened successfully.

Script file read successfully

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Registry key HKLM\SYSTEM\CurrentControlSet\Services\m_hook deleted successfully.
Registry key HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_M_HOOK deleted successfully.


Error: C:\Documents and Settings\Emanuele_2\Dati applicazioni\hidires\hidr.exe is not a folder! It may instead be a file.
Deletion of folder C:\Documents and Settings\Emanuele_2\Dati applicazioni\hidires\hidr.exe failed!

Could not process line:
C:\Documents and Settings\Emanuele_2\Dati applicazioni\hidires\hidr.exe
Status: 0xc0000103

Folder C:\WINDOWS\exefld deleted successfully.


File C:\WINDOWS\system32\hldrrr.exe not found!
Deletion of file C:\WINDOWS\system32\hldrrr.exe failed!

Could not process line:
C:\WINDOWS\system32\hldrrr.exe
Status: 0xc0000034

File C:\WINDOWS\system32\wintems.exe deleted successfully.
Registry value HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs replaced with dummy successfully.

Completed script processing.

*******************

Finished! Terminate.
@manu@
Utente Senior
 
Post: 145
Iscritto il: 11/06/06 20:12

Postdi Luke57 » 16/03/07 13:36

Ciao, scusa solo adesso ho visto l'errore nello scrip, Riesegui avenger inserendo solamente questo script:

folders to delete:
C:\Documents and Settings\Emanuele_2\Dati applicazioni\hidires
Luke57
Moderatore
 
Post: 6415
Iscritto il: 11/08/05 19:10

Postdi @manu@ » 16/03/07 14:03

Ok.Ho inserito lo script su avenger ma al riavvio mi dice impossibile trovare c:avenger.*reg e mi apre il documento di testo vuoto senza il log.
@manu@
Utente Senior
 
Post: 145
Iscritto il: 11/06/06 20:12

Postdi @manu@ » 16/03/07 20:01

Cosa faccio?
@manu@
Utente Senior
 
Post: 145
Iscritto il: 11/06/06 20:12

Postdi Luke57 » 16/03/07 20:53

@manu@ ha scritto:Cosa faccio?

Ciao, ripeti l'operazione con Avenger.
Luke57
Moderatore
 
Post: 6415
Iscritto il: 11/08/05 19:10

Postdi @manu@ » 16/03/07 21:54

Fatto

//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////

Error: could not initiate system shutdown.
Error code: 0


//////////////////////////////////////////


Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\rjxroqwv

*******************

Script file located at: \??\C:\WINDOWS\system32\xcetcesu.txt
Script file opened successfully.

Script file read successfully

Backups directory opened successfully at c:\Avenger

*******************

Beginning to process script file:

Folder C:\Documents and Settings\Emanuele_2\Dati applicazioni\hidires deleted successfully.

Completed script processing.

*******************

Finished! Terminate.
@manu@
Utente Senior
 
Post: 145
Iscritto il: 11/06/06 20:12

Postdi Luke57 » 17/03/07 09:41

Ciao, lo script è andato a buon fine.
Per sicurezza esegui uno scan con Gmer nella posizione Autostart.
Luke57
Moderatore
 
Post: 6415
Iscritto il: 11/08/05 19:10

Postdi @manu@ » 17/03/07 14:37

GMER 1.0.12.12086 - http://www.gmer.net
Autostart scan 2007-03-17 14:36:43
Windows 5.1.2600 Service Pack 2


HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems@Windows = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon@Userinit = C:\WINDOWS\system32\userinit.exe,

HKLM\SYSTEM\CurrentControlSet\Services\ >>>
BlueSoleil Hid Service /*BlueSoleil Hid Service*/@ = C:\Programmi\IVT Corporation\BlueSoleil\BTNtService.exe
DirectQajs /*DirectX Service*/@ = C:\WINDOWS\system32\directx.exe /*file not found*/
MDM /*Machine Debug Manager*/@ = "C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe"
NVSvc /*NVIDIA Display Driver Service*/@ = %SystemRoot%\system32\nvsvc32.exe
RichVideo /*Cyberlink RichVideo Service(CRVS)*/@ = "C:\Programmi\CyberLink\Shared Files\RichVideo.exe" ??????????????????????????????????????????????????
ScsiPort@ = %SystemRoot%\system32\drivers\scsiport.sys
Spooler /*Spooler di stampa*/@ = %SystemRoot%\system32\spoolsv.exe
UMWdf /*Windows User Mode Driver Framework*/@ = C:\WINDOWS\system32\wdfmgr.exe

HKLM\Software\Microsoft\Windows\CurrentVersion\Run >>>
@BluetoothAuthenticationAgentrundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent = rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
@NvMediaCenterRUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit = RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
@RemoteControlC:\WINDOWS\system32\rmctrl.exe = C:\WINDOWS\system32\rmctrl.exe
@!ewido"C:\Programmi\ewido anti-spyware 4.0\ewido.exe" /minimized = "C:\Programmi\ewido anti-spyware 4.0\ewido.exe" /minimized
@TkBellExe"C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot = "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
@NvCplDaemonRUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup = RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
@Ashampoo AntiSpyWare GuardC:\Programmi\Ashampoo\Ashampoo AntiSpyWare\AntiSpyWareGuard.exe = C:\Programmi\Ashampoo\Ashampoo AntiSpyWare\AntiSpyWareGuard.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Run >>>
@CTFMON.EXEC:\WINDOWS\system32\ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe
@msnmsgr"C:\Programmi\MSN Messenger\msnmsgr.exe" /background = "C:\Programmi\MSN Messenger\msnmsgr.exe" /background
@AWMON"C:\Programmi\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe" = "C:\Programmi\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"
@drvsyskitC:\Documents and Settings\Emanuele_2\Dati applicazioni\hidires\hidr.exe /*file not found*/ = C:\Documents and Settings\Emanuele_2\Dati applicazioni\hidires\hidr.exe /*file not found*/

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks@{57B86673-276A-48B2-BAE7-C6DBB3020EB8} = C:\Programmi\ewido anti-spyware 4.0\shellexecutehook.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved >>>
@{42071714-76d4-11d1-8b24-00a0c9068ff3} /*Estensione panoramica video del Pannello di controllo*/deskpan.dll /*file not found*/ = deskpan.dll /*file not found*/
@{32683183-48a0-441b-a342-7c2a440a9478} /*Media Band*/(null) =
@{596AB062-B4D2-4215-9F74-E9109B0A8153} /*Previous Versions Property Page*/C:\WINDOWS\System32\twext.dll = C:\WINDOWS\System32\twext.dll
@{9DB7A13C-F208-4981-8353-73CC61AE2783} /*Previous Versions*/C:\WINDOWS\System32\twext.dll = C:\WINDOWS\System32\twext.dll
@{692F0339-CBAA-47e6-B5B5-3B84DB604E87} /*Extensions Manager Folder*/C:\WINDOWS\System32\extmgr.dll = C:\WINDOWS\System32\extmgr.dll
@{BDEADF00-C265-11D0-BCED-00A0C90AB50F} /*Web Folders*/C:\Programmi\File comuni\Microsoft Shared\Web Folders\MSONSEXT.DLL = C:\Programmi\File comuni\Microsoft Shared\Web Folders\MSONSEXT.DLL
@{0006F045-0000-0000-C000-000000000046} /*Microsoft Outlook Custom Icon Handler*/C:\Programmi\Microsoft Office\Office10\OLKFSTUB.DLL = C:\Programmi\Microsoft Office\Office10\OLKFSTUB.DLL
@{42042206-2D85-11D3-8CFF-005004838597} /*Microsoft Office HTML Icon Handler*/C:\Programmi\Microsoft Office\Office12\msohevi.dll = C:\Programmi\Microsoft Office\Office12\msohevi.dll
@{B089FE88-FB52-11d3-BDF1-0050DA34150D} /*NOD32 Context Menu Shell Extension*/(null) =
@{45AC2688-0253-4ED8-97DE-B5370FA7D48A} /*Shell Extension for Malware scanning*/(null) =
@{A70C977A-BF00-412C-90B7-034C51DA2439} /*NvCpl DesktopContext Class*/C:\WINDOWS\system32\nvcpl.dll = C:\WINDOWS\system32\nvcpl.dll
@{FFB699E0-306A-11d3-8BD1-00104B6F7516} /*Play on my TV helper*/C:\WINDOWS\system32\nvcpl.dll = C:\WINDOWS\system32\nvcpl.dll
@{1CDB2949-8F65-4355-8456-263E7C208A5D} /*Desktop Explorer*/C:\WINDOWS\system32\nvshell.dll = C:\WINDOWS\system32\nvshell.dll
@{1E9B04FB-F9E5-4718-997B-B8DA88302A47} /*Desktop Explorer Menu*/C:\WINDOWS\system32\nvshell.dll = C:\WINDOWS\system32\nvshell.dll
@{1E9B04FB-F9E5-4718-997B-B8DA88302A48} /*nView Desktop Context Menu*/C:\WINDOWS\system32\nvshell.dll = C:\WINDOWS\system32\nvshell.dll
@{46E22146-59C0-4136-9233-FB7720E777B2} /*EzCddax extension*/C:\Programmi\Easy CD-DA Extractor 10\ezcddax10.dll = C:\Programmi\Easy CD-DA Extractor 10\ezcddax10.dll
@CLSID\{EBDF1F20-C829-14D1-8234-1420AF3E97A9} /*LeechGet "Copy Here" Shell Extension*/(null) =
@{32020A01-506E-484D-A2A8-BE3CF17601C3} /*AlcoholShellEx*/C:\PROGRA~1\ALCOHO~1\ALCOHO~1\AXShlEx.dll = C:\PROGRA~1\ALCOHO~1\ALCOHO~1\AXShlEx.dll
@{B7056B8E-4F99-44f8-8CBD-282390FE5428} /*VirtualCloneDrive*/C:\Programmi\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll = C:\Programmi\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll
@{B327765E-D724-4347-8B16-78AE18552FC3} /*NeroDigitalIconHandler*/C:\Programmi\File comuni\Ahead\Lib\NeroDigitalExt.dll = C:\Programmi\File comuni\Ahead\Lib\NeroDigitalExt.dll
@{7F1CF152-04F8-453A-B34C-E609530A9DC8} /*NeroDigitalPropSheetHandler*/C:\Programmi\File comuni\Ahead\Lib\NeroDigitalExt.dll = C:\Programmi\File comuni\Ahead\Lib\NeroDigitalExt.dll
@{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} /*Shell Extensions for RealOne Player*/C:\Programmi\Real\RealPlayer\rpshell.dll = C:\Programmi\Real\RealPlayer\rpshell.dll
@{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D} /*Messenger Sharing Folders*/C:\Programmi\MSN Messenger\fsshext.8.1.0178.00.dll = C:\Programmi\MSN Messenger\fsshext.8.1.0178.00.dll
@{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} /*Microsoft Office Metadata Handler*/C:\PROGRA~1\FILECO~1\MICROS~1\OFFICE12\msoshext.dll = C:\PROGRA~1\FILECO~1\MICROS~1\OFFICE12\msoshext.dll
@{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} /*Microsoft Office Thumbnail Handler*/C:\PROGRA~1\FILECO~1\MICROS~1\OFFICE12\msoshext.dll = C:\PROGRA~1\FILECO~1\MICROS~1\OFFICE12\msoshext.dll
@{E0D79304-84BE-11CE-9641-444553540000} /*WinZip*/C:\PROGRA~1\WINZIP\WZSHLSTB.DLL = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
@{E0D79305-84BE-11CE-9641-444553540000} /*WinZip*/C:\PROGRA~1\WINZIP\WZSHLSTB.DLL = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
@{E0D79306-84BE-11CE-9641-444553540000} /*WinZip*/C:\PROGRA~1\WINZIP\WZSHLSTB.DLL = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
@{E0D79307-84BE-11CE-9641-444553540000} /*WinZip*/C:\PROGRA~1\WINZIP\WZSHLSTB.DLL = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
@{B41DB860-8EE4-11D2-9906-E49FADC173CA} /*WinRAR shell extension*/C:\Programmi\WinRAR\rarext.dll = C:\Programmi\WinRAR\rarext.dll
@{e82a2d71-5b2f-43a0-97b8-81be15854de8} /*ShellLink for Application References*/C:\WINDOWS\system32\dfshim.dll = C:\WINDOWS\system32\dfshim.dll
@{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} /*Shell Icon Handler for Application References*/C:\WINDOWS\system32\dfshim.dll = C:\WINDOWS\system32\dfshim.dll
@{472083B0-C522-11CF-8763-00608CC02F24} /*avast*/C:\Programmi\Alwil Software\Avast4\ashShell.dll = C:\Programmi\Alwil Software\Avast4\ashShell.dll

HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ >>>
avast@{472083B0-C522-11CF-8763-00608CC02F24} = C:\Programmi\Alwil Software\Avast4\ashShell.dll
ewido anti-spyware@{8934FCEF-F5B8-468f-951F-78A921CD3920} = C:\Programmi\ewido anti-spyware 4.0\context.dll
EzCddax@{46E22146-59C0-4136-9233-FB7720E777B2} = C:\Programmi\Easy CD-DA Extractor 10\ezcddax10.dll
LeechGet@{EBDF1F20-C829-14D1-8234-1420AF3E97A9} = C:\Programmi\LeechGet 2004\ShellExtension.dll
NOD32 Context Menu Shell Extension@{B089FE88-FB52-11D3-BDF1-0050DA34150D} =
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Programmi\WinRAR\rarext.dll
WinZip@{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL

HKLM\Software\Classes\*\shellex\ContextMenuHandlers@{EB4D3CFE-E2AA-4C6E-B2FE-2A749F95D208} = C:\Programmi\Nero\Nero 7\Nero BackItUp\NBShell.dll

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ >>>
ewido anti-spyware@{8934FCEF-F5B8-468f-951F-78A921CD3920} = C:\Programmi\ewido anti-spyware 4.0\context.dll
LeechGet@{EBDF1F20-C829-14D1-8234-1420AF3E97A9} = C:\Programmi\LeechGet 2004\ShellExtension.dll
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Programmi\WinRAR\rarext.dll
WinZip@{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ >>>
avast@{472083B0-C522-11CF-8763-00608CC02F24} = C:\Programmi\Alwil Software\Avast4\ashShell.dll
LeechGet@{EBDF1F20-C829-14D1-8234-1420AF3E97A9} = C:\Programmi\LeechGet 2004\ShellExtension.dll
NOD32 Context Menu Shell Extension@{B089FE88-FB52-11D3-BDF1-0050DA34150D} =
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Programmi\WinRAR\rarext.dll
WinZip@{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers >>>
@{B33DE746-DEFE-4D7A-87DB-900864B1D3A9}C:\Programmi\Ashampoo\Ashampoo AntiSpyWare\ContextHandler.dll = C:\Programmi\Ashampoo\Ashampoo AntiSpyWare\ContextHandler.dll
@{EB4D3CFE-E2AA-4C6E-B2FE-2A749F95D208}C:\Programmi\Nero\Nero 7\Nero BackItUp\NBShell.dll = C:\Programmi\Nero\Nero 7\Nero BackItUp\NBShell.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects >>>
@{02478D38-C3F9-4EFB-9B51-7695ECA05670}C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll = C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
@{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll = C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
@{53707962-6F74-2D53-2644-206D7942484F}C:\PROGRA~1\SPYBOT~1\SDHelper.dll = C:\PROGRA~1\SPYBOT~1\SDHelper.dll
@{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}C:\Programmi\Java\jre1.5.0_09\bin\ssv.dll = C:\Programmi\Java\jre1.5.0_09\bin\ssv.dll
@{9030D464-4C02-4ABF-8ECC-5164760863C6}C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll = C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

HKCU\Control Panel\Desktop@SCRNSAVE.EXE = C:\WINDOWS\System32\logon.scr

HKLM\Software\Microsoft\Internet Explorer\Main >>>
@Default_Page_URLhttp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
@Start Pagehttp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
@Local Page%SystemRoot%\system32\blank.htm = %SystemRoot%\system32\blank.htm

HKCU\Software\Microsoft\Internet Explorer\Main >>>
@Start Pagehttp://it.yahoo.com/ = http://it.yahoo.com/
@Local PageC:\WINDOWS\system32\blank.htm = C:\WINDOWS\system32\blank.htm

HKLM\Software\Classes\PROTOCOLS\Filter\text/xml@CLSID = C:\PROGRA~1\FILECO~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

HKLM\Software\Classes\PROTOCOLS\Handler\ >>>
cdo@CLSID = C:\Programmi\File comuni\Microsoft Shared\Web Folders\PKMCDO.DLL
dvd@CLSID = C:\WINDOWS\system32\msvidctl.dll
its@CLSID = C:\WINDOWS\System32\itss.dll
livecall@CLSID = C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
mhtml@CLSID = %SystemRoot%\System32\inetcomm.dll
ms-help@CLSID = C:\Programmi\File comuni\Microsoft Shared\Help\hxds.dll
ms-its@CLSID = C:\WINDOWS\System32\itss.dll
ms-itss@CLSID = C:\Programmi\File comuni\Microsoft Shared\Information Retrieval\msitss.dll
msnim@CLSID = C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
mso-offdap@CLSID = C:\PROGRA~1\FILECO~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
tv@CLSID = C:\WINDOWS\system32\msvidctl.dll
wia@CLSID = C:\WINDOWS\System32\wiascr.dll

HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{B75C7608-8E18-4B84-8B3F-14B19657148B} /*Connessione alla rete locale (LAN) 4*/ >>>
@IPAddress192.168.1.2 = 192.168.1.2
@NameServer192.168.1.1 = 192.168.1.1
@DefaultGateway192.168.1.1 = 192.168.1.1
@Domain =

HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000004@LibraryPath = %SystemRoot%\system32\wshbth.dll

C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica >>>
Avvio veloce di Adobe Reader.lnk = Avvio veloce di Adobe Reader.lnk
BlueSoleil.lnk = BlueSoleil.lnk
Microsoft Office.lnk = Microsoft Office.lnk

---- EOF - GMER 1.0.12 ----
@manu@
Utente Senior
 
Post: 145
Iscritto il: 11/06/06 20:12

Postdi @manu@ » 18/03/07 15:33

c'è qualcuno???
@manu@
Utente Senior
 
Post: 145
Iscritto il: 11/06/06 20:12

Postdi Luke57 » 18/03/07 15:51

@manu@ ha scritto:c'è qualcuno???

Ciao, devi togliere questo valore dal registro di sistema (va fatto manualmente):
apri il registro di sistema:
start>esegui>regedit (lo copi nello spazio)>OK
Aperto l’editor del registro ,per prima cosa fai una copia del registro stesso, da File>Esporta, nella finestra Intervallo di esportazione che si apre spunti l’opzione Tutto, dai un nome al file .reg, tipo Salvataggio registro e lo salvi in una cartella permanente del disco fisso (in caso di problemi, speriamo di no, potrai ripristinare la copia del registro con un doppio click su tale file che avrai cura di conservare per qualche giorno)

Fatto ciò, cliccando sul segno + accanto alle singole voci segui questo percorso:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, click sulla cartella Run, dovresti trovare sulla parte destra questa voce:
drvsyskit
click tasto dx e scegli Elimina.
Il resto sembra a posto.
Luke57
Moderatore
 
Post: 6415
Iscritto il: 11/08/05 19:10

Postdi @manu@ » 18/03/07 20:58

Niente non c'è questa voce.Cmq qualche ora prima avevo installato ACTIVE VIRUS SHIELD e ho fatto una scansione eliminando parecchi file infetti.
@manu@
Utente Senior
 
Post: 145
Iscritto il: 11/06/06 20:12


Torna a Sicurezza e Privacy


Topic correlati a "Cosa succede?":


Chi c’è in linea

Visitano il forum: Nessuno e 66 ospiti