Dopo aver scoperto un linkoptimizer sul mio pc, mi sono messo all'opera e dopo tanto pellegrinare, sono capitato nell'articolo del vostro sito.
Ho passato tutto il pomeriggio a scannerizzare
![Martellate [B)]](http://www.megalab.it/forum/images/smilies/bash.gif)
Non essendo un esperto informatico, avrei bisogno del vostro aiuto per trovare il giusto script.
Potreste aiutarmi?
Inoltre spero di essere nella parte di forum corretta.
Ecco i log generati con Gmer:
"Autorun"
HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems@Windows = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon@Userinit = c:\windows\system32\userinit.exe,"c:\windows\cisco-service.exe",
HKLM\SYSTEM\CurrentControlSet\Services\ >>>
Apple Mobile Device@ = "C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"
AVGIDSAgent@ = "C:\Programmi\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe"
avgwd@ = C:\Programmi\AVG\AVG10\avgwdsvc.exe
FsUsbExService@ = C:\WINDOWS\system32\FsUsbExService.Exe
Matrox Centering Service@ = "c:\Programmi\Matrox Graphics Inc\PowerDesk\Services\Matrox.PowerDesk.Services.exe"
Matrox.Pdesk.ServicesHost@ = "c:\Programmi\Matrox Graphics Inc\PowerDesk SE\Matrox.Pdesk.ServicesHost.exe"
MDM@ = "C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE"
MGABGEXE@ = %SystemRoot%\system32\mgabg.exe
NetGqk@ = "C:\Programmi\File comuni\Services\Mhl.exe" /*file not found*/
ScsiPort@ = %SystemRoot%\system32\drivers\scsiport.sys
SoundMAX Agent Service (default)@ = C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
STI Simulator@ = C:\WINDOWS\System32\PAStiSvc.exe
viritsvclite@ = C:\VEXPLite\viritsvc.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run >>>
@C-Media MixerMixer.exe /startup = Mixer.exe /startup
@Matrox PowerDesk SE"c:\Programmi\Matrox Graphics Inc\PowerDesk SE\Matrox.PowerDesk SE.exe" = "c:\Programmi\Matrox Graphics Inc\PowerDesk SE\Matrox.PowerDesk SE.exe"
@iTunesHelper"C:\Programmi\iTunes\iTunesHelper.exe" = "C:\Programmi\iTunes\iTunesHelper.exe"
@AVG_TRAYC:\Programmi\AVG\AVG10\avgtray.exe = C:\Programmi\AVG\AVG10\avgtray.exe
@VIRIT LITE MONITORC:\VEXPLite\MONLITE.EXE = C:\VEXPLite\MONLITE.EXE
@KernelFaultCheck%systemroot%\system32\dumprep 0 -k = %systemroot%\system32\dumprep 0 -k
HKCU\Software\Microsoft\Windows\CurrentVersion\Run@ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved >>>
@{42071714-76d4-11d1-8b24-00a0c9068ff3} /*Estensione panoramica video del Pannello di controllo*/deskpan.dll /*file not found*/ = deskpan.dll /*file not found*/
@{596AB062-B4D2-4215-9F74-E9109B0A8153} /*Pagina proprietà versioni precedenti*/%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll
@{9DB7A13C-F208-4981-8353-73CC61AE2783} /*Versioni precedenti*/%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll
@{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} /*Autoplay for SlideShow*/(null) =
@{692F0339-CBAA-47e6-B5B5-3B84DB604E87} /*Extensions Manager Folder*/%SystemRoot%\system32\extmgr.dll = %SystemRoot%\system32\extmgr.dll
@{E0D79304-84BE-11CE-9641-444553540000} /*WinZip*/C:\PROGRA~1\WINZIP\WZSHLSTB.DLL = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
@{E0D79305-84BE-11CE-9641-444553540000} /*WinZip*/C:\PROGRA~1\WINZIP\WZSHLSTB.DLL = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
@{E0D79306-84BE-11CE-9641-444553540000} /*WinZip*/C:\PROGRA~1\WINZIP\WZSHLSTB.DLL = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
@{E0D79307-84BE-11CE-9641-444553540000} /*WinZip*/C:\PROGRA~1\WINZIP\WZSHLSTB.DLL = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
@{BDEADF00-C265-11D0-BCED-00A0C90AB50F} /*Cartelle Web*/C:\PROGRA~1\FILECO~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL = C:\PROGRA~1\FILECO~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
@{00020D75-0000-0000-C000-000000000046} /*Microsoft Office Outlook Desktop Icon Handler*/C:\PROGRA~1\MICROS~3\OFFICE11\MLSHEXT.DLL = C:\PROGRA~1\MICROS~3\OFFICE11\MLSHEXT.DLL
@{0006F045-0000-0000-C000-000000000046} /*Microsoft Office Outlook Custom Icon Handler*/C:\PROGRA~1\MICROS~3\OFFICE11\OLKFSTUB.DLL = C:\PROGRA~1\MICROS~3\OFFICE11\OLKFSTUB.DLL
@{42042206-2D85-11D3-8CFF-005004838597} /*Microsoft Office HTML Icon Handler*/C:\Programmi\Microsoft Office\OFFICE11\msohev.dll = C:\Programmi\Microsoft Office\OFFICE11\msohev.dll
@{FED7043D-346A-414D-ACD7-550D052499A7} /*dBpowerAMP Music Converter 1*/C:\Programmi\Illustrate\dBpowerAMP\dBShell.dll = C:\Programmi\Illustrate\dBpowerAMP\dBShell.dll
@{2C49B5D0-ACE7-4D17-9DF0-A254A6C5A0C5} /*dBpowerAMP Music Converter*/C:\Programmi\Illustrate\dBpowerAMP\dMCShell.dll = C:\Programmi\Illustrate\dBpowerAMP\dMCShell.dll
@{A4DF5659-0801-4A60-9607-1C48695EFDA9} /*Cartella di caricamento Share-to-Web*/C:\Programmi\Hewlett-Packard\HP Share-to-Web\HPGS2WNS.DLL = C:\Programmi\Hewlett-Packard\HP Share-to-Web\HPGS2WNS.DLL
@{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} /*iTunes*/C:\Programmi\iTunes\iTunesMiniPlayer.dll = C:\Programmi\iTunes\iTunesMiniPlayer.dll
@{06A2568A-CED6-4187-BB20-400B8C02BE5A} /**/(null) =
@{00F33137-EE26-412F-8D71-F84E4C2C6625} /**/C:\Programmi\Windows Live\Photo Gallery\PhotoViewerShim.dll = C:\Programmi\Windows Live\Photo Gallery\PhotoViewerShim.dll
@{2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} /*Windows Live Photo Gallery Autoplay Drop Target*/(null) =
@{00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} /*Windows Live Photo Gallery Viewer Drop Target*/(null) =
@{00F374B7-B390-4884-B372-2FC349F2172B} /*Windows Live Photo Gallery Editor Drop Target*/(null) =
@{00F346CB-35A4-465B-8B8F-65A29DBAB1F6} /*Windows Live Photo Gallery Viewer Drop Target Shim*/C:\Programmi\Windows Live\Photo Gallery\PhotoViewerShim.dll = C:\Programmi\Windows Live\Photo Gallery\PhotoViewerShim.dll
@{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} /*Windows Live Photo Gallery Editor Drop Target Shim*/C:\Programmi\Windows Live\Photo Gallery\PhotoViewerShim.dll = C:\Programmi\Windows Live\Photo Gallery\PhotoViewerShim.dll
@{00F30F90-3E96-453B-AFCD-D71989ECC2C7} /*Windows Live Photo Gallery Autoplay Drop Target Shim*/C:\Programmi\Windows Live\Photo Gallery\PhotoViewerShim.dll = C:\Programmi\Windows Live\Photo Gallery\PhotoViewerShim.dll
@{B41DB860-8EE4-11D2-9906-E49FADC173CA} /*WinRAR shell extension*/C:\Programmi\WinRAR\rarext.dll = C:\Programmi\WinRAR\rarext.dll
@{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} /*AVG Find Extension*/(null) =
@{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} /*AVG Shell Extension*/C:\Programmi\AVG\AVG10\avgse.dll = C:\Programmi\AVG\AVG10\avgse.dll
HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ >>>
AVG9 Shell Extension@{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} = C:\Programmi\AVG\AVG10\avgse.dll
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Programmi\WinRAR\rarext.dll
WinZip@{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ >>>
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Programmi\WinRAR\rarext.dll
WinZip@{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ >>>
AVG9 Shell Extension@{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} = C:\Programmi\AVG\AVG10\avgse.dll
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Programmi\WinRAR\rarext.dll
WinZip@{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects >>>
@{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll = C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
@{2874ED8A-0FA2-97CA-D66F-CCF6B32780B6}C:\WINDOWS\rkkcd1.dll /*file not found*/ = C:\WINDOWS\rkkcd1.dll /*file not found*/
@{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}C:\Programmi\AVG\AVG10\avgssie.dll = C:\Programmi\AVG\AVG10\avgssie.dll
@{53707962-6F74-2D53-2644-206D7942484F}C:\PROGRA~1\SPYBOT~1\SDHelper.dll = C:\PROGRA~1\SPYBOT~1\SDHelper.dll
@{A3BC75A2-1F87-4686-AA43-5347D756017C}C:\Programmi\AVG\AVG10\Toolbar\IEToolbar.dll = C:\Programmi\AVG\AVG10\Toolbar\IEToolbar.dll
HKLM\Software\Microsoft\Internet Explorer\Main >>>
@Default_Page_URLhttp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
@Start Pagehttp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
@Local Page%SystemRoot%\system32\blank.htm = %SystemRoot%\system32\blank.htm
HKCU\Software\Microsoft\Internet Explorer\Main >>>
@Start Pagehttp://www.provincia.tn.it/ = http://www.provincia.tn.it/
@Local PageC:\WINDOWS\system32\blank.htm = C:\WINDOWS\system32\blank.htm
HKLM\Software\Classes\PROTOCOLS\Filter\text/xml@CLSID = C:\Programmi\File comuni\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
HKLM\Software\Classes\PROTOCOLS\Handler\ >>>
avgsecuritytoolbar@CLSID = C:\Programmi\AVG\AVG10\Toolbar\IEToolbar.dll
dvd@CLSID = C:\WINDOWS\system32\msvidctl.dll
its@CLSID = C:\WINDOWS\system32\itss.dll
linkscanner@CLSID = C:\Programmi\AVG\AVG10\avgpp.dll
livecall@CLSID = C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
mhtml@CLSID = %SystemRoot%\system32\inetcomm.dll
ms-its@CLSID = C:\WINDOWS\system32\itss.dll
ms-itss@CLSID = C:\Programmi\File comuni\Microsoft Shared\Information Retrieval\MSITSS.DLL
msnim@CLSID = C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
mso-offdap@CLSID = C:\PROGRA~1\FILECO~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
mso-offdap11@CLSID = C:\PROGRA~1\FILECO~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
skype4com@CLSID = C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
tv@CLSID = C:\WINDOWS\system32\msvidctl.dll
HKLM\Software\Classes\PROTOCOLS\Handler\wia@CLSID = C:\WINDOWS\system32\wiascr.dll
C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica = NETGEAR WG111v3 Smart Wizard.lnk
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon@Userinit = c:\windows\system32\userinit.exe,"c:\windows\cisco-service.exe",
HKLM\SYSTEM\CurrentControlSet\Services\ >>>
Apple Mobile Device@ = "C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"
AVGIDSAgent@ = "C:\Programmi\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe"
avgwd@ = C:\Programmi\AVG\AVG10\avgwdsvc.exe
FsUsbExService@ = C:\WINDOWS\system32\FsUsbExService.Exe
Matrox Centering Service@ = "c:\Programmi\Matrox Graphics Inc\PowerDesk\Services\Matrox.PowerDesk.Services.exe"
Matrox.Pdesk.ServicesHost@ = "c:\Programmi\Matrox Graphics Inc\PowerDesk SE\Matrox.Pdesk.ServicesHost.exe"
MDM@ = "C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE"
MGABGEXE@ = %SystemRoot%\system32\mgabg.exe
NetGqk@ = "C:\Programmi\File comuni\Services\Mhl.exe" /*file not found*/
ScsiPort@ = %SystemRoot%\system32\drivers\scsiport.sys
SoundMAX Agent Service (default)@ = C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
STI Simulator@ = C:\WINDOWS\System32\PAStiSvc.exe
viritsvclite@ = C:\VEXPLite\viritsvc.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run >>>
@C-Media MixerMixer.exe /startup = Mixer.exe /startup
@Matrox PowerDesk SE"c:\Programmi\Matrox Graphics Inc\PowerDesk SE\Matrox.PowerDesk SE.exe" = "c:\Programmi\Matrox Graphics Inc\PowerDesk SE\Matrox.PowerDesk SE.exe"
@iTunesHelper"C:\Programmi\iTunes\iTunesHelper.exe" = "C:\Programmi\iTunes\iTunesHelper.exe"
@AVG_TRAYC:\Programmi\AVG\AVG10\avgtray.exe = C:\Programmi\AVG\AVG10\avgtray.exe
@VIRIT LITE MONITORC:\VEXPLite\MONLITE.EXE = C:\VEXPLite\MONLITE.EXE
@KernelFaultCheck%systemroot%\system32\dumprep 0 -k = %systemroot%\system32\dumprep 0 -k
HKCU\Software\Microsoft\Windows\CurrentVersion\Run@ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved >>>
@{42071714-76d4-11d1-8b24-00a0c9068ff3} /*Estensione panoramica video del Pannello di controllo*/deskpan.dll /*file not found*/ = deskpan.dll /*file not found*/
@{596AB062-B4D2-4215-9F74-E9109B0A8153} /*Pagina proprietà versioni precedenti*/%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll
@{9DB7A13C-F208-4981-8353-73CC61AE2783} /*Versioni precedenti*/%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll
@{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} /*Autoplay for SlideShow*/(null) =
@{692F0339-CBAA-47e6-B5B5-3B84DB604E87} /*Extensions Manager Folder*/%SystemRoot%\system32\extmgr.dll = %SystemRoot%\system32\extmgr.dll
@{E0D79304-84BE-11CE-9641-444553540000} /*WinZip*/C:\PROGRA~1\WINZIP\WZSHLSTB.DLL = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
@{E0D79305-84BE-11CE-9641-444553540000} /*WinZip*/C:\PROGRA~1\WINZIP\WZSHLSTB.DLL = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
@{E0D79306-84BE-11CE-9641-444553540000} /*WinZip*/C:\PROGRA~1\WINZIP\WZSHLSTB.DLL = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
@{E0D79307-84BE-11CE-9641-444553540000} /*WinZip*/C:\PROGRA~1\WINZIP\WZSHLSTB.DLL = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
@{BDEADF00-C265-11D0-BCED-00A0C90AB50F} /*Cartelle Web*/C:\PROGRA~1\FILECO~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL = C:\PROGRA~1\FILECO~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
@{00020D75-0000-0000-C000-000000000046} /*Microsoft Office Outlook Desktop Icon Handler*/C:\PROGRA~1\MICROS~3\OFFICE11\MLSHEXT.DLL = C:\PROGRA~1\MICROS~3\OFFICE11\MLSHEXT.DLL
@{0006F045-0000-0000-C000-000000000046} /*Microsoft Office Outlook Custom Icon Handler*/C:\PROGRA~1\MICROS~3\OFFICE11\OLKFSTUB.DLL = C:\PROGRA~1\MICROS~3\OFFICE11\OLKFSTUB.DLL
@{42042206-2D85-11D3-8CFF-005004838597} /*Microsoft Office HTML Icon Handler*/C:\Programmi\Microsoft Office\OFFICE11\msohev.dll = C:\Programmi\Microsoft Office\OFFICE11\msohev.dll
@{FED7043D-346A-414D-ACD7-550D052499A7} /*dBpowerAMP Music Converter 1*/C:\Programmi\Illustrate\dBpowerAMP\dBShell.dll = C:\Programmi\Illustrate\dBpowerAMP\dBShell.dll
@{2C49B5D0-ACE7-4D17-9DF0-A254A6C5A0C5} /*dBpowerAMP Music Converter*/C:\Programmi\Illustrate\dBpowerAMP\dMCShell.dll = C:\Programmi\Illustrate\dBpowerAMP\dMCShell.dll
@{A4DF5659-0801-4A60-9607-1C48695EFDA9} /*Cartella di caricamento Share-to-Web*/C:\Programmi\Hewlett-Packard\HP Share-to-Web\HPGS2WNS.DLL = C:\Programmi\Hewlett-Packard\HP Share-to-Web\HPGS2WNS.DLL
@{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} /*iTunes*/C:\Programmi\iTunes\iTunesMiniPlayer.dll = C:\Programmi\iTunes\iTunesMiniPlayer.dll
@{06A2568A-CED6-4187-BB20-400B8C02BE5A} /**/(null) =
@{00F33137-EE26-412F-8D71-F84E4C2C6625} /**/C:\Programmi\Windows Live\Photo Gallery\PhotoViewerShim.dll = C:\Programmi\Windows Live\Photo Gallery\PhotoViewerShim.dll
@{2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} /*Windows Live Photo Gallery Autoplay Drop Target*/(null) =
@{00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} /*Windows Live Photo Gallery Viewer Drop Target*/(null) =
@{00F374B7-B390-4884-B372-2FC349F2172B} /*Windows Live Photo Gallery Editor Drop Target*/(null) =
@{00F346CB-35A4-465B-8B8F-65A29DBAB1F6} /*Windows Live Photo Gallery Viewer Drop Target Shim*/C:\Programmi\Windows Live\Photo Gallery\PhotoViewerShim.dll = C:\Programmi\Windows Live\Photo Gallery\PhotoViewerShim.dll
@{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} /*Windows Live Photo Gallery Editor Drop Target Shim*/C:\Programmi\Windows Live\Photo Gallery\PhotoViewerShim.dll = C:\Programmi\Windows Live\Photo Gallery\PhotoViewerShim.dll
@{00F30F90-3E96-453B-AFCD-D71989ECC2C7} /*Windows Live Photo Gallery Autoplay Drop Target Shim*/C:\Programmi\Windows Live\Photo Gallery\PhotoViewerShim.dll = C:\Programmi\Windows Live\Photo Gallery\PhotoViewerShim.dll
@{B41DB860-8EE4-11D2-9906-E49FADC173CA} /*WinRAR shell extension*/C:\Programmi\WinRAR\rarext.dll = C:\Programmi\WinRAR\rarext.dll
@{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} /*AVG Find Extension*/(null) =
@{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} /*AVG Shell Extension*/C:\Programmi\AVG\AVG10\avgse.dll = C:\Programmi\AVG\AVG10\avgse.dll
HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ >>>
AVG9 Shell Extension@{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} = C:\Programmi\AVG\AVG10\avgse.dll
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Programmi\WinRAR\rarext.dll
WinZip@{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ >>>
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Programmi\WinRAR\rarext.dll
WinZip@{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ >>>
AVG9 Shell Extension@{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} = C:\Programmi\AVG\AVG10\avgse.dll
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Programmi\WinRAR\rarext.dll
WinZip@{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects >>>
@{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll = C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
@{2874ED8A-0FA2-97CA-D66F-CCF6B32780B6}C:\WINDOWS\rkkcd1.dll /*file not found*/ = C:\WINDOWS\rkkcd1.dll /*file not found*/
@{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}C:\Programmi\AVG\AVG10\avgssie.dll = C:\Programmi\AVG\AVG10\avgssie.dll
@{53707962-6F74-2D53-2644-206D7942484F}C:\PROGRA~1\SPYBOT~1\SDHelper.dll = C:\PROGRA~1\SPYBOT~1\SDHelper.dll
@{A3BC75A2-1F87-4686-AA43-5347D756017C}C:\Programmi\AVG\AVG10\Toolbar\IEToolbar.dll = C:\Programmi\AVG\AVG10\Toolbar\IEToolbar.dll
HKLM\Software\Microsoft\Internet Explorer\Main >>>
@Default_Page_URLhttp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
@Start Pagehttp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
@Local Page%SystemRoot%\system32\blank.htm = %SystemRoot%\system32\blank.htm
HKCU\Software\Microsoft\Internet Explorer\Main >>>
@Start Pagehttp://www.provincia.tn.it/ = http://www.provincia.tn.it/
@Local PageC:\WINDOWS\system32\blank.htm = C:\WINDOWS\system32\blank.htm
HKLM\Software\Classes\PROTOCOLS\Filter\text/xml@CLSID = C:\Programmi\File comuni\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
HKLM\Software\Classes\PROTOCOLS\Handler\ >>>
avgsecuritytoolbar@CLSID = C:\Programmi\AVG\AVG10\Toolbar\IEToolbar.dll
dvd@CLSID = C:\WINDOWS\system32\msvidctl.dll
its@CLSID = C:\WINDOWS\system32\itss.dll
linkscanner@CLSID = C:\Programmi\AVG\AVG10\avgpp.dll
livecall@CLSID = C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
mhtml@CLSID = %SystemRoot%\system32\inetcomm.dll
ms-its@CLSID = C:\WINDOWS\system32\itss.dll
ms-itss@CLSID = C:\Programmi\File comuni\Microsoft Shared\Information Retrieval\MSITSS.DLL
msnim@CLSID = C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
mso-offdap@CLSID = C:\PROGRA~1\FILECO~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
mso-offdap11@CLSID = C:\PROGRA~1\FILECO~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
skype4com@CLSID = C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
tv@CLSID = C:\WINDOWS\system32\msvidctl.dll
HKLM\Software\Classes\PROTOCOLS\Handler\wia@CLSID = C:\WINDOWS\system32\wiascr.dll
C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica = NETGEAR WG111v3 Smart Wizard.lnk
Rootkit
Windows 5.1.2600 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4 Maxtor_6K040L0 rev.NAR61HA0
Running: vnuhdlsk.exe; Driver: C:\DOCUME~1\Lion\IMPOST~1\Temp\fxtdapog.sys
---- System - GMER 1.0.15 ----
SSDT VIRAGTLT.SYS (VirIT Agent System/TG Soft S.a.s.) ZwTerminateProcess [0xF7778B72]
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\ControlSet002\Services\NetGqk@Type 16
Reg HKLM\SYSTEM\ControlSet002\Services\NetGqk@Start 2
Reg HKLM\SYSTEM\ControlSet002\Services\NetGqk@ErrorControl 0
Reg HKLM\SYSTEM\ControlSet002\Services\NetGqk@ImagePath "C:\Programmi\File comuni\Services\Mhl.exe"
Reg HKLM\SYSTEM\ControlSet002\Services\NetGqk@DisplayName NetGqk
Reg HKLM\SYSTEM\ControlSet002\Services\NetGqk@ObjectName .\zed
Reg HKLM\SYSTEM\ControlSet002\Services\NetGqk@Description Fornisce tre servizi di gestione: il servizio Database catalogo, che serve per confermare le firme dei file di Windows; il servizio Archivio principale protetto, per aggiungere e rimuovere dal computer i certificati dell'autorit? di certificazione delle fonti attendibili; e il servizio Chiave, che aiuta a registrare i certificati nel computer. Se questo servizio ? interrotto, i servizi di gestione non funzioneranno in modo corretto. Se il servizio ? disabilitato, tutti i servizi che dipendono direttamente da questo non potranno essere avviati.
Reg HKLM\SYSTEM\ControlSet002\Services\NetGqk\Security (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\NetGqk\Security@Security 0x01 0x00 0x14 0x80 ...
---- EOF - GMER 1.0.15 ----
Running: vnuhdlsk.exe; Driver: C:\DOCUME~1\Lion\IMPOST~1\Temp\fxtdapog.sys
---- System - GMER 1.0.15 ----
SSDT VIRAGTLT.SYS (VirIT Agent System/TG Soft S.a.s.) ZwTerminateProcess [0xF7778B72]
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\ControlSet002\Services\NetGqk@Type 16
Reg HKLM\SYSTEM\ControlSet002\Services\NetGqk@Start 2
Reg HKLM\SYSTEM\ControlSet002\Services\NetGqk@ErrorControl 0
Reg HKLM\SYSTEM\ControlSet002\Services\NetGqk@ImagePath "C:\Programmi\File comuni\Services\Mhl.exe"
Reg HKLM\SYSTEM\ControlSet002\Services\NetGqk@DisplayName NetGqk
Reg HKLM\SYSTEM\ControlSet002\Services\NetGqk@ObjectName .\zed
Reg HKLM\SYSTEM\ControlSet002\Services\NetGqk@Description Fornisce tre servizi di gestione: il servizio Database catalogo, che serve per confermare le firme dei file di Windows; il servizio Archivio principale protetto, per aggiungere e rimuovere dal computer i certificati dell'autorit? di certificazione delle fonti attendibili; e il servizio Chiave, che aiuta a registrare i certificati nel computer. Se questo servizio ? interrotto, i servizi di gestione non funzioneranno in modo corretto. Se il servizio ? disabilitato, tutti i servizi che dipendono direttamente da questo non potranno essere avviati.
Reg HKLM\SYSTEM\ControlSet002\Services\NetGqk\Security (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\NetGqk\Security@Security 0x01 0x00 0x14 0x80 ...
---- EOF - GMER 1.0.15 ----
Grazie infinite!!
![Grazie [grazie]](http://www.megalab.it/forum/images/smilies/Grazie.gif)