posto lo script di Gmer
GMER 1.0.12.12027 - http://www.gmer.net
Autostart scan 2007-02-14 18:10:35
Windows 5.1.2600 Service Pack 2
HKLM\SYSTEM\CurrentControlSet\Control\Session Manager@BootExecute = PDBoot.exe autocheck autochk *
HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems@Windows = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon@Userinit = H:\WINDOWS\system32\userinit.exe,
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ >>>
AtiExtEvent@DLLName = Ati2evxx.dll
WgaLogon@DLLName = WgaLogon.dll
HKLM\SYSTEM\CurrentControlSet\Services\ >>>
AcrSch2Svc /*Acronis Scheduler2 Service*/@ = "H:\Programmi\File comuni\Acronis\Schedule2\schedul2.exe" /*file not found*/
ATI Smart /*ATI Smart*/@ = H:\WINDOWS\system32\ati2sgag.exe
Avg7Alrt /*AVG7 Alert Manager Server*/@ = H:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
Avg7UpdSvc /*AVG7 Update Service*/@ = H:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
btwdins /*Bluetooth Service*/@ = H:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
GEARSecurity@ = %SystemRoot%\System32\GEARSec.exe
LEC TranslateDotNet Server /*LEC TranslateDotNet Server*/@ = "H:\Programmi\Power Translator 10\LogoMedia TranslateDotNet Server.exe"
PDAgent /*PDAgent*/@ = H:\Programmi\Raxco\PerfectDisk\PDAgent.exe
RichVideo /*Cyberlink RichVideo Service(CRVS)*/@ = "H:\Programmi\CyberLink\Shared files\RichVideo.exe" ??????????????????????????????????????????????????
SecurityConsole /*SecurityConsole*/@ = H:\WINDOWS\AppPatch\Patches32\svchost.exe
Spooler /*Spooler di stampa*/@ = %SystemRoot%\system32\spoolsv.exe
UserAccess7 /*SecuROM User Access Service (V7)*/@ = H:\WINDOWS\system32\UAService7.exe
V2i Protector /*V2i Protector*/@ = H:\Programmi\PowerQuest\Drive Image 7.0\Agent\PQV2iSvc.exe
wwSecSvc /*Washer AutoComplete*/@ = H:\WINDOWS\system32\wwSecure.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run >>>
@BluetoothAuthenticationAgentrundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent = rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
@AVG7_CCH:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP = H:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
@KernelFaultCheck%systemroot%\system32\dumprep 0 -k = %systemroot%\system32\dumprep 0 -k
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved >>>
@{42071714-76d4-11d1-8b24-00a0c9068ff3} /*Estensione panoramica video del Pannello di controllo*/deskpan.dll /*file not found*/ = deskpan.dll /*file not found*/
@{596AB062-B4D2-4215-9F74-E9109B0A8153} /*Pagina proprietà versioni precedenti*/%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll
@{9DB7A13C-F208-4981-8353-73CC61AE2783} /*Versioni precedenti*/%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll
@{E88DCCE0-B7B3-11d1-A9F0-00AA0060FA31} /*Cartella compressa*/(null) =
@{692F0339-CBAA-47e6-B5B5-3B84DB604E87} /*Extensions Manager Folder*/%SystemRoot%\system32\extmgr.dll = %SystemRoot%\system32\extmgr.dll
@{B41DB860-8EE4-11D2-9906-E49FADC173CA} /*WinRAR shell extension*/H:\Programmi\WinRAR\rarext.dll = H:\Programmi\WinRAR\rarext.dll
@{B327765E-D724-4347-8B16-78AE18552FC3} /*NeroDigitalIconHandler*/H:\Programmi\File comuni\Ahead\lib\NeroDigitalExt.dll = H:\Programmi\File comuni\Ahead\lib\NeroDigitalExt.dll
@{7F1CF152-04F8-453A-B34C-E609530A9DC8} /*NeroDigitalPropSheetHandler*/H:\Programmi\File comuni\Ahead\lib\NeroDigitalExt.dll = H:\Programmi\File comuni\Ahead\lib\NeroDigitalExt.dll
@{BDEADF00-C265-11D0-BCED-00A0C90AB50F} /*Cartelle Web*/H:\PROGRA~1\FILECO~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL = H:\PROGRA~1\FILECO~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
@{00020D75-0000-0000-C000-000000000046} /*Microsoft Office Outlook Desktop Icon Handler*/H:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL = H:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL
@{0006F045-0000-0000-C000-000000000046} /*Microsoft Office Outlook Custom Icon Handler*/H:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL = H:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL
@{42042206-2D85-11D3-8CFF-005004838597} /*Microsoft Office HTML Icon Handler*/H:\Programmi\Microsoft Office\OFFICE11\msohev.dll = H:\Programmi\Microsoft Office\OFFICE11\msohev.dll
@(null) =
@{6af09ec9-b429-11d4-a1fb-0090960218cb} /*My Bluetooth Places*/H:\WINDOWS\system32\btneighborhood.dll = H:\WINDOWS\system32\btneighborhood.dll
@{41154927-7C82-457D-8692-A561C6EB80D4} /*FolderContextMenu*/H:\PROGRA~1\NOVA-E~1\PCMOBI~1\MOBILE~1.DLL = H:\PROGRA~1\NOVA-E~1\PCMOBI~1\MOBILE~1.DLL
@{7A51BD61-1591-4160-9693-97D8A66363A3} /*ExtractIcon*/H:\PROGRA~1\NOVA-E~1\PCMOBI~1\MOBILE~1.DLL = H:\PROGRA~1\NOVA-E~1\PCMOBI~1\MOBILE~1.DLL
@{1240F6A4-42B6-4FA9-9494-544DE7CE3800} /*ShellPropSheet*/H:\PROGRA~1\NOVA-E~1\PCMOBI~1\MOBILE~1.DLL = H:\PROGRA~1\NOVA-E~1\PCMOBI~1\MOBILE~1.DLL
@{3DE31A9C-C186-424C-8F30-8AA9AC77BFEC} /*Mobile Devices*/H:\PROGRA~1\NOVA-E~1\PCMOBI~1\MOBILE~1.DLL = H:\PROGRA~1\NOVA-E~1\PCMOBI~1\MOBILE~1.DLL
@{e82a2d71-5b2f-43a0-97b8-81be15854de8} /*ShellLink for Application References*/H:\WINDOWS\system32\dfshim.dll = H:\WINDOWS\system32\dfshim.dll
@{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} /*Shell Icon Handler for Application References*/H:\WINDOWS\system32\dfshim.dll = H:\WINDOWS\system32\dfshim.dll
@{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} /*Autoplay for SlideShow*/(null) =
@{52B87208-9CCF-42C9-B88E-069281105805} /*Trojan Remover Shell Extension*/(null) =
@{416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A} /*PhoneBrowser*/H:\Programmi\Nokia\Nokia PC Suite 6\PhoneBrowser.dll = H:\Programmi\Nokia\Nokia PC Suite 6\PhoneBrowser.dll
@{C0C4375A-5B72-4efe-929D-3B848C3A1E91} /*Message View*/H:\Programmi\Nokia\Nokia PC Suite 6\MessageView.dll = H:\Programmi\Nokia\Nokia PC Suite 6\MessageView.dll
@{46E22146-59C0-4136-9233-52E412E2B428} /*EzCddax extension*/H:\Programmi\Easy CD-DA Extractor 8\ezcddax8.dll = H:\Programmi\Easy CD-DA Extractor 8\ezcddax8.dll
@{32020A01-506E-484D-A2A8-BE3CF17601C3} /*AlcoholShellEx*/(null) =
@{FED7043D-346A-414D-ACD7-550D052499A7} /*dBpowerAMP Music Converter 1*/H:\Programmi\Illustrate\dBpowerAMP\dBShell.dll = H:\Programmi\Illustrate\dBpowerAMP\dBShell.dll
@{2C49B5D0-ACE7-4D17-9DF0-A254A6C5A0C5} /*dBpowerAMP Music Converter*/H:\Programmi\Illustrate\dBpowerAMP\dMCShell.dll = H:\Programmi\Illustrate\dBpowerAMP\dMCShell.dll
@{6EE51AA0-77A0-11D7-B4E1-000347126E46} /*Window Washer Shredding Utility*/H:\PROGRA~1\FILECO~1\WEBROO~1\SHELLW~1.DLL = H:\PROGRA~1\FILECO~1\WEBROO~1\SHELLW~1.DLL
@{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} /*iTunes*/H:\Programmi\iTunes\iTunesMiniPlayer.dll = H:\Programmi\iTunes\iTunesMiniPlayer.dll
@{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D} /*Messenger Sharing Folders*/H:\Programmi\MSN Messenger\fsshext.8.1.0178.00.dll = H:\Programmi\MSN Messenger\fsshext.8.1.0178.00.dll
@{35786D3C-B075-49b9-88DD-029876E11C01} /*Portable Devices*/%SystemRoot%\system32\wpdshext.dll = %SystemRoot%\system32\wpdshext.dll
@{D6791A63-E7E2-4fee-BF52-5DED8E86E9B8} /*Portable Devices Menu*/%SystemRoot%\system32\wpdshext.dll = %SystemRoot%\system32\wpdshext.dll
@{49BF5420-FA7F-11cf-8011-00A0C90A8F78} /*Mobile Device*/H:\PROGRA~1\MI3AA1~1\Wcesview.dll = H:\PROGRA~1\MI3AA1~1\Wcesview.dll
@{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} /*Shell Extensions for RealOne Player*/H:\Programmi\Real\RealPlayer\rpshell.dll = H:\Programmi\Real\RealPlayer\rpshell.dll
@{5E2121EE-0300-11D4-8D3B-444553540000} /*Catalyst Context Menu extension*/H:\Programmi\ATI Technologies\ATI.ACE\atiacmxx.dll = H:\Programmi\ATI Technologies\ATI.ACE\atiacmxx.dll
@{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} /*AVG7 Shell Extension*/H:\Programmi\Grisoft\AVG7\avgse.dll = H:\Programmi\Grisoft\AVG7\avgse.dll
@{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} /*AVG7 Find Extension*/H:\Programmi\Grisoft\AVG7\avgse.dll = H:\Programmi\Grisoft\AVG7\avgse.dll
HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ >>>
AVG7 Shell Extension@{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} = H:\Programmi\Grisoft\AVG7\avgse.dll
EzCddax@{46E22146-59C0-4136-9233-52E412E2B428} = H:\Programmi\Easy CD-DA Extractor 8\ezcddax8.dll
Washer@{6EE51AA0-77A0-11D7-B4E1-000347126E46} = H:\PROGRA~1\FILECO~1\WEBROO~1\SHELLW~1.DLL
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = H:\Programmi\WinRAR\rarext.dll
HKLM\Software\Classes\*\shellex\ContextMenuHandlers@{EB4D3CFE-E2AA-4C6E-B2FE-2A749F95D208} = H:\Programmi\Nero\Nero 7\Nero BackItUp\NBShell.dll
HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ >>>
Washer@{6EE51AA0-77A0-11D7-B4E1-000347126E46} = H:\PROGRA~1\FILECO~1\WEBROO~1\SHELLW~1.DLL
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = H:\Programmi\WinRAR\rarext.dll
HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ >>>
AVG7 Shell Extension@{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} = H:\Programmi\Grisoft\AVG7\avgse.dll
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = H:\Programmi\WinRAR\rarext.dll
HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers@{EB4D3CFE-E2AA-4C6E-B2FE-2A749F95D208} = H:\Programmi\Nero\Nero 7\Nero BackItUp\NBShell.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects >>>
@{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}H:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll = H:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
@{4E9CAE1A-545D-48EA-8EEF-4D1DB6695AD3}H:\Programmi\Sytexis Software\Web Stream Recorder\wsr_ieplug.dll = H:\Programmi\Sytexis Software\Web Stream Recorder\wsr_ieplug.dll
@{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}H:\Programmi\Java\jre1.5.0_06\bin\ssv.dll = H:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
@{9030D464-4C02-4ABF-8ECC-5164760863C6}H:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll = H:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
HKCU\Control Panel\Desktop@SCRNSAVE.EXE = H:\WINDOWS\WATER_~1.SCR
HKLM\Software\Microsoft\Internet Explorer\Main >>>
@Default_Page_URLhttp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
@Start Pagehttp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
@Local Page%SystemRoot%\system32\blank.htm = %SystemRoot%\system32\blank.htm
HKCU\Software\Microsoft\Internet Explorer\Main >>>
@Start Pagehttp://www.google.it/ = http://www.google.it/
@Local PageH:\WINDOWS\system32\blank.htm = H:\WINDOWS\system32\blank.htm
HKLM\Software\Classes\PROTOCOLS\Filter\text/xml@CLSID = H:\Programmi\File comuni\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
HKLM\Software\Classes\PROTOCOLS\Handler\ >>>
dvd@CLSID = H:\WINDOWS\system32\msvidctl.dll
its@CLSID = H:\WINDOWS\system32\itss.dll
livecall@CLSID = H:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
mhtml@CLSID = %SystemRoot%\system32\inetcomm.dll
ms-its@CLSID = H:\WINDOWS\system32\itss.dll
ms-itss@CLSID = H:\Programmi\File comuni\Microsoft Shared\Information Retrieval\msitss.dll
msnim@CLSID = H:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
mso-offdap@CLSID = H:\PROGRA~1\FILECO~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
mso-offdap11@CLSID = H:\PROGRA~1\FILECO~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
talkto@CLSID = H:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
tv@CLSID = H:\WINDOWS\system32\msvidctl.dll
wia@CLSID = H:\WINDOWS\system32\wiascr.dll
widimg@CLSID = H:\WINDOWS\system32\btxppanel.dll
HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{283D737C-7AA5-44BF-9824-1CD5DE389577} /*LAN WIFI*/ >>>
@IPAddress192.168.0.1 = 192.168.0.1
@NameServer192.168.0.1 = 192.168.0.1
@DefaultGateway =
@Domain =
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000004@LibraryPath = %SystemRoot%\system32\wshbth.dll
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\ >>>
000000000001@PackedCatalogItem = xfire_lsp.dll
000000000002@PackedCatalogItem = xfire_lsp.dll
000000000003@PackedCatalogItem = xfire_lsp.dll
000000000004@PackedCatalogItem = xfire_lsp.dll
000000000005@PackedCatalogItem = xfire_lsp.dll
000000000006@PackedCatalogItem = xfire_lsp.dll
000000000007@PackedCatalogItem = xfire_lsp.dll
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000015@PackedCatalogItem = xfire_lsp.dll
---- EOF - GMER 1.0.12 ----
Grazie a tutti siete fantastici