Indice del forum Olimpo Informatico
I Forum di Zeus News
Leggi la newsletter gratuita - Attiva il Menu compatto
 
 FAQFAQ   CercaCerca   Lista utentiLista utenti   GruppiGruppi   RegistratiRegistrati 
 ProfiloProfilo   Messaggi privatiMessaggi privati   Log inLog in 

    Newsletter RSS Facebook Twitter Contatti Ricerca
virus CVE-2007-0038 come eliminarlo?
Nuovo argomento   Rispondi    Indice del forum -> Pronto Soccorso Virus
Precedente :: Successivo  
Autore Messaggio
fabiobuc
Eroe in grazia degli dei
Eroe in grazia degli dei


Registrato: 27/01/07 16:27
Messaggi: 122
MessaggioInviato: 12 Apr 2007 12:06    Oggetto: virus CVE-2007-0038 come eliminarlo? Rispondi citando
ho un virus CVE-2007-0038, come faccio ad eliminarlo completamente, avast mi da sempre la sua presenza
Top
Profilo Invia messaggio privato
Orange
Dio maturo
Dio maturo


Registrato: 18/02/07 13:20
Messaggi: 2224
Residenza: Roma
MessaggioInviato: 12 Apr 2007 12:52    Oggetto: Rispondi citando
ciao, benvenuto!

sembra che si tratta dell'ultima trovata: un trojan che sfrutta la falla del cursore animato in Windows.
Citazione:
La falla consente a un cursore animato (file .ANI), annidabile in un e-mail o in una pagina Web visitata con Internet Explorer 6 o 7, di causare un buffer overflow sfruttabile dai vandali della Rete per infettare i computer e usarli per ulteriori attacchi virali o campagne di SPAM. La falla viene già sfruttata da almeno un worm e da alcuni spammer e si diffonde anche tramite chiavette USB e altri supporti


Microsoft ha rilasciato la patch apposita. la trovi su questa pagina, scarica quella che si addice alla tua versione del SO.
Top
Profilo Invia messaggio privato
fabiobuc
Eroe in grazia degli dei
Eroe in grazia degli dei


Registrato: 27/01/07 16:27
Messaggi: 122
MessaggioInviato: 12 Apr 2007 18:41    Oggetto: Rispondi citando
ma devo prorio pagare per usare il software che mi elimina il virus, oppure posso usare qualcosa free per eliminarlo?
Top
Profilo Invia messaggio privato
Orange
Dio maturo
Dio maturo


Registrato: 18/02/07 13:20
Messaggi: 2224
Residenza: Roma
MessaggioInviato: 12 Apr 2007 18:45    Oggetto: Rispondi citando
fabiobuc ha scritto:
ma devo prorio pagare per usare il software che mi elimina il virus, oppure posso usare qualcosa free per eliminarlo?

Shocked Shocked
in che senso?

il link che ti ho dato è della Microsoft e non mi pare che zio Bill fa pagare le patch di aggiornamento
Top
Profilo Invia messaggio privato
fabiobuc
Eroe in grazia degli dei
Eroe in grazia degli dei


Registrato: 27/01/07 16:27
Messaggi: 122
MessaggioInviato: 12 Apr 2007 19:07    Oggetto: Rispondi citando
si scusa, è che ci sto combattendo in mezzo a mille casini, in caso update non bastasse, cosa posso fare?

grazie mille
Top
Profilo Invia messaggio privato
fabiobuc
Eroe in grazia degli dei
Eroe in grazia degli dei


Registrato: 27/01/07 16:27
Messaggi: 122
MessaggioInviato: 12 Apr 2007 19:09    Oggetto: Rispondi citando
una curiosità , ho notato che il virus è arrivato con msn e tutte le volte che provo ad attivare messenger, praticamente sono costretto a riavviare il pc
Top
Profilo Invia messaggio privato
chemicalbit
Dio maturo
Dio maturo


Registrato: 01/04/05 18:59
Messaggi: 18597
Residenza: Milano
MessaggioInviato: 12 Apr 2007 23:22    Oggetto: Rispondi citando
Sposto in Pronto Soccorso Zeus
Top
Profilo Invia messaggio privato
fabiobuc
Eroe in grazia degli dei
Eroe in grazia degli dei


Registrato: 27/01/07 16:27
Messaggi: 122
MessaggioInviato: 13 Apr 2007 00:59    Oggetto: Rispondi citando
avast continua a dari la presenza di diversi virus, il sistema è nto più del solito. e ho avuto la segnalazione di possibile qualche file danneggiato. cosa devo fare, non riesco prorio a risolvere la situazione...
Top
Profilo Invia messaggio privato
fabiobuc
Eroe in grazia degli dei
Eroe in grazia degli dei


Registrato: 27/01/07 16:27
Messaggi: 122
MessaggioInviato: 13 Apr 2007 01:13    Oggetto: Rispondi citando
Win32:VBStat-C [Trj] questè l'ultima segnalazione di virus avuta
Top
Profilo Invia messaggio privato
Orange
Dio maturo
Dio maturo


Registrato: 18/02/07 13:20
Messaggi: 2224
Residenza: Roma
MessaggioInviato: 13 Apr 2007 07:50    Oggetto: Rispondi citando
chemicalbit ha scritto:
Sposto in Pronto Soccorso Zeus
Dubbio

fabiobuc : quell'altro hai sistemato con la patch?
scarica l'ultima versione di HiJack
scompattalo in una cartella sua (Programmi o Documenti). è importante che non si trovi nelle cartelle temporanee o sul desktop.
seleziona "Do a system scan and save a log file"
attendi l'apertura del blocco note di Windows con il tuo log.
copia tutto il suo contenuto e riportalo qui
Top
Profilo Invia messaggio privato
fabiobuc
Eroe in grazia degli dei
Eroe in grazia degli dei


Registrato: 27/01/07 16:27
Messaggi: 122
MessaggioInviato: 13 Apr 2007 12:35    Oggetto: Rispondi citando
ecco qua

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 12:32:42 PM, on 13/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\Programmi\Dassault Systemes\B16\intel_a\code\bin\CATSysDemon.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\VEXPLITE\viritsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\ATK0100\HControl.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programmi\ASUSTeK\ASUSDVD\PDVDServ.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\Programmi\Intel\Wireless\bin\ZCfgSvc.exe
C:\Programmi\Intel\Wireless\Bin\ifrmewrk.exe
C:\Programmi\Intel\Wireless\Bin\EOUWiz.exe
C:\Programmi\ASUS\ATK Media\DMEDIA.EXE
C:\Programmi\ASUS\Power4 Gear\BatteryLife.exe
C:\Programmi\ASUS\ASUS Live Update\ALU.exe
C:\Programmi\ASUS\Splendid\ACMON.exe
C:\Programmi\Wireless Console 2\wcourier.exe
C:\WINDOWS\sm56hlpr.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmi\Java\jre1.5.0_10\bin\jusched.exe
C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE
C:\WINDOWS\system32\ACEngSvr.exe
C:\Programmi\Lexmark X1100 Series\lxbkbmgr.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\Programmi\Lexmark X1100 Series\lxbkbmon.exe
C:\Programmi\QuickTime\qttask.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\Programmi\SPAMfighter\SFAgent.exe
C:\VEXPLITE\MONLITE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\System32\svchost.exe
C:\VEXPLITE\VIRITEXP.EXE
C:\Programmi\MSN Messenger\msnmsgr.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\DOCUME~1\AIRCOM~1\IMPOST~1\Temp\Directory temporanea 1 per HiJackThis_v2[1].zip\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://it.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://it.search.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://it.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://it.search.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programmi\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {67C55A8D-E808-4caa-9EA7-F77102DE0BB6} - C:\WINDOWS\system32\wmpbeici.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {970D022E-A884-4D2A-BB4A-EBC22D2FEBD2} - C:\WINDOWS\system32\nnnoomm.dll
O2 - BHO: (no name) - {A8EE6034-821F-4307-B505-5F6586C5E46F} - C:\WINDOWS\system32\ssttu.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar3.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar3.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RemoteControl] C:\Programmi\ASUSTeK\ASUSDVD\PDVDServ.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Programmi\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Programmi\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] "C:\Programmi\Intel\Wireless\Bin\EOUWiz.exe"
O4 - HKLM\..\Run: [ATKMEDIA] C:\Programmi\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [Power_Gear] C:\Programmi\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [ASUS Live Update] C:\Programmi\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [ACMON] C:\Programmi\ASUS\Splendid\ACMON.exe
O4 - HKLM\..\Run: [Wireless Console 2] C:\Programmi\Wireless Console 2\wcourier.exe
O4 - HKLM\..\Run: [ABLKSR] C:\WINDOWS\ABLKSR\ABLKSR.exe
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [Camera Detector] C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE -autorun
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Programmi\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [CloneDVDElbyDelay] "C:\Programmi\Elaborate Bytes\CloneDVD\ElbyCheck.exe" /L ElbyDelay
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Programmi\SPAMfighter\SFAgent.exe" update delay 60
O4 - HKLM\..\Run: [PrintDrive] rundll32.exe "C:\WINDOWS\system32\loortfxn.dll",setvm
O4 - HKLM\..\Run: [VIRIT LITE MONITOR] C:\VEXPLITE\MONLITE.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Programmi\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\YAHOO!\COMMON\yhexbmesit.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\YAHOO!\COMMON\yhexbmesit.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/IT-IT/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9DA41BFA-382F-4BA4-AE32-D70A76289D09} - http://atgcges51x.com/4c6246c87d596d084654/baiac/FineCash.cab
O20 - Winlogon Notify: nnnoomm - C:\WINDOWS\SYSTEM32\nnnoomm.dll
O20 - Winlogon Notify: ssttu - C:\WINDOWS\system32\ssttu.dll
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: A2omubihpiu - - (no file)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Backbone Service (BBDemon) - Dassault Systemes - C:\Programmi\Dassault Systemes\B16\intel_a\code\bin\CATSysDemon.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Virit eXplorer Lite (viritsvclite) - TG Soft Sas www.tgsoft.it - C:\VEXPLITE\viritsvc.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/AIRCOM~1/IMPOST~1/Temp/msohtml1/01/clip_image002.jpg

--
End of file - 11941 bytes
Top
Profilo Invia messaggio privato
fabiobuc
Eroe in grazia degli dei
Eroe in grazia degli dei


Registrato: 27/01/07 16:27
Messaggi: 122
MessaggioInviato: 13 Apr 2007 17:18    Oggetto: Ancora presenza virus CVE-2007-0038, chiedo aiuto Rispondi citando
Ancora c'è e ancora il sistema operativo mi segnala di tanto in tanto che ho qualche file danneggiato. ogni tanto durante la navigazione mi si aprono finestre pornograficeìhe o di casinò online o cose così.... avast, bitfinder a virIt mi segnalano vari nomi di virus che infettano file, ma nn li eliminano. Nelle ultime ore sembra che il sistema operativo gira meglio, ma la presenza del virus è tutt'ora rilevata.

vi posto il log

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 5:11:55 PM, on 13/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\Programmi\Dassault Systemes\B16\intel_a\code\bin\CATSysDemon.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\ATK0100\HControl.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programmi\ASUSTeK\ASUSDVD\PDVDServ.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\Programmi\Intel\Wireless\bin\ZCfgSvc.exe
C:\Programmi\Intel\Wireless\Bin\ifrmewrk.exe
C:\Programmi\Intel\Wireless\Bin\EOUWiz.exe
C:\Programmi\ASUS\ATK Media\DMEDIA.EXE
C:\Programmi\ASUS\Power4 Gear\BatteryLife.exe
C:\Programmi\ASUS\ASUS Live Update\ALU.exe
C:\Programmi\ASUS\Splendid\ACMON.exe
C:\Programmi\Wireless Console 2\wcourier.exe
C:\WINDOWS\sm56hlpr.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmi\Java\jre1.5.0_10\bin\jusched.exe
C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE
C:\WINDOWS\system32\ACEngSvr.exe
C:\Programmi\Lexmark X1100 Series\lxbkbmgr.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\Programmi\Lexmark X1100 Series\lxbkbmon.exe
C:\Programmi\QuickTime\qttask.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\Programmi\SPAMfighter\SFAgent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\MSN Messenger\MsnMsgr.Exe
C:\Programmi\iPod\bin\iPodService.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\Programmi\Internet Explorer\iexplore.exe
C:\DOCUME~1\AIRCOM~1\IMPOST~1\Temp\Directory temporanea 1 per HiJackThis_v2.zip\HiJackThis_v2.exe
C:\DOCUME~1\AIRCOM~1\IMPOST~1\Temp\Directory temporanea 2 per HiJackThis_v2.zip\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://it.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://it.search.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://it.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://it.search.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programmi\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {67C55A8D-E808-4caa-9EA7-F77102DE0BB6} - C:\WINDOWS\system32\wmpbeici.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {8F5F682C-1F9C-4EF6-A656-DD18D423ED31} - C:\WINDOWS\system32\ssttu.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {970D022E-A884-4D2A-BB4A-EBC22D2FEBD2} - C:\WINDOWS\system32\nnnoomm.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar3.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar3.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RemoteControl] C:\Programmi\ASUSTeK\ASUSDVD\PDVDServ.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Programmi\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Programmi\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] "C:\Programmi\Intel\Wireless\Bin\EOUWiz.exe"
O4 - HKLM\..\Run: [ATKMEDIA] C:\Programmi\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [Power_Gear] C:\Programmi\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [ASUS Live Update] C:\Programmi\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [ACMON] C:\Programmi\ASUS\Splendid\ACMON.exe
O4 - HKLM\..\Run: [Wireless Console 2] C:\Programmi\Wireless Console 2\wcourier.exe
O4 - HKLM\..\Run: [ABLKSR] C:\WINDOWS\ABLKSR\ABLKSR.exe
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [Camera Detector] C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE -autorun
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Programmi\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [CloneDVDElbyDelay] "C:\Programmi\Elaborate Bytes\CloneDVD\ElbyCheck.exe" /L ElbyDelay
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Programmi\SPAMfighter\SFAgent.exe" update delay 60
O4 - HKLM\..\Run: [PrintDrive] rundll32.exe "C:\WINDOWS\system32\loortfxn.dll",setvm
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Programmi\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\YAHOO!\COMMON\yhexbmesit.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\YAHOO!\COMMON\yhexbmesit.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/IT-IT/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9DA41BFA-382F-4BA4-AE32-D70A76289D09} - http://atgcges51x.com/4c6246c87d596d084654/baiac/FineCash.cab
O20 - Winlogon Notify: nnnoomm - C:\WINDOWS\SYSTEM32\nnnoomm.dll
O20 - Winlogon Notify: ssttu - C:\WINDOWS\system32\ssttu.dll
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: A2omubihpiu - - (no file)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Backbone Service (BBDemon) - Dassault Systemes - C:\Programmi\Dassault Systemes\B16\intel_a\code\bin\CATSysDemon.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/AIRCOM~1/IMPOST~1/Temp/msohtml1/01/clip_image002.jpg

--
End of file - 11787 bytes


di solito siete bravissimi, spero riusciate a darmi una mano,

grazie mille
Top
Profilo Invia messaggio privato
Orange
Dio maturo
Dio maturo


Registrato: 18/02/07 13:20
Messaggi: 2224
Residenza: Roma
MessaggioInviato: 13 Apr 2007 17:52    Oggetto: Rispondi citando
ciao!
di problemi ne hai piu di uno... Rolling Eyes

rendi visibili le cartelle nascoste
disattiva il ripristino del sistema
avvia il PC in modalità provvisoria
lancia HiJackThis
seleziona "Do a sistem scan only" metti la spunta alle voci elencate e premi "Fix cheked"
O2 - BHO: (no name) - {67C55A8D-E808-4caa-9EA7-F77102DE0BB6} - C:\WINDOWS\system32\wmpbeici.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {970D022E-A884-4D2A-BB4A-EBC22D2FEBD2} - C:\WINDOWS\system32\nnnoomm.dll
O2 - BHO: (no name) - {A8EE6034-821F-4307-B505-5F6586C5E46F} - C:\WINDOWS\system32\ssttu.dll
O4 - HKLM\..\Run: [PrintDrive] rundll32.exe "C:\WINDOWS\system32\loortfxn.dll",setvm
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O16 - DPF: {9DA41BFA-382F-4BA4-AE32-D70A76289D09} - http://atgcges51x.com/4c6246c87d596d084654/baiac/FineCash.cab
O20 - Winlogon Notify: nnnoomm - C:\WINDOWS\SYSTEM32\nnnoomm.dll
O20 - Winlogon Notify: ssttu - C:\WINDOWS\system32\ssttu.dll
O23 - Service: A2omubihpiu - - (no file)
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/AIRCOM~1/IMPOST~1/Temp/msohtml1/01/clip_image002.jpg


trova e se ci sono elimina questi files o cartelle
C:\WINDOWS\system32\wmpbeici.dll
C:\WINDOWS\system32\nnnoomm.dll
C:\WINDOWS\system32\ssttu.dll
C:\WINDOWS\system32\loortfxn.dll


scarica VundoFix di Atribune
e per sicurezza quest'altro di Symantec
seleziona Scan for Vundo e poi scegli Fix Vundo

posta i log del VundoFix e uno aggiornato do HiJack
Top
Profilo Invia messaggio privato
fabiobuc
Eroe in grazia degli dei
Eroe in grazia degli dei


Registrato: 27/01/07 16:27
Messaggi: 122
MessaggioInviato: 13 Apr 2007 22:03    Oggetto: Rispondi citando
ecco i log di HiJAck e Vundofix, ho ancora in giro il virus, avast lo segnala, ma il sistema operativo in generle sembra tornato normale. non riesco a cancellare in nessun modo c:\windows\system32\nnnoomm.dll davvero non capisco perchè, mi dice che è attivo in un altro progamma, ma non capisco quale visto che è tutto off.

mi sto esaurenado con sto maledetto viruss...... Mad Mad Mad


Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 9:59:06 PM, on 13/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\Programmi\Dassault Systemes\B16\intel_a\code\bin\CATSysDemon.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\ATK0100\HControl.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programmi\ASUSTeK\ASUSDVD\PDVDServ.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\Programmi\Intel\Wireless\bin\ZCfgSvc.exe
C:\Programmi\Intel\Wireless\Bin\ifrmewrk.exe
C:\Programmi\Intel\Wireless\Bin\EOUWiz.exe
C:\Programmi\ASUS\ATK Media\DMEDIA.EXE
C:\Programmi\ASUS\Power4 Gear\BatteryLife.exe
C:\Programmi\ASUS\ASUS Live Update\ALU.exe
C:\Programmi\ASUS\Splendid\ACMON.exe
C:\Programmi\Wireless Console 2\wcourier.exe
C:\WINDOWS\sm56hlpr.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmi\Java\jre1.5.0_10\bin\jusched.exe
C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE
C:\Programmi\Lexmark X1100 Series\lxbkbmgr.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\Programmi\Lexmark X1100 Series\lxbkbmon.exe
C:\Programmi\QuickTime\qttask.exe
C:\WINDOWS\system32\ACEngSvr.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\Programmi\SPAMfighter\SFAgent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\MSN Messenger\MsnMsgr.Exe
C:\Programmi\iPod\bin\iPodService.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\msiexec.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Programmi\Windows Live Toolbar\msn_sl.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\DOCUME~1\AIRCOM~1\IMPOST~1\Temp\Directory temporanea 4 per HiJackThis_v2.zip\HiJackThis_v2.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://it.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://it.search.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://it.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://it.search.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programmi\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {25C12353-2CF2-4CE3-8CF9-365641334FFB} - C:\WINDOWS\system32\pmkhf.dll (file missing)
O2 - BHO: (no name) - {67C55A8D-E808-4caa-9EA7-F77102DE0BB6} - C:\WINDOWS\system32\sftqquax.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {970D022E-A884-4D2A-BB4A-EBC22D2FEBD2} - C:\WINDOWS\system32\nnnoomm.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar3.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {C421F046-2276-411E-ADBF-D866ACCCB0A8} - C:\WINDOWS\system32\pmnno.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar3.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RemoteControl] C:\Programmi\ASUSTeK\ASUSDVD\PDVDServ.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Programmi\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Programmi\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] "C:\Programmi\Intel\Wireless\Bin\EOUWiz.exe"
O4 - HKLM\..\Run: [ATKMEDIA] C:\Programmi\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [Power_Gear] C:\Programmi\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [ASUS Live Update] C:\Programmi\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [ACMON] C:\Programmi\ASUS\Splendid\ACMON.exe
O4 - HKLM\..\Run: [Wireless Console 2] C:\Programmi\Wireless Console 2\wcourier.exe
O4 - HKLM\..\Run: [ABLKSR] C:\WINDOWS\ABLKSR\ABLKSR.exe
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [Camera Detector] C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE -autorun
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Programmi\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [CloneDVDElbyDelay] "C:\Programmi\Elaborate Bytes\CloneDVD\ElbyCheck.exe" /L ElbyDelay
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Programmi\SPAMfighter\SFAgent.exe" update delay 60
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Programmi\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\YAHOO!\COMMON\yhexbmesit.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\YAHOO!\COMMON\yhexbmesit.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9DA41BFA-382F-4BA4-AE32-D70A76289D09} - http://atgcges51x.com/4c6246c87d596d084654/baiac/FineCash.cab
O20 - Winlogon Notify: nnnoomm - C:\WINDOWS\SYSTEM32\nnnoomm.dll
O20 - Winlogon Notify: pmnno - C:\WINDOWS\system32\pmnno.dll
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: A2omubihpiu - - (no file)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Backbone Service (BBDemon) - Dassault Systemes - C:\Programmi\Dassault Systemes\B16\intel_a\code\bin\CATSysDemon.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/AIRCOM~1/IMPOST~1/Temp/msohtml1/01/clip_image002.jpg

--
End of file - 10998 bytes


Symantec Trojan.Vundo Removal Tool 1.5.0
The process "IEXPLORE.EXE" might be affected by the threat. It cannot be terminated.
The process "IEXPLORE.EXE" might be affected by the threat. It has been terminated.

C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\1. DMU Basics DMB_F\Student\Master_Exercise\Step_1_DS_Business_Jet\Aircraft\Bloc.CATPart.2005-11-03-04.27.28.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\1. DMU Basics DMB_F\Student\Master_Exercise\Step_1_DS_Business_Jet\Aircraft\Exit.CATPart.2005-11-03-04.27.30.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\1. DMU Basics DMB_F\Student\Master_Exercise\Step_1_DS_Business_Jet\Aircraft\Cockpit_door_Part2.CATPart.2005-11-03-04.26.48.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\1. DMU Basics DMB_F\Student\Master_Exercise\Step_1_DS_Business_Jet\Aircraft\Cockpit_door_Part3.CATPart.2005-11-03-04.27.08.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\1. DMU Basics DMB_F\Student\Master_Exercise\Step_1_DS_Business_Jet\Aircraft\Cockpit_door.CATPart.2005-11-03-04.27.02.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\1. DMU Basics DMB_F\Student\Master_Exercise\Step_1_DS_Business_Jet\Cabin_35_Pax\Stowage_box_Handle.CATPart.2005-11-03-04.26.48.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\1. DMU Basics DMB_F\Student\Master_Exercise\Step_1_DS_Business_Jet\Cabin_35_Pax\Stowage_Box_path.CATPart.2005-11-03-04.27.32.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\1. DMU Basics DMB_F\Student\Master_Exercise\Step_1_DS_Business_Jet\Cabin_35_Pax\Stowage_Box.CATPart.2005-11-03-04.27.24.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\1. DMU Basics DMB_F\Student\Master_Exercise\Step_1_DS_Business_Jet\Cabin_35_Pax\Stowage_Box_Door.CATPart.2005-11-03-04.27.02.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\1. DMU Basics DMB_F\Student\Master_Exercise\Step_1_DS_Business_Jet\Cabin_35_Pax\Lateral_Part_Life_Jacket.CATPart.2005-11-03-04.27.22.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\1. DMU Basics DMB_F\Student\Master_Exercise\Step_1_DS_Business_Jet\Cabin_35_Pax\Seat_Cushion.CATPart.2005-11-03-04.27.26.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\1. DMU Basics DMB_F\Student\Master_Exercise\Step_1_DS_Business_Jet\Cabin_35_Pax\Back.CATPart.2005-11-03-04.27.02.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\1. DMU Basics DMB_F\Student\Master_Exercise\Step_1_DS_Business_Jet\Cabin_35_Pax\Middle_Part.CATPart.2005-11-03-04.27.06.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\1. DMU Basics DMB_F\Student\Master_Exercise\Step_1_DS_Business_Jet\Cabin_35_Pax\Feet_Support.CATPart.2005-11-03-04.26.44.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\1. DMU Basics DMB_F\Student\Master_Exercise\Step_1_DS_Business_Jet\Cabin_35_Pax\Bottom_Back.CATPart.2005-11-03-04.27.32.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\1. DMU Basics DMB_F\Student\Master_Exercise\Step_1_DS_Business_Jet\Cabin_35_Pax\Lateral_Part.CATPart.2005-11-03-04.26.56.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\1. DMU Basics DMB_F\Student\Master_Exercise\Step_1_DS_Business_Jet\Cabin_35_Pax\Bottom_Back_first.CATPart.2005-11-03-04.27.28.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\1. DMU Basics DMB_F\Student\Master_Exercise\Step_1_DS_Business_Jet\Cabin_35_Pax\Table_Middle.CATPart.2005-11-03-04.27.26.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\1. DMU Basics DMB_F\Student\Master_Exercise\Step_1_DS_Business_Jet\Cabin_35_Pax\Table_Legs.CATPart.2005-11-03-04.27.06.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\1. DMU Basics DMB_F\Student\Master_Exercise\Step_1_DS_Business_Jet\Cabin_35_Pax\Extended_Part1.CATPart.2005-11-03-04.27.04.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\1. DMU Basics DMB_F\Student\Master_Exercise\Step_1_DS_Business_Jet\Cabin_35_Pax\Extended_Part2.CATPart.2005-11-03-04.27.20.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\1. DMU Basics DMB_F\Student\Master_Exercise\Step_1_DS_Business_Jet\Cabin_35_Pax\Litlle_Screen.CATPart.2005-11-03-04.27.22.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\1. DMU Basics DMB_F\Student\Master_Exercise\Step_1_DS_Business_Jet\Cabin_35_Pax\ Litlle_Screen.CATPart.2005-11-03-04.26.50.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\1. DMU Basics DMB_F\Student\Master_Exercise\Step_1_DS_Business_Jet\Cabin_35_Pax\ Screen_1.CATPart.2005-11-03-04.26.48.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\1. DMU Basics DMB_F\Student\Master_Exercise\Step_1_DS_Business_Jet\Cabin_35_Pax\Screen.CATPart.2005-11-03-04.27.06.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\6. DMU Kinematics Simulator KIN_F\Student\Master_Exercise_Data\MasterEx_Elliptic_Trainer_Data\Rolling_Wheel.CATPart.2005-11-03-04.48.28.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\6. DMU Kinematics Simulator KIN_F\Student\Master_Exercise_Data\MasterEx_Elliptic_Trainer_Data\Swing_Arm_L.CATPart.2005-11-03-04.48.22.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\6. DMU Kinematics Simulator KIN_F\Student\Master_Exercise_Data\MasterEx_Elliptic_Trainer_Data\SA_screw.CATPart.2005-11-03-04.48.22.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\6. DMU Kinematics Simulator KIN_F\Student\Master_Exercise_Data\MasterEx_Elliptic_Trainer_Data\Swing_Arm.CATPart.2005-11-03-04.48.24.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\6. DMU Kinematics Simulator KIN_F\Student\Master_Exercise_Data\MasterEx_Elliptic_Trainer_Data\rod.CATPart.2005-11-03-04.48.22.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\6. DMU Kinematics Simulator KIN_F\Student\Master_Exercise_Data\MasterEx_Elliptic_Trainer_Data\Cover_SW.CATPart.2005-11-03-04.48.22.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\6. DMU Kinematics Simulator KIN_F\Student\Master_Exercise_Data\MasterEx_Elliptic_Trainer_Data\Pad_Step6.CATPart.2005-11-03-04.48.22.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\6. DMU Kinematics Simulator KIN_F\Student\Master_Exercise_Data\MasterEx_Elliptic_Trainer_Data\Washer_SB.CATPart.2005-11-03-04.48.28.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\6. DMU Kinematics Simulator KIN_F\Student\Master_Exercise_Data\MasterEx_Elliptic_Trainer_Data\rod_spacer.CATPart.2005-11-03-04.48.22.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\6. DMU Kinematics Simulator KIN_F\Student\Master_Exercise_Data\MasterEx_Elliptic_Trainer_Data\Small_Wheel_Axis.CATPart.2005-11-03-04.48.22.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\6. DMU Kinematics Simulator KIN_F\Student\Master_Exercise_Data\MasterEx_Elliptic_Trainer_Data\Step_Bar_G.CATPart.2005-11-03-04.48.22.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\6. DMU Kinematics Simulator KIN_F\Student\Master_Exercise_Data\MasterEx_Elliptic_Trainer_Data\Step_Bar.CATPart.2005-11-03-04.48.28.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\6. DMU Kinematics Simulator KIN_F\Student\Master_Exercise_Data\MasterEx_Elliptic_Trainer_Data\Chassis_screw.CATPart.2005-11-03-04.48.22.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\6. DMU Kinematics Simulator KIN_F\Student\Master_Exercise_Data\MasterEx_Elliptic_Trainer_Data\Break_Screw.CATPart.2005-11-03-04.48.28.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\6. DMU Kinematics Simulator KIN_F\Student\Master_Exercise_Data\MasterEx_Elliptic_Trainer_Data\Break_Bolt.CATPart.2005-11-03-04.48.24.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\6. DMU Kinematics Simulator KIN_F\Student\Master_Exercise_Data\MasterEx_Elliptic_Trainer_Data\break_washer.CATPart.2005-11-03-04.48.22.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\6. DMU Kinematics Simulator KIN_F\Student\Master_Exercise_Data\MasterEx_Elliptic_Trainer_Data\Break_spacer.CATPart.2005-11-03-04.48.22.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\6. DMU Kinematics Simulator KIN_F\Student\Master_Exercise_Data\MasterEx_Elliptic_Trainer_Data\Break_Wheel.CATPart.2005-11-03-04.48.22.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\6. DMU Kinematics Simulator KIN_F\Student\Master_Exercise_Data\MasterEx_Elliptic_Trainer_Data\Break_Wheel_Axis.CATPart.2005-11-03-04.48.22.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\6. DMU Kinematics Simulator KIN_F\Student\Master_Exercise_Data\MasterEx_Elliptic_Trainer_Data\Bronze_bearing.CATPart.2005-11-03-04.48.28.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\6. DMU Kinematics Simulator KIN_F\Student\Master_Exercise_Data\MasterEx_Elliptic_Trainer_Data\Frame.CATPart.2005-11-03-04.48.22.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\6. DMU Kinematics Simulator KIN_F\Student\Master_Exercise_Data\MasterEx_Elliptic_Trainer_Data\SA_washer.CATPart.2005-11-03-04.48.22.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\6. DMU Kinematics Simulator KIN_F\Student\Master_Exercise_Data\MasterEx_Elliptic_Trainer_Data\SA_spacer.CATPart.2005-11-03-04.48.24.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\6. DMU Kinematics Simulator KIN_F\Student\Master_Exercise_Data\MasterEx_Elliptic_Trainer_Data\Screw_holder.CATPart.2005-11-03-04.48.28.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\6. DMU Kinematics Simulator KIN_F\Student\Master_Exercise_Data\MasterEx_Elliptic_Trainer_Data\Holder_SA.CATPart.2005-11-03-04.48.24.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\6. DMU Kinematics Simulator KIN_F\Student\Master_Exercise_Data\MasterEx_Elliptic_Trainer_Data\Cover_screw.CATPart.2005-11-03-04.48.22.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\6. DMU Kinematics Simulator KIN_F\Student\Master_Exercise_Data\MasterEx_Elliptic_Trainer_Data\Cover_L.CATPart.2005-11-03-04.48.22.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\6. DMU Kinematics Simulator KIN_F\Student\Master_Exercise_Data\MasterEx_Elliptic_Trainer_Data\Cover_R.CATPart.2005-11-03-04.48.22.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\6. DMU Kinematics Simulator KIN_F\Student\Master_Exercise_Data\MasterEx_Elliptic_Trainer_Data\Bearing.CATPart.2005-11-03-04.48.22.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\6. DMU Kinematics Simulator KIN_F\Student\Master_Exercise_Data\MasterEx_Elliptic_Trainer_Data\Bearing_screw.CATPart.2005-11-03-04.48.22.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\6. DMU Kinematics Simulator KIN_F\Student\Master_Exercise_Data\MasterEx_Elliptic_Trainer_Data\Dashboard.CATPart.2005-11-03-04.48.22.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\6. DMU Kinematics Simulator KIN_F\Student\Master_Exercise_Data\MasterEx_Elliptic_Trainer_Data\Dashboard_support.CATPart.2005-11-03-04.48.22.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\6. DMU Kinematics Simulator KIN_F\Student\Master_Exercise_Data\MasterEx_Elliptic_Trainer_Data\Mast.CATPart.2005-11-03-04.48.28.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\6. DMU Kinematics Simulator KIN_F\Student\Master_Exercise_Data\MasterEx_Elliptic_Trainer_Data\Cover.CATPart.2005-11-03-04.48.24.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\6. DMU Kinematics Simulator KIN_F\Student\Master_Exercise_Data\MasterEx_Elliptic_Trainer_Data\Arm_Support.CATPart.2005-11-03-04.48.22.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\6. DMU Kinematics Simulator KIN_F\Student\Master_Exercise_Data\MasterEx_Elliptic_Trainer_Data\Small_grip.CATPart.2005-11-03-04.48.24.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\6. DMU Kinematics Simulator KIN_F\Student\Master_Exercise_Data\MasterEx_Elliptic_Trainer_Data\cap.CATPart.2005-11-03-04.48.22.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\6. DMU Kinematics Simulator KIN_F\Student\Master_Exercise_Data\MasterEx_Elliptic_Trainer_Data\Feet_Grip.CATPart.2005-11-03-04.48.24.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\6. DMU Kinematics Simulator KIN_F\Student\Master_Exercise_Data\MasterEx_Elliptic_Trainer_Data\Chassis_base.CATPart.2005-11-03-04.48.28.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\6. DMU Kinematics Simulator KIN_F\Student\Master_Exercise_Data\MasterEx_Elliptic_Trainer_Data\key.CATPart.2005-11-03-04.48.28.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\6. DMU Kinematics Simulator KIN_F\Student\Master_Exercise_Data\MasterEx_Elliptic_Trainer_Data\spacer.CATPart.2005-11-03-04.48.24.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\6. DMU Kinematics Simulator KIN_F\Student\Master_Exercise_Data\MasterEx_Elliptic_Trainer_Data\Axis.CATPart.2005-11-03-04.48.22.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\6. DMU Kinematics Simulator KIN_F\Student\Master_Exercise_Data\MasterEx_Elliptic_Trainer_Data\wheel_washer_axis.CATPart.2005-11-03-04.48.22.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\6. DMU Kinematics Simulator KIN_F\Student\Master_Exercise_Data\MasterEx_Elliptic_Trainer_Data\Step_Axis.CATPart.2005-11-03-04.48.22.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\6. DMU Kinematics Simulator KIN_F\Student\Master_Exercise_Data\MasterEx_Elliptic_Trainer_Data\Wheels_cap.CATPart.2005-11-03-04.48.22.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\6. DMU Kinematics Simulator KIN_F\Student\Master_Exercise_Data\MasterEx_Elliptic_Trainer_Data\Wheels_washer.CATPart.2005-11-03-04.48.22.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\6. DMU Kinematics Simulator KIN_F\Student\Master_Exercise_Data\MasterEx_Elliptic_Trainer_Data\Wheels_screw.CATPart.2005-11-03-04.48.22.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\6. DMU Kinematics Simulator KIN_F\Student\Master_Exercise_Data\MasterEx_Elliptic_Trainer_Data\Wheel.CATPart.2005-11-03-04.48.28.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week D - DMU\6. DMU Kinematics Simulator KIN_F\Student\Master_Exercise_Data\MasterEx_Elliptic_Trainer_Data\Skeleton_Step2.CATPart.2005-11-03-04.48.28.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week F - NC-3-Axis, Multi-Axis, Advanced\1. Numerical Control Infrastructure NCI_F\Student\AdvEX00-ImportAPT\Fixtures.CATPart.2005-10-26-10.18.30.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week F - NC-3-Axis, Multi-Axis, Advanced\1. Numerical Control Infrastructure NCI_F\Student\AdvEX00-ImportAPT\Table.CATPart.2005-10-26-10.18.18.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week F - NC-3-Axis, Multi-Axis, Advanced\1. Numerical Control Infrastructure NCI_F\Student\AdvEX00-ImportAPT\Stock.CATPart.2005-10-26-10.17.42.cgr (WARNING: not scanned, path to long)
C:\Documents and Settings\AirComp 2\Impostazioni locali\Dati applicazioni\DassaultSystemes\CATCache\cgr\#3\EserciziCatiaV5v\Es.Maverick\Week F - NC-3-Axis, Multi-Axis, Advanced\1. Numerical Control Infrastructure NCI_F\Student\AdvEX00-ImportAPT\Aero_part.CATPart.2005-10-26-10.16.30.cgr (WARNING: not scanned, path to long)

Trojan.Vundo has been successfully removed from your computer!

Here is the report:

The total number of the scanned files: 231043
The number of deleted files: 0
The number of viral processes terminated: 1
The number of viral threads terminated: 0
The number of registry entries fixed: 0
Top
Profilo Invia messaggio privato
fabiobuc
Eroe in grazia degli dei
Eroe in grazia degli dei


Registrato: 27/01/07 16:27
Messaggi: 122
MessaggioInviato: 13 Apr 2007 23:27    Oggetto: Rispondi citando
penso che HiJack per qualche motivo non finziona, mi ritrovo sempre i file presenti e qualche virus in giro. Ho fatto tutti i passaggi che mi hai detto, ma a parte che in generale il sistema operativo gira abbastanza bene nel complesso, ogni tanto avast mi segnala qualche virus e mi si aprono pagine internet di siti pornografici, di film e casinò.... devo solo chiuderli, però capisci che è una rottura.

so che vi sto martoriando con queste domande, ma davvero vorrei togliermi sto virus dal pc.

ciao e grazie
Top
Profilo Invia messaggio privato
Smjert
Dio maturo
Dio maturo


Registrato: 01/04/06 18:19
Messaggi: 1619
Residenza: Perso nella rete
MessaggioInviato: 14 Apr 2007 11:25    Oggetto: Rispondi citando
Avvia HijackThis, premi Do a system scan only, spunta queste voci e poi premi FixChecked:

Citazione:
O2 - BHO: (no name) - {67C55A8D-E808-4caa-9EA7-F77102DE0BB6} - C:\WINDOWS\system32\wmpbeici.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {8F5F682C-1F9C-4EF6-A656-DD18D423ED31} - C:\WINDOWS\system32\ssttu.dll
O2 - BHO: (no name) - {970D022E-A884-4D2A-BB4A-EBC22D2FEBD2} - C:\WINDOWS\system32\nnnoomm.dll
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_10\bin\ssv.dll
O16 - DPF: {9DA41BFA-382F-4BA4-AE32-D70A76289D09} - http://atgcges51x.com/4c6246c87d596d084654/baiac/FineCash.cab
O20 - Winlogon Notify: nnnoomm - C:\WINDOWS\SYSTEM32\nnnoomm.dll
O20 - Winlogon Notify: ssttu - C:\WINDOWS\system32\ssttu.dll
O23 - Service: A2omubihpiu - - (no file)


Ne sai qualcosa di questa voce?
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/AIRCOM~1/IMPOST~1/Temp/msohtml1/01/clip_image002.jpg


Prova a scaricare il removal tool del Vundo.

Mettilo sul desktop e avvialo.
Quando ti si apre premi su Scan for Vundo.
Quando ha finito la scansione premi su Remove Vundo.
Ti chiederà se vuoi rimuovere i files, tu rispondi YES
Quando cliccherai yes il desktop diventerà bianco perchè il VundoFix inizierà a rimuovere i files.
Quando avrà finito ti chiederà se può riavviare il pc, premi OK.

Riavvia il pc in Modalità Provvisoria (quando ti fa il calcolo della memoria, ti segna gli hd collegati ecc premi continuamente F8 finchè non appare un menu, da lì scegli con le freccie la modalità).

Citazione:
Apri una cartella qualunque, vai su
Strumenti->Opzioni Cartella->scheda Visualizzazione,
spunta la voce "Visualizza cartelle e file nascosti", togli la spunta a
"Nascondi file protetti di sistema" (digli di sì).


Cancella questi file se sono ancora presenti C:\WINDOWS\system32\wmpbeici.dll, C:\WINDOWS\system32\ssttu.dll, C:\WINDOWS\system32\nnnoomm.dll

Riavvia il pc in Modalità Normale.

Posta un nuovo log di HijackThis.
Top
Profilo Invia messaggio privato HomePage
fabiobuc
Eroe in grazia degli dei
Eroe in grazia degli dei


Registrato: 27/01/07 16:27
Messaggi: 122
MessaggioInviato: 14 Apr 2007 14:02    Oggetto: Rispondi citando
allora, ora mando il nuovo log di hijack, io non riesco ad eliminare c:\WINDOWS\system32\nnnomm.dll
lo ritrovo sempre, provo ad eliminarlo e mi dice che il file è in uso da un altro utente o in un altro programma, ma di programmi aperti non ne avevo proprio nessuno in modalità provvisoria. otretuto hijackthis nonsembra funzionare perchè ogni log mi ridà le voci che avevo spuntato. e avst continua a segnalarmi nuovi virus..... mi sono stufato, mando il nuovo log di hijack this come richiesto

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 2:02:27 PM, on 14/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\Programmi\Dassault Systemes\B16\intel_a\code\bin\CATSysDemon.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\ATK0100\HControl.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programmi\ASUSTeK\ASUSDVD\PDVDServ.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\Programmi\Intel\Wireless\bin\ZCfgSvc.exe
C:\Programmi\Intel\Wireless\Bin\ifrmewrk.exe
C:\Programmi\Intel\Wireless\Bin\EOUWiz.exe
C:\Programmi\ASUS\ATK Media\DMEDIA.EXE
C:\Programmi\ASUS\Power4 Gear\BatteryLife.exe
C:\Programmi\ASUS\ASUS Live Update\ALU.exe
C:\Programmi\ASUS\Splendid\ACMON.exe
C:\Programmi\Wireless Console 2\wcourier.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\sm56hlpr.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ACEngSvr.exe
C:\Programmi\Java\jre1.5.0_10\bin\jusched.exe
C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE
C:\Programmi\Lexmark X1100 Series\lxbkbmgr.exe
C:\Programmi\Lexmark X1100 Series\lxbkbmon.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\Programmi\QuickTime\qttask.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\Programmi\SPAMfighter\SFAgent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\system32\msiexec.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\DOCUME~1\AIRCOM~1\IMPOST~1\Temp\Directory temporanea 6 per HiJackThis_v2.zip\HiJackThis_v2.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://it.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://it.search.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://it.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://it.search.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programmi\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {17EDF906-82E1-4475-B044-10B069575EFA} - C:\WINDOWS\system32\jkkll.dll
O2 - BHO: (no name) - {2CE31FA7-11B1-46CC-A128-C38C82F07BFE} - C:\WINDOWS\system32\pmnno.dll (file missing)
O2 - BHO: (no name) - {67C55A8D-E808-4caa-9EA7-F77102DE0BB6} - C:\WINDOWS\system32\iuxjnyii.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {970D022E-A884-4D2A-BB4A-EBC22D2FEBD2} - C:\WINDOWS\system32\nnnoomm.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar3.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar3.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RemoteControl] C:\Programmi\ASUSTeK\ASUSDVD\PDVDServ.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Programmi\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Programmi\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] "C:\Programmi\Intel\Wireless\Bin\EOUWiz.exe"
O4 - HKLM\..\Run: [ATKMEDIA] C:\Programmi\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [Power_Gear] C:\Programmi\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [ASUS Live Update] C:\Programmi\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [ACMON] C:\Programmi\ASUS\Splendid\ACMON.exe
O4 - HKLM\..\Run: [Wireless Console 2] C:\Programmi\Wireless Console 2\wcourier.exe
O4 - HKLM\..\Run: [ABLKSR] C:\WINDOWS\ABLKSR\ABLKSR.exe
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [Camera Detector] C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE -autorun
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Programmi\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [CloneDVDElbyDelay] "C:\Programmi\Elaborate Bytes\CloneDVD\ElbyCheck.exe" /L ElbyDelay
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Programmi\SPAMfighter\SFAgent.exe" update delay 60
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Programmi\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\YAHOO!\COMMON\yhexbmesit.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\YAHOO!\COMMON\yhexbmesit.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
O20 - Winlogon Notify: jkkll - C:\WINDOWS\system32\jkkll.dll
O20 - Winlogon Notify: nnnoomm - C:\WINDOWS\SYSTEM32\nnnoomm.dll
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: A2omubihpiu - - (no file)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Backbone Service (BBDemon) - Dassault Systemes - C:\Programmi\Dassault Systemes\B16\intel_a\code\bin\CATSysDemon.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/AIRCOM~1/IMPOST~1/Temp/msohtml1/01/clip_image002.jpg

--
End of file - 10549 bytes


come vedi alcune voci sono rimaste, e non capisco il perchè

aspetto news, perfavore datemi una mano

grazie
Top
Profilo Invia messaggio privato
Smjert
Dio maturo
Dio maturo


Registrato: 01/04/06 18:19
Messaggi: 1619
Residenza: Perso nella rete
MessaggioInviato: 14 Apr 2007 14:28    Oggetto: Rispondi citando
Il Vundo l'hai fatto girare? ha funzionato?
Sei riuscito a cancellare tutti i file meno nnnoomm.dll?

Attenzione che le voci sono tornate sì ma i file non sono gli stessi, semplicemente per tutto il tempo che hai avuto il malware lui ha creato una serie di file copia.. e ora non ci resta che cancellarli man mano..

Avvia HijackThis, premi Do a system scan only, spunta queste voci e poi premi FixChecked:

Citazione:
O2 - BHO: (no name) - {17EDF906-82E1-4475-B044-10B069575EFA} - C:\WINDOWS\system32\jkkll.dll
O2 - BHO: (no name) - {2CE31FA7-11B1-46CC-A128-C38C82F07BFE} - C:\WINDOWS\system32\pmnno.dll (file missing)
O2 - BHO: (no name) - {67C55A8D-E808-4caa-9EA7-F77102DE0BB6} - C:\WINDOWS\system32\iuxjnyii.dll
O2 - BHO: (no name) - {970D022E-A884-4D2A-BB4A-EBC22D2FEBD2} - C:\WINDOWS\system32\nnnoomm.dll
O20 - Winlogon Notify: jkkll - C:\WINDOWS\system32\jkkll.dll
O20 - Winlogon Notify: nnnoomm - C:\WINDOWS\SYSTEM32\nnnoomm.dll


Per rendere un po' più agevole la cosa senza dover andare in Modalità Provvisoria scarica Avenger e decomprimilo sul desktop.

Adesso avvia il file avenger.exe
Seleziona l'opzione "Input Script Manually"
Clicca sulla lente di ingrandimento

Ti si apre una finestra "View/edit script"
All'interno del box bianco,copia e incolla le scritte qui sotto:

Citazione:
files to delete:
C:\WINDOWS\system32\jkkll.dll
C:\WINDOWS\system32\pmnno.dll
C:\WINDOWS\system32\iuxjnyii.dll
C:\WINDOWS\system32\nnnoomm.dll


Clicca sul pulsante Done
Clicca sull'icona del semaforo verde
Rispondi Yes
Il pc dovrebbe riavviarsi da solo,se così non fosse riavvialo manualmente.

Posta un nuovo log di HijackThis e il contenuto del log di Avenger (C:\Avenger.txt).

E riguardo quella voce 024??
Top
Profilo Invia messaggio privato HomePage
fabiobuc
Eroe in grazia degli dei
Eroe in grazia degli dei


Registrato: 27/01/07 16:27
Messaggi: 122
MessaggioInviato: 14 Apr 2007 14:53    Oggetto: Rispondi citando
il vundo ha funzionato , nel senso che ha faatto lo scan e il remove normalmente. si gli altri non ci sono più solo nnnoomm.dll non lo riesco a togliere.

per quanto riguarda alcune voci del malware, alcune cambiano, ma altre sono le stesse come ad esempio
O20 - Winlogon Notify: nnnoomm - C:\WINDOWS\SYSTEM32\nnnoomm.dll
O23 - Service: A2omubihpiu - - (no file)

poi ho anche altre voci del malware.comunque ora ripeto le operazioni che mi hai detto usando anche Avenger e ti aggiorno

grazie
Top
Profilo Invia messaggio privato
fabiobuc
Eroe in grazia degli dei
Eroe in grazia degli dei


Registrato: 27/01/07 16:27
Messaggi: 122
MessaggioInviato: 14 Apr 2007 15:05    Oggetto: Rispondi
ho eseguito tutto quello che mi hai raccomandato di fare ti posto i log, ma credo qualcosa non abbia funzionato con Avenger, nel senso che non ha fatto il delete dei file

ogfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 3:03:18 PM, on 14/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\Programmi\Dassault Systemes\B16\intel_a\code\bin\CATSysDemon.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\ATK0100\HControl.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programmi\ASUSTeK\ASUSDVD\PDVDServ.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\Programmi\Intel\Wireless\bin\ZCfgSvc.exe
C:\Programmi\Intel\Wireless\Bin\ifrmewrk.exe
C:\Programmi\Intel\Wireless\Bin\EOUWiz.exe
C:\Programmi\ASUS\ATK Media\DMEDIA.EXE
C:\Programmi\ASUS\Power4 Gear\BatteryLife.exe
C:\Programmi\ASUS\ASUS Live Update\ALU.exe
C:\Programmi\ASUS\Splendid\ACMON.exe
C:\Programmi\Wireless Console 2\wcourier.exe
C:\WINDOWS\sm56hlpr.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmi\Java\jre1.5.0_10\bin\jusched.exe
C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE
C:\Programmi\Lexmark X1100 Series\lxbkbmgr.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\Programmi\QuickTime\qttask.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\Programmi\SPAMfighter\SFAgent.exe
C:\WINDOWS\system32\ACEngSvr.exe
C:\Programmi\Lexmark X1100 Series\lxbkbmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\MSN Messenger\MsnMsgr.Exe
C:\Programmi\iPod\bin\iPodService.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\WINDOWS\system32\notepad.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\system32\msiexec.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\DOCUME~1\AIRCOM~1\IMPOST~1\Temp\Directory temporanea 8 per HiJackThis_v2.zip\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://it.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://it.search.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://it.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://it.search.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programmi\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {929CACD2-E296-45C8-90BE-284749BCBC52} - C:\WINDOWS\system32\jkkll.dll (file missing)
O2 - BHO: (no name) - {970D022E-A884-4D2A-BB4A-EBC22D2FEBD2} - C:\WINDOWS\system32\nnnoomm.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar3.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar3.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RemoteControl] C:\Programmi\ASUSTeK\ASUSDVD\PDVDServ.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Programmi\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Programmi\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] "C:\Programmi\Intel\Wireless\Bin\EOUWiz.exe"
O4 - HKLM\..\Run: [ATKMEDIA] C:\Programmi\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [Power_Gear] C:\Programmi\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [ASUS Live Update] C:\Programmi\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [ACMON] C:\Programmi\ASUS\Splendid\ACMON.exe
O4 - HKLM\..\Run: [Wireless Console 2] C:\Programmi\Wireless Console 2\wcourier.exe
O4 - HKLM\..\Run: [ABLKSR] C:\WINDOWS\ABLKSR\ABLKSR.exe
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [Camera Detector] C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE -autorun
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Programmi\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [CloneDVDElbyDelay] "C:\Programmi\Elaborate Bytes\CloneDVD\ElbyCheck.exe" /L ElbyDelay
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Programmi\SPAMfighter\SFAgent.exe" update delay 60
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Programmi\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\YAHOO!\COMMON\yhexbmesit.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\YAHOO!\COMMON\yhexbmesit.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
O20 - Winlogon Notify: jkkll - C:\WINDOWS\system32\jkkll.dll (file missing)
O20 - Winlogon Notify: nnnoomm - nnnoomm.dll (file missing)
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: A2omubihpiu - - (no file)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Backbone Service (BBDemon) - Dassault Systemes - C:\Programmi\Dassault Systemes\B16\intel_a\code\bin\CATSysDemon.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/AIRCOM~1/IMPOST~1/Temp/msohtml1/01/clip_image002.jpg

--
End of file - 10206 bytes




Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\fnexycqi

*******************

Script file located at: \??\C:\Program Files\hjlplyem.txt
Script file opened successfully.

Script file read successfully

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

File C:\WINDOWS\system32\jkkll.dll deleted successfully.


File C:\WINDOWS\system32\pmnno.dll not found!
Deletion of file C:\WINDOWS\system32\pmnno.dll failed!

Could not process line:
C:\WINDOWS\system32\pmnno.dll
Status: 0xc0000034

File C:\WINDOWS\system32\iuxjnyii.dll deleted successfully.
File C:\WINDOWS\system32\nnnoomm.dll deleted successfully.

Completed script processing.

*******************

Finished! Terminate.
Top
Profilo Invia messaggio privato
Mostra prima i messaggi di:   
Nuovo argomento   Rispondi    Indice del forum -> Pronto Soccorso Virus Tutti i fusi orari sono GMT + 2 ore
Vai a 1, 2  Successivo
Pagina 1 di 2

 
Vai a:  
Non puoi inserire nuovi argomenti
Non puoi rispondere a nessun argomento
Non puoi modificare i tuoi messaggi
Non puoi cancellare i tuoi messaggi
Non puoi votare nei sondaggi