www.MegaLab.it

[cristiansilvi]

Ciao a tutti
mi chiamo cristian e sto cercando qualcuno che sia in grado di interpretare I logFile.
Mi sono imbattuto in ConnectionService(linkOptimizer) e seguendo la procedura indicata dal sito sono arrivato e li mi sono fermato alla lettura del log.

cristian

ho allegato di seguito il log file(ho utilizzato il programma Gmer, fare uno scan delle schede "Autostart" e "Rootkit" e poi ho utilizzato anche hijackthis di seguito) non so quale utilizzare.


GMER 1.0.11.11390 - http://www.gmer.net
Autostart 2006-10-27 00:40:58
Windows 5.1.2600 Service Pack 2


HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems@Windows = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon@Userinit = C:\WINDOWS\system32\userinit.exe,

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon@DLLName = WgaLogon.dll

HKLM\SYSTEM\CurrentControlSet\Services\ >>>
ATKKeyboardService /*ATK Keyboard Service*/@ = C:\WINDOWS\ATKKBService.exe
Avg7Alrt /*AVG7 Alert Manager Server*/@ = C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
Avg7UpdSvc /*AVG7 Update Service*/@ = C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
btwdins /*Bluetooth Service*/@ = C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
C-DillaCdaC11BA /*C-DillaCdaC11BA*/@ = C:\WINDOWS\system32\drivers\CDAC11BA.EXE
MDM /*Machine Debug Manager*/@ = "C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE"
NVSvc /*NVIDIA Display Driver Service*/@ = %SystemRoot%\system32\nvsvc32.exe
SecAyn /*SecAyn*/@ = "C:\Programmi\File comuni\Microsoft Shared\SYA.exe" /*file not found*/
Spooler /*Spooler di stampa*/@ = %SystemRoot%\system32\spoolsv.exe
UMWdf /*Windows User Mode Driver Framework*/@ = C:\WINDOWS\system32\wdfmgr.exe
vsmon /*TrueVector Internet Monitor*/@ = C:\WINDOWS\system32\ZoneLabs\vsmon.exe -service
WinDefend /*Windows Defender Service*/@ = "C:\Programmi\Windows Defender\MsMpEng.exe"

HKLM\Software\Microsoft\Windows\CurrentVersion\Run >>>
@NvCplDaemonRUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup = RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
@Zone Labs ClientC:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe = C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe
@Windows Defender"C:\Programmi\Windows Defender\MSASCui.exe" -hide = "C:\Programmi\Windows Defender\MSASCui.exe" -hide
@SunJavaUpdateSchedC:\Programmi\Java\jre1.5.0_06\bin\jusched.exe = C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe
@SoundManSOUNDMAN.EXE = SOUNDMAN.EXE
@RoxioEngineUtility"C:\Programmi\File comuni\Roxio Shared\System\EngUtil.exe" = "C:\Programmi\File comuni\Roxio Shared\System\EngUtil.exe"
@RoxioDragToDisc"C:\Programmi\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe" = "C:\Programmi\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
@RoxioAudioCentral"C:\Programmi\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe" = "C:\Programmi\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe"
@QuickTime Task"C:\Programmi\QuickTime\qttask.exe" -atboottime = "C:\Programmi\QuickTime\qttask.exe" -atboottime
@PinnacleDriverCheckC:\WINDOWS\system32\PSDrvCheck.exe -CheckReg = C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
@PCSuiteTrayApplicationC:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray /*file not found*/ = C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray /*file not found*/
@osww2.exeC:\WINDOWS\Temp\osww2.exe /*file not found*/ = C:\WINDOWS\Temp\osww2.exe /*file not found*/
@nwiznwiz.exe /install = nwiz.exe /install
@NVRaidServiceC:\WINDOWS\system32\nvraidservice.exe = C:\WINDOWS\system32\nvraidservice.exe
@NvMediaCenterRUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit = RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
@NeroFilterCheckC:\WINDOWS\system32\NeroCheck.exe = C:\WINDOWS\system32\NeroCheck.exe
@iTunesHelper"C:\Programmi\iTunes\iTunesHelper.exe" = "C:\Programmi\iTunes\iTunesHelper.exe"
@DataLayerC:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe = C:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe
@BluetoothAuthenticationAgentrundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent = rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
@AVG7_CCC:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP = C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
@Acrobat Assistant 7.0"C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" = "C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"

HKCU\Software\Microsoft\Windows\CurrentVersion\Run@ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks@{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} = C:\PROGRA~1\WIFD1F~1\MpShHook.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved >>>
@{42071714-76d4-11d1-8b24-00a0c9068ff3} /*Estensione panoramica video del Pannello di controllo*/deskpan.dll /*file not found*/ = deskpan.dll /*file not found*/
@{596AB062-B4D2-4215-9F74-E9109B0A8153} /*Pagina proprietà versioni precedenti*/%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll
@{9DB7A13C-F208-4981-8353-73CC61AE2783} /*Versioni precedenti*/%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll
@{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} /*Autoplay for SlideShow*/(null) =
@{692F0339-CBAA-47e6-B5B5-3B84DB604E87} /*Extensions Manager Folder*/%SystemRoot%\system32\extmgr.dll = %SystemRoot%\system32\extmgr.dll
@{A70C977A-BF00-412C-90B7-034C51DA2439} /*NvCpl DesktopContext Class*/C:\WINDOWS\system32\nvcpl.dll = C:\WINDOWS\system32\nvcpl.dll
@{FFB699E0-306A-11d3-8BD1-00104B6F7516} /*Play on my TV helper*/C:\WINDOWS\system32\nvcpl.dll = C:\WINDOWS\system32\nvcpl.dll
@{1CDB2949-8F65-4355-8456-263E7C208A5D} /*Desktop Explorer*/C:\WINDOWS\system32\nvshell.dll = C:\WINDOWS\system32\nvshell.dll
@{1E9B04FB-F9E5-4718-997B-B8DA88302A47} /*Desktop Explorer Menu*/C:\WINDOWS\system32\nvshell.dll = C:\WINDOWS\system32\nvshell.dll
@{1E9B04FB-F9E5-4718-997B-B8DA88302A48} /*nView Desktop Context Menu*/C:\WINDOWS\system32\nvshell.dll = C:\WINDOWS\system32\nvshell.dll
@{E0D79304-84BE-11CE-9641-444553540000} /*WinZip*/C:\PROGRA~1\WINZIP\WZSHLSTB.DLL = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
@{E0D79305-84BE-11CE-9641-444553540000} /*WinZip*/C:\PROGRA~1\WINZIP\WZSHLSTB.DLL = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
@{E0D79306-84BE-11CE-9641-444553540000} /*WinZip*/C:\PROGRA~1\WINZIP\WZSHLSTB.DLL = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
@{E0D79307-84BE-11CE-9641-444553540000} /*WinZip*/C:\PROGRA~1\WINZIP\WZSHLSTB.DLL = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
@{6af09ec9-b429-11d4-a1fb-0090960218cb} /*My Bluetooth Places*/C:\WINDOWS\system32\btneighborhood.dll = C:\WINDOWS\system32\btneighborhood.dll
@{BDEADF00-C265-11D0-BCED-00A0C90AB50F} /*Cartelle Web*/C:\PROGRA~1\FILECO~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL = C:\PROGRA~1\FILECO~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
@{00020D75-0000-0000-C000-000000000046} /*Microsoft Office Outlook Desktop Icon Handler*/C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL = C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL
@{0006F045-0000-0000-C000-000000000046} /*Microsoft Office Outlook Custom Icon Handler*/C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL = C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL
@{42042206-2D85-11D3-8CFF-005004838597} /*Microsoft Office HTML Icon Handler*/C:\Programmi\Microsoft Office\OFFICE11\msohev.dll = C:\Programmi\Microsoft Office\OFFICE11\msohev.dll
@{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} /*Adobe.Acrobat.ContextMenu*/C:\Programmi\Adobe\Acrobat 7.0\Acrobat Elements\ContextMenu.dll = C:\Programmi\Adobe\Acrobat 7.0\Acrobat Elements\ContextMenu.dll
@{B41DB860-8EE4-11D2-9906-E49FADC173CA} /*WinRAR shell extension*/C:\Programmi\WinRAR\rarext.dll = C:\Programmi\WinRAR\rarext.dll
@{5E44E225-A408-11CF-B581-008029601108} /*Roxio DragToDisc Shell Extension*/C:\Programmi\Roxio\Easy CD Creator 6\DragToDisc\shellex.dll = C:\Programmi\Roxio\Easy CD Creator 6\DragToDisc\shellex.dll
@{A44D5ACC-3411-40DE-9AD3-214FFB2ED7AC} /*My Media*/C:\Programmi\Roxio\Easy CD Creator 6\AudioCentral\MediaSX.dll = C:\Programmi\Roxio\Easy CD Creator 6\AudioCentral\MediaSX.dll
@{AC1DB655-4F9A-4c39-8AD2-A65324A4C446} /*Autodesk Drawing Preview*/C:\Programmi\File comuni\Autodesk Shared\Thumbnail\AcThumbnail16.dll = C:\Programmi\File comuni\Autodesk Shared\Thumbnail\AcThumbnail16.dll
@{36A21736-36C2-4C11-8ACB-D4136F2B57BD} /*Gestore icona firma digitale di AutoCAD*/C:\WINDOWS\system32\AcSignIcon.dll = C:\WINDOWS\system32\AcSignIcon.dll
@{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D} /*Messenger Sharing Folders*/C:\Programmi\MSN Messenger\fsshext.8.0.0792.00.dll = C:\Programmi\MSN Messenger\fsshext.8.0.0792.00.dll
@{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} /*iTunes*/C:\Programmi\iTunes\iTunesMiniPlayer.dll = C:\Programmi\iTunes\iTunesMiniPlayer.dll
@{A155339D-CCCD-4714-85EB-3754B804C9DF} /*a-squared Free Context Menu Shell Extension*/C:\PROGRA~1\A-SQUA~1\A2FREE~1.DLL = C:\PROGRA~1\A-SQUA~1\A2FREE~1.DLL
@{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} /*AVG7 Shell Extension*/C:\Programmi\Grisoft\AVG7\avgse.dll = C:\Programmi\Grisoft\AVG7\avgse.dll
@{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} /*AVG7 Find Extension*/C:\Programmi\Grisoft\AVG7\avgse.dll = C:\Programmi\Grisoft\AVG7\avgse.dll
@{40950107-FEA6-4d53-A65F-B2DCBA57DD58} /*Nokia Phone Browser*/C:\Programmi\Nokia\Nokia PC Suite 6\PhoneBrowser.dll = C:\Programmi\Nokia\Nokia PC Suite 6\PhoneBrowser.dll
@{FBFE7864-D495-41f0-B7DC-4BB601CC295E} /*Contact View*/C:\Programmi\Nokia\Nokia PC Suite 6\ContactView.dll = C:\Programmi\Nokia\Nokia PC Suite 6\ContactView.dll
@{C0C4375A-5B72-4efe-929D-3B848C3A1E91} /*Message View*/C:\Programmi\Nokia\Nokia PC Suite 6\MessageView.dll = C:\Programmi\Nokia\Nokia PC Suite 6\MessageView.dll

HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ >>>
Adobe.Acrobat.ContextMenu@{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} = C:\Programmi\Adobe\Acrobat 7.0\Acrobat Elements\ContextMenu.dll
AVG7 Shell Extension@{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} = C:\Programmi\Grisoft\AVG7\avgse.dll
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Programmi\WinRAR\rarext.dll
WinZip@{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ >>>
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Programmi\WinRAR\rarext.dll
WinZip@{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ >>>
a2FreeContMenu@{A155339D-CCCD-4714-85EB-3754B804C9DF} = C:\PROGRA~1\A-SQUA~1\A2FREE~1.DLL
AVG7 Shell Extension@{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} = C:\Programmi\Grisoft\AVG7\avgse.dll
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Programmi\WinRAR\rarext.dll
WinZip@{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects >>>
@{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll = C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
@{3565342D-001E-30BA-9614-AAB78C187353}C:\WINDOWS\wlifi1.dll /*file not found*/ = C:\WINDOWS\wlifi1.dll /*file not found*/
@{AE7CD045-E861-484f-8273-0445EE161910}C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll = C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
@{BDF3E430-B101-42AD-A544-FADC6B084872}(null) =

HKLM\Software\Microsoft\Internet Explorer\Extensions\@{85d1f590-48f4-11d9-9669-0800200c9a66} =

HKLM\Software\Microsoft\Internet Explorer\Main >>>
@Default_Page_URLhttp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
@Start Pagehttp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
@Local Page%SystemRoot%\system32\blank.htm = %SystemRoot%\system32\blank.htm

HKCU\Software\Microsoft\Internet Explorer\Main >>>
@Start Pagehttp://www.google.it/ = http://www.google.it/
@Local PageC:\WINDOWS\system32\blank.htm = C:\WINDOWS\system32\blank.htm

HKLM\Software\Classes\PROTOCOLS\Filter\text/xml@CLSID = C:\Programmi\File comuni\Microsoft Shared\OFFICE11\MSOXMLMF.DLL

HKLM\Software\Classes\PROTOCOLS\Handler\ >>>
dvd@CLSID = C:\WINDOWS\system32\msvidctl.dll
its@CLSID = C:\WINDOWS\system32\itss.dll
livecall@CLSID = C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
mhtml@CLSID = %SystemRoot%\system32\inetcomm.dll
ms-its@CLSID = C:\WINDOWS\system32\itss.dll
ms-itss@CLSID = C:\Programmi\File comuni\Microsoft Shared\Information Retrieval\MSITSS.DLL
msnim@CLSID = C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
mso-offdap@CLSID = C:\PROGRA~1\FILECO~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
mso-offdap11@CLSID = C:\PROGRA~1\FILECO~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
tv@CLSID = C:\WINDOWS\system32\msvidctl.dll
wia@CLSID = C:\WINDOWS\system32\wiascr.dll

HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{FFA1C3C6-AE65-463F-8541-3D8B356CE8C8} /*Connessione alla rete locale (LAN)*/ >>>
@IPAddress192.168.0.114 = 192.168.0.114
@NameServer =
@DefaultGateway =
@Domain =

HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000004@LibraryPath = %SystemRoot%\system32\wshbth.dll

C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica >>>
Adobe Gamma Loader.lnk = Adobe Gamma Loader.lnk
Avvio veloce di Adobe Acrobat.lnk = Avvio veloce di Adobe Acrobat.lnk
BTTray.lnk = BTTray.lnk
NkbMonitor.exe.lnk = NkbMonitor.exe.lnk

---- EOF - GMER 1.0.11 ----

GMER 1.0.11.11390 - http://www.gmer.net
Rootkit 2006-10-27 00:39:48
Windows 5.1.2600 Service Pack 2


---- System - GMER 1.0.11 ----

SSDT \SystemRoot\System32\vsdatant.sys ZwCreateFile
SSDT \SystemRoot\System32\vsdatant.sys ZwCreateKey
SSDT \SystemRoot\System32\vsdatant.sys ZwDeleteFile
SSDT \SystemRoot\System32\vsdatant.sys ZwDeleteKey
SSDT \SystemRoot\System32\vsdatant.sys ZwDeleteValueKey
SSDT \SystemRoot\System32\vsdatant.sys ZwLoadKey
SSDT \SystemRoot\System32\vsdatant.sys ZwOpenFile
SSDT \SystemRoot\System32\vsdatant.sys ZwReplaceKey
SSDT \SystemRoot\System32\vsdatant.sys ZwRestoreKey
SSDT \SystemRoot\System32\vsdatant.sys ZwSetInformationFile
SSDT \SystemRoot\System32\vsdatant.sys ZwSetValueKey

---- Devices - GMER 1.0.11 ----

Device \Driver\Tcpip \Device\Ip IRP_MJ_CREATE [ECB49230] vsdatant.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_CLOSE [ECB49230] vsdatant.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CONTROL [ECB49230] vsdatant.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_INTERNAL_DEVICE_CONTROL [ECB49230] vsdatant.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_CLEANUP [ECB49230] vsdatant.sys
Device \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE [ECB49230] vsdatant.sys
Device \Driver\Tcpip \Device\Tcp IRP_MJ_CLOSE [ECB49230] vsdatant.sys
Device \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CONTROL [ECB49230] vsdatant.sys
Device \Driver\Tcpip \Device\Tcp IRP_MJ_INTERNAL_DEVICE_CONTROL [ECB49230] vsdatant.sys
Device \Driver\Tcpip \Device\Tcp IRP_MJ_CLEANUP [ECB49230] vsdatant.sys
Device \Driver\Tcpip \Device\Udp IRP_MJ_CREATE [ECB49230] vsdatant.sys
Device \Driver\Tcpip \Device\Udp IRP_MJ_CLOSE [ECB49230] vsdatant.sys
Device \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CONTROL [ECB49230] vsdatant.sys
Device \Driver\Tcpip \Device\Udp IRP_MJ_INTERNAL_DEVICE_CONTROL [ECB49230] vsdatant.sys
Device \Driver\Tcpip \Device\Udp IRP_MJ_CLEANUP [ECB49230] vsdatant.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE [ECB49230] vsdatant.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_CLOSE [ECB49230] vsdatant.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CONTROL [ECB49230] vsdatant.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_INTERNAL_DEVICE_CONTROL [ECB49230] vsdatant.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_CLEANUP [ECB49230] vsdatant.sys
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CREATE [ECB49230] vsdatant.sys
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CLOSE [ECB49230] vsdatant.sys
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_DEVICE_CONTROL [ECB49230] vsdatant.sys
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_INTERNAL_DEVICE_CONTROL [ECB49230] vsdatant.sys
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CLEANUP [ECB49230] vsdatant.sys

---- Registry - GMER 1.0.11 ----

Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ThreadingModel Apartment
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@cd042efbbd7f7af1647644e76e06692b 0xE2 0x63 0x26 0xF1 ...
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ThreadingModel Apartment
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@bca643cdc5c2726b20d2ecedcc62c59b 0x6A 0x9C 0xD6 0x61 ...
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ThreadingModel Apartment
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@2c81e34222e8052573023a60d06dd016 0x25 0xDA 0xEC 0x7E ...
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ThreadingModel Apartment
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@2582ae41fb52324423be06337561aa48 0x86 0x8C 0x21 0x01 ...
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ThreadingModel Apartment
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@caaeda5fd7a9ed7697d9686d4b818472 0xCD 0x44 0xCD 0xB9 ...
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ThreadingModel Apartment
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@a4a1bcf2cc2b8bc3716b74b2b4522f5d 0xDF 0x20 0x58 0x62 ...
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ThreadingModel Apartment
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@4d370831d2c43cd13623e232fed27b7b 0xFB 0xA7 0x78 0xE6 ...
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ThreadingModel Apartment
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@1d68fe701cdea33e477eb204b76f993d 0x01 0x3A 0x48 0xFC ...
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ThreadingModel Apartment
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@1fac81b91d8e3c5aa4b0a51804d844a3 0xB2 0x46 0x9A 0xE2 ...
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ThreadingModel Apartment
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@f5f62a6129303efb32fbe080bb27835b 0x3D 0xCE 0xEA 0x26 ...
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ThreadingModel Apartment
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@fd4e2e1a3940b94dceb5a6a021f2e3c6 0x2A 0xB7 0xCC 0xB5 ...
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ThreadingModel Apartment
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@8a8aec57dd6508a385616fbc86791ec2 0x6C 0x43 0x2D 0x1E ...

---- Files - GMER 1.0.11 ----

ADS C:\Documents and Settings\All Users\Dati applicazioni\TEMP:2A81F9CE
ADS ...
ADS ...
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\unidado_alette.gif
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\unidado_es_alto.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\unidado_es_autof.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\unidado_es_basso.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\unidado_es_calo.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\unidado_es_flan.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\unidado_es_norm.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\unirosette_den.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\unirosette_pia.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\unirosette_spa.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univari_copiglia.gif
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univari_fascetta.gif
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univari_gaffa.gif
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univari_golf_fem.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univari_golf_mas.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univari_grillo_dri.gif
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univari_grillo_ome.gif
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univari_ingrassatori.gif
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univari_perno_tes.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univari_seeger_alb.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univari_seeger_for.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univari_spina_cil.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univari_spina_con.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univari_tirante_occ.gif
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univite_if.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univite_mat_legn.gif
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univite_mat_plast.gif
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univite_ssei_cil.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univite_ssei_con.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univite_ssei_pia.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univite_ss_int_con.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univite_ss_int_pia.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univite_tb_autof.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univite_tcei.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univite_tc_int.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univite_te_autof.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univite_te_if.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univite_te_pf.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univite_tsei.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univite_ts_autof.jpg

---- EOF - GMER 1.0.11 ----





questo invece lo fatto con hijackthis




Logfile of HijackThis v1.99.1
Scan saved at 20.17.13, on 27/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ATKKBService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe
C:\Programmi\Windows Defender\MSASCui.exe
C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programmi\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
C:\Programmi\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe
C:\Programmi\QuickTime\qttask.exe
C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\WINDOWS\system32\nvraidservice.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programmi\iTunes\iTunesHelper.exe
C:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\FILECO~1\PCSuite\Services\SERVIC~1.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
C:\Programmi\Nikon\PictureProject\NkbMonitor.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Programmi\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Documents and Settings\Proprietario\Impostazioni locali\Temp\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.it/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Class - {3565342D-001E-30BA-9614-AAB78C187353} - C:\WINDOWS\wlifi1.dll (file missing)
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Zone Labs Client] C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Programmi\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Programmi\File comuni\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Programmi\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Programmi\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [osww2.exe] C:\WINDOWS\Temp\osww2.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DataLayer] C:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Avvio veloce di Adobe Acrobat.lnk = ?
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Programmi\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: Converti destinazione link in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti destinazione link in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Converti i link selezionati in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Converti i link selezionati in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Converti in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti nel file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Converti selezione in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti selezione in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Invia a &Bluetooth - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.5) - http://eu-housecall.trendmicro-europe.c ... hcImpl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.laplink.com/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 8465173390
O16 - DPF: {A335EC30-2007-4F57-A0D1-4FDFCCA18B91} - http://td8eau9td.com/04e1b747/50310/1/xp/FreeAccess.cab
O16 - DPF: {D673F916-45FC-4B35-82EC-9650F39915DB} (Explorer3DForWeb) - http://www.3dilio.it/tredexplorer.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C17FAE26-168D-4F94-8A64-C72CAB55AC6B}: NameServer = 193.70.152.15 193.70.152.25
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe


[/quote]

[aris73]

mamma mia.....
andiamo per gradi, innanzi tutto scarica virit http://www.tgsoft.it/italy/download.htm , aggiornalo e scansiona da provvisoria, dopodiché fai girare i due tool prevx e symantec, nell'ordine in cui li ho scritti, ulteriore scansione con virit e finale scansione con avg antispyware, aggiornato e da provvisoria. Infine scarica Ccleaner, lo installi e lo apri, vai su Opzioni -> avanzate, e togli la spunta a "Cancella files in windows temp solo se più vecchi di 48 ore" , ripulisci il pc dai file temporanei e chiavi di registro. riavvii e riposti il log di GMER autostart e rootkit.

[cristiansilvi]

Ti ringrazio e mi scuso per averti risposto così tardi ma non sono stato a casa questi giorni.
ti allego qui di seguito il log file dopo la procedura che mi hai detto.

GMER 1.0.11.11390 - http://www.gmer.net
Autostart 2006-10-31 21:01:06
Windows 5.1.2600 Service Pack 2


HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems@Windows = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon@Userinit = C:\WINDOWS\system32\userinit.exe,

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon@DLLName = WgaLogon.dll

HKLM\SYSTEM\CurrentControlSet\Services\ >>>
ATKKeyboardService /*ATK Keyboard Service*/@ = C:\WINDOWS\ATKKBService.exe
AVG Anti-Spyware Guard /*AVG Anti-Spyware Guard*/@ = C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\guard.exe
Avg7Alrt /*AVG7 Alert Manager Server*/@ = C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
Avg7UpdSvc /*AVG7 Update Service*/@ = C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
btwdins /*Bluetooth Service*/@ = C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
C-DillaCdaC11BA /*C-DillaCdaC11BA*/@ = C:\WINDOWS\system32\drivers\CDAC11BA.EXE
MDM /*Machine Debug Manager*/@ = "C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE"
NVSvc /*NVIDIA Display Driver Service*/@ = %SystemRoot%\system32\nvsvc32.exe
Spooler /*Spooler di stampa*/@ = %SystemRoot%\system32\spoolsv.exe
UMWdf /*Windows User Mode Driver Framework*/@ = C:\WINDOWS\system32\wdfmgr.exe
viritsvclite /*Virit eXplorer Lite*/@ = C:\VEXPLITE\viritsvc.exe
vsmon /*TrueVector Internet Monitor*/@ = C:\WINDOWS\system32\ZoneLabs\vsmon.exe -service
WinDefend /*Windows Defender Service*/@ = "C:\Programmi\Windows Defender\MsMpEng.exe"

HKLM\Software\Microsoft\Windows\CurrentVersion\Run >>>
@NvCplDaemonRUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup = RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
@Zone Labs ClientC:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe = C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe
@Windows Defender"C:\Programmi\Windows Defender\MSASCui.exe" -hide = "C:\Programmi\Windows Defender\MSASCui.exe" -hide
@SunJavaUpdateSchedC:\Programmi\Java\jre1.5.0_06\bin\jusched.exe = C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe
@SoundManSOUNDMAN.EXE = SOUNDMAN.EXE
@RoxioEngineUtility"C:\Programmi\File comuni\Roxio Shared\System\EngUtil.exe" = "C:\Programmi\File comuni\Roxio Shared\System\EngUtil.exe"
@RoxioDragToDisc"C:\Programmi\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe" = "C:\Programmi\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
@RoxioAudioCentral"C:\Programmi\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe" = "C:\Programmi\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe"
@QuickTime Task"C:\Programmi\QuickTime\qttask.exe" -atboottime = "C:\Programmi\QuickTime\qttask.exe" -atboottime
@PinnacleDriverCheckC:\WINDOWS\system32\PSDrvCheck.exe -CheckReg = C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
@PCSuiteTrayApplicationC:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray /*file not found*/ = C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray /*file not found*/
@nwiznwiz.exe /install = nwiz.exe /install
@NVRaidServiceC:\WINDOWS\system32\nvraidservice.exe = C:\WINDOWS\system32\nvraidservice.exe
@NvMediaCenterRUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit = RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
@NeroFilterCheckC:\WINDOWS\system32\NeroCheck.exe = C:\WINDOWS\system32\NeroCheck.exe
@iTunesHelper"C:\Programmi\iTunes\iTunesHelper.exe" = "C:\Programmi\iTunes\iTunesHelper.exe"
@DataLayerC:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe = C:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe
@BluetoothAuthenticationAgentrundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent = rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
@AVG7_CCC:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP = C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
@Acrobat Assistant 7.0"C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" = "C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
@!AVG Anti-Spyware"C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized = "C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
@VIRIT LITE MONITORC:\VEXPLITE\MONLITE.EXE = C:\VEXPLITE\MONLITE.EXE

HKCU\Software\Microsoft\Windows\CurrentVersion\Run@ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks >>>
@{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}C:\PROGRA~1\WIFD1F~1\MpShHook.dll = C:\PROGRA~1\WIFD1F~1\MpShHook.dll
@{57B86673-276A-48B2-BAE7-C6DBB3020EB8}C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll = C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved >>>
@{42071714-76d4-11d1-8b24-00a0c9068ff3} /*Estensione panoramica video del Pannello di controllo*/deskpan.dll /*file not found*/ = deskpan.dll /*file not found*/
@{596AB062-B4D2-4215-9F74-E9109B0A8153} /*Pagina proprietà versioni precedenti*/%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll
@{9DB7A13C-F208-4981-8353-73CC61AE2783} /*Versioni precedenti*/%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll
@{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} /*Autoplay for SlideShow*/(null) =
@{692F0339-CBAA-47e6-B5B5-3B84DB604E87} /*Extensions Manager Folder*/%SystemRoot%\system32\extmgr.dll = %SystemRoot%\system32\extmgr.dll
@{A70C977A-BF00-412C-90B7-034C51DA2439} /*NvCpl DesktopContext Class*/C:\WINDOWS\system32\nvcpl.dll = C:\WINDOWS\system32\nvcpl.dll
@{FFB699E0-306A-11d3-8BD1-00104B6F7516} /*Play on my TV helper*/C:\WINDOWS\system32\nvcpl.dll = C:\WINDOWS\system32\nvcpl.dll
@{1CDB2949-8F65-4355-8456-263E7C208A5D} /*Desktop Explorer*/C:\WINDOWS\system32\nvshell.dll = C:\WINDOWS\system32\nvshell.dll
@{1E9B04FB-F9E5-4718-997B-B8DA88302A47} /*Desktop Explorer Menu*/C:\WINDOWS\system32\nvshell.dll = C:\WINDOWS\system32\nvshell.dll
@{1E9B04FB-F9E5-4718-997B-B8DA88302A48} /*nView Desktop Context Menu*/C:\WINDOWS\system32\nvshell.dll = C:\WINDOWS\system32\nvshell.dll
@{E0D79304-84BE-11CE-9641-444553540000} /*WinZip*/C:\PROGRA~1\WINZIP\WZSHLSTB.DLL = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
@{E0D79305-84BE-11CE-9641-444553540000} /*WinZip*/C:\PROGRA~1\WINZIP\WZSHLSTB.DLL = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
@{E0D79306-84BE-11CE-9641-444553540000} /*WinZip*/C:\PROGRA~1\WINZIP\WZSHLSTB.DLL = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
@{E0D79307-84BE-11CE-9641-444553540000} /*WinZip*/C:\PROGRA~1\WINZIP\WZSHLSTB.DLL = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
@{6af09ec9-b429-11d4-a1fb-0090960218cb} /*My Bluetooth Places*/C:\WINDOWS\system32\btneighborhood.dll = C:\WINDOWS\system32\btneighborhood.dll
@{BDEADF00-C265-11D0-BCED-00A0C90AB50F} /*Cartelle Web*/C:\PROGRA~1\FILECO~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL = C:\PROGRA~1\FILECO~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
@{00020D75-0000-0000-C000-000000000046} /*Microsoft Office Outlook Desktop Icon Handler*/C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL = C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL
@{0006F045-0000-0000-C000-000000000046} /*Microsoft Office Outlook Custom Icon Handler*/C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL = C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL
@{42042206-2D85-11D3-8CFF-005004838597} /*Microsoft Office HTML Icon Handler*/C:\Programmi\Microsoft Office\OFFICE11\msohev.dll = C:\Programmi\Microsoft Office\OFFICE11\msohev.dll
@{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} /*Adobe.Acrobat.ContextMenu*/C:\Programmi\Adobe\Acrobat 7.0\Acrobat Elements\ContextMenu.dll = C:\Programmi\Adobe\Acrobat 7.0\Acrobat Elements\ContextMenu.dll
@{B41DB860-8EE4-11D2-9906-E49FADC173CA} /*WinRAR shell extension*/C:\Programmi\WinRAR\rarext.dll = C:\Programmi\WinRAR\rarext.dll
@{5E44E225-A408-11CF-B581-008029601108} /*Roxio DragToDisc Shell Extension*/C:\Programmi\Roxio\Easy CD Creator 6\DragToDisc\shellex.dll = C:\Programmi\Roxio\Easy CD Creator 6\DragToDisc\shellex.dll
@{A44D5ACC-3411-40DE-9AD3-214FFB2ED7AC} /*My Media*/C:\Programmi\Roxio\Easy CD Creator 6\AudioCentral\MediaSX.dll = C:\Programmi\Roxio\Easy CD Creator 6\AudioCentral\MediaSX.dll
@{AC1DB655-4F9A-4c39-8AD2-A65324A4C446} /*Autodesk Drawing Preview*/C:\Programmi\File comuni\Autodesk Shared\Thumbnail\AcThumbnail16.dll = C:\Programmi\File comuni\Autodesk Shared\Thumbnail\AcThumbnail16.dll
@{36A21736-36C2-4C11-8ACB-D4136F2B57BD} /*Gestore icona firma digitale di AutoCAD*/C:\WINDOWS\system32\AcSignIcon.dll = C:\WINDOWS\system32\AcSignIcon.dll
@{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D} /*Messenger Sharing Folders*/C:\Programmi\MSN Messenger\fsshext.8.0.0792.00.dll = C:\Programmi\MSN Messenger\fsshext.8.0.0792.00.dll
@{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} /*iTunes*/C:\Programmi\iTunes\iTunesMiniPlayer.dll = C:\Programmi\iTunes\iTunesMiniPlayer.dll
@{A155339D-CCCD-4714-85EB-3754B804C9DF} /*a-squared Free Context Menu Shell Extension*/C:\PROGRA~1\A-SQUA~1\A2FREE~1.DLL = C:\PROGRA~1\A-SQUA~1\A2FREE~1.DLL
@{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} /*AVG7 Shell Extension*/C:\Programmi\Grisoft\AVG7\avgse.dll = C:\Programmi\Grisoft\AVG7\avgse.dll
@{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} /*AVG7 Find Extension*/C:\Programmi\Grisoft\AVG7\avgse.dll = C:\Programmi\Grisoft\AVG7\avgse.dll
@{40950107-FEA6-4d53-A65F-B2DCBA57DD58} /*Nokia Phone Browser*/C:\Programmi\Nokia\Nokia PC Suite 6\PhoneBrowser.dll = C:\Programmi\Nokia\Nokia PC Suite 6\PhoneBrowser.dll
@{FBFE7864-D495-41f0-B7DC-4BB601CC295E} /*Contact View*/C:\Programmi\Nokia\Nokia PC Suite 6\ContactView.dll = C:\Programmi\Nokia\Nokia PC Suite 6\ContactView.dll
@{C0C4375A-5B72-4efe-929D-3B848C3A1E91} /*Message View*/C:\Programmi\Nokia\Nokia PC Suite 6\MessageView.dll = C:\Programmi\Nokia\Nokia PC Suite 6\MessageView.dll

HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ >>>
Adobe.Acrobat.ContextMenu@{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} = C:\Programmi\Adobe\Acrobat 7.0\Acrobat Elements\ContextMenu.dll
AVG Anti-Spyware@{8934FCEF-F5B8-468f-951F-78A921CD3920} = C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\context.dll
AVG7 Shell Extension@{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} = C:\Programmi\Grisoft\AVG7\avgse.dll
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Programmi\WinRAR\rarext.dll
WinZip@{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ >>>
AVG Anti-Spyware@{8934FCEF-F5B8-468f-951F-78A921CD3920} = C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\context.dll
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Programmi\WinRAR\rarext.dll
WinZip@{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ >>>
a2FreeContMenu@{A155339D-CCCD-4714-85EB-3754B804C9DF} = C:\PROGRA~1\A-SQUA~1\A2FREE~1.DLL
AVG7 Shell Extension@{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} = C:\Programmi\Grisoft\AVG7\avgse.dll
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Programmi\WinRAR\rarext.dll
WinZip@{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects >>>
@{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll = C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
@{AE7CD045-E861-484f-8273-0445EE161910}C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll = C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

HKLM\Software\Microsoft\Internet Explorer\Extensions\@{85d1f590-48f4-11d9-9669-0800200c9a66} =

HKLM\Software\Microsoft\Internet Explorer\Main >>>
@Default_Page_URLhttp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
@Start Pagehttp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
@Local Page%SystemRoot%\system32\blank.htm = %SystemRoot%\system32\blank.htm

HKCU\Software\Microsoft\Internet Explorer\Main >>>
@Start Pagehttp://www.google.it/ = http://www.google.it/
@Local PageC:\WINDOWS\system32\blank.htm = C:\WINDOWS\system32\blank.htm

HKLM\Software\Classes\PROTOCOLS\Filter\text/xml@CLSID = C:\Programmi\File comuni\Microsoft Shared\OFFICE11\MSOXMLMF.DLL

HKLM\Software\Classes\PROTOCOLS\Handler\ >>>
dvd@CLSID = C:\WINDOWS\system32\msvidctl.dll
its@CLSID = C:\WINDOWS\system32\itss.dll
livecall@CLSID = C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
mhtml@CLSID = %SystemRoot%\system32\inetcomm.dll
ms-its@CLSID = C:\WINDOWS\system32\itss.dll
ms-itss@CLSID = C:\Programmi\File comuni\Microsoft Shared\Information Retrieval\MSITSS.DLL
msnim@CLSID = C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
mso-offdap@CLSID = C:\PROGRA~1\FILECO~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
mso-offdap11@CLSID = C:\PROGRA~1\FILECO~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
tv@CLSID = C:\WINDOWS\system32\msvidctl.dll
wia@CLSID = C:\WINDOWS\system32\wiascr.dll

HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{FFA1C3C6-AE65-463F-8541-3D8B356CE8C8} /*Connessione alla rete locale (LAN)*/ >>>
@IPAddress192.168.0.114 = 192.168.0.114
@NameServer =
@DefaultGateway =
@Domain =

HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000004@LibraryPath = %SystemRoot%\system32\wshbth.dll

C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica >>>
Adobe Gamma Loader.lnk = Adobe Gamma Loader.lnk
Avvio veloce di Adobe Acrobat.lnk = Avvio veloce di Adobe Acrobat.lnk
BTTray.lnk = BTTray.lnk
NkbMonitor.exe.lnk = NkbMonitor.exe.lnk

---- EOF - GMER 1.0.11 ----


GMER 1.0.11.11390 - http://www.gmer.net
Rootkit 2006-10-31 21:06:47
Windows 5.1.2600 Service Pack 2


---- System - GMER 1.0.11 ----

SSDT \SystemRoot\System32\vsdatant.sys ZwConnectPort
SSDT \SystemRoot\System32\vsdatant.sys ZwCreateFile
SSDT \SystemRoot\System32\vsdatant.sys ZwCreateKey
SSDT \SystemRoot\System32\vsdatant.sys ZwCreateProcess
SSDT \SystemRoot\System32\vsdatant.sys ZwCreateProcessEx
SSDT \SystemRoot\System32\vsdatant.sys ZwCreateSection
SSDT \SystemRoot\System32\vsdatant.sys ZwDeleteFile
SSDT \SystemRoot\System32\vsdatant.sys ZwDeleteKey
SSDT \SystemRoot\System32\vsdatant.sys ZwDeleteValueKey
SSDT \SystemRoot\System32\vsdatant.sys ZwDuplicateObject
SSDT \SystemRoot\System32\vsdatant.sys ZwLoadKey
SSDT \SystemRoot\System32\vsdatant.sys ZwOpenFile
SSDT \SystemRoot\System32\vsdatant.sys ZwOpenProcess
SSDT \SystemRoot\System32\vsdatant.sys ZwOpenThread
SSDT \SystemRoot\System32\vsdatant.sys ZwReplaceKey
SSDT \SystemRoot\System32\vsdatant.sys ZwRequestWaitReplyPort
SSDT \SystemRoot\System32\vsdatant.sys ZwRestoreKey
SSDT \SystemRoot\System32\vsdatant.sys ZwSecureConnectPort
SSDT \SystemRoot\System32\vsdatant.sys ZwSetInformationFile
SSDT \SystemRoot\System32\vsdatant.sys ZwSetValueKey
SSDT \SystemRoot\System32\vsdatant.sys ZwTerminateProcess

---- Devices - GMER 1.0.11 ----

Device \Driver\Tcpip \Device\Ip IRP_MJ_CREATE [ECC08230] vsdatant.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_CLOSE [ECC08230] vsdatant.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CONTROL [ECC08230] vsdatant.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_INTERNAL_DEVICE_CONTROL [ECC08230] vsdatant.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_CLEANUP [ECC08230] vsdatant.sys
Device \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE [ECC08230] vsdatant.sys
Device \Driver\Tcpip \Device\Tcp IRP_MJ_CLOSE [ECC08230] vsdatant.sys
Device \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CONTROL [ECC08230] vsdatant.sys
Device \Driver\Tcpip \Device\Tcp IRP_MJ_INTERNAL_DEVICE_CONTROL [ECC08230] vsdatant.sys
Device \Driver\Tcpip \Device\Tcp IRP_MJ_CLEANUP [ECC08230] vsdatant.sys
Device \Driver\Tcpip \Device\Udp IRP_MJ_CREATE [ECC08230] vsdatant.sys
Device \Driver\Tcpip \Device\Udp IRP_MJ_CLOSE [ECC08230] vsdatant.sys
Device \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CONTROL [ECC08230] vsdatant.sys
Device \Driver\Tcpip \Device\Udp IRP_MJ_INTERNAL_DEVICE_CONTROL [ECC08230] vsdatant.sys
Device \Driver\Tcpip \Device\Udp IRP_MJ_CLEANUP [ECC08230] vsdatant.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE [ECC08230] vsdatant.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_CLOSE [ECC08230] vsdatant.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CONTROL [ECC08230] vsdatant.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_INTERNAL_DEVICE_CONTROL [ECC08230] vsdatant.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_CLEANUP [ECC08230] vsdatant.sys
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CREATE [ECC08230] vsdatant.sys
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CLOSE [ECC08230] vsdatant.sys
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_DEVICE_CONTROL [ECC08230] vsdatant.sys
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_INTERNAL_DEVICE_CONTROL [ECC08230] vsdatant.sys
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CLEANUP [ECC08230] vsdatant.sys

---- Registry - GMER 1.0.11 ----

Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ThreadingModel Apartment
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@cd042efbbd7f7af1647644e76e06692b 0xE2 0x63 0x26 0xF1 ...
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ThreadingModel Apartment
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@bca643cdc5c2726b20d2ecedcc62c59b 0x6A 0x9C 0xD6 0x61 ...
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ThreadingModel Apartment
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@2c81e34222e8052573023a60d06dd016 0x25 0xDA 0xEC 0x7E ...
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ThreadingModel Apartment
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@2582ae41fb52324423be06337561aa48 0x86 0x8C 0x21 0x01 ...
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ThreadingModel Apartment
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@caaeda5fd7a9ed7697d9686d4b818472 0xCD 0x44 0xCD 0xB9 ...
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ThreadingModel Apartment
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@a4a1bcf2cc2b8bc3716b74b2b4522f5d 0xDF 0x20 0x58 0x62 ...
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ThreadingModel Apartment
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@4d370831d2c43cd13623e232fed27b7b 0xFB 0xA7 0x78 0xE6 ...
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ThreadingModel Apartment
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@1d68fe701cdea33e477eb204b76f993d 0x01 0x3A 0x48 0xFC ...
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ThreadingModel Apartment
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@1fac81b91d8e3c5aa4b0a51804d844a3 0xB2 0x46 0x9A 0xE2 ...
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ThreadingModel Apartment
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@f5f62a6129303efb32fbe080bb27835b 0x3D 0xCE 0xEA 0x26 ...
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ThreadingModel Apartment
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@fd4e2e1a3940b94dceb5a6a021f2e3c6 0x2A 0xB7 0xCC 0xB5 ...
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ThreadingModel Apartment
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@8a8aec57dd6508a385616fbc86791ec2 0x6C 0x43 0x2D 0x1E ...

---- Files - GMER 1.0.11 ----

ADS C:\Documents and Settings\All Users\Dati applicazioni\TEMP:2A81F9CE
ADS ...
ADS ...
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\unidado_alette.gif
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\unidado_es_alto.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\unidado_es_autof.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\unidado_es_basso.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\unidado_es_calo.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\unidado_es_flan.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\unidado_es_norm.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\unirosette_den.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\unirosette_pia.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\unirosette_spa.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univari_copiglia.gif
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univari_fascetta.gif
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univari_gaffa.gif
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univari_golf_fem.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univari_golf_mas.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univari_grillo_dri.gif
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univari_grillo_ome.gif
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univari_ingrassatori.gif
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univari_perno_tes.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univari_seeger_alb.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univari_seeger_for.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univari_spina_cil.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univari_spina_con.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univari_tirante_occ.gif
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univite_if.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univite_mat_legn.gif
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univite_mat_plast.gif
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univite_ssei_cil.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univite_ssei_con.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univite_ssei_pia.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univite_ss_int_con.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univite_ss_int_pia.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univite_tb_autof.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univite_tcei.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univite_tc_int.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univite_te_autof.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univite_te_if.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univite_te_pf.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univite_tsei.jpg
File F:\Cristian\UNIVERSITA'\5°Anno 2005_2006 S P E C I A L I S T I C A\univ_ANCONA\Meccanica\VITI TABELLE\Tabella dei componenti unificati\Tabella dei componenti unificati usati più frequentemente_file\tabellauni_file\tabellauni_frtop_file\univite_ts_autof.jpg

---- EOF - GMER 1.0.11 ----

[cristiansilvi]

IL Mio Computer ha fatto pluft!!!
Grazie per il empo che mi hai dedicato ma mi sa che devo reinstallare tutto il SO
Ciao e Grazie di nuovo.
cristian

[aris73]

scusami ma avevo eprso di vista la discussione....
ma qual'é stato il problema..??
se riesci a recuperarlo scarica ad-aware, lo aggiorni e lo fai scansionare selezionando nelle opzioni di scansione ADS....mi dispiace non averti potuto rispondere prima..