ComboFix 07-12-17.1 - M@rk0 2007-12-17 19.10.42.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1040.18.2160 [GMT 1:00]
Eseguito da: D:\Documents and Settings\M@rk0\Desktop\ComboFix.exe
* Creato nuovo punto di ripristino
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
D:\WINDOWS\cookies.ini
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\LEGACY_DOMAINSERVICE
((((((((((((((((((((((((( Files Creati Da 2007-11-17 al 2007-12-17 )))))))))))))))))))))))))))))))))))
.
2007-12-17 16:14 . 2007-12-17 16:14 <DIR> d-------- D:\Programmi\K-Lite Codec Pack
2007-12-17 16:14 . 2007-12-17 16:14 <DIR> d-------- D:\Documents and Settings\M@rk0\Dati applicazioni\Media Player Classic
2007-12-17 16:07 . 2007-12-17 16:07 <DIR> d--h----- D:\WINDOWS\$hf_mig$
2007-12-16 15:23 . 2007-07-10 11:27 10,752 --a------ D:\WINDOWS\system32\aamd532.dll
2007-12-16 14:40 . 2007-10-10 09:00 36,096 --a------ D:\WINDOWS\system32\drivers\VIRAGTLT.SYS
2007-12-16 14:39 . 2007-12-16 15:22 <DIR> d-------- D:\VEXPLITE
2007-12-16 14:24 . 2007-12-16 14:29 <DIR> d-a------ D:\Documents and Settings\All Users\Dati applicazioni\TEMP
2007-12-15 23:16 . 2005-09-07 16:10 173,494 --a------ D:\WINDOWS\system32\drivers\mon_ac_w.bin
2007-12-15 23:16 . 2005-09-22 18:31 158,592 --a------ D:\WINDOWS\system32\drivers\gwausb.sys
2007-12-15 23:16 . 2005-08-25 19:48 25,600 --a------ D:\WINDOWS\system32\CoInst.dll
2007-12-15 23:16 . 2006-01-27 11:58 19,427 --------- D:\WINDOWS\wwdslcfg.ini
2007-12-13 20:18 . 2007-12-13 20:18 0 --a------ D:\WINDOWS\NFS
2007-12-13 18:05 . 2007-12-13 18:05 <DIR> d-------- D:\Programmi\JockerSoft
2007-12-10 18:08 . 2007-12-10 18:10 <DIR> d-------- D:\Programmi\MP3Gain
2007-12-10 17:22 . 2007-12-10 17:22 <DIR> d-------- D:\Programmi\Audacity
2007-12-05 22:28 . 2007-12-16 16:57 54,156 --ah----- D:\WINDOWS\QTFont.qfn
2007-12-05 22:28 . 2007-12-05 22:28 1,409 --a------ D:\WINDOWS\QTFont.for
2007-12-02 20:28 . 2007-12-12 15:38 3,227 --a------ D:\WINDOWS\system32\SHORTCUT.INI
2007-12-02 20:26 . 2007-12-12 22:15 4,335 --a------ D:\WINDOWS\system32\LOCALSERVICE.INI
2007-12-02 20:26 . 2007-12-12 16:33 356 --a------ D:\WINDOWS\system32\REMOTEDEVICE.INI
2007-12-02 20:26 . 2007-12-12 22:15 102 --a------ D:\WINDOWS\system32\LOCALDEVICE.INI
2007-12-02 20:25 . 2007-12-02 20:25 <DIR> d-------- D:\Programmi\IVT Corporation
2007-12-02 20:25 . 2007-12-02 20:25 32 --a------ D:\WINDOWS\
02007-12-02 20:25 . 2007-12-02 20:25 0 --a------ D:\WINDOWS\system32\BSPRINT.INI
2007-12-02 20:25 . 2007-12-02 20:25 0 --a------ D:\WINDOWS\system32\
02007-11-30 22:22 . 2007-11-30 22:22 <DIR> d--h----- D:\WINDOWS\PIF
2007-11-28 20:06 . 2007-11-28 20:06 <DIR> d-------- D:\Programmi\PSPad editor
2007-11-28 20:06 . 2007-11-28 21:30 <DIR> d-------- D:\Documents and Settings\M@rk0\Dati applicazioni\PSpad
2007-11-26 22:12 . 2007-12-17 17:37 <DIR> d-------- D:\Programmi\SUPERAntiSpyware
2007-11-26 22:12 . 2007-11-26 22:12 <DIR> d-------- D:\Documents and Settings\M@rk0\Dati applicazioni\SUPERAntiSpyware.com
2007-11-26 22:12 . 2007-11-26 22:12 <DIR> d-------- D:\Documents and Settings\All Users\Dati applicazioni\SUPERAntiSpyware.com
2007-11-26 22:08 . 2007-11-26 22:08 <DIR> d-------- D:\VundoFix Backups
2007-11-26 21:46 . 2007-11-26 21:47 <DIR> d-------- D:\Programmi\Windows Live Safety Center
2007-11-26 17:38 . 2007-11-26 17:38 <DIR> d-------- D:\Documents and Settings\NetworkService\Dati applicazioni\AVG7
2007-11-26 17:35 . 2007-12-16 15:06 <DIR> d-------- D:\Documents and Settings\M@rk0\Dati applicazioni\AVG7
2007-11-26 17:35 . 2007-11-26 17:35 <DIR> d-------- D:\Documents and Settings\LocalService\Dati applicazioni\AVG7
2007-11-26 17:35 . 2007-11-26 17:39 39,444 --a------ D:\WINDOWS\system32\qqtwa.tmp
2007-11-26 17:34 . 2007-11-26 17:34 <DIR> d-------- D:\Documents and Settings\All Users\Dati applicazioni\Grisoft
2007-11-26 17:34 . 2007-11-29 15:57 <DIR> d-------- D:\Documents and Settings\All Users\Dati applicazioni\avg7
2007-11-26 17:33 . 2007-11-26 17:33 6,473 --ahs---- D:\WINDOWS\system32\sstwa.bak2
2007-11-25 22:46 . 1999-09-28 16:42 1,050,896 --a------ D:\WINDOWS\system32\msjet35.dll
2007-11-25 22:46 . 1998-04-26 22:00 570,128 --a------ D:\WINDOWS\system32\dao350.dll
2007-11-25 22:46 . 2000-12-06 06:00 415,176 --a------ D:\WINDOWS\system32\comct332.ocx
2007-11-25 22:46 . 2000-05-21 22:00 244,416 --a------ D:\WINDOWS\system32\msflxgrd.ocx
2007-11-25 22:46 . 1998-06-23 21:00 164,144 --a------ D:\WINDOWS\system32\COMCT232.OCX
2007-11-25 22:46 . 1998-04-23 22:00 123,664 --a------ D:\WINDOWS\system32\msjint35.dll
2007-11-25 22:46 . 2004-04-18 10:41 98,304 --a------ D:\WINDOWS\system32\KewlButtonz.ocx
2007-11-25 22:46 . 1998-04-23 22:00 24,848 --a------ D:\WINDOWS\system32\msjter35.dll
2007-11-25 20:44 . 2007-11-25 20:44 6,473 --ahs---- D:\WINDOWS\system32\qqtwa.bak1
2007-11-25 20:38 . 2007-11-25 20:38 <DIR> d-------- D:\Programmi\MessengerDiscovery
2007-11-25 20:38 . 2004-03-09 00:00 212,240 --a------ D:\WINDOWS\system32\richtx32.OCX
2007-11-25 20:38 . 2004-03-09 00:00 124,688 --a------ D:\WINDOWS\system32\MSWINSCK.ocx
2007-11-25 18:49 . 2007-11-25 18:49 <DIR> d-------- D:\FPC
2007-11-25 17:02 . 2004-08-19 14:34 2,151,936 --a------ D:\WINDOWS\system32\kernel1.exe
2007-11-25 17:02 . 2004-08-19 14:34 2,151,936 --a------ D:\WINDOWS\system32\KERNEL.TMP
2007-11-25 16:59 . 2007-11-25 16:59 <DIR> d-------- D:\Programmi\TGTSoft
2007-11-25 00:12 . 2007-11-25 00:12 46,592 --a------ D:\WINDOWS\GAMEBEGINNING.WAV
2007-11-25 00:12 . 2007-11-25 00:12 17,008 --a------ D:\WINDOWS\killed.wav
2007-11-19 19:26 . 2007-11-19 19:27 <DIR> d-------- D:\Documents and Settings\M@rk0\Dati applicazioni\GetRightToGo
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-17 18:14 59,967,520 --sha-w D:\WINDOWS\system32\drivers\fidbox.dat
2007-12-17 18:12 707,948 --sha-w D:\WINDOWS\system32\drivers\fidbox.idx
2007-12-17 18:12 --------- d-----w D:\Documents and Settings\M@rk0\Dati applicazioni\BitTorrent DNA
2007-12-17 14:18 --------- d-----w D:\Programmi\Google
2007-12-16 14:35 --------- d-----w D:\Programmi\Free Download Manager
2007-12-13 19:02 --------- d-----w D:\Documents and Settings\M@rk0\Dati applicazioni\BitTorrent
2007-12-12 22:05 --------- d-----w D:\Documents and Settings\M@rk0\Dati applicazioni\Free Download Manager
2007-11-29 15:37 --------- d-----w D:\Documents and Settings\M@rk0\Dati applicazioni\gtk-2.0
2007-11-26 21:12 --------- d-----w D:\Programmi\File comuni\Wise Installation Wizard
2007-11-25 19:38 --------- d-----w D:\Programmi\MSN Messenger
2007-11-21 14:32 --------- d-----w D:\Documents and Settings\M@rk0\Dati applicazioni\.ZMatrix
2007-11-18 22:23 --------- d-----w D:\Documents and Settings\M@rk0\Dati applicazioni\Apple Computer
2007-11-17 18:52 121,038 ----a-w D:\WINDOWS\Internet Logs\vsmon_2nd_2007_11_17_15_43_25_small.dmp.zip
2007-11-17 18:52 116,355 ----a-w D:\WINDOWS\Internet Logs\vsmon_2nd_2007_11_17_15_30_13_small.dmp.zip
2007-11-17 09:22 --------- d-----w D:\Programmi\Java
2007-11-15 18:40 --------- d-----w D:\Programmi\ZMatrix
2007-11-15 18:37 --------- d--h--w D:\Programmi\InstallShield Installation Information
2007-11-08 20:33 --------- dcsh--w D:\Programmi\File comuni\WindowsLiveInstaller
2007-11-08 20:30 --------- d-----w D:\Programmi\Windows Live
2007-11-08 20:30 --------- d-----w D:\Documents and Settings\All Users\Dati applicazioni\WLInstaller
2007-11-01 18:02 --------- d-----w D:\Programmi\QuickTime
2007-11-01 10:10 --------- d-----w D:\Programmi\Pcsx2
2007-10-28 19:13 --------- d-----w D:\Programmi\Messenger Plus! Live
2007-10-26 13:41 --------- d-----w D:\Programmi\iTunes
2007-10-26 13:40 --------- d-----w D:\Programmi\iPod
2007-10-26 13:40 --------- d-----w D:\Documents and Settings\All Users\Dati applicazioni\Apple Computer
2007-10-26 13:39 --------- d-----w D:\Programmi\Apple Software Update
2007-10-26 13:38 --------- d-----w D:\Programmi\File comuni\Apple
2007-10-26 13:38 --------- d-----w D:\Documents and Settings\All Users\Dati applicazioni\Apple
2007-10-20 20:02 --------- d-----w D:\Programmi\DirectX Happy Uninstall
2007-10-20 14:45 --------- d-----w D:\Programmi\UltraISO
2007-10-20 14:45 --------- d-----w D:\Programmi\RegCleaner
2007-10-20 14:45 --------- d-----w D:\Programmi\GThing
2007-10-20 14:45 --------- d-----w D:\Programmi\GTASACenter
2007-10-20 14:45 --------- d-----w D:\Programmi\GIMP-2.0
2007-10-20 14:45 --------- d-----w D:\Programmi\DVD Shrink
2007-10-20 14:45 --------- d-----w D:\Programmi\DVD Decrypter
2007-10-20 14:44 --------- d-----w D:\Programmi\DustBuster 2.6.1
2007-10-20 14:38 --------- d-----w D:\Programmi\CCleaner
2007-10-20 12:33 --------- d-----w D:\Programmi\DirectX Uninstaller v.13
2007-10-20 11:51 --------- d-----w D:\Programmi\Project64 1.6
2007-10-17 19:08 --------- d-----w D:\Documents and Settings\All Users\Dati applicazioni\DVD Shrink
2007-10-17 15:18 --------- d-----w D:\Programmi\WinDirStat
2006-05-03 09:06 163,328 --sha-r D:\WINDOWS\system32\flvDX.dll
2007-02-21 10:47 31,232 --sha-r D:\WINDOWS\system32\msfDX.dll
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BitTorrent DNA"="D:\Programmi\BitTorrent_DNA\dna.exe" [2007-09-24 12:28]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="D:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe" [2006-11-16 18:04]
"ctfmon.exe"="D:\WINDOWS\system32\ctfmon.exe" [2004-08-19 14:39]
"SpybotSD TeaTimer"="D:\Programmi\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 15:46]
"SUPERAntiSpyware"="D:\Programmi\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-06-21 14:06]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="D:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-03 21:32]
"PHIME2002ASync"="D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-03 21:32]
"PHIME2002A"="D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-03 21:32]
"SunJavaUpdateSched"="D:\Programmi\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
"StartCCC"="D:\Programmi\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 11:35]
"Easy-PrintToolBox"="D:\Programmi\Canon\Easy-PrintToolBox\BJPSMAIN.exe" [2004-01-14 02:10]
"MAAgent"="D:\Programmi\MarkAny\ContentSafer\MAAgent.exe" [2006-06-02 13:39]
"ZoneAlarm Client"="D:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe" [2007-06-21 20:54]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-19 14:39 D:\WINDOWS\system32\bthprops.cpl]
"AVG7_CC"="D:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-11-26 17:34]
"DSLSTATEXE"="D:\Program Files\D-Link\DSL-200\dslstat.exe" [2005-12-12 17:44]
"DSLAGENTEXE"="D:\Program Files\D-Link\DSL-200\dslagent.exe" [2005-08-25 19:47]
"VIRIT LITE MONITOR"="D:\VEXPLITE\MONLITE.EXE" [2007-12-16 14:45]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="D:\WINDOWS\system32\CTFMON.EXE" [2004-08-19 14:39]
"AVG7_Run"="D:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2007-11-26 17:34]
D:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Google Updater.lnk.disabled [2007-09-21 20:58:33]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"RunStartupScriptSync"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoChangeAnimation"= 0 (0x0)
"NoStrCmpLogical"= 0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"MemCheckBoxInRunDlg"= 0 (0x0)
"NoStrCmpLogical"= 0 (0x0)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= D:\Programmi\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
D:\Programmi\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 D:\Programmi\SUPERAntiSpyware\SASWINLO.dll
La chiave di registro SafeBoot ha bisogno di essere riparata. Questo pc non pu• avviarsi in Modalit… Provvisoria.[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]
@="Driver Group"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
@="DiskDrive"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
@="Hdc"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
@="Keyboard"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
@="Mouse"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
@="System"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
@="Volume"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Free Download Manager"=D:\Programmi\Free Download Manager\fdm.exe -autorun
"swg"=D:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"RTHDCPL"=RTHDCPL.EXE
"SkyTel"=SkyTel.EXE
"Adobe Reader Speed Launcher"="C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"SMSTray"=D:\Programmi\Samsung\Samsung Media Studio 5\SMSTray.exe
R0 VIRAGTLT;VIRAGTLT;D:\WINDOWS\system32\drivers\VIRAGTLT.SYS [2007-10-10 09:00]
R2 BlueSoleilCS;BlueSoleilCS;D:\Programmi\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [2007-09-15 22:31]
R2 viritsvclite;Virit eXplorer Lite;D:\VEXPLITE\viritsvc.exe [2007-12-16 14:45]
R3 BsHelpCS;BsHelpCS;D:\Programmi\IVT Corporation\BlueSoleil\BsHelpCS.exe [2007-08-17 15:58]
R3 wanusb;D-Link DSL-200 USB ADSL WAN Modem;D:\WINDOWS\system32\DRIVERS\gwausb.sys [2005-09-22 18:31]
S3 USBAAPL;Apple Mobile USB Driver;D:\WINDOWS\system32\Drivers\usbaapl.sys [2007-09-06 12:28]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b80d143e-6deb-11dc-99e4-00179a300101}]
\Shell\AutoRun\command - M:\ciccio.bat
.
Contenuto della cartella 'Scheduled Tasks'
"2007-11-10 23:00:00 D:\WINDOWS\Tasks\At1.job"
- D:\WINDOWS\system32\3YTa1wDx.exe
"2007-11-09 08:00:00 D:\WINDOWS\Tasks\At10.job"
"2007-11-10 09:00:00 D:\WINDOWS\Tasks\At11.job"
- D:\WINDOWS\system32\3YTa1wDx.exe
"2007-11-11 10:00:00 D:\WINDOWS\Tasks\At12.job"
- D:\WINDOWS\system32\3YTa1wDx.exe
"2007-11-11 11:00:00 D:\WINDOWS\Tasks\At13.job"
- D:\WINDOWS\system32\3YTa1wDx.exe
"2007-11-11 12:00:00 D:\WINDOWS\Tasks\At14.job"
"2007-11-10 13:00:00 D:\WINDOWS\Tasks\At15.job"
- D:\WINDOWS\system32\3YTa1wDx.exe
"2007-11-10 14:00:00 D:\WINDOWS\Tasks\At16.job"
- D:\WINDOWS\system32\3YTa1wDx.exe
"2007-12-17 15:00:00 D:\WINDOWS\Tasks\At17.job"
- D:\WINDOWS\system32\3YTa1wDx.exe
"2007-12-17 16:00:00 D:\WINDOWS\Tasks\At18.job"
- D:\WINDOWS\system32\3YTa1wDx.exe
"2007-12-17 17:00:00 D:\WINDOWS\Tasks\At19.job"
- D:\WINDOWS\system32\3YTa1wDx.exe
"2007-11-07 20:57:42 D:\WINDOWS\Tasks\At2.job"
- D:\WINDOWS\system32\3YTa1wDx.exe
"2007-12-17 18:00:00 D:\WINDOWS\Tasks\At20.job"
- D:\WINDOWS\system32\3YTa1wDx.exe
"2007-11-08 19:00:00 D:\WINDOWS\Tasks\At21.job"
- D:\WINDOWS\system32\3YTa1wDx.exe
"2007-11-08 20:00:00 D:\WINDOWS\Tasks\At22.job"
- D:\WINDOWS\system32\3YTa1wDx.exe
"2007-11-08 21:00:00 D:\WINDOWS\Tasks\At23.job"
- D:\WINDOWS\system32\3YTa1wDx.exe
"2007-11-09 22:00:00 D:\WINDOWS\Tasks\At24.job"
- D:\WINDOWS\system32\3YTa1wDx.exe
"2007-11-10 23:00:00 D:\WINDOWS\Tasks\At25.job"
- D:\WINDOWS\system32\5s5R6jkT.exe
"2007-11-08 20:51:02 D:\WINDOWS\Tasks\At26.job"
- D:\WINDOWS\system32\5s5R6jkT.exe
"2007-11-08 20:51:02 D:\WINDOWS\Tasks\At27.job"
- D:\WINDOWS\system32\5s5R6jkT.exe
"2007-11-08 20:51:02 D:\WINDOWS\Tasks\At28.job"
- D:\WINDOWS\system32\5s5R6jkT.exe
"2007-11-08 20:51:02 D:\WINDOWS\Tasks\At29.job"
- D:\WINDOWS\system32\5s5R6jkT.exe
"2007-11-07 20:57:42 D:\WINDOWS\Tasks\At3.job"
- D:\WINDOWS\system32\3YTa1wDx.exe
"2007-11-08 20:51:02 D:\WINDOWS\Tasks\At30.job"
- D:\WINDOWS\system32\5s5R6jkT.exe
"2007-11-08 20:51:02 D:\WINDOWS\Tasks\At31.job"
- D:\WINDOWS\system32\5s5R6jkT.exe
"2007-11-08 20:51:02 D:\WINDOWS\Tasks\At32.job"
"2007-11-08 20:51:02 D:\WINDOWS\Tasks\At33.job"
- D:\WINDOWS\system32\5s5R6jkT.exe
"2007-11-09 08:00:00 D:\WINDOWS\Tasks\At34.job"
- D:\WINDOWS\system32\5s5R6jkT.exe
"2007-11-10 09:00:00 D:\WINDOWS\Tasks\At35.job"
- D:\WINDOWS\system32\5s5R6jkT.exe
"2007-11-11 10:00:00 D:\WINDOWS\Tasks\At36.job"
- D:\WINDOWS\system32\5s5R6jkT.exe
"2007-11-11 11:00:00 D:\WINDOWS\Tasks\At37.job"
- D:\WINDOWS\system32\5s5R6jkT.exe
"2007-11-11 12:00:00 D:\WINDOWS\Tasks\At38.job"
- D:\WINDOWS\system32\5s5R6jkT.exe
"2007-11-10 13:00:00 D:\WINDOWS\Tasks\At39.job"
- D:\WINDOWS\system32\5s5R6jkT.exe
"2007-11-07 20:57:42 D:\WINDOWS\Tasks\At4.job"
- D:\WINDOWS\system32\3YTa1wDx.exe
"2007-11-10 14:00:00 D:\WINDOWS\Tasks\At40.job"
- D:\WINDOWS\system32\5s5R6jkT.exe
"2007-12-17 15:00:00 D:\WINDOWS\Tasks\At41.job"
- D:\WINDOWS\system32\5s5R6jkT.exe
"2007-12-17 16:00:00 D:\WINDOWS\Tasks\At42.job"
- D:\WINDOWS\system32\5s5R6jkT.exe
"2007-12-17 17:00:00 D:\WINDOWS\Tasks\At43.job"
- D:\WINDOWS\system32\5s5R6jkT.exe
"2007-12-17 18:00:00 D:\WINDOWS\Tasks\At44.job"
- D:\WINDOWS\system32\5s5R6jkT.exe
"2007-11-08 20:51:02 D:\WINDOWS\Tasks\At45.job"
- D:\WINDOWS\system32\5s5R6jkT.exe
"2007-11-08 20:51:02 D:\WINDOWS\Tasks\At46.job"
- D:\WINDOWS\system32\5s5R6jkT.exe
"2007-11-08 21:00:00 D:\WINDOWS\Tasks\At47.job"
- D:\WINDOWS\system32\5s5R6jkT.exe
"2007-11-09 22:00:00 D:\WINDOWS\Tasks\At48.job"
"2007-11-07 20:57:42 D:\WINDOWS\Tasks\At5.job"
- D:\WINDOWS\system32\3YTa1wDx.exe
"2007-11-07 20:57:42 D:\WINDOWS\Tasks\At6.job"
- D:\WINDOWS\system32\3YTa1wDx.exe
"2007-11-07 20:57:42 D:\WINDOWS\Tasks\At7.job"
- D:\WINDOWS\system32\3YTa1wDx.exe
"2007-11-07 20:57:42 D:\WINDOWS\Tasks\At8.job"
- D:\WINDOWS\system32\3YTa1wDx.exe
"2007-11-07 20:57:42 D:\WINDOWS\Tasks\At9.job"
- D:\WINDOWS\system32\3YTa1wDx.exe
"2007-12-17 18:13:59 D:\WINDOWS\Tasks\vtzzdg.job"
- d:\windows\system32\winpdlhy.exe
.
**************************************************************************
catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2007-12-17 19:14:34
Windows 5.1.2600 Service Pack 2 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
.
Ora fine scansione: 2007-12-17 19:16:15 - machine was rebooted
