C:\documents and settings\איה\Application Data\drivers\downld\576046. exe
Download 213.57 Kb.
|
|
c:\documents and settings\איה\Application Data\m\shared\Select Ex 2000.zip c:\documents and settings\איה\Application Data\m\shared\Simply Stickies 1.5.zip c:\documents and settings\איה\Application Data\m\shared\SMS 2 Email 1.00.zip c:\documents and settings\איה\Application Data\m\shared\Spring Time - Animated Wallpaper 5.07.zip c:\documents and settings\איה\Application Data\m\shared\SSW LookOut for Outlook 11.12.zip c:\documents and settings\איה\Application Data\m\shared\Submarines II Screen Saver 1.0.zip c:\documents and settings\איה\Application Data\m\shared\SV WebSurfing History 2.1 Build 532.zip c:\documents and settings\איה\Application Data\m\shared\SWF SlideShow Scout 1.10.zip c:\documents and settings\איה\Application Data\m\shared\Table Manager 1.0.zip c:\documents and settings\איה\Application Data\m\shared\TextMaestro 1.0.667.0.zip c:\documents and settings\איה\Application Data\m\shared\TextToMS 1.4.zip c:\documents and settings\איה\Application Data\m\shared\The PanHandler 32.zip c:\documents and settings\איה\Application Data\m\shared\TheSage's English Dictionary and Thesaurus 3.0.16.1718 RC1.zip c:\documents and settings\איה\Application Data\m\shared\TRON 1.3.zip c:\documents and settings\איה\Application Data\m\shared\uCertify - Practice Test for Exam 220-601 - 430+ Questions 8.00.05.zip c:\documents and settings\איה\Application Data\m\shared\UltimateReNamerJG 1.0.5.0.zip c:\documents and settings\איה\Application Data\m\shared\Upload Video Pro 2.0.zip c:\documents and settings\איה\Application Data\m\shared\VEGA TigerII Minipad 1.0.16.zip c:\documents and settings\איה\Application Data\m\shared\Vim 7.2.030.zip c:\documents and settings\איה\Application Data\m\shared\WebScout 2.12.zip c:\documents and settings\איה\Application Data\m\shared\WidgetStocks 1.0.zip c:\documents and settings\איה\Application Data\m\shared\Windows XP Pro Startup Disk SP1a.zip c:\documents and settings\איה\Application Data\m\shared\WM Capture 3.0.zip c:\documents and settings\איה\Application Data\m\shared\wodSmtpServer 2.2.5.zip c:\documents and settings\איה\Application Data\m\shared\Wondershare PPT to eCard 1.0.0.zip c:\documents and settings\איה\Application Data\m\shared\Xiaoli Encryption 7.0 Build 0415.zip c:\documents and settings\איה\Application Data\m\shared\yahooListCreator 1.0.zip c:\documents and settings\איה\Application Data\m\srvlist.oct c:\program files\Microsoft ActiveSync\Wcescomm.exe c:\windows\system32\ban_list.txt c:\documents and settings\איה\Application Data\drivers\srosa.sys . . . . failed to delete c:\documents and settings\איה\Application Data\m . . . . failed to delete c:\windows\system32\mdelk.exe . . . . failed to delete c:\windows\system32\wintems.exe . . . . failed to delete . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) .
-------\Legacy_SK9OU0S -------\Legacy_SROSA -------\Service_NNServ -------\Service_sK9Ou0s ((((((((((((((((((((((((( Files Created from 2009-01-01 to 2009-02-01 ))))))))))))))))))))))))))))))) .
2009-01-27 03:38 . 2009-01-27 03:38 2009-01-26 02:23 . 2009-01-26 02:23 2009-01-26 02:18 . 2009-01-26 02:18 2009-01-26 01:50 . 2009-01-26 01:50 2009-01-26 01:50 . 2009-01-26 01:50 2009-01-26 01:50 . 2009-01-26 01:50 2009-01-26 01:50 . 2009-01-14 16:11 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys 2009-01-26 01:50 . 2009-01-14 16:11 15,504 --a------ c:\windows\system32\drivers\mbam.sys 2009-01-25 00:24 . 2009-01-25 00:24 2009-01-25 00:24 . 2009-01-25 00:24 2009-01-24 20:51 . 2009-01-24 20:51 2009-01-24 01:08 . 2006-08-01 15:02 49,152 -r------- c:\windows\system32\ChCfg.exe 2009-01-24 01:07 . 2009-01-24 01:07 2009-01-24 01:07 . 2001-07-06 00:19 164 -r------- c:\windows\avrack.ini 2009-01-24 00:40 . 2009-01-24 00:40 2009-01-23 14:10 . 2009-01-23 14:10 2,560 --a------ c:\windows\_MSRSTRT.EXE 2009-01-21 12:57 . 2009-01-21 12:57 2009-01-13 20:33 . 2008-08-26 09:26 18,816 --a------ c:\windows\system32\drivers\pccsmcfd.sys 2009-01-13 20:32 . 2009-01-13 20:32 2009-01-06 00:33 . 2009-01-06 00:33 3,751,995 --a------ c:\windows\system32\GPhotos.scr
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-01-31 23:24 14,848 ----a-w c:\windows\system32\dllcache\register.exe 2008-12-24 02:33 --------- d--h--w c:\documents and settings\איה\Application Data\drivers 2008-12-12 17:35 3,081,216 ------w c:\windows\system32\dllcache\mshtml.dll 2008-06-01 11:27 66,600 ----a-w c:\documents and settings\איה\Application Data\GDIPFONTCACHEV1.DAT .
. .
REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{f228c6a4-a593-4017-944c-4e7958fb3177}"= "c:\program files\Radio_G\tbRadi.dll" [2008-11-23 1784856] [HKEY_CLASSES_ROOT\clsid\{f228c6a4-a593-4017-944c-4e7958fb3177}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{f228c6a4-a593-4017-944c-4e7958fb3177}] 2008-11-23 23:03 1784856 --a------ c:\program files\Radio_G\tbRadi.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{f228c6a4-a593-4017-944c-4e7958fb3177}"= "c:\program files\Radio_G\tbRadi.dll" [2008-11-23 1784856] [HKEY_CLASSES_ROOT\clsid\{f228c6a4-a593-4017-944c-4e7958fb3177}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{F228C6A4-A593-4017-944C-4E7958FB3177}"= "c:\program files\Radio_G\tbRadi.dll" [2008-11-23 1784856] [HKEY_CLASSES_ROOT\clsid\{f228c6a4-a593-4017-944c-4e7958fb3177}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-26 15360] "OM_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master\Monitor.exe" [2009-02-01 57344] "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-02-01 1576176] "AROReminder"="c:\program files\Advanced Registry Optimizer\aro.exe" [2008-08-12 2084480] "AdobeUpdater"="c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [2007-02-28 2321600] "PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-12-03 1205760]
"CallControl 4.5"="c:\program files\FAXTALK COMMUNICATOR\FTCtrl32.exe" [2002-05-18 122368] "OM_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master\FirstStart.exe" [2005-07-19 40960] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-03-28 413696] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] "H2O"="c:\program files\SyncroSoft\Pos\H2O\cledx.exe" [2007-12-11 307200] "SoundMan"="SOUNDMAN.EXE" [2006-11-17 c:\windows\soundman.exe]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-26 15360] c:\documents and settings\€‰„\”˜‰ˆ „‡„\…‹‰…\„”’„\ Netvision Cable Connect.url [2008-03-06 97] Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.MJPG"= pvmjpg21.dll [HKLM\~\startupfolder\C:^Documents and Settings^All Users^תפריט התחלה^תוכניות^הפעלה^Microsoft Office.lnk] path=c:\documents and settings\All Users\תפריט התחלה\תוכניות\הפעלה\Microsoft Office.lnk backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
path=c:\documents and settings\איה\תפריט התחלה\תוכניות\הפעלה\Adobe Gamma.lnk backup=c:\windows\pss\Adobe Gamma.lnkStartup
c:\windows\system32\dumprep 0 -k [X] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] --a------ 2008-01-11 22:16 39792 c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater] --a------ 2007-02-28 23:06 2321600 c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search] --a------ 2007-12-27 17:12 1862144 c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD] --------- 2003-03-04 19:09 1257472 c:\program files\Ahead\InCD\InCD.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck] -ra------ 2002-10-08 12:03 155648 c:\windows\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray] --a------ 2008-12-03 12:47 1205760 c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] --a------ 2008-03-28 23:37 413696 c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] -ra------ 2008-08-12 17:13 21741864 c:\program files\Skype\Phone\Skype.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USB2Check] --a------ 2005-12-21 10:14 73728 c:\windows\system32\PCLECoInst.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan] -r------- 2006-11-17 05:42 577536 c:\windows\soundman.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "ServiceLayer"=3 (0x3) "NNServ"=2 (0x2) "gusvc"=3 (0x3) "GoogleDesktopManager"=3 (0x3) "Adobe LM Service"=3 (0x3) [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Hebrew Kazaa Lite\\CLEAN.KMD"= "c:\\Program Files\\NetMeeting\\conf.exe"= "c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "d:\\Program Files\\emule\\emule.exe"= "c:\\Program Files\\Laplink\\PCmover\\PCmover.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service R0 BsStor;InCD Storage Helper Driver;c:\windows\system32\drivers\bsstor.sys [2006-03-24 9344] R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2008-09-03 8944] R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2008-09-03 55024] R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [2008-08-13 33792] R4 BsUDF;InCD UDF Driver;c:\windows\system32\drivers\bsudf.sys [2006-03-24 389504] S0 Dwh58;Dwh58; [x] S0 zwsfkmnm;zwsfkmnm;c:\windows\system32\drivers\mcktlqih.dat --> c:\windows\system32\drivers\mcktlqih.dat [?] S1 Scope;WDM Driver for Scope;c:\windows\system32\drivers\scope.sys [2008-03-30 110048] S3 2nixA;2nixA;\??\d:\sfp\app\sys\2nixA.sys --> d:\sfp\app\sys\2nixA.sys [?] S3 2nixWDM;2nixWDM;\??\d:\sfp\app\sys\2nixWDM.sys --> d:\sfp\app\sys\2nixWDM.sys [?] S3 getPlus(R) Helper;getPlus(R) Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [2008-08-27 31592] S3 InvVxD;InvVxD;\??\d:\sfp\app\sys\InvVxD.sys --> d:\sfp\app\sys\InvVxD.sys [?] S3 KGPar2;KGPar2;\??\d:\sfp\app\sys\KGPar2.sys --> d:\sfp\app\sys\KGPar2.sys [?] S3 KGPar3;KGPar3;\??\d:\sfp\app\sys\KGPar3.sys --> d:\sfp\app\sys\KGPar3.sys [?] S3 MArrFifo;MArrFifo;\??\d:\sfp\app\sys\MArrFifo.sys --> d:\sfp\app\sys\MArrFifo.sys [?] S3 MFifoArr;MFifoArr;\??\d:\sfp\app\sys\MFifoArr.sys --> d:\sfp\app\sys\MFifoArr.sys [?] S3 MidiAck;MidiAck;\??\d:\sfp\app\sys\MidiAck.sys --> d:\sfp\app\sys\MidiAck.sys [?] S3 MVC2VxD;MVC2VxD;\??\d:\sfp\app\sys\MVC2VxD.sys --> d:\sfp\app\sys\MVC2VxD.sys [?] S3 MVCVxD;MVCVxD;\??\d:\sfp\app\sys\MVCVxD.sys --> d:\sfp\app\sys\MVCVxD.sys [?] S3 PC2VxD;PC2VxD;\??\d:\sfp\app\sys\PC2VxD.sys --> d:\sfp\app\sys\PC2VxD.sys [?] S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2008-09-03 7408] S3 SetupNTGLM7X;SetupNTGLM7X;\??\i:\ntglm7x.sys --> i:\NTGLM7X.sys [?] S3 Spl2VxD;Spl2VxD;\??\d:\sfp\app\sys\Spl2VxD.sys --> d:\sfp\app\sys\Spl2VxD.sys [?] S3 TPlay;TPlay;\??\d:\sfp\app\sys\TPlay.sys --> d:\sfp\app\sys\TPlay.sys [?] S3 TPRSync;TPRSync;\??\d:\sfp\app\sys\TPRSync.sys --> d:\sfp\app\sys\TPRSync.sys [?] S3 TPSync;TPSync;\??\d:\sfp\app\sys\TPSync.sys --> d:\sfp\app\sys\TPSync.sys [?] S3 TRec;TRec;\??\d:\sfp\app\sys\TRec.sys --> d:\sfp\app\sys\TRec.sys [?] S3 TRSync;TRSync;\??\d:\sfp\app\sys\TRSync.sys --> d:\sfp\app\sys\TRSync.sys [?] S3 TStretch;TStretch;\??\d:\sfp\app\sys\TStretch.sys --> d:\sfp\app\sys\TStretch.sys [?] S3 VDATMot;VDATMot;\??\d:\sfp\app\sys\VDATMot.sys --> d:\sfp\app\sys\VDATMot.sys [?] S3 VPlay;VPlay;\??\d:\sfp\app\sys\VPlay.sys --> d:\sfp\app\sys\VPlay.sys [?] S3 VRec;VRec;\??\d:\sfp\app\sys\VRec.sys --> d:\sfp\app\sys\VRec.sys [?] S3 VSTin;VSTin;\??\d:\sfp\app\sys\VSTin.sys --> d:\sfp\app\sys\VSTin.sys [?] S3 VSTout;VSTout;\??\d:\sfp\app\sys\VSTout.sys --> d:\sfp\app\sys\VSTout.sys [?] S3 VSTsync;VSTsync;\??\d:\sfp\app\sys\VSTsync.sys --> d:\sfp\app\sys\VSTsync.sys [?] S3 VxD2PC;VxD2PC;\??\d:\sfp\app\sys\VxD2PC.sys --> d:\sfp\app\sys\VxD2PC.sys [?] S3 WaveIn16;WaveIn16;\??\d:\sfp\app\sys\WaveIn16.sys --> d:\sfp\app\sys\WaveIn16.sys [?] S3 WaveOut16;WaveOut16;\??\d:\sfp\app\sys\WaveOut16.sys --> d:\sfp\app\sys\WaveOut16.sys [?] --- Other Services/Drivers In Memory --- *NewlyCreated* - SROSA *Deregistered* - srosa [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J] \Shell\AutoRun\command - J:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\K] \Shell\AutoRun\command - K:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5d126163-e7b7-11dd-9067-000c76271a8e}] \Shell\AutoRun\command - G:\USBNB.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a50e5bb8-b48c-11dc-8ac4-000c76271a8e}] \Shell\AutoRun\command - j:\wd_windows_tools\setup.exe . Contents of the 'Scheduled Tasks' folder 2009-01-12 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 14:57] . - - - - ORPHANS REMOVED - - - - BHO-{8CEC0E6D-2C58-4D3B-BF47-C8B13CDC4986} - c:\windows\system32\ipsecsvco.dll HKCU-Run-H/PC Connection Agent - c:\program files\Microsoft ActiveSync\Wcescomm.exe HKU-Default-Run-Nokia.PCSync - c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe MSConfigStartUp-Adobe Photo Downloader - c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe MSConfigStartUp-ISUSPM - c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe MSConfigStartUp-MSMSGS - c:\program files\Messenger\msmsgs.exe MSConfigStartUp-MsnMsgr - c:\program files\MSN Messenger\msnmsgr.exe MSConfigStartUp-PCLEUSBTip - c:\program files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe MSConfigStartUp-Picasa Media Detector - c:\program files\Picasa2\PicasaMediaDetector.exe MSConfigStartUp-RelevantKnowledge - c:\windows\system32\rlvknlg.exe MSConfigStartUp-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe MSConfigStartUp-WhenUSave - c:\program files\Save\Save.exe MSConfigStartUp-WinFixer2005 - c:\program files\WinFixer 2005\uwfx5.exe MSConfigStartUp-InitPulsar - D:/SFP/app/bin/sfp.exe . ------- Supplementary Scan ------- . uDefault_Search_URL = hxxp://www.google.com/ie uStart Page = hxxp://www.google.co.il/ uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: &יצא ל- Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000 IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab FF - ProfilePath - .
Rootkit scan 2009-02-01 13:35:04 Windows 5.1.2600 Service Pack 2 FAT NTAPI
c:\documents and settings\ scanning hidden autostart entries ...
hidden files: 0 ************************************************************************** [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "drvsyskit"="c:\\Documents and Settings\\???\\Application Data\\drivers\\winupgro.exe" "german.exe"="c:\\WINDOWS\\system32\\wintems.exe" "mule_st_key"="c:\\Documents and Settings\\???\\Application Data\\m\\flec006.exe" [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\catchme] "ImagePath"="\??\c:/temp\catchme.sys" [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\srosa] "ImagePath"="\??\c:\documents and settings\???\Application Data\drivers\srosa.sys" [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\catchme] "ImagePath"="\??\c:/temp\catchme.sys" [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\zwsfkmnm] "ImagePath"="system32\drivers\mcktlqih.dat" . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-1547161642-562591055-682003330-1004\3*³] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode)
@="d:\\?????? 6120\\[u]0[/u]1-03-2008 ???? ?? ???? ??????" [HKEY_USERS\S-1-5-21-1547161642-562591055-682003330-1004\Software\Microsoft\ M*i*c*r*o*s*o*f*t* *M*a*n*a*g*e*m*e*n*t* *C*o*n*s*o*l*e*\Recent File List] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) "File1"="c:\\WINDOWS\\system32\\compmgmt.msc" "File2"="c:\\WINDOWS\\system32\\dfrg.msc" "File3"="c:\\WINDOWS\\system32\\devmgmt.msc"
"ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "cd042efbbd7f7af1647644e76e06692b"=hex:2e,e8,e1,00,eb,16,2b,de,80,48,a2,77,2b, f6,d6,60,c8,28,51,af,b0,29,a3,98,22,9a,92,70,7d,ca,29,94,e2,63,26,f1,3f,c8,\
"ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "bca643cdc5c2726b20d2ecedcc62c59b"=hex:46,47,15,b0,92,4b,c7,ef,02,06,76,1c,7f, be,40,a3,71,3b,04,66,8b,46,0d,96,c1,99,eb,43,44,c4,4a,9a,6a,9c,d6,61,af,45,\
"ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "2c81e34222e8052573023a60d06dd016"=hex:25,da,ec,7e,55,20,c9,26,62,ec,f7,5a,5f, 6c,d8,f9,25,da,ec,7e,55,20,c9,26,1a,79,ce,54,94,5c,19,34,ff,7c,85,e0,43,d4,\
"ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "2582ae41fb52324423be06337561aa48"=hex:86,8c,21,01,be,91,eb,e7,8a,83,ae,9b,f7, 4e,7c,44,3e,1e,9e,e0,57,5a,93,61,23,0b,cd,ca,63,2d,19,e2,86,8c,21,01,be,91,\
"ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "caaeda5fd7a9ed7697d9686d4b818472"=hex:e9,02,6c,fa,fb,1d,47,57,2f,d4,e4,87,5d, 58,21,8c,cd,44,cd,b9,a6,33,6c,cd,6a,14,19,40,ba,54,31,9c,f5,1d,4d,73,a8,13,\
"ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:df,20,58,62,78,6b,cf,c8,8d,66,a5,85,3c, 38,67,99,b0,18,ed,a7,3f,8d,37,a4,59,56,b5,c4,17,17,08,03,df,20,58,62,78,6b,\
"ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "4d370831d2c43cd13623e232fed27b7b"=hex:fb,a7,78,e6,12,2f,9a,ea,f6,9a,c1,00,1e, ae,0d,08,31,77,e1,ba,b1,f8,68,02,f1,27,13,a2,65,ce,6f,2e,fb,a7,78,e6,12,2f,\
"ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "1d68fe701cdea33e477eb204b76f993d"=hex:83,6c,56,8b,a0,85,96,ab,54,d3,35,50,ac, a7,42,22,83,6c,56,8b,a0,85,96,ab,8a,52,48,31,aa,8e,4d,7a,01,3a,48,fc,e8,04,\
"ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "1fac81b91d8e3c5aa4b0a51804d844a3"=hex:f6,0f,4e,58,98,5b,89,c9,b9,22,55,05,18, 8b,c5,d0,51,fa,6e,91,28,9e,14,cc,c7,4a,14,3c,f9,a3,e0,f1,f6,0f,4e,58,98,5b,\
"ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "f5f62a6129303efb32fbe080bb27835b"=hex:3d,ce,ea,26,2d,45,aa,78,fe,76,de,a7,93, 75,35,09,b1,cd,45,5a,a8,c4,f8,b9,a6,72,67,fb,bd,77,da,77,3d,ce,ea,26,2d,45,\
"ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:f8,31,0f,a9,5f,a0,ec,fb,48,05,f2,2d,3c, ab,e1,8f,e3,0e,66,d5,eb,bc,2f,6b,a0,7b,f7,18,6f,b7,67,a4,2a,b7,cc,b5,b9,7f,\
"ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "8a8aec57dd6508a385616fbc86791ec2"=hex:fa,ea,66,7f,d4,3b,6b,70,79,ae,c4,b1,c8, fa,7c,b9,fa,ea,66,7f,d4,3b,6b,70,95,c4,86,17,e3,c7,a7,7e,6c,43,2d,1e,aa,22,\ . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(516) c:\program files\SUPERAntiSpyware\SASWINLO.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\COMMON FILES\APPLE\MOBILE DEVICE SUPPORT\BIN\APPLEMOBILEDEVICESERVICE.EXE c:\program files\BONJOUR\MDNSRESPONDER.EXE c:\program files\FAXTALK COMMUNICATOR\FAPIEXE.EXE c:\program files\Internet Explorer\IEXPLORE.EXE c:\program files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe c:\documents and settings\ . ************************************************************************** . Completion time: 2009-02-01 13:40:14 - machine was rebooted ComboFix-quarantined-files.txt 2009-02-01 11:40:12
Post-Run: 7,703,724,032 bytes free 4078 --- E O F --- 2008-12-18 23:12:14 Directory: forums forums -> Cross country forums -> Kognitio Limited 2015 Kognitio jdbc/odbc bridge Installation and Configuration Guide forums -> Jyothilal. P. Gopi, Naval Architect, 16/03/2004 forums -> Bbt”: Broadband Tool “bsw” forums -> Cv personal details: Name: Yehonatan Devorkin id number forums -> Patrick De Smedt Chairman, Microsoft Europe, Middle East and Africa forums -> App Dragon Listing Page of 1Tap Cleaner Free 54) forums -> Board Games rpgs Download 213.57 Kb. Share with your friends:
|