Izdvojeno iz druge teme (4)

2

Izdvojeno iz druge teme (4)

offline
  • vr7600 
  • Novi MyCity građanin
  • Pridružio: 25 Jan 2008
  • Poruke: 26

Kurata sreća! Smile
Kad bi mi tako išlo na lotu, di bi mi kraj bio? Wink

PS
Jel moguće da je ova zaraza posljedica onog crva koji muči Microsoft u zadnje vrijeme?

PPS

ComboFix 09-02-11.02 - Bella 2009-02-14 0:16:26.5 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1250.1.1033.18.759.378 [GMT 1:00]
Running from: c:\documents and settings\Bella\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Bella\Desktop\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated)
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

FILE ::
c:\windows\system32\hxzglujue.dll
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\hxzglujue.dll

.
((((((((((((((((((((((((( Files Created from 2009-01-13 to 2009-02-13 )))))))))))))))))))))))))))))))
.

2009-02-09 18:34 . 2009-02-09 18:35 <DIR> d-------- c:\documents and settings\Borko\Application Data\vlc
2009-02-09 18:33 . 2009-02-09 18:33 <DIR> d-------- c:\program files\VideoLAN
2009-02-05 21:24 . 2009-02-08 14:11 <DIR> d-------- c:\documents and settings\Borko\Application Data\AVGTOOLBAR
2009-02-05 10:15 . 2009-02-12 13:51 <DIR> d--h----- C:\$AVG8.VAULT$
2009-02-05 10:14 . 2009-02-13 09:27 <DIR> d-------- c:\windows\system32\drivers\Avg
2009-02-05 10:14 . 2009-02-05 10:14 <DIR> d-------- c:\program files\AVG
2009-02-05 10:14 . 2009-02-05 12:25 <DIR> d-------- c:\documents and settings\Bella\Application Data\AVGTOOLBAR
2009-02-05 10:14 . 2009-02-12 13:43 <DIR> d-------- c:\documents and settings\All Users\Application Data\avg8
2009-02-05 10:14 . 2009-02-05 10:14 325,128 --a------ c:\windows\system32\drivers\avgldx86.sys
2009-02-05 10:14 . 2009-02-05 10:14 107,272 --a------ c:\windows\system32\drivers\avgtdix.sys
2009-02-05 10:14 . 2009-02-05 10:14 10,520 --a------ c:\windows\system32\avgrsstx.dll
2009-01-24 23:58 . 2009-01-24 23:58 54,156 --ah----- c:\windows\QTFont.qfn
2009-01-24 23:58 . 2009-01-24 23:58 1,409 --a------ c:\windows\QTFont.for
2009-01-24 17:45 . 2009-01-24 17:45 <DIR> d-------- c:\program files\Evernote
2009-01-20 00:04 . 2009-01-20 00:04 <DIR> d-------- c:\program files\PlayPianoTODAY
2009-01-15 01:02 . 2009-01-15 01:02 <DIR> d-------- c:\documents and settings\All Users\Application Data\Symantec
2009-01-15 01:00 . 2009-02-05 10:02 <DIR> d-------- c:\documents and settings\All Users\Application Data\Norton
2009-01-15 01:00 . 2009-01-15 01:00 36,272 -ra------ c:\windows\system32\drivers\SymIM.sys
2009-01-15 00:59 . 2009-01-15 00:59 <DIR> d-------- c:\documents and settings\All Users\Application Data\NortonInstaller
2009-01-14 14:14 . 2009-01-14 14:14 50 --a------ c:\windows\WININIT.INI

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-13 19:36 --------- d-----w c:\program files\Flock
2009-02-11 11:34 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-02-09 15:25 --------- d-----w c:\program files\NCH Swift Sound
2009-02-09 15:21 --------- d-----w c:\program files\DivX
2009-02-08 00:50 4,984,707 ----a-w c:\windows\java\Packages\JTN7ZZLR.ZIP
2009-02-08 00:50 4,254,611 ----a-w c:\windows\java\Packages\LJ793LZF.ZIP
2009-01-24 16:45 --------- d--h--w c:\program files\InstallShield Installation Information
2009-01-23 22:48 --------- d-----w c:\documents and settings\Borko\Application Data\Winamp
2009-01-19 23:03 737,280 -c--a-w c:\windows\iun6002.exe
2009-01-18 15:45 1,033,728 ----a-w c:\windows\explorer.exe
2009-01-05 12:12 --------- d-----w c:\documents and settings\All Users\Application Data\NCH Swift Sound
2009-01-05 11:55 --------- d-----w c:\documents and settings\Borko\Application Data\NCH Swift Sound
2008-12-30 22:32 --------- d-----w c:\documents and settings\Bella\Application Data\Winamp
2008-12-30 21:57 --------- d-----w c:\program files\Winamp
2008-12-30 21:56 --------- d-----w c:\program files\Windows Media Connect 2
2008-12-23 09:27 --------- d-----w c:\program files\Spybot - Search & Destroy
2008-12-23 07:59 --------- d-----w c:\documents and settings\All Users\Application Data\ESET
2008-12-22 16:03 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2008-11-28 23:06 355,584 ----a-w c:\windows\system32\TuneUpDefragService.exe
2007-01-04 16:51 604 -c-ha-w c:\program files\STLL Notifier
.

((((((((((((((((((((((((((((( SnapShot@2009-02-12_13.44.46.09 )))))))))))))))))))))))))))))))))))))))))
.
+ 2005-10-20 19:02:28 163,328 ----a-w c:\windows\ERDNT\subs\ERDNT.EXE
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-11-14 815104]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-10-19 177456]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-02-05 1601304]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-09-01 282624]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-02-05 10:14 10520 c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.AP41"= APmpg4v1.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^GStartup.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\GStartup.lnk
backup=c:\windows\pss\GStartup.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
backup=c:\windows\pss\WinZip Quick Pick.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
--a------ 2008-04-14 01:12 15360 c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
--a------ 2007-06-19 16:26 84760 c:\windows\system32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
--a------ 2007-06-19 16:26 84760 c:\windows\system32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
--a------ 2007-06-19 16:26 125720 c:\windows\system32\igfxpers.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
--a------ 2007-06-19 16:26 101144 c:\windows\system32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--a------ 2008-04-14 01:12 1695232 c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBJ]
-----c--- 2005-02-10 16:00 1937408 c:\program files\Ahead\Nero BackItUp\NBJ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a--c--- 2001-07-09 09:50 155648 c:\windows\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OM2_Monitor]
--a------ 2007-02-08 19:43 95800 c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
--a------ 2007-06-19 16:26 125720 c:\windows\system32\igfxpers.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2006-09-01 14:57 282624 c:\program files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
--a--c--- 2004-11-02 19:24 32768 c:\program files\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMax]
--a------ 2004-09-23 12:41 860160 c:\program files\Analog Devices\SoundMAX\SMax4.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
--a------ 2004-10-14 09:11 1388544 c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
--a------ 2006-11-14 16:02 815104 c:\program files\Synaptics\SynTP\SynTPEnh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPLpr]
--a------ 2004-11-04 17:40 98394 c:\program files\Synaptics\SynTP\SynTPLpr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
-ra--c--- 2004-11-22 07:18 307200 c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
--a--c--- 2004-08-24 10:20 88363 c:\windows\AGRSMMSG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\SoulseekNS\\slsk.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\explorer.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"15281:TCP"= 15281:TCP:NortonAV
"12085:TCP"= 12085:TCP:NortonAV
"16057:TCP"= 16057:TCP:NortonAV
"48205:TCP"= 48205:TCP:@xpsp2res.dll,-22009
"80:TCP"= 80:TCP:@xpsp2res.dll,-22009
"1867:TCP"= 1867:TCP:@xpsp2res.dll,-22009
"63041:TCP"= 63041:TCP:@xpsp2res.dll,-22009
"40529:TCP"= 40529:TCP:@xpsp2res.dll,-22009
"5194:TCP"= 5194:TCP:@xpsp2res.dll,-22009
"32065:TCP"= 32065:TCP:@xpsp2res.dll,-22009
"42305:TCP"= 42305:TCP:@xpsp2res.dll,-22009
"53827:TCP"= 53827:TCP:@xpsp2res.dll,-22009
"22353:TCP"= 22353:TCP:@xpsp2res.dll,-22009
"34371:TCP"= 34371:TCP:@xpsp2res.dll,-22009
"2129:TCP"= 2129:TCP:@xpsp2res.dll,-22009
"3665:TCP"= 3665:TCP:@xpsp2res.dll,-22009
"58177:TCP"= 58177:TCP:@xpsp2res.dll,-22009
"23117:TCP"= 23117:TCP:@xpsp2res.dll,-22009
"39233:TCP"= 39233:TCP:@xpsp2res.dll,-22009
"42563:TCP"= 42563:TCP:@xpsp2res.dll,-22009
"54353:TCP"= 54353:TCP:@xpsp2res.dll,-22009
"43597:TCP"= 43597:TCP:@xpsp2res.dll,-22009
"20035:TCP"= 20035:TCP:@xpsp2res.dll,-22009
"11587:TCP"= 11587:TCP:@xpsp2res.dll,-22009
"50243:TCP"= 50243:TCP:@xpsp2res.dll,-22009
"36675:TCP"= 36675:TCP:@xpsp2res.dll,-22009
"18243:TCP"= 18243:TCP:@xpsp2res.dll,-22009
"64587:TCP"= 64587:TCP:@xpsp2res.dll,-22009
"47691:TCP"= 47691:TCP:@xpsp2res.dll,-22009
"30032:TCP"= 30032:TCP:@xpsp2res.dll,-22009
"37441:TCP"= 37441:TCP:@xpsp2res.dll,-22009
"11075:TCP"= 11075:TCP:@xpsp2res.dll,-22009
"32080:TCP"= 32080:TCP:@xpsp2res.dll,-22009
"35403:TCP"= 35403:TCP:@xpsp2res.dll,-22009
"52299:TCP"= 52299:TCP:@xpsp2res.dll,-22009
"56387:TCP"= 56387:TCP:@xpsp2res.dll,-22009
"27201:TCP"= 27201:TCP:@xpsp2res.dll,-22009
"46913:TCP"= 46913:TCP:@xpsp2res.dll,-22009
"52305:TCP"= 52305:TCP:@xpsp2res.dll,-22009
"21325:TCP"= 21325:TCP:@xpsp2res.dll,-22009
"53585:TCP"= 53585:TCP:@xpsp2res.dll,-22009
"45137:TCP"= 45137:TCP:@xpsp2res.dll,-22009
"50763:TCP"= 50763:TCP:@xpsp2res.dll,-22009
"10570:TCP"= 10570:TCP:@xpsp2res.dll,-22009
"26691:TCP"= 26691:TCP:@xpsp2res.dll,-22009
"2897:TCP"= 2897:TCP:@xpsp2res.dll,-22009
"64321:TCP"= 64321:TCP:@xpsp2res.dll,-22009
"30797:TCP"= 30797:TCP:@xpsp2res.dll,-22009
"34881:TCP"= 34881:TCP:@xpsp2res.dll,-22009
"39501:TCP"= 39501:TCP:@xpsp2res.dll,-22009
"11601:TCP"= 11601:TCP:@xpsp2res.dll,-22009
"21059:TCP"= 21059:TCP:@xpsp2res.dll,-22009
"28749:TCP"= 28749:TCP:@xpsp2res.dll,-22009
"2893:TCP"= 2893:TCP:@xpsp2res.dll,-22009
"12109:TCP"= 12109:TCP:@xpsp2res.dll,-22009
"55121:TCP"= 55121:TCP:@xpsp2res.dll,-22009
"24141:TCP"= 24141:TCP:@xpsp2res.dll,-22009
"48193:TCP"= 48193:TCP:@xpsp2res.dll,-22009
"5187:TCP"= 5187:TCP:@xpsp2res.dll,-22009
"47681:TCP"= 47681:TCP:@xpsp2res.dll,-22009
"25933:TCP"= 25933:TCP:@xpsp2res.dll,-22009
"833:TCP"= 833:TCP:@xpsp2res.dll,-22009
"41549:TCP"= 41549:TCP:@xpsp2res.dll,-22009
"36939:TCP"= 36939:TCP:@xpsp2res.dll,-22009
"35153:TCP"= 35153:TCP:@xpsp2res.dll,-22009
"23361:TCP"= 23361:TCP:@xpsp2res.dll,-22009
"12625:TCP"= 12625:TCP:@xpsp2res.dll,-22009
"1611:TCP"= 1611:TCP:@xpsp2res.dll,-22009
"7501:TCP"= 7501:TCP:@xpsp2res.dll,-22009
"4683:TCP"= 4683:TCP:@xpsp2res.dll,-22009
"38721:TCP"= 38721:TCP:@xpsp2res.dll,-22009
"10317:TCP"= 10317:TCP:@xpsp2res.dll,-22009
"22097:TCP"= 22097:TCP:@xpsp2res.dll,-22009
"47683:TCP"= 47683:TCP:@xpsp2res.dll,-22009
"31040:TCP"= 31040:TCP:@xpsp2res.dll,-22009
"48707:TCP"= 48707:TCP:@xpsp2res.dll,-22009
"6721:TCP"= 6721:TCP:@xpsp2res.dll,-22009
"9035:TCP"= 9035:TCP:@xpsp2res.dll,-22009
"10305:TCP"= 10305:TCP:@xpsp2res.dll,-22009
"13123:TCP"= 13123:TCP:@xpsp2res.dll,-22009
"10577:TCP"= 10577:TCP:@xpsp2res.dll,-22009
"47947:TCP"= 47947:TCP:@xpsp2res.dll,-22009
"37185:TCP"= 37185:TCP:@xpsp2res.dll,-22009
"47435:TCP"= 47435:TCP:@xpsp2res.dll,-22009
"19521:TCP"= 19521:TCP:@xpsp2res.dll,-22009
"2123:TCP"= 2123:TCP:@xpsp2res.dll,-22009
"43329:TCP"= 43329:TCP:@xpsp2res.dll,-22009
"321:TCP"= 321:TCP:@xpsp2res.dll,-22009
"2381:TCP"= 2381:TCP:@xpsp2res.dll,-22009
"41547:TCP"= 41547:TCP:@xpsp2res.dll,-22009
"19777:TCP"= 19777:TCP:@xpsp2res.dll,-22009
"10561:TCP"= 10561:TCP:@xpsp2res.dll,-22009
"1857:TCP"= 1857:TCP:@xpsp2res.dll,-22009
"19025:TCP"= 19025:TCP:@xpsp2res.dll,-22009
"4163:TCP"= 4163:TCP:@xpsp2res.dll,-22009
"57409:TCP"= 57409:TCP:@xpsp2res.dll,-22009
"10065:TCP"= 10065:TCP:@xpsp2res.dll,-22009
"46401:TCP"= 46401:TCP:@xpsp2res.dll,-22009
"6481:TCP"= 6481:TCP:@xpsp2res.dll,-22009
"44875:TCP"= 44875:TCP:@xpsp2res.dll,-22009
"44609:TCP"= 44609:TCP:@xpsp2res.dll,-22009
"51277:TCP"= 51277:TCP:@xpsp2res.dll,-22009
"33345:TCP"= 33345:TCP:@xpsp2res.dll,-22009
"58445:TCP"= 58445:TCP:@xpsp2res.dll,-22009
"62029:TCP"= 62029:TCP:@xpsp2res.dll,-22009
"59469:TCP"= 59469:TCP:@xpsp2res.dll,-22009
"27467:TCP"= 27467:TCP:@xpsp2res.dll,-22009
"22347:TCP"= 22347:TCP:@xpsp2res.dll,-22009
"31307:TCP"= 31307:TCP:@xpsp2res.dll,-22009
"62785:TCP"= 62785:TCP:@xpsp2res.dll,-22009
"5969:TCP"= 5969:TCP:@xpsp2res.dll,-22009
"61773:TCP"= 61773:TCP:@xpsp2res.dll,-22009
"37187:TCP"= 37187:TCP:@xpsp2res.dll,-22009
"33873:TCP"= 33873:TCP:@xpsp2res.dll,-22009
"49997:TCP"= 49997:TCP:@xpsp2res.dll,-22009
"43339:TCP"= 43339:TCP:@xpsp2res.dll,-22009
"36941:TCP"= 36941:TCP:@xpsp2res.dll,-22009
"10817:TCP"= 10817:TCP:@xpsp2res.dll,-22009
"12619:TCP"= 12619:TCP:@xpsp2res.dll,-22009
"37699:TCP"= 37699:TCP:@xpsp2res.dll,-22009
"31553:TCP"= 31553:TCP:@xpsp2res.dll,-22009
"46657:TCP"= 46657:TCP:@xpsp2res.dll,-22009
"37707:TCP"= 37707:TCP:@xpsp2res.dll,-22009
"49731:TCP"= 49731:TCP:@xpsp2res.dll,-22009
"12867:TCP"= 12867:TCP:@xpsp2res.dll,-22009
"12609:TCP"= 12609:TCP:@xpsp2res.dll,-22009
"21329:TCP"= 21329:TCP:@xpsp2res.dll,-22009
"31299:TCP"= 31299:TCP:@xpsp2res.dll,-22009
"31825:TCP"= 31825:TCP:@xpsp2res.dll,-22009
"40013:TCP"= 40013:TCP:@xpsp2res.dll,-22009
"61521:TCP"= 61521:TCP:@xpsp2res.dll,-22009
"29251:TCP"= 29251:TCP:@xpsp2res.dll,-22009
"55105:TCP"= 55105:TCP:@xpsp2res.dll,-22009
"61777:TCP"= 61777:TCP:@xpsp2res.dll,-22009
"11341:TCP"= 11341:TCP:@xpsp2res.dll,-22009
"2369:TCP"= 2369:TCP:@xpsp2res.dll,-22009
"38737:TCP"= 38737:TCP:@xpsp2res.dll,-22009
"12353:TCP"= 12353:TCP:@xpsp2res.dll,-22009
"6465:TCP"= 6465:TCP:@xpsp2res.dll,-22009
"40785:TCP"= 40785:TCP:@xpsp2res.dll,-22009
"22093:TCP"= 22093:TCP:@xpsp2res.dll,-22009
"57675:TCP"= 57675:TCP:@xpsp2res.dll,-22009
"19284:TCP"= 19284:TCP:@xpsp2res.dll,-22009
"45139:TCP"= 45139:TCP:@xpsp2res.dll,-22009
"48709:TCP"= 48709:TCP:@xpsp2res.dll,-22009
"17477:TCP"= 17477:TCP:@xpsp2res.dll,-22009
"46405:TCP"= 46405:TCP:@xpsp2res.dll,-22009
"20805:TCP"= 20805:TCP:@xpsp2res.dll,-22009
"34132:TCP"= 34132:TCP:@xpsp2res.dll,-22009
"7251:TCP"= 7251:TCP:@xpsp2res.dll,-22009
"21587:TCP"= 21587:TCP:@xpsp2res.dll,-22009
"48197:TCP"= 48197:TCP:@xpsp2res.dll,-22009
"41043:TCP"= 41043:TCP:@xpsp2res.dll,-22009
"60741:TCP"= 60741:TCP:@xpsp2res.dll,-22009
"59717:TCP"= 59717:TCP:@xpsp2res.dll,-22009
"22867:TCP"= 22867:TCP:@xpsp2res.dll,-22009
"11589:TCP"= 11589:TCP:@xpsp2res.dll,-22009
"61523:TCP"= 61523:TCP:@xpsp2res.dll,-22009
"34131:TCP"= 34131:TCP:@xpsp2res.dll,-22009
"56403:TCP"= 56403:TCP:@xpsp2res.dll,-22009
"52820:TCP"= 52820:TCP:@xpsp2res.dll,-22009
"62548:TCP"= 62548:TCP:@xpsp2res.dll,-22009
"2387:TCP"= 2387:TCP:@xpsp2res.dll,-22009
"4435:TCP"= 4435:TCP:@xpsp2res.dll,-22009
"15187:TCP"= 15187:TCP:@xpsp2res.dll,-22009
"32084:TCP"= 32084:TCP:@xpsp2res.dll,-22009
"52563:TCP"= 52563:TCP:@xpsp2res.dll,-22009
"38227:TCP"= 38227:TCP:@xpsp2res.dll,-22009
"60499:TCP"= 60499:TCP:@xpsp2res.dll,-22009
"5460:TCP"= 5460:TCP:@xpsp2res.dll,-22009
"32595:TCP"= 32595:TCP:@xpsp2res.dll,-22009
"25940:TCP"= 25940:TCP:@xpsp2res.dll,-22009
"18245:TCP"= 18245:TCP:@xpsp2res.dll,-22009
"50004:TCP"= 50004:TCP:@xpsp2res.dll,-22009
"61779:TCP"= 61779:TCP:@xpsp2res.dll,-22009
"52564:TCP"= 52564:TCP:@xpsp2res.dll,-22009
"2629:TCP"= 2629:TCP:@xpsp2res.dll,-22009
"57428:TCP"= 57428:TCP:@xpsp2res.dll,-22009
"44627:TCP"= 44627:TCP:@xpsp2res.dll,-22009
"54867:TCP"= 54867:TCP:@xpsp2res.dll,-22009
"6995:TCP"= 6995:TCP:@xpsp2res.dll,-22009
"63571:TCP"= 63571:TCP:@xpsp2res.dll,-22009
"24404:TCP"= 24404:TCP:@xpsp2res.dll,-22009
"47697:TCP"= 47697:TCP:@xpsp2res.dll,-22009
"45899:TCP"= 45899:TCP:@xpsp2res.dll,-22009
"18241:TCP"= 18241:TCP:@xpsp2res.dll,-22009
"44867:TCP"= 44867:TCP:@xpsp2res.dll,-22009
"26961:TCP"= 26961:TCP:@xpsp2res.dll,-22009
"34113:TCP"= 34113:TCP:@xpsp2res.dll,-22009
"23363:TCP"= 23363:TCP:@xpsp2res.dll,-22009
"57681:TCP"= 57681:TCP:@xpsp2res.dll,-22009
"30033:TCP"= 30033:TCP:@xpsp2res.dll,-22009
"55633:TCP"= 55633:TCP:@xpsp2res.dll,-22009
"23115:TCP"= 23115:TCP:@xpsp2res.dll,-22009
"9027:TCP"= 9027:TCP:@xpsp2res.dll,-22009
"33105:TCP"= 33105:TCP:@xpsp2res.dll,-22009
"10829:TCP"= 10829:TCP:@xpsp2res.dll,-22009
"39747:TCP"= 39747:TCP:@xpsp2res.dll,-22009
"75:TCP"= 75:TCP:@xpsp2res.dll,-22009
"33355:TCP"= 33355:TCP:@xpsp2res.dll,-22009
"31555:TCP"= 31555:TCP:@xpsp2res.dll,-22009
"53835:TCP"= 53835:TCP:@xpsp2res.dll,-22009
"56139:TCP"= 56139:TCP:@xpsp2res.dll,-22009
"25675:TCP"= 25675:TCP:@xpsp2res.dll,-22009
"52801:TCP"= 52801:TCP:@xpsp2res.dll,-22009
"38225:TCP"= 38225:TCP:@xpsp2res.dll,-22009
"55107:TCP"= 55107:TCP:@xpsp2res.dll,-22009
"42315:TCP"= 42315:TCP:@xpsp2res.dll,-22009
"35405:TCP"= 35405:TCP:@xpsp2res.dll,-22009
"10819:TCP"= 10819:TCP:@xpsp2res.dll,-22009
"57677:TCP"= 57677:TCP:@xpsp2res.dll,-22009
"33613:TCP"= 33613:TCP:@xpsp2res.dll,-22009
"65357:TCP"= 65357:TCP:@xpsp2res.dll,-22009
"65355:TCP"= 65355:TCP:@xpsp2res.dll,-22009
"3139:TCP"= 3139:TCP:@xpsp2res.dll,-22009
"10827:TCP"= 10827:TCP:@xpsp2res.dll,-22009
"20299:TCP"= 20299:TCP:@xpsp2res.dll,-22009
"2627:TCP"= 2627:TCP:@xpsp2res.dll,-22009
"61249:TCP"= 61249:TCP:@xpsp2res.dll,-22009
"41537:TCP"= 41537:TCP:@xpsp2res.dll,-22009
"43075:TCP"= 43075:TCP:@xpsp2res.dll,-22009
"46411:TCP"= 46411:TCP:@xpsp2res.dll,-22009
"35659:TCP"= 35659:TCP:@xpsp2res.dll,-22009
"31297:TCP"= 31297:TCP:@xpsp2res.dll,-22009
"30017:TCP"= 30017:TCP:@xpsp2res.dll,-22009
"11851:TCP"= 11851:TCP:@xpsp2res.dll,-22009
"52803:TCP"= 52803:TCP:@xpsp2res.dll,-22009
"6219:TCP"= 6219:TCP:@xpsp2res.dll,-22009
"43853:TCP"= 43853:TCP:@xpsp2res.dll,-22009
"19779:TCP"= 19779:TCP:@xpsp2res.dll,-22009
"54083:TCP"= 54083:TCP:@xpsp2res.dll,-22009
"6477:TCP"= 6477:TCP:@xpsp2res.dll,-22009
"46161:TCP"= 46161:TCP:@xpsp2res.dll,-22009
"59201:TCP"= 59201:TCP:@xpsp2res.dll,-22009
"50513:TCP"= 50513:TCP:@xpsp2res.dll,-22009
"25923:TCP"= 25923:TCP:@xpsp2res.dll,-22009
"11597:TCP"= 11597:TCP:@xpsp2res.dll,-22009
"46669:TCP"= 46669:TCP:@xpsp2res.dll,-22009
"38221:TCP"= 38221:TCP:@xpsp2res.dll,-22009
"24643:TCP"= 24643:TCP:@xpsp2res.dll,-22009
"29515:TCP"= 29515:TCP:@xpsp2res.dll,-22009
"63057:TCP"= 63057:TCP:@xpsp2res.dll,-22009
"3403:TCP"= 3403:TCP:@xpsp2res.dll,-22009
"33611:TCP"= 33611:TCP:@xpsp2res.dll,-22009
"31051:TCP"= 31051:TCP:@xpsp2res.dll,-22009
"27713:TCP"= 27713:TCP:@xpsp2res.dll,-22009
"22609:TCP"= 22609:TCP:@xpsp2res.dll,-22009
"55629:TCP"= 55629:TCP:@xpsp2res.dll,-22009
"10321:TCP"= 10321:TCP:@xpsp2res.dll,-22009
"1613:TCP"= 1613:TCP:@xpsp2res.dll,-22009
"50507:TCP"= 50507:TCP:@xpsp2res.dll,-22009
"47953:TCP"= 47953:TCP:@xpsp2res.dll,-22009
"53313:TCP"= 53313:TCP:@xpsp2res.dll,-22009
"63565:TCP"= 63565:TCP:@xpsp2res.dll,-22009
"25153:TCP"= 25153:TCP:@xpsp2res.dll,-22009
"29763:TCP"= 29763:TCP:@xpsp2res.dll,-22009
"64065:TCP"= 64065:TCP:@xpsp2res.dll,-22009
"32067:TCP"= 32067:TCP:@xpsp2res.dll,-22009
"54097:TCP"= 54097:TCP:@xpsp2res.dll,-22009
"51011:TCP"= 51011:TCP:@xpsp2res.dll,-22009
"57165:TCP"= 57165:TCP:@xpsp2res.dll,-22009
"31041:TCP"= 31041:TCP:@xpsp2res.dll,-22009
"19267:TCP"= 19267:TCP:@xpsp2res.dll,-22009
"59217:TCP"= 59217:TCP:@xpsp2res.dll,-22009
"30529:TCP"= 30529:TCP:@xpsp2res.dll,-22009
"24657:TCP"= 24657:TCP:@xpsp2res.dll,-22009
"30273:TCP"= 30273:TCP:@xpsp2res.dll,-22009
"60235:TCP"= 60235:TCP:@xpsp2res.dll,-22009
"28227:TCP"= 28227:TCP:@xpsp2res.dll,-22009
"14915:TCP"= 14915:TCP:@xpsp2res.dll,-22009
"17997:TCP"= 17997:TCP:@xpsp2res.dll,-22009
"49229:TCP"= 49229:TCP:@xpsp2res.dll,-22009
"28491:TCP"= 28491:TCP:@xpsp2res.dll,-22009
"64075:TCP"= 64075:TCP:@xpsp2res.dll,-22009
"61251:TCP"= 61251:TCP:@xpsp2res.dll,-22009
"23105:TCP"= 23105:TCP:@xpsp2res.dll,-22009
"12365:TCP"= 12365:TCP:@xpsp2res.dll,-22009
"29507:TCP"= 29507:TCP:@xpsp2res.dll,-22009
"59211:TCP"= 59211:TCP:@xpsp2res.dll,-22009
"48449:TCP"= 48449:TCP:@xpsp2res.dll,-22009
"5185:TCP"= 5185:TCP:@xpsp2res.dll,-22009
"39491:TCP"= 39491:TCP:@xpsp2res.dll,-22009
"24131:TCP"= 24131:TCP:@xpsp2res.dll,-22009
"33089:TCP"= 33089:TCP:@xpsp2res.dll,-22009
"9281:TCP"= 9281:TCP:@xpsp2res.dll,-22009
"12355:TCP"= 12355:TCP:@xpsp2res.dll,-22009
"42307:TCP"= 42307:TCP:@xpsp2res.dll,-22009
"27469:TCP"= 27469:TCP:@xpsp2res.dll,-22009
"54609:TCP"= 54609:TCP:@xpsp2res.dll,-22009
"52561:TCP"= 52561:TCP:@xpsp2res.dll,-22009
"58961:TCP"= 58961:TCP:@xpsp2res.dll,-22009
"33603:TCP"= 33603:TCP:@xpsp2res.dll,-22009
"40273:TCP"= 40273:TCP:@xpsp2res.dll,-22009
"64577:TCP"= 64577:TCP:@xpsp2res.dll,-22009
"63569:TCP"= 63569:TCP:@xpsp2res.dll,-22009
"15171:TCP"= 15171:TCP:@xpsp2res.dll,-22009
"7745:TCP"= 7745:TCP:@xpsp2res.dll,-22009
"1347:TCP"= 1347:TCP:@xpsp2res.dll,-22009
"62529:TCP"= 62529:TCP:@xpsp2res.dll,-22009
"31811:TCP"= 31811:TCP:@xpsp2res.dll,-22009
"32833:TCP"= 32833:TCP:@xpsp2res.dll,-22009
"33857:TCP"= 33857:TCP:@xpsp2res.dll,-22009
"3907:TCP"= 3907:TCP:@xpsp2res.dll,-22009
"4465:TCP"= 4465:TCP:@xpsp2res.dll,-22009
"35186:TCP"= 35186:TCP:@xpsp2res.dll,-22009
"48753:TCP"= 48753:TCP:@xpsp2res.dll,-22009
"61553:TCP"= 61553:TCP:@xpsp2res.dll,-22009
"16497:TCP"= 16497:TCP:@xpsp2res.dll,-22009
"34161:TCP"= 34161:TCP:@xpsp2res.dll,-22009
"26993:TCP"= 26993:TCP:@xpsp2res.dll,-22009
"46705:TCP"= 46705:TCP:@xpsp2res.dll,-22009
"46449:TCP"= 46449:TCP:@xpsp2res.dll,-22009
"61042:TCP"= 61042:TCP:@xpsp2res.dll,-22009
"28273:TCP"= 28273:TCP:@xpsp2res.dll,-22009
"61297:TCP"= 61297:TCP:@xpsp2res.dll,-22009
"36978:TCP"= 36978:TCP:@xpsp2res.dll,-22009
"11378:TCP"= 11378:TCP:@xpsp2res.dll,-22009
"3185:TCP"= 3185:TCP:@xpsp2res.dll,-22009
"5490:TCP"= 5490:TCP:@xpsp2res.dll,-22009
"11377:TCP"= 11377:TCP:@xpsp2res.dll,-22009
"56689:TCP"= 56689:TCP:@xpsp2res.dll,-22009
"44401:TCP"= 44401:TCP:@xpsp2res.dll,-22009
"21617:TCP"= 21617:TCP:@xpsp2res.dll,-22009
"21361:TCP"= 21361:TCP:@xpsp2res.dll,-22009
"6002:TCP"= 6002:TCP:@xpsp2res.dll,-22009
"53105:TCP"= 53105:TCP:@xpsp2res.dll,-22009
"19825:TCP"= 19825:TCP:@xpsp2res.dll,-22009
"3953:TCP"= 3953:TCP:@xpsp2res.dll,-22009
"26738:TCP"= 26738:TCP:@xpsp2res.dll,-22009
"17777:TCP"= 17777:TCP:@xpsp2res.dll,-22009
"41841:TCP"= 41841:TCP:@xpsp2res.dll,-22009
"30577:TCP"= 30577:TCP:@xpsp2res.dll,-22009
"34929:TCP"= 34929:TCP:@xpsp2res.dll,-22009
"62834:TCP"= 62834:TCP:@xpsp2res.dll,-22009
"60786:TCP"= 60786:TCP:@xpsp2res.dll,-22009
"1905:TCP"= 1905:TCP:@xpsp2res.dll,-22009
"52593:TCP"= 52593:TCP:@xpsp2res.dll,-22009
"2930:TCP"= 2930:TCP:@xpsp2res.dll,-22009
"8306:TCP"= 8306:TCP:@xpsp2res.dll,-22009
"43889:TCP"= 43889:TCP:@xpsp2res.dll,-22009
"5489:TCP"= 5489:TCP:@xpsp2res.dll,-22009
"14705:TCP"= 14705:TCP:@xpsp2res.dll,-22009
"43377:TCP"= 43377:TCP:@xpsp2res.dll,-22009
"60273:TCP"= 60273:TCP:@xpsp2res.dll,-22009
"12657:TCP"= 12657:TCP:@xpsp2res.dll,-22009
"10865:TCP"= 10865:TCP:@xpsp2res.dll,-22009
"3698:TCP"= 3698:TCP:@xpsp2res.dll,-22009
"41329:TCP"= 41329:TCP:@xpsp2res.dll,-22009
"8049:TCP"= 8049:TCP:@xpsp2res.dll,-22009
"60017:TCP"= 60017:TCP:@xpsp2res.dll,-22009
"14450:TCP"= 14450:TCP:@xpsp2res.dll,-22009
"64369:TCP"= 64369:TCP:@xpsp2res.dll,-22009
"7025:TCP"= 7025:TCP:@xpsp2res.dll,-22009
"6513:TCP"= 6513:TCP:@xpsp2res.dll,-22009
"40817:TCP"= 40817:TCP:@xpsp2res.dll,-22009
"50546:TCP"= 50546:TCP:@xpsp2res.dll,-22009
"23410:TCP"= 23410:TCP:@xpsp2res.dll,-22009
"20594:TCP"= 20594:TCP:@xpsp2res.dll,-22009
"50033:TCP"= 50033:TCP:@xpsp2res.dll,-22009
"6257:TCP"= 6257:TCP:@xpsp2res.dll,-22009
"14961:TCP"= 14961:TCP:@xpsp2res.dll,-22009
"2417:TCP"= 2417:TCP:@xpsp2res.dll,-22009
"27761:TCP"= 27761:TCP:@xpsp2res.dll,-22009
"57714:TCP"= 57714:TCP:@xpsp2res.dll,-22009
"13681:TCP"= 13681:TCP:@xpsp2res.dll,-22009
"29553:TCP"= 29553:TCP:@xpsp2res.dll,-22009
"45937:TCP"= 45937:TCP:@xpsp2res.dll,-22009
"15985:TCP"= 15985:TCP:@xpsp2res.dll,-22009
"12913:TCP"= 12913:TCP:@xpsp2res.dll,-22009
"11122:TCP"= 11122:TCP:@xpsp2res.dll,-22009
"51057:TCP"= 51057:TCP:@xpsp2res.dll,-22009
"15473:TCP"= 15473:TCP:@xpsp2res.dll,-22009
"5234:TCP"= 5234:TCP:@xpsp2res.dll,-22009
"33650:TCP"= 33650:TCP:@xpsp2res.dll,-22009
"52849:TCP"= 52849:TCP:@xpsp2res.dll,-22009
"47729:TCP"= 47729:TCP:@xpsp2res.dll,-22009
"56177:TCP"= 56177:TCP:@xpsp2res.dll,-22009
"1137:TCP"= 1137:TCP:@xpsp2res.dll,-22009
"42609:TCP"= 42609:TCP:@xpsp2res.dll,-22009
"38769:TCP"= 38769:TCP:@xpsp2res.dll,-22009
"33649:TCP"= 33649:TCP:@xpsp2res.dll,-22009
"61809:TCP"= 61809:TCP:@xpsp2res.dll,-22009
"38513:TCP"= 38513:TCP:@xpsp2res.dll,-22009
"65137:TCP"= 65137:TCP:@xpsp2res.dll,-22009
"57713:TCP"= 57713:TCP:@xpsp2res.dll,-22009
"28017:TCP"= 28017:TCP:@xpsp2res.dll,-22009
"14449:TCP"= 14449:TCP:@xpsp2res.dll,-22009
"113:TCP"= 113:TCP:@xpsp2res.dll,-22009
"50801:TCP"= 50801:TCP:@xpsp2res.dll,-22009
"44145:TCP"= 44145:TCP:@xpsp2res.dll,-22009
"882:TCP"= 882:TCP:@xpsp2res.dll,-22009
"20593:TCP"= 20593:TCP:@xpsp2res.dll,-22009
"33394:TCP"= 33394:TCP:@xpsp2res.dll,-22009
"52850:TCP"= 52850:TCP:@xpsp2res.dll,-22009
"40306:TCP"= 40306:TCP:@xpsp2res.dll,-22009
"55153:TCP"= 55153:TCP:@xpsp2res.dll,-22009
"22642:TCP"= 22642:TCP:@xpsp2res.dll,-22009
"51313:TCP"= 51313:TCP:@xpsp2res.dll,-22009
"22641:TCP"= 22641:TCP:@xpsp2res.dll,-22009
"55410:TCP"= 55410:TCP:@xpsp2res.dll,-22009
"64625:TCP"= 64625:TCP:@xpsp2res.dll,-22009
"15217:TCP"= 15217:TCP:@xpsp2res.dll,-22009
"46193:TCP"= 46193:TCP:@xpsp2res.dll,-22009
"23666:TCP"= 23666:TCP:@xpsp2res.dll,-22009
"64113:TCP"= 64113:TCP:@xpsp2res.dll,-22009
"65394:TCP"= 65394:TCP:@xpsp2res.dll,-22009
"32626:TCP"= 32626:TCP:@xpsp2res.dll,-22009
"8305:TCP"= 8305:TCP:@xpsp2res.dll,-22009
"6514:TCP"= 6514:TCP:@xpsp2res.dll,-22009
"25202:TCP"= 25202:TCP:@xpsp2res.dll,-22009
"41073:TCP"= 41073:TCP:@xpsp2res.dll,-22009
"31602:TCP"= 31602:TCP:@xpsp2res.dll,-22009
"10610:TCP"= 10610:TCP:@xpsp2res.dll,-22009
"58738:TCP"= 58738:TCP:@xpsp2res.dll,-22009
"35185:TCP"= 35185:TCP:@xpsp2res.dll,-22009
"29042:TCP"= 29042:TCP:@xpsp2res.dll,-22009
"58482:TCP"= 58482:TCP:@xpsp2res.dll,-22009
"13425:TCP"= 13425:TCP:@xpsp2res.dll,-22009
"19057:TCP"= 19057:TCP:@xpsp2res.dll,-22009
"25714:TCP"= 25714:TCP:@xpsp2res.dll,-22009
"6001:TCP"= 6001:TCP:@xpsp2res.dll,-22009
"63602:TCP"= 63602:TCP:@xpsp2res.dll,-22009
"56690:TCP"= 56690:TCP:@xpsp2res.dll,-22009
"24946:TCP"= 24946:TCP:@xpsp2res.dll,-22009
"30321:TCP"= 30321:TCP:@xpsp2res.dll,-22009
"23153:TCP"= 23153:TCP:@xpsp2res.dll,-22009
"3442:TCP"= 3442:TCP:@xpsp2res.dll,-22009
"55665:TCP"= 55665:TCP:@xpsp2res.dll,-22009
"7281:TCP"= 7281:TCP:@xpsp2res.dll,-22009
"26994:TCP"= 26994:TCP:@xpsp2res.dll,-22009
"27250:TCP"= 27250:TCP:@xpsp2res.dll,-22009
"8050:TCP"= 8050:TCP:@xpsp2res.dll,-22009
"36465:TCP"= 36465:TCP:@xpsp2res.dll,-22009
"54130:TCP"= 54130:TCP:@xpsp2res.dll,-22009
"21873:TCP"= 21873:TCP:@xpsp2res.dll,-22009
"11889:TCP"= 11889:TCP:@xpsp2res.dll,-22009

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-02-05 325128]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-02-05 107272]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-02-05 298264]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder

2009-02-13 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 09:09]
.
- - - - ORPHANS REMOVED - - - -

BHO-{594E7FF5-9484-46CD-824A-A2362BCF826C} - (no file)


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Search - ?p=ZKxdm016YYHR
IE: Add to Evernote - c:\program files\Evernote\Evernote3\enbar.dll/2000
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {33331111-1111-1111-1111-622221193458} - file://c:\ex.cab
DPF: {64311111-1111-1121-1111-111191113457} - file://c:\eied_s7.cab
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2009-02-14 00:17:41
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\ccEvtMgr]
"ImagePath"="-"

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SAVRT]
"ImagePath"="-"

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SNDSrvc]
"ImagePath"="-"
.
Completion time: 2009-02-14 0:19:28
ComboFix-quarantined-files.txt 2009-02-13 23:19:26
ComboFix2.txt 2009-02-12 21:41:13
ComboFix3.txt 2009-02-12 20:59:11
ComboFix4.txt 2009-02-12 12:46:13

Pre-Run: 1.287.782.400 bytes free
Post-Run: 1,275,633,664 bytes free

624 --- E O F --- 2008-12-31 05:09:50

offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

Kazi mi sta imas instalirano od Symantec/Norton programa?
Ili si mozda ranije imao instaliran Norton antiviru, ali ga vise nemas?

Vidim tragove Nortona na sistemu, i ako vise nije u upotrebi ne bi bilo lose da se totalno otklone njegovi servisi posto samo smetaju.

Ukoliko je Norton bio nekada prisutan, a nemas ga vise instaliranog, onda idi na sledeci link i odatle skini alatku za ciscenje sistema od Nortonovih ostataka:
http://service1.symantec.com/Support/tsgeninfo.nsf/docid/2005033108162039

Dajle, ako su moje pretpostavke tacne (imao si Nortona, pa su ono u logu bili samo ostaci), nakon ciscenja tom alatkom skeniraj ponovo ComboFixom i postavi mi log da se uverim da je Norton lepo uklonjen.

offline
  • vr7600 
  • Novi MyCity građanin
  • Pridružio: 25 Jan 2008
  • Poruke: 26

Bio je instaliran Norton Antivirus 2009 trial, 15 dana.

ComboFix 09-02-11.02 - Bella 2009-02-14 16:44:27.6 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1250.1.1033.18.759.485 [GMT 1:00]
Running from: c:\documents and settings\Bella\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated)

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2009-01-14 to 2009-02-14 )))))))))))))))))))))))))))))))
.

2009-02-09 18:34 . 2009-02-09 18:35 <DIR> d-------- c:\documents and settings\Borko\Application Data\vlc
2009-02-09 18:33 . 2009-02-09 18:33 <DIR> d-------- c:\program files\VideoLAN
2009-02-05 21:24 . 2009-02-08 14:11 <DIR> d-------- c:\documents and settings\Borko\Application Data\AVGTOOLBAR
2009-02-05 10:15 . 2009-02-14 12:28 <DIR> d--h----- C:\$AVG8.VAULT$
2009-02-05 10:14 . 2009-02-13 09:27 <DIR> d-------- c:\windows\system32\drivers\Avg
2009-02-05 10:14 . 2009-02-05 10:14 <DIR> d-------- c:\program files\AVG
2009-02-05 10:14 . 2009-02-05 12:25 <DIR> d-------- c:\documents and settings\Bella\Application Data\AVGTOOLBAR
2009-02-05 10:14 . 2009-02-12 13:43 <DIR> d-------- c:\documents and settings\All Users\Application Data\avg8
2009-02-05 10:14 . 2009-02-05 10:14 325,128 --a------ c:\windows\system32\drivers\avgldx86.sys
2009-02-05 10:14 . 2009-02-05 10:14 107,272 --a------ c:\windows\system32\drivers\avgtdix.sys
2009-02-05 10:14 . 2009-02-05 10:14 10,520 --a------ c:\windows\system32\avgrsstx.dll
2009-01-24 23:58 . 2009-01-24 23:58 54,156 --ah----- c:\windows\QTFont.qfn
2009-01-24 23:58 . 2009-01-24 23:58 1,409 --a------ c:\windows\QTFont.for
2009-01-24 17:45 . 2009-01-24 17:45 <DIR> d-------- c:\program files\Evernote
2009-01-20 00:04 . 2009-01-20 00:04 <DIR> d-------- c:\program files\PlayPianoTODAY
2009-01-15 01:00 . 2009-02-05 10:02 <DIR> d-------- c:\documents and settings\All Users\Application Data\Norton
2009-01-15 00:59 . 2009-01-15 00:59 <DIR> d-------- c:\documents and settings\All Users\Application Data\NortonInstaller
2009-01-14 14:14 . 2009-01-14 14:14 50 --a------ c:\windows\WININIT.INI

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-14 15:40 --------- d-----w c:\program files\Flock
2009-02-11 11:34 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-02-09 15:25 --------- d-----w c:\program files\NCH Swift Sound
2009-02-09 15:21 --------- d-----w c:\program files\DivX
2009-02-08 00:50 4,984,707 ----a-w c:\windows\java\Packages\JTN7ZZLR.ZIP
2009-02-08 00:50 4,254,611 ----a-w c:\windows\java\Packages\LJ793LZF.ZIP
2009-01-24 16:45 --------- d--h--w c:\program files\InstallShield Installation Information
2009-01-23 22:48 --------- d-----w c:\documents and settings\Borko\Application Data\Winamp
2009-01-19 23:03 737,280 -c--a-w c:\windows\iun6002.exe
2009-01-18 15:45 1,033,728 ----a-w c:\windows\explorer.exe
2009-01-05 12:12 --------- d-----w c:\documents and settings\All Users\Application Data\NCH Swift Sound
2009-01-05 11:55 --------- d-----w c:\documents and settings\Borko\Application Data\NCH Swift Sound
2008-12-30 22:32 --------- d-----w c:\documents and settings\Bella\Application Data\Winamp
2008-12-30 21:57 --------- d-----w c:\program files\Winamp
2008-12-30 21:56 --------- d-----w c:\program files\Windows Media Connect 2
2008-12-23 09:27 --------- d-----w c:\program files\Spybot - Search & Destroy
2008-12-23 07:59 --------- d-----w c:\documents and settings\All Users\Application Data\ESET
2008-12-22 16:03 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2008-11-28 23:06 355,584 ----a-w c:\windows\system32\TuneUpDefragService.exe
2007-01-04 16:51 604 -c-ha-w c:\program files\STLL Notifier
.

((((((((((((((((((((((((((((( SnapShot@2009-02-12_13.44.46.09 )))))))))))))))))))))))))))))))))))))))))
.
+ 2005-10-20 19:02:28 163,328 ----a-w c:\windows\ERDNT\subs\ERDNT.EXE
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-11-14 815104]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-10-19 177456]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-02-05 1601304]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-09-01 282624]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-02-05 10:14 10520 c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.AP41"= APmpg4v1.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^GStartup.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\GStartup.lnk
backup=c:\windows\pss\GStartup.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
backup=c:\windows\pss\WinZip Quick Pick.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
--a------ 2008-04-14 01:12 15360 c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
--a------ 2007-06-19 16:26 84760 c:\windows\system32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
--a------ 2007-06-19 16:26 84760 c:\windows\system32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
--a------ 2007-06-19 16:26 125720 c:\windows\system32\igfxpers.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
--a------ 2007-06-19 16:26 101144 c:\windows\system32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--a------ 2008-04-14 01:12 1695232 c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBJ]
-----c--- 2005-02-10 16:00 1937408 c:\program files\Ahead\Nero BackItUp\NBJ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a--c--- 2001-07-09 09:50 155648 c:\windows\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OM2_Monitor]
--a------ 2007-02-08 19:43 95800 c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
--a------ 2007-06-19 16:26 125720 c:\windows\system32\igfxpers.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2006-09-01 14:57 282624 c:\program files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
--a--c--- 2004-11-02 19:24 32768 c:\program files\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMax]
--a------ 2004-09-23 12:41 860160 c:\program files\Analog Devices\SoundMAX\SMax4.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
--a------ 2004-10-14 09:11 1388544 c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
--a------ 2006-11-14 16:02 815104 c:\program files\Synaptics\SynTP\SynTPEnh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPLpr]
--a------ 2004-11-04 17:40 98394 c:\program files\Synaptics\SynTP\SynTPLpr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
-ra--c--- 2004-11-22 07:18 307200 c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
--a--c--- 2004-08-24 10:20 88363 c:\windows\AGRSMMSG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\SoulseekNS\\slsk.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\explorer.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"15281:TCP"= 15281:TCP:NortonAV
"12085:TCP"= 12085:TCP:NortonAV
"16057:TCP"= 16057:TCP:NortonAV
"48205:TCP"= 48205:TCP:@xpsp2res.dll,-22009
"80:TCP"= 80:TCP:@xpsp2res.dll,-22009
"1867:TCP"= 1867:TCP:@xpsp2res.dll,-22009
"63041:TCP"= 63041:TCP:@xpsp2res.dll,-22009
"40529:TCP"= 40529:TCP:@xpsp2res.dll,-22009
"5194:TCP"= 5194:TCP:@xpsp2res.dll,-22009
"32065:TCP"= 32065:TCP:@xpsp2res.dll,-22009
"42305:TCP"= 42305:TCP:@xpsp2res.dll,-22009
"53827:TCP"= 53827:TCP:@xpsp2res.dll,-22009
"22353:TCP"= 22353:TCP:@xpsp2res.dll,-22009
"34371:TCP"= 34371:TCP:@xpsp2res.dll,-22009
"2129:TCP"= 2129:TCP:@xpsp2res.dll,-22009
"3665:TCP"= 3665:TCP:@xpsp2res.dll,-22009
"58177:TCP"= 58177:TCP:@xpsp2res.dll,-22009
"23117:TCP"= 23117:TCP:@xpsp2res.dll,-22009
"39233:TCP"= 39233:TCP:@xpsp2res.dll,-22009
"42563:TCP"= 42563:TCP:@xpsp2res.dll,-22009
"54353:TCP"= 54353:TCP:@xpsp2res.dll,-22009
"43597:TCP"= 43597:TCP:@xpsp2res.dll,-22009
"20035:TCP"= 20035:TCP:@xpsp2res.dll,-22009
"11587:TCP"= 11587:TCP:@xpsp2res.dll,-22009
"50243:TCP"= 50243:TCP:@xpsp2res.dll,-22009
"36675:TCP"= 36675:TCP:@xpsp2res.dll,-22009
"18243:TCP"= 18243:TCP:@xpsp2res.dll,-22009
"64587:TCP"= 64587:TCP:@xpsp2res.dll,-22009
"47691:TCP"= 47691:TCP:@xpsp2res.dll,-22009
"30032:TCP"= 30032:TCP:@xpsp2res.dll,-22009
"37441:TCP"= 37441:TCP:@xpsp2res.dll,-22009
"11075:TCP"= 11075:TCP:@xpsp2res.dll,-22009
"32080:TCP"= 32080:TCP:@xpsp2res.dll,-22009
"35403:TCP"= 35403:TCP:@xpsp2res.dll,-22009
"52299:TCP"= 52299:TCP:@xpsp2res.dll,-22009
"56387:TCP"= 56387:TCP:@xpsp2res.dll,-22009
"27201:TCP"= 27201:TCP:@xpsp2res.dll,-22009
"46913:TCP"= 46913:TCP:@xpsp2res.dll,-22009
"52305:TCP"= 52305:TCP:@xpsp2res.dll,-22009
"21325:TCP"= 21325:TCP:@xpsp2res.dll,-22009
"53585:TCP"= 53585:TCP:@xpsp2res.dll,-22009
"45137:TCP"= 45137:TCP:@xpsp2res.dll,-22009
"50763:TCP"= 50763:TCP:@xpsp2res.dll,-22009
"10570:TCP"= 10570:TCP:@xpsp2res.dll,-22009
"26691:TCP"= 26691:TCP:@xpsp2res.dll,-22009
"2897:TCP"= 2897:TCP:@xpsp2res.dll,-22009
"64321:TCP"= 64321:TCP:@xpsp2res.dll,-22009
"30797:TCP"= 30797:TCP:@xpsp2res.dll,-22009
"34881:TCP"= 34881:TCP:@xpsp2res.dll,-22009
"39501:TCP"= 39501:TCP:@xpsp2res.dll,-22009
"11601:TCP"= 11601:TCP:@xpsp2res.dll,-22009
"21059:TCP"= 21059:TCP:@xpsp2res.dll,-22009
"28749:TCP"= 28749:TCP:@xpsp2res.dll,-22009
"2893:TCP"= 2893:TCP:@xpsp2res.dll,-22009
"12109:TCP"= 12109:TCP:@xpsp2res.dll,-22009
"55121:TCP"= 55121:TCP:@xpsp2res.dll,-22009
"24141:TCP"= 24141:TCP:@xpsp2res.dll,-22009
"48193:TCP"= 48193:TCP:@xpsp2res.dll,-22009
"5187:TCP"= 5187:TCP:@xpsp2res.dll,-22009
"47681:TCP"= 47681:TCP:@xpsp2res.dll,-22009
"25933:TCP"= 25933:TCP:@xpsp2res.dll,-22009
"833:TCP"= 833:TCP:@xpsp2res.dll,-22009
"41549:TCP"= 41549:TCP:@xpsp2res.dll,-22009
"36939:TCP"= 36939:TCP:@xpsp2res.dll,-22009
"35153:TCP"= 35153:TCP:@xpsp2res.dll,-22009
"23361:TCP"= 23361:TCP:@xpsp2res.dll,-22009
"12625:TCP"= 12625:TCP:@xpsp2res.dll,-22009
"1611:TCP"= 1611:TCP:@xpsp2res.dll,-22009
"7501:TCP"= 7501:TCP:@xpsp2res.dll,-22009
"4683:TCP"= 4683:TCP:@xpsp2res.dll,-22009
"38721:TCP"= 38721:TCP:@xpsp2res.dll,-22009
"10317:TCP"= 10317:TCP:@xpsp2res.dll,-22009
"22097:TCP"= 22097:TCP:@xpsp2res.dll,-22009
"47683:TCP"= 47683:TCP:@xpsp2res.dll,-22009
"31040:TCP"= 31040:TCP:@xpsp2res.dll,-22009
"48707:TCP"= 48707:TCP:@xpsp2res.dll,-22009
"6721:TCP"= 6721:TCP:@xpsp2res.dll,-22009
"9035:TCP"= 9035:TCP:@xpsp2res.dll,-22009
"10305:TCP"= 10305:TCP:@xpsp2res.dll,-22009
"13123:TCP"= 13123:TCP:@xpsp2res.dll,-22009
"10577:TCP"= 10577:TCP:@xpsp2res.dll,-22009
"47947:TCP"= 47947:TCP:@xpsp2res.dll,-22009
"37185:TCP"= 37185:TCP:@xpsp2res.dll,-22009
"47435:TCP"= 47435:TCP:@xpsp2res.dll,-22009
"19521:TCP"= 19521:TCP:@xpsp2res.dll,-22009
"2123:TCP"= 2123:TCP:@xpsp2res.dll,-22009
"43329:TCP"= 43329:TCP:@xpsp2res.dll,-22009
"321:TCP"= 321:TCP:@xpsp2res.dll,-22009
"2381:TCP"= 2381:TCP:@xpsp2res.dll,-22009
"41547:TCP"= 41547:TCP:@xpsp2res.dll,-22009
"19777:TCP"= 19777:TCP:@xpsp2res.dll,-22009
"10561:TCP"= 10561:TCP:@xpsp2res.dll,-22009
"1857:TCP"= 1857:TCP:@xpsp2res.dll,-22009
"19025:TCP"= 19025:TCP:@xpsp2res.dll,-22009
"4163:TCP"= 4163:TCP:@xpsp2res.dll,-22009
"57409:TCP"= 57409:TCP:@xpsp2res.dll,-22009
"10065:TCP"= 10065:TCP:@xpsp2res.dll,-22009
"46401:TCP"= 46401:TCP:@xpsp2res.dll,-22009
"6481:TCP"= 6481:TCP:@xpsp2res.dll,-22009
"44875:TCP"= 44875:TCP:@xpsp2res.dll,-22009
"44609:TCP"= 44609:TCP:@xpsp2res.dll,-22009
"51277:TCP"= 51277:TCP:@xpsp2res.dll,-22009
"33345:TCP"= 33345:TCP:@xpsp2res.dll,-22009
"58445:TCP"= 58445:TCP:@xpsp2res.dll,-22009
"62029:TCP"= 62029:TCP:@xpsp2res.dll,-22009
"59469:TCP"= 59469:TCP:@xpsp2res.dll,-22009
"27467:TCP"= 27467:TCP:@xpsp2res.dll,-22009
"22347:TCP"= 22347:TCP:@xpsp2res.dll,-22009
"31307:TCP"= 31307:TCP:@xpsp2res.dll,-22009
"62785:TCP"= 62785:TCP:@xpsp2res.dll,-22009
"5969:TCP"= 5969:TCP:@xpsp2res.dll,-22009
"61773:TCP"= 61773:TCP:@xpsp2res.dll,-22009
"37187:TCP"= 37187:TCP:@xpsp2res.dll,-22009
"33873:TCP"= 33873:TCP:@xpsp2res.dll,-22009
"49997:TCP"= 49997:TCP:@xpsp2res.dll,-22009
"43339:TCP"= 43339:TCP:@xpsp2res.dll,-22009
"36941:TCP"= 36941:TCP:@xpsp2res.dll,-22009
"10817:TCP"= 10817:TCP:@xpsp2res.dll,-22009
"12619:TCP"= 12619:TCP:@xpsp2res.dll,-22009
"37699:TCP"= 37699:TCP:@xpsp2res.dll,-22009
"31553:TCP"= 31553:TCP:@xpsp2res.dll,-22009
"46657:TCP"= 46657:TCP:@xpsp2res.dll,-22009
"37707:TCP"= 37707:TCP:@xpsp2res.dll,-22009
"49731:TCP"= 49731:TCP:@xpsp2res.dll,-22009
"12867:TCP"= 12867:TCP:@xpsp2res.dll,-22009
"12609:TCP"= 12609:TCP:@xpsp2res.dll,-22009
"21329:TCP"= 21329:TCP:@xpsp2res.dll,-22009
"31299:TCP"= 31299:TCP:@xpsp2res.dll,-22009
"31825:TCP"= 31825:TCP:@xpsp2res.dll,-22009
"40013:TCP"= 40013:TCP:@xpsp2res.dll,-22009
"61521:TCP"= 61521:TCP:@xpsp2res.dll,-22009
"29251:TCP"= 29251:TCP:@xpsp2res.dll,-22009
"55105:TCP"= 55105:TCP:@xpsp2res.dll,-22009
"61777:TCP"= 61777:TCP:@xpsp2res.dll,-22009
"11341:TCP"= 11341:TCP:@xpsp2res.dll,-22009
"2369:TCP"= 2369:TCP:@xpsp2res.dll,-22009
"38737:TCP"= 38737:TCP:@xpsp2res.dll,-22009
"12353:TCP"= 12353:TCP:@xpsp2res.dll,-22009
"6465:TCP"= 6465:TCP:@xpsp2res.dll,-22009
"40785:TCP"= 40785:TCP:@xpsp2res.dll,-22009
"22093:TCP"= 22093:TCP:@xpsp2res.dll,-22009
"57675:TCP"= 57675:TCP:@xpsp2res.dll,-22009
"19284:TCP"= 19284:TCP:@xpsp2res.dll,-22009
"45139:TCP"= 45139:TCP:@xpsp2res.dll,-22009
"48709:TCP"= 48709:TCP:@xpsp2res.dll,-22009
"17477:TCP"= 17477:TCP:@xpsp2res.dll,-22009
"46405:TCP"= 46405:TCP:@xpsp2res.dll,-22009
"20805:TCP"= 20805:TCP:@xpsp2res.dll,-22009
"34132:TCP"= 34132:TCP:@xpsp2res.dll,-22009
"7251:TCP"= 7251:TCP:@xpsp2res.dll,-22009
"21587:TCP"= 21587:TCP:@xpsp2res.dll,-22009
"48197:TCP"= 48197:TCP:@xpsp2res.dll,-22009
"41043:TCP"= 41043:TCP:@xpsp2res.dll,-22009
"60741:TCP"= 60741:TCP:@xpsp2res.dll,-22009
"59717:TCP"= 59717:TCP:@xpsp2res.dll,-22009
"22867:TCP"= 22867:TCP:@xpsp2res.dll,-22009
"11589:TCP"= 11589:TCP:@xpsp2res.dll,-22009
"61523:TCP"= 61523:TCP:@xpsp2res.dll,-22009
"34131:TCP"= 34131:TCP:@xpsp2res.dll,-22009
"56403:TCP"= 56403:TCP:@xpsp2res.dll,-22009
"52820:TCP"= 52820:TCP:@xpsp2res.dll,-22009
"62548:TCP"= 62548:TCP:@xpsp2res.dll,-22009
"2387:TCP"= 2387:TCP:@xpsp2res.dll,-22009
"4435:TCP"= 4435:TCP:@xpsp2res.dll,-22009
"15187:TCP"= 15187:TCP:@xpsp2res.dll,-22009
"32084:TCP"= 32084:TCP:@xpsp2res.dll,-22009
"52563:TCP"= 52563:TCP:@xpsp2res.dll,-22009
"38227:TCP"= 38227:TCP:@xpsp2res.dll,-22009
"60499:TCP"= 60499:TCP:@xpsp2res.dll,-22009
"5460:TCP"= 5460:TCP:@xpsp2res.dll,-22009
"32595:TCP"= 32595:TCP:@xpsp2res.dll,-22009
"25940:TCP"= 25940:TCP:@xpsp2res.dll,-22009
"18245:TCP"= 18245:TCP:@xpsp2res.dll,-22009
"50004:TCP"= 50004:TCP:@xpsp2res.dll,-22009
"61779:TCP"= 61779:TCP:@xpsp2res.dll,-22009
"52564:TCP"= 52564:TCP:@xpsp2res.dll,-22009
"2629:TCP"= 2629:TCP:@xpsp2res.dll,-22009
"57428:TCP"= 57428:TCP:@xpsp2res.dll,-22009
"44627:TCP"= 44627:TCP:@xpsp2res.dll,-22009
"54867:TCP"= 54867:TCP:@xpsp2res.dll,-22009
"6995:TCP"= 6995:TCP:@xpsp2res.dll,-22009
"63571:TCP"= 63571:TCP:@xpsp2res.dll,-22009
"24404:TCP"= 24404:TCP:@xpsp2res.dll,-22009
"47697:TCP"= 47697:TCP:@xpsp2res.dll,-22009
"45899:TCP"= 45899:TCP:@xpsp2res.dll,-22009
"18241:TCP"= 18241:TCP:@xpsp2res.dll,-22009
"44867:TCP"= 44867:TCP:@xpsp2res.dll,-22009
"26961:TCP"= 26961:TCP:@xpsp2res.dll,-22009
"34113:TCP"= 34113:TCP:@xpsp2res.dll,-22009
"23363:TCP"= 23363:TCP:@xpsp2res.dll,-22009
"57681:TCP"= 57681:TCP:@xpsp2res.dll,-22009
"30033:TCP"= 30033:TCP:@xpsp2res.dll,-22009
"55633:TCP"= 55633:TCP:@xpsp2res.dll,-22009
"23115:TCP"= 23115:TCP:@xpsp2res.dll,-22009
"9027:TCP"= 9027:TCP:@xpsp2res.dll,-22009
"33105:TCP"= 33105:TCP:@xpsp2res.dll,-22009
"10829:TCP"= 10829:TCP:@xpsp2res.dll,-22009
"39747:TCP"= 39747:TCP:@xpsp2res.dll,-22009
"75:TCP"= 75:TCP:@xpsp2res.dll,-22009
"33355:TCP"= 33355:TCP:@xpsp2res.dll,-22009
"31555:TCP"= 31555:TCP:@xpsp2res.dll,-22009
"53835:TCP"= 53835:TCP:@xpsp2res.dll,-22009
"56139:TCP"= 56139:TCP:@xpsp2res.dll,-22009
"25675:TCP"= 25675:TCP:@xpsp2res.dll,-22009
"52801:TCP"= 52801:TCP:@xpsp2res.dll,-22009
"38225:TCP"= 38225:TCP:@xpsp2res.dll,-22009
"55107:TCP"= 55107:TCP:@xpsp2res.dll,-22009
"42315:TCP"= 42315:TCP:@xpsp2res.dll,-22009
"35405:TCP"= 35405:TCP:@xpsp2res.dll,-22009
"10819:TCP"= 10819:TCP:@xpsp2res.dll,-22009
"57677:TCP"= 57677:TCP:@xpsp2res.dll,-22009
"33613:TCP"= 33613:TCP:@xpsp2res.dll,-22009
"65357:TCP"= 65357:TCP:@xpsp2res.dll,-22009
"65355:TCP"= 65355:TCP:@xpsp2res.dll,-22009
"3139:TCP"= 3139:TCP:@xpsp2res.dll,-22009
"10827:TCP"= 10827:TCP:@xpsp2res.dll,-22009
"20299:TCP"= 20299:TCP:@xpsp2res.dll,-22009
"2627:TCP"= 2627:TCP:@xpsp2res.dll,-22009
"61249:TCP"= 61249:TCP:@xpsp2res.dll,-22009
"41537:TCP"= 41537:TCP:@xpsp2res.dll,-22009
"43075:TCP"= 43075:TCP:@xpsp2res.dll,-22009
"46411:TCP"= 46411:TCP:@xpsp2res.dll,-22009
"35659:TCP"= 35659:TCP:@xpsp2res.dll,-22009
"31297:TCP"= 31297:TCP:@xpsp2res.dll,-22009
"30017:TCP"= 30017:TCP:@xpsp2res.dll,-22009
"11851:TCP"= 11851:TCP:@xpsp2res.dll,-22009
"52803:TCP"= 52803:TCP:@xpsp2res.dll,-22009
"6219:TCP"= 6219:TCP:@xpsp2res.dll,-22009
"43853:TCP"= 43853:TCP:@xpsp2res.dll,-22009
"19779:TCP"= 19779:TCP:@xpsp2res.dll,-22009
"54083:TCP"= 54083:TCP:@xpsp2res.dll,-22009
"6477:TCP"= 6477:TCP:@xpsp2res.dll,-22009
"46161:TCP"= 46161:TCP:@xpsp2res.dll,-22009
"59201:TCP"= 59201:TCP:@xpsp2res.dll,-22009
"50513:TCP"= 50513:TCP:@xpsp2res.dll,-22009
"25923:TCP"= 25923:TCP:@xpsp2res.dll,-22009
"11597:TCP"= 11597:TCP:@xpsp2res.dll,-22009
"46669:TCP"= 46669:TCP:@xpsp2res.dll,-22009
"38221:TCP"= 38221:TCP:@xpsp2res.dll,-22009
"24643:TCP"= 24643:TCP:@xpsp2res.dll,-22009
"29515:TCP"= 29515:TCP:@xpsp2res.dll,-22009
"63057:TCP"= 63057:TCP:@xpsp2res.dll,-22009
"3403:TCP"= 3403:TCP:@xpsp2res.dll,-22009
"33611:TCP"= 33611:TCP:@xpsp2res.dll,-22009
"31051:TCP"= 31051:TCP:@xpsp2res.dll,-22009
"27713:TCP"= 27713:TCP:@xpsp2res.dll,-22009
"22609:TCP"= 22609:TCP:@xpsp2res.dll,-22009
"55629:TCP"= 55629:TCP:@xpsp2res.dll,-22009
"10321:TCP"= 10321:TCP:@xpsp2res.dll,-22009
"1613:TCP"= 1613:TCP:@xpsp2res.dll,-22009
"50507:TCP"= 50507:TCP:@xpsp2res.dll,-22009
"47953:TCP"= 47953:TCP:@xpsp2res.dll,-22009
"53313:TCP"= 53313:TCP:@xpsp2res.dll,-22009
"63565:TCP"= 63565:TCP:@xpsp2res.dll,-22009
"25153:TCP"= 25153:TCP:@xpsp2res.dll,-22009
"29763:TCP"= 29763:TCP:@xpsp2res.dll,-22009
"64065:TCP"= 64065:TCP:@xpsp2res.dll,-22009
"32067:TCP"= 32067:TCP:@xpsp2res.dll,-22009
"54097:TCP"= 54097:TCP:@xpsp2res.dll,-22009
"51011:TCP"= 51011:TCP:@xpsp2res.dll,-22009
"57165:TCP"= 57165:TCP:@xpsp2res.dll,-22009
"31041:TCP"= 31041:TCP:@xpsp2res.dll,-22009
"19267:TCP"= 19267:TCP:@xpsp2res.dll,-22009
"59217:TCP"= 59217:TCP:@xpsp2res.dll,-22009
"30529:TCP"= 30529:TCP:@xpsp2res.dll,-22009
"24657:TCP"= 24657:TCP:@xpsp2res.dll,-22009
"30273:TCP"= 30273:TCP:@xpsp2res.dll,-22009
"60235:TCP"= 60235:TCP:@xpsp2res.dll,-22009
"28227:TCP"= 28227:TCP:@xpsp2res.dll,-22009
"14915:TCP"= 14915:TCP:@xpsp2res.dll,-22009
"17997:TCP"= 17997:TCP:@xpsp2res.dll,-22009
"49229:TCP"= 49229:TCP:@xpsp2res.dll,-22009
"28491:TCP"= 28491:TCP:@xpsp2res.dll,-22009
"64075:TCP"= 64075:TCP:@xpsp2res.dll,-22009
"61251:TCP"= 61251:TCP:@xpsp2res.dll,-22009
"23105:TCP"= 23105:TCP:@xpsp2res.dll,-22009
"12365:TCP"= 12365:TCP:@xpsp2res.dll,-22009
"29507:TCP"= 29507:TCP:@xpsp2res.dll,-22009
"59211:TCP"= 59211:TCP:@xpsp2res.dll,-22009
"48449:TCP"= 48449:TCP:@xpsp2res.dll,-22009
"5185:TCP"= 5185:TCP:@xpsp2res.dll,-22009
"39491:TCP"= 39491:TCP:@xpsp2res.dll,-22009
"24131:TCP"= 24131:TCP:@xpsp2res.dll,-22009
"33089:TCP"= 33089:TCP:@xpsp2res.dll,-22009
"9281:TCP"= 9281:TCP:@xpsp2res.dll,-22009
"12355:TCP"= 12355:TCP:@xpsp2res.dll,-22009
"42307:TCP"= 42307:TCP:@xpsp2res.dll,-22009
"27469:TCP"= 27469:TCP:@xpsp2res.dll,-22009
"54609:TCP"= 54609:TCP:@xpsp2res.dll,-22009
"52561:TCP"= 52561:TCP:@xpsp2res.dll,-22009
"58961:TCP"= 58961:TCP:@xpsp2res.dll,-22009
"33603:TCP"= 33603:TCP:@xpsp2res.dll,-22009
"40273:TCP"= 40273:TCP:@xpsp2res.dll,-22009
"64577:TCP"= 64577:TCP:@xpsp2res.dll,-22009
"63569:TCP"= 63569:TCP:@xpsp2res.dll,-22009
"15171:TCP"= 15171:TCP:@xpsp2res.dll,-22009
"7745:TCP"= 7745:TCP:@xpsp2res.dll,-22009
"1347:TCP"= 1347:TCP:@xpsp2res.dll,-22009
"62529:TCP"= 62529:TCP:@xpsp2res.dll,-22009
"31811:TCP"= 31811:TCP:@xpsp2res.dll,-22009
"32833:TCP"= 32833:TCP:@xpsp2res.dll,-22009
"33857:TCP"= 33857:TCP:@xpsp2res.dll,-22009
"3907:TCP"= 3907:TCP:@xpsp2res.dll,-22009
"4465:TCP"= 4465:TCP:@xpsp2res.dll,-22009
"35186:TCP"= 35186:TCP:@xpsp2res.dll,-22009
"48753:TCP"= 48753:TCP:@xpsp2res.dll,-22009
"61553:TCP"= 61553:TCP:@xpsp2res.dll,-22009
"16497:TCP"= 16497:TCP:@xpsp2res.dll,-22009
"34161:TCP"= 34161:TCP:@xpsp2res.dll,-22009
"26993:TCP"= 26993:TCP:@xpsp2res.dll,-22009
"46705:TCP"= 46705:TCP:@xpsp2res.dll,-22009
"46449:TCP"= 46449:TCP:@xpsp2res.dll,-22009
"61042:TCP"= 61042:TCP:@xpsp2res.dll,-22009
"28273:TCP"= 28273:TCP:@xpsp2res.dll,-22009
"61297:TCP"= 61297:TCP:@xpsp2res.dll,-22009
"36978:TCP"= 36978:TCP:@xpsp2res.dll,-22009
"11378:TCP"= 11378:TCP:@xpsp2res.dll,-22009
"3185:TCP"= 3185:TCP:@xpsp2res.dll,-22009
"5490:TCP"= 5490:TCP:@xpsp2res.dll,-22009
"11377:TCP"= 11377:TCP:@xpsp2res.dll,-22009
"56689:TCP"= 56689:TCP:@xpsp2res.dll,-22009
"44401:TCP"= 44401:TCP:@xpsp2res.dll,-22009
"21617:TCP"= 21617:TCP:@xpsp2res.dll,-22009
"21361:TCP"= 21361:TCP:@xpsp2res.dll,-22009
"6002:TCP"= 6002:TCP:@xpsp2res.dll,-22009
"53105:TCP"= 53105:TCP:@xpsp2res.dll,-22009
"19825:TCP"= 19825:TCP:@xpsp2res.dll,-22009
"3953:TCP"= 3953:TCP:@xpsp2res.dll,-22009
"26738:TCP"= 26738:TCP:@xpsp2res.dll,-22009
"17777:TCP"= 17777:TCP:@xpsp2res.dll,-22009
"41841:TCP"= 41841:TCP:@xpsp2res.dll,-22009
"30577:TCP"= 30577:TCP:@xpsp2res.dll,-22009
"34929:TCP"= 34929:TCP:@xpsp2res.dll,-22009
"62834:TCP"= 62834:TCP:@xpsp2res.dll,-22009
"60786:TCP"= 60786:TCP:@xpsp2res.dll,-22009
"1905:TCP"= 1905:TCP:@xpsp2res.dll,-22009
"52593:TCP"= 52593:TCP:@xpsp2res.dll,-22009
"2930:TCP"= 2930:TCP:@xpsp2res.dll,-22009
"8306:TCP"= 8306:TCP:@xpsp2res.dll,-22009
"43889:TCP"= 43889:TCP:@xpsp2res.dll,-22009
"5489:TCP"= 5489:TCP:@xpsp2res.dll,-22009
"14705:TCP"= 14705:TCP:@xpsp2res.dll,-22009
"43377:TCP"= 43377:TCP:@xpsp2res.dll,-22009
"60273:TCP"= 60273:TCP:@xpsp2res.dll,-22009
"12657:TCP"= 12657:TCP:@xpsp2res.dll,-22009
"10865:TCP"= 10865:TCP:@xpsp2res.dll,-22009
"3698:TCP"= 3698:TCP:@xpsp2res.dll,-22009
"41329:TCP"= 41329:TCP:@xpsp2res.dll,-22009
"8049:TCP"= 8049:TCP:@xpsp2res.dll,-22009
"60017:TCP"= 60017:TCP:@xpsp2res.dll,-22009
"14450:TCP"= 14450:TCP:@xpsp2res.dll,-22009
"64369:TCP"= 64369:TCP:@xpsp2res.dll,-22009
"7025:TCP"= 7025:TCP:@xpsp2res.dll,-22009
"6513:TCP"= 6513:TCP:@xpsp2res.dll,-22009
"40817:TCP"= 40817:TCP:@xpsp2res.dll,-22009
"50546:TCP"= 50546:TCP:@xpsp2res.dll,-22009
"23410:TCP"= 23410:TCP:@xpsp2res.dll,-22009
"20594:TCP"= 20594:TCP:@xpsp2res.dll,-22009
"50033:TCP"= 50033:TCP:@xpsp2res.dll,-22009
"6257:TCP"= 6257:TCP:@xpsp2res.dll,-22009
"14961:TCP"= 14961:TCP:@xpsp2res.dll,-22009
"2417:TCP"= 2417:TCP:@xpsp2res.dll,-22009
"27761:TCP"= 27761:TCP:@xpsp2res.dll,-22009
"57714:TCP"= 57714:TCP:@xpsp2res.dll,-22009
"13681:TCP"= 13681:TCP:@xpsp2res.dll,-22009
"29553:TCP"= 29553:TCP:@xpsp2res.dll,-22009
"45937:TCP"= 45937:TCP:@xpsp2res.dll,-22009
"15985:TCP"= 15985:TCP:@xpsp2res.dll,-22009
"12913:TCP"= 12913:TCP:@xpsp2res.dll,-22009
"11122:TCP"= 11122:TCP:@xpsp2res.dll,-22009
"51057:TCP"= 51057:TCP:@xpsp2res.dll,-22009
"15473:TCP"= 15473:TCP:@xpsp2res.dll,-22009
"5234:TCP"= 5234:TCP:@xpsp2res.dll,-22009
"33650:TCP"= 33650:TCP:@xpsp2res.dll,-22009
"52849:TCP"= 52849:TCP:@xpsp2res.dll,-22009
"47729:TCP"= 47729:TCP:@xpsp2res.dll,-22009
"56177:TCP"= 56177:TCP:@xpsp2res.dll,-22009
"1137:TCP"= 1137:TCP:@xpsp2res.dll,-22009
"42609:TCP"= 42609:TCP:@xpsp2res.dll,-22009
"38769:TCP"= 38769:TCP:@xpsp2res.dll,-22009
"33649:TCP"= 33649:TCP:@xpsp2res.dll,-22009
"61809:TCP"= 61809:TCP:@xpsp2res.dll,-22009
"38513:TCP"= 38513:TCP:@xpsp2res.dll,-22009
"65137:TCP"= 65137:TCP:@xpsp2res.dll,-22009
"57713:TCP"= 57713:TCP:@xpsp2res.dll,-22009
"28017:TCP"= 28017:TCP:@xpsp2res.dll,-22009
"14449:TCP"= 14449:TCP:@xpsp2res.dll,-22009
"113:TCP"= 113:TCP:@xpsp2res.dll,-22009
"50801:TCP"= 50801:TCP:@xpsp2res.dll,-22009
"44145:TCP"= 44145:TCP:@xpsp2res.dll,-22009
"882:TCP"= 882:TCP:@xpsp2res.dll,-22009
"20593:TCP"= 20593:TCP:@xpsp2res.dll,-22009
"33394:TCP"= 33394:TCP:@xpsp2res.dll,-22009
"52850:TCP"= 52850:TCP:@xpsp2res.dll,-22009
"40306:TCP"= 40306:TCP:@xpsp2res.dll,-22009
"55153:TCP"= 55153:TCP:@xpsp2res.dll,-22009
"22642:TCP"= 22642:TCP:@xpsp2res.dll,-22009
"51313:TCP"= 51313:TCP:@xpsp2res.dll,-22009
"22641:TCP"= 22641:TCP:@xpsp2res.dll,-22009
"55410:TCP"= 55410:TCP:@xpsp2res.dll,-22009
"64625:TCP"= 64625:TCP:@xpsp2res.dll,-22009
"15217:TCP"= 15217:TCP:@xpsp2res.dll,-22009
"46193:TCP"= 46193:TCP:@xpsp2res.dll,-22009
"23666:TCP"= 23666:TCP:@xpsp2res.dll,-22009
"64113:TCP"= 64113:TCP:@xpsp2res.dll,-22009
"65394:TCP"= 65394:TCP:@xpsp2res.dll,-22009
"32626:TCP"= 32626:TCP:@xpsp2res.dll,-22009
"8305:TCP"= 8305:TCP:@xpsp2res.dll,-22009
"6514:TCP"= 6514:TCP:@xpsp2res.dll,-22009
"25202:TCP"= 25202:TCP:@xpsp2res.dll,-22009
"41073:TCP"= 41073:TCP:@xpsp2res.dll,-22009
"31602:TCP"= 31602:TCP:@xpsp2res.dll,-22009
"10610:TCP"= 10610:TCP:@xpsp2res.dll,-22009
"58738:TCP"= 58738:TCP:@xpsp2res.dll,-22009
"35185:TCP"= 35185:TCP:@xpsp2res.dll,-22009
"29042:TCP"= 29042:TCP:@xpsp2res.dll,-22009
"58482:TCP"= 58482:TCP:@xpsp2res.dll,-22009
"13425:TCP"= 13425:TCP:@xpsp2res.dll,-22009
"19057:TCP"= 19057:TCP:@xpsp2res.dll,-22009
"25714:TCP"= 25714:TCP:@xpsp2res.dll,-22009
"6001:TCP"= 6001:TCP:@xpsp2res.dll,-22009
"63602:TCP"= 63602:TCP:@xpsp2res.dll,-22009
"56690:TCP"= 56690:TCP:@xpsp2res.dll,-22009
"24946:TCP"= 24946:TCP:@xpsp2res.dll,-22009
"30321:TCP"= 30321:TCP:@xpsp2res.dll,-22009
"23153:TCP"= 23153:TCP:@xpsp2res.dll,-22009
"3442:TCP"= 3442:TCP:@xpsp2res.dll,-22009
"55665:TCP"= 55665:TCP:@xpsp2res.dll,-22009
"7281:TCP"= 7281:TCP:@xpsp2res.dll,-22009
"26994:TCP"= 26994:TCP:@xpsp2res.dll,-22009
"27250:TCP"= 27250:TCP:@xpsp2res.dll,-22009
"8050:TCP"= 8050:TCP:@xpsp2res.dll,-22009
"36465:TCP"= 36465:TCP:@xpsp2res.dll,-22009
"54130:TCP"= 54130:TCP:@xpsp2res.dll,-22009
"21873:TCP"= 21873:TCP:@xpsp2res.dll,-22009
"11889:TCP"= 11889:TCP:@xpsp2res.dll,-22009

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-02-05 325128]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-02-05 107272]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-02-05 298264]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder

2009-02-14 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 09:09]
.
- - - - ORPHANS REMOVED - - - -

BHO-{594E7FF5-9484-46CD-824A-A2362BCF826C} - (no file)


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Search - ?p=ZKxdm016YYHR
IE: Add to Evernote - c:\program files\Evernote\Evernote3\enbar.dll/2000
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {33331111-1111-1111-1111-622221193458} - file://c:\ex.cab
DPF: {64311111-1111-1121-1111-111191113457} - file://c:\eied_s7.cab
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2009-02-14 16:46:11
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\ccEvtMgr]
"ImagePath"="-"

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SAVRT]
"ImagePath"="-"

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SNDSrvc]
"ImagePath"="-"
.
Completion time: 2009-02-14 16:47:50
ComboFix-quarantined-files.txt 2009-02-14 15:47:48
ComboFix2.txt 2009-02-13 23:19:30
ComboFix3.txt 2009-02-12 21:41:13
ComboFix4.txt 2009-02-12 20:59:11
ComboFix5.txt 2009-02-14 15:44:01

Pre-Run: 1.235.673.088 bytes free
Post-Run: 1,251,102,720 bytes free

615 --- E O F --- 2008-12-31 05:09:50

offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

Norton je jos uvek vidljiv u logovima.
Jesi li pokrenuo onaj Norton Removal Tool sa linka koji sam ti dao u prethodnoj poruci?

offline
  • vr7600 
  • Novi MyCity građanin
  • Pridružio: 25 Jan 2008
  • Poruke: 26

Bog!
Jesam.

offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

Nije mi jasno, jos uvek se vide Nortonovi servisi u logu.
Da nisi kojim slucajem prvo napravio log a tek posle ocistio Nortonove ostatke?

Ostavi mi jedan dan, da se raspitam o nekim detaljima.
Ja ne vidim vise nista maliciozno na tvom sistemu, ali ima par neobicnih detalja. Zeleo bih da probam da nadjem koji program je napravio ta podesavanja na sistemu.

Javljam se, nadam se, sutra sa dovoljno informacija da bih mogao da zakljucim da li je sve na svom mestu ili treba jos nesto da se sredjuje.

offline
  • vr7600 
  • Novi MyCity građanin
  • Pridružio: 25 Jan 2008
  • Poruke: 26

Nisam. Napravio sam kako si rekao.
BTW Gore si rekao da dopustim ComboFixu da instalira RECOVERY CONSOLE, ali mi nikada nije tražio dopuštenje za to i koliko vidim iz dnevnika, RC nije instaliran.

Napravio sam još jednom deinstalaciju NA i skeniranje sa ComboFixom, pa ti prilažem dnevnički zapis:

PS
Samo bez žurbe! Hvala ti na pomoći!

ComboFix 09-02-11.02 - Bella 2009-02-14 21:21:08.8 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1250.385.1033.18.759.485 [GMT 1:00]
Running from: c:\documents and settings\Bella\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated)

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2009-01-14 to 2009-02-14 )))))))))))))))))))))))))))))))
.

2009-02-09 18:34 . 2009-02-09 18:35 <DIR> d-------- c:\documents and settings\Borko\Application Data\vlc
2009-02-09 18:33 . 2009-02-09 18:33 <DIR> d-------- c:\program files\VideoLAN
2009-02-05 21:24 . 2009-02-08 14:11 <DIR> d-------- c:\documents and settings\Borko\Application Data\AVGTOOLBAR
2009-02-05 10:15 . 2009-02-14 12:28 <DIR> d--h----- C:\$AVG8.VAULT$
2009-02-05 10:14 . 2009-02-14 17:12 <DIR> d-------- c:\windows\system32\drivers\Avg
2009-02-05 10:14 . 2009-02-05 10:14 <DIR> d-------- c:\program files\AVG
2009-02-05 10:14 . 2009-02-05 12:25 <DIR> d-------- c:\documents and settings\Bella\Application Data\AVGTOOLBAR
2009-02-05 10:14 . 2009-02-12 13:43 <DIR> d-------- c:\documents and settings\All Users\Application Data\avg8
2009-02-05 10:14 . 2009-02-05 10:14 325,128 --a------ c:\windows\system32\drivers\avgldx86.sys
2009-02-05 10:14 . 2009-02-05 10:14 107,272 --a------ c:\windows\system32\drivers\avgtdix.sys
2009-02-05 10:14 . 2009-02-05 10:14 10,520 --a------ c:\windows\system32\avgrsstx.dll
2009-01-24 23:58 . 2009-02-14 18:07 54,156 --ah----- c:\windows\QTFont.qfn
2009-01-24 23:58 . 2009-01-24 23:58 1,409 --a------ c:\windows\QTFont.for
2009-01-24 17:45 . 2009-01-24 17:45 <DIR> d-------- c:\program files\Evernote
2009-01-20 00:04 . 2009-01-20 00:04 <DIR> d-------- c:\program files\PlayPianoTODAY
2009-01-15 01:00 . 2009-02-05 10:02 <DIR> d-------- c:\documents and settings\All Users\Application Data\Norton
2009-01-15 00:59 . 2009-01-15 00:59 <DIR> d-------- c:\documents and settings\All Users\Application Data\NortonInstaller
2009-01-14 14:14 . 2009-01-14 14:14 50 --a------ c:\windows\WININIT.INI

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-14 19:58 --------- d-----w c:\program files\Flock
2009-02-11 11:34 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-02-09 15:25 --------- d-----w c:\program files\NCH Swift Sound
2009-02-09 15:21 --------- d-----w c:\program files\DivX
2009-02-08 00:50 4,984,707 ----a-w c:\windows\java\Packages\JTN7ZZLR.ZIP
2009-02-08 00:50 4,254,611 ----a-w c:\windows\java\Packages\LJ793LZF.ZIP
2009-01-24 16:45 --------- d--h--w c:\program files\InstallShield Installation Information
2009-01-23 22:48 --------- d-----w c:\documents and settings\Borko\Application Data\Winamp
2009-01-19 23:03 737,280 -c--a-w c:\windows\iun6002.exe
2009-01-18 15:45 1,033,728 ----a-w c:\windows\explorer.exe
2009-01-05 12:12 --------- d-----w c:\documents and settings\All Users\Application Data\NCH Swift Sound
2009-01-05 11:55 --------- d-----w c:\documents and settings\Borko\Application Data\NCH Swift Sound
2008-12-30 22:32 --------- d-----w c:\documents and settings\Bella\Application Data\Winamp
2008-12-30 21:57 --------- d-----w c:\program files\Winamp
2008-12-30 21:56 --------- d-----w c:\program files\Windows Media Connect 2
2008-12-23 09:27 --------- d-----w c:\program files\Spybot - Search & Destroy
2008-12-23 07:59 --------- d-----w c:\documents and settings\All Users\Application Data\ESET
2008-12-22 16:03 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2008-11-28 23:06 355,584 ----a-w c:\windows\system32\TuneUpDefragService.exe
2007-01-04 16:51 604 -c-ha-w c:\program files\STLL Notifier
.

((((((((((((((((((((((((((((( SnapShot@2009-02-12_13.44.46.09 )))))))))))))))))))))))))))))))))))))))))
.
+ 2005-10-20 19:02:28 163,328 ----a-w c:\windows\ERDNT\subs\ERDNT.EXE
+ 2008-10-05 03:16:26 235,936 ----a-r c:\windows\system32\Macromed\Flash\FlashUtil10a.exe
- 2007-10-30 14:32:01 48,749 ----a-w c:\windows\system32\Macromed\Flash\uninstall_activeX.exe
+ 2009-02-14 17:02:25 88,590 ----a-w c:\windows\system32\Macromed\Flash\uninstall_activeX.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-11-14 815104]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-10-19 177456]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-02-05 1601304]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-09-01 282624]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-02-05 10:14 10520 c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.AP41"= APmpg4v1.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^GStartup.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\GStartup.lnk
backup=c:\windows\pss\GStartup.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
backup=c:\windows\pss\WinZip Quick Pick.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
--a------ 2008-04-14 01:12 15360 c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
--a------ 2007-06-19 16:26 84760 c:\windows\system32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
--a------ 2007-06-19 16:26 84760 c:\windows\system32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
--a------ 2007-06-19 16:26 125720 c:\windows\system32\igfxpers.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
--a------ 2007-06-19 16:26 101144 c:\windows\system32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--a------ 2008-04-14 01:12 1695232 c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBJ]
-----c--- 2005-02-10 16:00 1937408 c:\program files\Ahead\Nero BackItUp\NBJ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a--c--- 2001-07-09 09:50 155648 c:\windows\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OM2_Monitor]
--a------ 2007-02-08 19:43 95800 c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
--a------ 2007-06-19 16:26 125720 c:\windows\system32\igfxpers.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2006-09-01 14:57 282624 c:\program files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
--a--c--- 2004-11-02 19:24 32768 c:\program files\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMax]
--a------ 2004-09-23 12:41 860160 c:\program files\Analog Devices\SoundMAX\SMax4.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
--a------ 2004-10-14 09:11 1388544 c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
--a------ 2006-11-14 16:02 815104 c:\program files\Synaptics\SynTP\SynTPEnh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPLpr]
--a------ 2004-11-04 17:40 98394 c:\program files\Synaptics\SynTP\SynTPLpr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
-ra--c--- 2004-11-22 07:18 307200 c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
--a--c--- 2004-08-24 10:20 88363 c:\windows\AGRSMMSG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\SoulseekNS\\slsk.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\explorer.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"15281:TCP"= 15281:TCP:NortonAV
"12085:TCP"= 12085:TCP:NortonAV
"16057:TCP"= 16057:TCP:NortonAV
"48205:TCP"= 48205:TCP:@xpsp2res.dll,-22009
"80:TCP"= 80:TCP:@xpsp2res.dll,-22009
"1867:TCP"= 1867:TCP:@xpsp2res.dll,-22009
"63041:TCP"= 63041:TCP:@xpsp2res.dll,-22009
"40529:TCP"= 40529:TCP:@xpsp2res.dll,-22009
"5194:TCP"= 5194:TCP:@xpsp2res.dll,-22009
"32065:TCP"= 32065:TCP:@xpsp2res.dll,-22009
"42305:TCP"= 42305:TCP:@xpsp2res.dll,-22009
"53827:TCP"= 53827:TCP:@xpsp2res.dll,-22009
"22353:TCP"= 22353:TCP:@xpsp2res.dll,-22009
"34371:TCP"= 34371:TCP:@xpsp2res.dll,-22009
"2129:TCP"= 2129:TCP:@xpsp2res.dll,-22009
"3665:TCP"= 3665:TCP:@xpsp2res.dll,-22009
"58177:TCP"= 58177:TCP:@xpsp2res.dll,-22009
"23117:TCP"= 23117:TCP:@xpsp2res.dll,-22009
"39233:TCP"= 39233:TCP:@xpsp2res.dll,-22009
"42563:TCP"= 42563:TCP:@xpsp2res.dll,-22009
"54353:TCP"= 54353:TCP:@xpsp2res.dll,-22009
"43597:TCP"= 43597:TCP:@xpsp2res.dll,-22009
"20035:TCP"= 20035:TCP:@xpsp2res.dll,-22009
"11587:TCP"= 11587:TCP:@xpsp2res.dll,-22009
"50243:TCP"= 50243:TCP:@xpsp2res.dll,-22009
"36675:TCP"= 36675:TCP:@xpsp2res.dll,-22009
"18243:TCP"= 18243:TCP:@xpsp2res.dll,-22009
"64587:TCP"= 64587:TCP:@xpsp2res.dll,-22009
"47691:TCP"= 47691:TCP:@xpsp2res.dll,-22009
"30032:TCP"= 30032:TCP:@xpsp2res.dll,-22009
"37441:TCP"= 37441:TCP:@xpsp2res.dll,-22009
"11075:TCP"= 11075:TCP:@xpsp2res.dll,-22009
"32080:TCP"= 32080:TCP:@xpsp2res.dll,-22009
"35403:TCP"= 35403:TCP:@xpsp2res.dll,-22009
"52299:TCP"= 52299:TCP:@xpsp2res.dll,-22009
"56387:TCP"= 56387:TCP:@xpsp2res.dll,-22009
"27201:TCP"= 27201:TCP:@xpsp2res.dll,-22009
"46913:TCP"= 46913:TCP:@xpsp2res.dll,-22009
"52305:TCP"= 52305:TCP:@xpsp2res.dll,-22009
"21325:TCP"= 21325:TCP:@xpsp2res.dll,-22009
"53585:TCP"= 53585:TCP:@xpsp2res.dll,-22009
"45137:TCP"= 45137:TCP:@xpsp2res.dll,-22009
"50763:TCP"= 50763:TCP:@xpsp2res.dll,-22009
"10570:TCP"= 10570:TCP:@xpsp2res.dll,-22009
"26691:TCP"= 26691:TCP:@xpsp2res.dll,-22009
"2897:TCP"= 2897:TCP:@xpsp2res.dll,-22009
"64321:TCP"= 64321:TCP:@xpsp2res.dll,-22009
"30797:TCP"= 30797:TCP:@xpsp2res.dll,-22009
"34881:TCP"= 34881:TCP:@xpsp2res.dll,-22009
"39501:TCP"= 39501:TCP:@xpsp2res.dll,-22009
"11601:TCP"= 11601:TCP:@xpsp2res.dll,-22009
"21059:TCP"= 21059:TCP:@xpsp2res.dll,-22009
"28749:TCP"= 28749:TCP:@xpsp2res.dll,-22009
"2893:TCP"= 2893:TCP:@xpsp2res.dll,-22009
"12109:TCP"= 12109:TCP:@xpsp2res.dll,-22009
"55121:TCP"= 55121:TCP:@xpsp2res.dll,-22009
"24141:TCP"= 24141:TCP:@xpsp2res.dll,-22009
"48193:TCP"= 48193:TCP:@xpsp2res.dll,-22009
"5187:TCP"= 5187:TCP:@xpsp2res.dll,-22009
"47681:TCP"= 47681:TCP:@xpsp2res.dll,-22009
"25933:TCP"= 25933:TCP:@xpsp2res.dll,-22009
"833:TCP"= 833:TCP:@xpsp2res.dll,-22009
"41549:TCP"= 41549:TCP:@xpsp2res.dll,-22009
"36939:TCP"= 36939:TCP:@xpsp2res.dll,-22009
"35153:TCP"= 35153:TCP:@xpsp2res.dll,-22009
"23361:TCP"= 23361:TCP:@xpsp2res.dll,-22009
"12625:TCP"= 12625:TCP:@xpsp2res.dll,-22009
"1611:TCP"= 1611:TCP:@xpsp2res.dll,-22009
"7501:TCP"= 7501:TCP:@xpsp2res.dll,-22009
"4683:TCP"= 4683:TCP:@xpsp2res.dll,-22009
"38721:TCP"= 38721:TCP:@xpsp2res.dll,-22009
"10317:TCP"= 10317:TCP:@xpsp2res.dll,-22009
"22097:TCP"= 22097:TCP:@xpsp2res.dll,-22009
"47683:TCP"= 47683:TCP:@xpsp2res.dll,-22009
"31040:TCP"= 31040:TCP:@xpsp2res.dll,-22009
"48707:TCP"= 48707:TCP:@xpsp2res.dll,-22009
"6721:TCP"= 6721:TCP:@xpsp2res.dll,-22009
"9035:TCP"= 9035:TCP:@xpsp2res.dll,-22009
"10305:TCP"= 10305:TCP:@xpsp2res.dll,-22009
"13123:TCP"= 13123:TCP:@xpsp2res.dll,-22009
"10577:TCP"= 10577:TCP:@xpsp2res.dll,-22009
"47947:TCP"= 47947:TCP:@xpsp2res.dll,-22009
"37185:TCP"= 37185:TCP:@xpsp2res.dll,-22009
"47435:TCP"= 47435:TCP:@xpsp2res.dll,-22009
"19521:TCP"= 19521:TCP:@xpsp2res.dll,-22009
"2123:TCP"= 2123:TCP:@xpsp2res.dll,-22009
"43329:TCP"= 43329:TCP:@xpsp2res.dll,-22009
"321:TCP"= 321:TCP:@xpsp2res.dll,-22009
"2381:TCP"= 2381:TCP:@xpsp2res.dll,-22009
"41547:TCP"= 41547:TCP:@xpsp2res.dll,-22009
"19777:TCP"= 19777:TCP:@xpsp2res.dll,-22009
"10561:TCP"= 10561:TCP:@xpsp2res.dll,-22009
"1857:TCP"= 1857:TCP:@xpsp2res.dll,-22009
"19025:TCP"= 19025:TCP:@xpsp2res.dll,-22009
"4163:TCP"= 4163:TCP:@xpsp2res.dll,-22009
"57409:TCP"= 57409:TCP:@xpsp2res.dll,-22009
"10065:TCP"= 10065:TCP:@xpsp2res.dll,-22009
"46401:TCP"= 46401:TCP:@xpsp2res.dll,-22009
"6481:TCP"= 6481:TCP:@xpsp2res.dll,-22009
"44875:TCP"= 44875:TCP:@xpsp2res.dll,-22009
"44609:TCP"= 44609:TCP:@xpsp2res.dll,-22009
"51277:TCP"= 51277:TCP:@xpsp2res.dll,-22009
"33345:TCP"= 33345:TCP:@xpsp2res.dll,-22009
"58445:TCP"= 58445:TCP:@xpsp2res.dll,-22009
"62029:TCP"= 62029:TCP:@xpsp2res.dll,-22009
"59469:TCP"= 59469:TCP:@xpsp2res.dll,-22009
"27467:TCP"= 27467:TCP:@xpsp2res.dll,-22009
"22347:TCP"= 22347:TCP:@xpsp2res.dll,-22009
"31307:TCP"= 31307:TCP:@xpsp2res.dll,-22009
"62785:TCP"= 62785:TCP:@xpsp2res.dll,-22009
"5969:TCP"= 5969:TCP:@xpsp2res.dll,-22009
"61773:TCP"= 61773:TCP:@xpsp2res.dll,-22009
"37187:TCP"= 37187:TCP:@xpsp2res.dll,-22009
"33873:TCP"= 33873:TCP:@xpsp2res.dll,-22009
"49997:TCP"= 49997:TCP:@xpsp2res.dll,-22009
"43339:TCP"= 43339:TCP:@xpsp2res.dll,-22009
"36941:TCP"= 36941:TCP:@xpsp2res.dll,-22009
"10817:TCP"= 10817:TCP:@xpsp2res.dll,-22009
"12619:TCP"= 12619:TCP:@xpsp2res.dll,-22009
"37699:TCP"= 37699:TCP:@xpsp2res.dll,-22009
"31553:TCP"= 31553:TCP:@xpsp2res.dll,-22009
"46657:TCP"= 46657:TCP:@xpsp2res.dll,-22009
"37707:TCP"= 37707:TCP:@xpsp2res.dll,-22009
"49731:TCP"= 49731:TCP:@xpsp2res.dll,-22009
"12867:TCP"= 12867:TCP:@xpsp2res.dll,-22009
"12609:TCP"= 12609:TCP:@xpsp2res.dll,-22009
"21329:TCP"= 21329:TCP:@xpsp2res.dll,-22009
"31299:TCP"= 31299:TCP:@xpsp2res.dll,-22009
"31825:TCP"= 31825:TCP:@xpsp2res.dll,-22009
"40013:TCP"= 40013:TCP:@xpsp2res.dll,-22009
"61521:TCP"= 61521:TCP:@xpsp2res.dll,-22009
"29251:TCP"= 29251:TCP:@xpsp2res.dll,-22009
"55105:TCP"= 55105:TCP:@xpsp2res.dll,-22009
"61777:TCP"= 61777:TCP:@xpsp2res.dll,-22009
"11341:TCP"= 11341:TCP:@xpsp2res.dll,-22009
"2369:TCP"= 2369:TCP:@xpsp2res.dll,-22009
"38737:TCP"= 38737:TCP:@xpsp2res.dll,-22009
"12353:TCP"= 12353:TCP:@xpsp2res.dll,-22009
"6465:TCP"= 6465:TCP:@xpsp2res.dll,-22009
"40785:TCP"= 40785:TCP:@xpsp2res.dll,-22009
"22093:TCP"= 22093:TCP:@xpsp2res.dll,-22009
"57675:TCP"= 57675:TCP:@xpsp2res.dll,-22009
"19284:TCP"= 19284:TCP:@xpsp2res.dll,-22009
"45139:TCP"= 45139:TCP:@xpsp2res.dll,-22009
"48709:TCP"= 48709:TCP:@xpsp2res.dll,-22009
"17477:TCP"= 17477:TCP:@xpsp2res.dll,-22009
"46405:TCP"= 46405:TCP:@xpsp2res.dll,-22009
"20805:TCP"= 20805:TCP:@xpsp2res.dll,-22009
"34132:TCP"= 34132:TCP:@xpsp2res.dll,-22009
"7251:TCP"= 7251:TCP:@xpsp2res.dll,-22009
"21587:TCP"= 21587:TCP:@xpsp2res.dll,-22009
"48197:TCP"= 48197:TCP:@xpsp2res.dll,-22009
"41043:TCP"= 41043:TCP:@xpsp2res.dll,-22009
"60741:TCP"= 60741:TCP:@xpsp2res.dll,-22009
"59717:TCP"= 59717:TCP:@xpsp2res.dll,-22009
"22867:TCP"= 22867:TCP:@xpsp2res.dll,-22009
"11589:TCP"= 11589:TCP:@xpsp2res.dll,-22009
"61523:TCP"= 61523:TCP:@xpsp2res.dll,-22009
"34131:TCP"= 34131:TCP:@xpsp2res.dll,-22009
"56403:TCP"= 56403:TCP:@xpsp2res.dll,-22009
"52820:TCP"= 52820:TCP:@xpsp2res.dll,-22009
"62548:TCP"= 62548:TCP:@xpsp2res.dll,-22009
"2387:TCP"= 2387:TCP:@xpsp2res.dll,-22009
"4435:TCP"= 4435:TCP:@xpsp2res.dll,-22009
"15187:TCP"= 15187:TCP:@xpsp2res.dll,-22009
"32084:TCP"= 32084:TCP:@xpsp2res.dll,-22009
"52563:TCP"= 52563:TCP:@xpsp2res.dll,-22009
"38227:TCP"= 38227:TCP:@xpsp2res.dll,-22009
"60499:TCP"= 60499:TCP:@xpsp2res.dll,-22009
"5460:TCP"= 5460:TCP:@xpsp2res.dll,-22009
"32595:TCP"= 32595:TCP:@xpsp2res.dll,-22009
"25940:TCP"= 25940:TCP:@xpsp2res.dll,-22009
"18245:TCP"= 18245:TCP:@xpsp2res.dll,-22009
"50004:TCP"= 50004:TCP:@xpsp2res.dll,-22009
"61779:TCP"= 61779:TCP:@xpsp2res.dll,-22009
"52564:TCP"= 52564:TCP:@xpsp2res.dll,-22009
"2629:TCP"= 2629:TCP:@xpsp2res.dll,-22009
"57428:TCP"= 57428:TCP:@xpsp2res.dll,-22009
"44627:TCP"= 44627:TCP:@xpsp2res.dll,-22009
"54867:TCP"= 54867:TCP:@xpsp2res.dll,-22009
"6995:TCP"= 6995:TCP:@xpsp2res.dll,-22009
"63571:TCP"= 63571:TCP:@xpsp2res.dll,-22009
"24404:TCP"= 24404:TCP:@xpsp2res.dll,-22009
"47697:TCP"= 47697:TCP:@xpsp2res.dll,-22009
"45899:TCP"= 45899:TCP:@xpsp2res.dll,-22009
"18241:TCP"= 18241:TCP:@xpsp2res.dll,-22009
"44867:TCP"= 44867:TCP:@xpsp2res.dll,-22009
"26961:TCP"= 26961:TCP:@xpsp2res.dll,-22009
"34113:TCP"= 34113:TCP:@xpsp2res.dll,-22009
"23363:TCP"= 23363:TCP:@xpsp2res.dll,-22009
"57681:TCP"= 57681:TCP:@xpsp2res.dll,-22009
"30033:TCP"= 30033:TCP:@xpsp2res.dll,-22009
"55633:TCP"= 55633:TCP:@xpsp2res.dll,-22009
"23115:TCP"= 23115:TCP:@xpsp2res.dll,-22009
"9027:TCP"= 9027:TCP:@xpsp2res.dll,-22009
"33105:TCP"= 33105:TCP:@xpsp2res.dll,-22009
"10829:TCP"= 10829:TCP:@xpsp2res.dll,-22009
"39747:TCP"= 39747:TCP:@xpsp2res.dll,-22009
"75:TCP"= 75:TCP:@xpsp2res.dll,-22009
"33355:TCP"= 33355:TCP:@xpsp2res.dll,-22009
"31555:TCP"= 31555:TCP:@xpsp2res.dll,-22009
"53835:TCP"= 53835:TCP:@xpsp2res.dll,-22009
"56139:TCP"= 56139:TCP:@xpsp2res.dll,-22009
"25675:TCP"= 25675:TCP:@xpsp2res.dll,-22009
"52801:TCP"= 52801:TCP:@xpsp2res.dll,-22009
"38225:TCP"= 38225:TCP:@xpsp2res.dll,-22009
"55107:TCP"= 55107:TCP:@xpsp2res.dll,-22009
"42315:TCP"= 42315:TCP:@xpsp2res.dll,-22009
"35405:TCP"= 35405:TCP:@xpsp2res.dll,-22009
"10819:TCP"= 10819:TCP:@xpsp2res.dll,-22009
"57677:TCP"= 57677:TCP:@xpsp2res.dll,-22009
"33613:TCP"= 33613:TCP:@xpsp2res.dll,-22009
"65357:TCP"= 65357:TCP:@xpsp2res.dll,-22009
"65355:TCP"= 65355:TCP:@xpsp2res.dll,-22009
"3139:TCP"= 3139:TCP:@xpsp2res.dll,-22009
"10827:TCP"= 10827:TCP:@xpsp2res.dll,-22009
"20299:TCP"= 20299:TCP:@xpsp2res.dll,-22009
"2627:TCP"= 2627:TCP:@xpsp2res.dll,-22009
"61249:TCP"= 61249:TCP:@xpsp2res.dll,-22009
"41537:TCP"= 41537:TCP:@xpsp2res.dll,-22009
"43075:TCP"= 43075:TCP:@xpsp2res.dll,-22009
"46411:TCP"= 46411:TCP:@xpsp2res.dll,-22009
"35659:TCP"= 35659:TCP:@xpsp2res.dll,-22009
"31297:TCP"= 31297:TCP:@xpsp2res.dll,-22009
"30017:TCP"= 30017:TCP:@xpsp2res.dll,-22009
"11851:TCP"= 11851:TCP:@xpsp2res.dll,-22009
"52803:TCP"= 52803:TCP:@xpsp2res.dll,-22009
"6219:TCP"= 6219:TCP:@xpsp2res.dll,-22009
"43853:TCP"= 43853:TCP:@xpsp2res.dll,-22009
"19779:TCP"= 19779:TCP:@xpsp2res.dll,-22009
"54083:TCP"= 54083:TCP:@xpsp2res.dll,-22009
"6477:TCP"= 6477:TCP:@xpsp2res.dll,-22009
"46161:TCP"= 46161:TCP:@xpsp2res.dll,-22009
"59201:TCP"= 59201:TCP:@xpsp2res.dll,-22009
"50513:TCP"= 50513:TCP:@xpsp2res.dll,-22009
"25923:TCP"= 25923:TCP:@xpsp2res.dll,-22009
"11597:TCP"= 11597:TCP:@xpsp2res.dll,-22009
"46669:TCP"= 46669:TCP:@xpsp2res.dll,-22009
"38221:TCP"= 38221:TCP:@xpsp2res.dll,-22009
"24643:TCP"= 24643:TCP:@xpsp2res.dll,-22009
"29515:TCP"= 29515:TCP:@xpsp2res.dll,-22009
"63057:TCP"= 63057:TCP:@xpsp2res.dll,-22009
"3403:TCP"= 3403:TCP:@xpsp2res.dll,-22009
"33611:TCP"= 33611:TCP:@xpsp2res.dll,-22009
"31051:TCP"= 31051:TCP:@xpsp2res.dll,-22009
"27713:TCP"= 27713:TCP:@xpsp2res.dll,-22009
"22609:TCP"= 22609:TCP:@xpsp2res.dll,-22009
"55629:TCP"= 55629:TCP:@xpsp2res.dll,-22009
"10321:TCP"= 10321:TCP:@xpsp2res.dll,-22009
"1613:TCP"= 1613:TCP:@xpsp2res.dll,-22009
"50507:TCP"= 50507:TCP:@xpsp2res.dll,-22009
"47953:TCP"= 47953:TCP:@xpsp2res.dll,-22009
"53313:TCP"= 53313:TCP:@xpsp2res.dll,-22009
"63565:TCP"= 63565:TCP:@xpsp2res.dll,-22009
"25153:TCP"= 25153:TCP:@xpsp2res.dll,-22009
"29763:TCP"= 29763:TCP:@xpsp2res.dll,-22009
"64065:TCP"= 64065:TCP:@xpsp2res.dll,-22009
"32067:TCP"= 32067:TCP:@xpsp2res.dll,-22009
"54097:TCP"= 54097:TCP:@xpsp2res.dll,-22009
"51011:TCP"= 51011:TCP:@xpsp2res.dll,-22009
"57165:TCP"= 57165:TCP:@xpsp2res.dll,-22009
"31041:TCP"= 31041:TCP:@xpsp2res.dll,-22009
"19267:TCP"= 19267:TCP:@xpsp2res.dll,-22009
"59217:TCP"= 59217:TCP:@xpsp2res.dll,-22009
"30529:TCP"= 30529:TCP:@xpsp2res.dll,-22009
"24657:TCP"= 24657:TCP:@xpsp2res.dll,-22009
"30273:TCP"= 30273:TCP:@xpsp2res.dll,-22009
"60235:TCP"= 60235:TCP:@xpsp2res.dll,-22009
"28227:TCP"= 28227:TCP:@xpsp2res.dll,-22009
"14915:TCP"= 14915:TCP:@xpsp2res.dll,-22009
"17997:TCP"= 17997:TCP:@xpsp2res.dll,-22009
"49229:TCP"= 49229:TCP:@xpsp2res.dll,-22009
"28491:TCP"= 28491:TCP:@xpsp2res.dll,-22009
"64075:TCP"= 64075:TCP:@xpsp2res.dll,-22009
"61251:TCP"= 61251:TCP:@xpsp2res.dll,-22009
"23105:TCP"= 23105:TCP:@xpsp2res.dll,-22009
"12365:TCP"= 12365:TCP:@xpsp2res.dll,-22009
"29507:TCP"= 29507:TCP:@xpsp2res.dll,-22009
"59211:TCP"= 59211:TCP:@xpsp2res.dll,-22009
"48449:TCP"= 48449:TCP:@xpsp2res.dll,-22009
"5185:TCP"= 5185:TCP:@xpsp2res.dll,-22009
"39491:TCP"= 39491:TCP:@xpsp2res.dll,-22009
"24131:TCP"= 24131:TCP:@xpsp2res.dll,-22009
"33089:TCP"= 33089:TCP:@xpsp2res.dll,-22009
"9281:TCP"= 9281:TCP:@xpsp2res.dll,-22009
"12355:TCP"= 12355:TCP:@xpsp2res.dll,-22009
"42307:TCP"= 42307:TCP:@xpsp2res.dll,-22009
"27469:TCP"= 27469:TCP:@xpsp2res.dll,-22009
"54609:TCP"= 54609:TCP:@xpsp2res.dll,-22009
"52561:TCP"= 52561:TCP:@xpsp2res.dll,-22009
"58961:TCP"= 58961:TCP:@xpsp2res.dll,-22009
"33603:TCP"= 33603:TCP:@xpsp2res.dll,-22009
"40273:TCP"= 40273:TCP:@xpsp2res.dll,-22009
"64577:TCP"= 64577:TCP:@xpsp2res.dll,-22009
"63569:TCP"= 63569:TCP:@xpsp2res.dll,-22009
"15171:TCP"= 15171:TCP:@xpsp2res.dll,-22009
"7745:TCP"= 7745:TCP:@xpsp2res.dll,-22009
"1347:TCP"= 1347:TCP:@xpsp2res.dll,-22009
"62529:TCP"= 62529:TCP:@xpsp2res.dll,-22009
"31811:TCP"= 31811:TCP:@xpsp2res.dll,-22009
"32833:TCP"= 32833:TCP:@xpsp2res.dll,-22009
"33857:TCP"= 33857:TCP:@xpsp2res.dll,-22009
"3907:TCP"= 3907:TCP:@xpsp2res.dll,-22009
"4465:TCP"= 4465:TCP:@xpsp2res.dll,-22009
"35186:TCP"= 35186:TCP:@xpsp2res.dll,-22009
"48753:TCP"= 48753:TCP:@xpsp2res.dll,-22009
"61553:TCP"= 61553:TCP:@xpsp2res.dll,-22009
"16497:TCP"= 16497:TCP:@xpsp2res.dll,-22009
"34161:TCP"= 34161:TCP:@xpsp2res.dll,-22009
"26993:TCP"= 26993:TCP:@xpsp2res.dll,-22009
"46705:TCP"= 46705:TCP:@xpsp2res.dll,-22009
"46449:TCP"= 46449:TCP:@xpsp2res.dll,-22009
"61042:TCP"= 61042:TCP:@xpsp2res.dll,-22009
"28273:TCP"= 28273:TCP:@xpsp2res.dll,-22009
"61297:TCP"= 61297:TCP:@xpsp2res.dll,-22009
"36978:TCP"= 36978:TCP:@xpsp2res.dll,-22009
"11378:TCP"= 11378:TCP:@xpsp2res.dll,-22009
"3185:TCP"= 3185:TCP:@xpsp2res.dll,-22009
"5490:TCP"= 5490:TCP:@xpsp2res.dll,-22009
"11377:TCP"= 11377:TCP:@xpsp2res.dll,-22009
"56689:TCP"= 56689:TCP:@xpsp2res.dll,-22009
"44401:TCP"= 44401:TCP:@xpsp2res.dll,-22009
"21617:TCP"= 21617:TCP:@xpsp2res.dll,-22009
"21361:TCP"= 21361:TCP:@xpsp2res.dll,-22009
"6002:TCP"= 6002:TCP:@xpsp2res.dll,-22009
"53105:TCP"= 53105:TCP:@xpsp2res.dll,-22009
"19825:TCP"= 19825:TCP:@xpsp2res.dll,-22009
"3953:TCP"= 3953:TCP:@xpsp2res.dll,-22009
"26738:TCP"= 26738:TCP:@xpsp2res.dll,-22009
"17777:TCP"= 17777:TCP:@xpsp2res.dll,-22009
"41841:TCP"= 41841:TCP:@xpsp2res.dll,-22009
"30577:TCP"= 30577:TCP:@xpsp2res.dll,-22009
"34929:TCP"= 34929:TCP:@xpsp2res.dll,-22009
"62834:TCP"= 62834:TCP:@xpsp2res.dll,-22009
"60786:TCP"= 60786:TCP:@xpsp2res.dll,-22009
"1905:TCP"= 1905:TCP:@xpsp2res.dll,-22009
"52593:TCP"= 52593:TCP:@xpsp2res.dll,-22009
"2930:TCP"= 2930:TCP:@xpsp2res.dll,-22009
"8306:TCP"= 8306:TCP:@xpsp2res.dll,-22009
"43889:TCP"= 43889:TCP:@xpsp2res.dll,-22009
"5489:TCP"= 5489:TCP:@xpsp2res.dll,-22009
"14705:TCP"= 14705:TCP:@xpsp2res.dll,-22009
"43377:TCP"= 43377:TCP:@xpsp2res.dll,-22009
"60273:TCP"= 60273:TCP:@xpsp2res.dll,-22009
"12657:TCP"= 12657:TCP:@xpsp2res.dll,-22009
"10865:TCP"= 10865:TCP:@xpsp2res.dll,-22009
"3698:TCP"= 3698:TCP:@xpsp2res.dll,-22009
"41329:TCP"= 41329:TCP:@xpsp2res.dll,-22009
"8049:TCP"= 8049:TCP:@xpsp2res.dll,-22009
"60017:TCP"= 60017:TCP:@xpsp2res.dll,-22009
"14450:TCP"= 14450:TCP:@xpsp2res.dll,-22009
"64369:TCP"= 64369:TCP:@xpsp2res.dll,-22009
"7025:TCP"= 7025:TCP:@xpsp2res.dll,-22009
"6513:TCP"= 6513:TCP:@xpsp2res.dll,-22009
"40817:TCP"= 40817:TCP:@xpsp2res.dll,-22009
"50546:TCP"= 50546:TCP:@xpsp2res.dll,-22009
"23410:TCP"= 23410:TCP:@xpsp2res.dll,-22009
"20594:TCP"= 20594:TCP:@xpsp2res.dll,-22009
"50033:TCP"= 50033:TCP:@xpsp2res.dll,-22009
"6257:TCP"= 6257:TCP:@xpsp2res.dll,-22009
"14961:TCP"= 14961:TCP:@xpsp2res.dll,-22009
"2417:TCP"= 2417:TCP:@xpsp2res.dll,-22009
"27761:TCP"= 27761:TCP:@xpsp2res.dll,-22009
"57714:TCP"= 57714:TCP:@xpsp2res.dll,-22009
"13681:TCP"= 13681:TCP:@xpsp2res.dll,-22009
"29553:TCP"= 29553:TCP:@xpsp2res.dll,-22009
"45937:TCP"= 45937:TCP:@xpsp2res.dll,-22009
"15985:TCP"= 15985:TCP:@xpsp2res.dll,-22009
"12913:TCP"= 12913:TCP:@xpsp2res.dll,-22009
"11122:TCP"= 11122:TCP:@xpsp2res.dll,-22009
"51057:TCP"= 51057:TCP:@xpsp2res.dll,-22009
"15473:TCP"= 15473:TCP:@xpsp2res.dll,-22009
"5234:TCP"= 5234:TCP:@xpsp2res.dll,-22009
"33650:TCP"= 33650:TCP:@xpsp2res.dll,-22009
"52849:TCP"= 52849:TCP:@xpsp2res.dll,-22009
"47729:TCP"= 47729:TCP:@xpsp2res.dll,-22009
"56177:TCP"= 56177:TCP:@xpsp2res.dll,-22009
"1137:TCP"= 1137:TCP:@xpsp2res.dll,-22009
"42609:TCP"= 42609:TCP:@xpsp2res.dll,-22009
"38769:TCP"= 38769:TCP:@xpsp2res.dll,-22009
"33649:TCP"= 33649:TCP:@xpsp2res.dll,-22009
"61809:TCP"= 61809:TCP:@xpsp2res.dll,-22009
"38513:TCP"= 38513:TCP:@xpsp2res.dll,-22009
"65137:TCP"= 65137:TCP:@xpsp2res.dll,-22009
"57713:TCP"= 57713:TCP:@xpsp2res.dll,-22009
"28017:TCP"= 28017:TCP:@xpsp2res.dll,-22009
"14449:TCP"= 14449:TCP:@xpsp2res.dll,-22009
"113:TCP"= 113:TCP:@xpsp2res.dll,-22009
"50801:TCP"= 50801:TCP:@xpsp2res.dll,-22009
"44145:TCP"= 44145:TCP:@xpsp2res.dll,-22009
"882:TCP"= 882:TCP:@xpsp2res.dll,-22009
"20593:TCP"= 20593:TCP:@xpsp2res.dll,-22009
"33394:TCP"= 33394:TCP:@xpsp2res.dll,-22009
"52850:TCP"= 52850:TCP:@xpsp2res.dll,-22009
"40306:TCP"= 40306:TCP:@xpsp2res.dll,-22009
"55153:TCP"= 55153:TCP:@xpsp2res.dll,-22009
"22642:TCP"= 22642:TCP:@xpsp2res.dll,-22009
"51313:TCP"= 51313:TCP:@xpsp2res.dll,-22009
"22641:TCP"= 22641:TCP:@xpsp2res.dll,-22009
"55410:TCP"= 55410:TCP:@xpsp2res.dll,-22009
"64625:TCP"= 64625:TCP:@xpsp2res.dll,-22009
"15217:TCP"= 15217:TCP:@xpsp2res.dll,-22009
"46193:TCP"= 46193:TCP:@xpsp2res.dll,-22009
"23666:TCP"= 23666:TCP:@xpsp2res.dll,-22009
"64113:TCP"= 64113:TCP:@xpsp2res.dll,-22009
"65394:TCP"= 65394:TCP:@xpsp2res.dll,-22009
"32626:TCP"= 32626:TCP:@xpsp2res.dll,-22009
"8305:TCP"= 8305:TCP:@xpsp2res.dll,-22009
"6514:TCP"= 6514:TCP:@xpsp2res.dll,-22009
"25202:TCP"= 25202:TCP:@xpsp2res.dll,-22009
"41073:TCP"= 41073:TCP:@xpsp2res.dll,-22009
"31602:TCP"= 31602:TCP:@xpsp2res.dll,-22009
"10610:TCP"= 10610:TCP:@xpsp2res.dll,-22009
"58738:TCP"= 58738:TCP:@xpsp2res.dll,-22009
"35185:TCP"= 35185:TCP:@xpsp2res.dll,-22009
"29042:TCP"= 29042:TCP:@xpsp2res.dll,-22009
"58482:TCP"= 58482:TCP:@xpsp2res.dll,-22009
"13425:TCP"= 13425:TCP:@xpsp2res.dll,-22009
"19057:TCP"= 19057:TCP:@xpsp2res.dll,-22009
"25714:TCP"= 25714:TCP:@xpsp2res.dll,-22009
"6001:TCP"= 6001:TCP:@xpsp2res.dll,-22009
"63602:TCP"= 63602:TCP:@xpsp2res.dll,-22009
"56690:TCP"= 56690:TCP:@xpsp2res.dll,-22009
"24946:TCP"= 24946:TCP:@xpsp2res.dll,-22009
"30321:TCP"= 30321:TCP:@xpsp2res.dll,-22009
"23153:TCP"= 23153:TCP:@xpsp2res.dll,-22009
"3442:TCP"= 3442:TCP:@xpsp2res.dll,-22009
"55665:TCP"= 55665:TCP:@xpsp2res.dll,-22009
"7281:TCP"= 7281:TCP:@xpsp2res.dll,-22009
"26994:TCP"= 26994:TCP:@xpsp2res.dll,-22009
"27250:TCP"= 27250:TCP:@xpsp2res.dll,-22009
"8050:TCP"= 8050:TCP:@xpsp2res.dll,-22009
"36465:TCP"= 36465:TCP:@xpsp2res.dll,-22009
"54130:TCP"= 54130:TCP:@xpsp2res.dll,-22009
"21873:TCP"= 21873:TCP:@xpsp2res.dll,-22009
"11889:TCP"= 11889:TCP:@xpsp2res.dll,-22009

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-02-05 325128]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-02-05 107272]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-02-05 298264]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder

2009-02-14 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 09:09]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Search - ?p=ZKxdm016YYHR
IE: Add to Evernote - c:\program files\Evernote\Evernote3\enbar.dll/2000
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {33331111-1111-1111-1111-622221193458} - file://c:\ex.cab
DPF: {64311111-1111-1121-1111-111191113457} - file://c:\eied_s7.cab
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2009-02-14 21:22:45
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\ccEvtMgr]
"ImagePath"="-"

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SAVRT]
"ImagePath"="-"

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SNDSrvc]
"ImagePath"="-"
.
Completion time: 2009-02-14 21:24:27
ComboFix-quarantined-files.txt 2009-02-14 20:24:24
ComboFix2.txt 2009-02-14 20:15:32
ComboFix3.txt 2009-02-14 15:47:52
ComboFix4.txt 2009-02-13 23:19:30
ComboFix5.txt 2009-02-14 20:20:42

Pre-Run: 1.246.908.416 bytes free
Post-Run: 1,230,491,648 bytes free

616 --- E O F --- 2008-12-31 05:09:50

offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

Posle savetovanja sa kolegama, nas je zakljucak da je tvoj kompjuter sada cist.

Uradi sada jos i sledecu proceduru:

Klikni START a zatim RUN
U liniju za unos teksta ukucaj Combofix /u i klikni OK





Sačekaj da se proces deinstalacije završi

Gornja procedura će:
Obrisati sledeće:
ComboFix i njegove file-ove i foldere
VundoFix Backups folder, ako postoji
C:\Deckard folder, ako postoji
C:\OtMoveIt folder, ako postoji

Resetovati podešavanja sata na kompjuteru
Sakriti ekstenzije file-ova, ako je potrebno
Sakriti sistemske/skrivene file-ove/foldere, ako je potrebno
Resetovati System Restore

offline
  • vr7600 
  • Novi MyCity građanin
  • Pridružio: 25 Jan 2008
  • Poruke: 26

Hvala ti na trudu!

PS
Prije nego sam se tebi obratio, sa tog lapa sam, stikom, prenio zarazu na 2 PCa. Kaj da s njima radim? Nastavljamo ovdje ili otvaram novi post?

offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

Bolje otvori nove teme.

Ko je trenutno na forumu
 

Ukupno su 1164 korisnika na forumu :: 46 registrovanih, 10 sakrivenih i 1108 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., Alibaba1981, Andrija357, bankulen, Ben Roj, BraneS, brundo65, ccoogg123, Dannyboy, djboj, DonRumataEstorski, Dorcolac, draganca, Georgius, havoc995, ikan, Joja, Još malo pa deda, kovinacc, Kubovac, kybonacci, Lazarus, ljubacv, loon123, LUDI, MB120mm, mercedesamg, milimoj, milos.cbr, MrNo, Nemanja.M, nenad81, nick79, ostoja, Panter, panzerwaffe, prle122, randja26, savaskytec, slonic_tonic, solic, stalja, tubular, vathra, vobo, xanadu