Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Suspicious activities and disabled functions – no idea what cause.


  • This topic is locked This topic is locked
23 replies to this topic

#1 Confused Lee

Confused Lee

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Plymouth UK
  • Local time:09:04 AM

Posted 18 December 2011 - 03:54 PM

Last June I suffered a huge virus attack, with sixteen different nasties ending up on my computer. The signs and symptoms were there, so I scanned with AVS and Superantispyware, which dealt with some of the nonsense, but I was still left with problems. I decided to format the hard drive and start from scratch, which solved the problems.

However, since then I have observed a number of increasingly annoying things going on or not as the case may be.

Every time I have tried to enable Windows Firewall, I got an error message saying that there was a problem and Windows could not activate the firewall. Strangely, although I have not successfully turned it on myself, I have just checked and by magic, Windows firewall is enabled.

Autoplay on my CD/DVD drive seems to be disabled for some, but not all, discs. Example: the boot disc (disc 1 of 3) of my recovery suite of discs will not run any more (it did in June) and the computer tells me that there is “no bootable CD ROM” in the drive, but the second disc will run up, and I can read the file structure on disc 2 in Windows Explorer. Both these discs fire up and allow examination of the folder structure in another laptop.

I often see furious activity on the hard drive when absolutely nothing is going on as far as I know. I have tried to isolate this activity, but even when turning off the internet connection, checking for applications running and processes, nothing is obvious. The computer refuses to shut down, and recently, I have been told that Windows is working with a file and I should come back later! This has happened several times when trying to shut down. Now I know windows does a lot of housekeeping etc, but I don’t believe it needs to take 10-15 minutes to do so just when I want to finish for the night!

I looked into the BIOS to change the boot order so I could boot from a USB memory stick which I had copied disc 1 of my recovery set onto. No matter what I did it would not allow any changes to the boot order.

I have accidentally turned off my wireless function and although other Fn + Fx combinations work fine, the wireless one will not so I am left without wireless and I cannot use the computer near enough to the phone outlet/modem to use it with Ethernet cables (old house, poorly placed power and phone outlets, plus old user who cannot kneel on the floor any more!!).

No idea if this is linked, but the DDS software will not download from your website. I see a very brief “sending request” appear on screen then just the link to your relevant page is displayed, and no file comes down. I have tried this numerous times over about an hour and other internet functions are fine. I downloaded Defogger and gmer successfully a few moments before and after my attempt at downloading DDS. As a result this post has no DDS file attached. I will continue to try downloading DDS on my other computer and will send the results if and when I receive DDS down the line.

Any help you can give me in pointing me towards solving these mysteries would be very much appreciated, as I seen to have exhausted my stock of ideas!

Thanks.

Confused Lee

Attached Files



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,600 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:04 AM

Posted 24 December 2011 - 03:55 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

Posted Image In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/433219 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

Posted Image If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS and GMER log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


We also need a new log from the GMER anti-rootkit Scanner.

Please note that if you are running a 64-bit version of Windows you will not be able to run GMER and you may skip this step.

Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice


Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 Confused Lee

Confused Lee
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Plymouth UK
  • Local time:09:04 AM

Posted 25 December 2011 - 05:47 PM

Please find attached a Gmer and DDS logs as requested. I was able to download the DDS software this time.

I have done nothing to my affected computer since my last post except to power up and run the above software today. The only additional comment I have is that I have transferred the DDS software from one laptop to the affected machine using a USB memory stick, and when requesting ejection, the system told me that it could not be stopped as a program was using the memory stick.... nothing was running at the time, and all I did with the memory stick was to move the DDS software onto the desktop, then move the logs from desktop to memory stick. Seems strange to me.

Well, Merry Christmas and a happy New Year to all the experts who help us mere mortals!

Kind regards,

Confused Lee

Attached Files



#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:04 AM

Posted 26 December 2011 - 03:27 AM

Hello and Welcome to the forums!

My name is Gringo and I'll be glad to help you with your computer problems.

Somethings to remember while we are working together.

  • Do not run any other tool untill instructed to do so!
  • please Do not Attach logs or put in code boxes.
  • Tell me about any problems that have occurred during the fix.
  • Tell me of any other symptoms you may be having as these can help also.
  • Do not run anything while running a fix.
  • Do not run any other tool untill instructed to do so!


Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:04 AM

Posted 30 December 2011 - 03:13 AM

it has been a few days and I havn'e heaRD from you


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#6 Confused Lee

Confused Lee
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Plymouth UK
  • Local time:09:04 AM

Posted 31 December 2011 - 03:58 PM

Hi Gringo,

Thanks for the information - the notification did not appear in my inbox until today, 31 Dec, so sorry for not getting back to you sooner. I will get on with running Combofix either this evening or tomorrow. Meanwhile, may I wish you and yours a happy and peaceful new year.

Kind regards,

Confused Lee

#7 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:04 AM

Posted 31 December 2011 - 04:36 PM

:thumbup2:
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#8 Confused Lee

Confused Lee
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Plymouth UK
  • Local time:09:04 AM

Posted 31 December 2011 - 06:04 PM

Hi Gringo,

I have just finished running Combofix on my affected computer and the log is pasted at the end of this post.

It ran fine and produced a whacking great log. When I had transferred the log onto a memory stick, I again tried to eject the memory stick and was told a program was still accessing it. Task Manager revealed that there were no applications running, and the access light on the stick was not flashing, but the hard drive access light on the computer was flashing like the New Year fireworks! Looking again at Task Manager showed that avgrsx.exe was working on and off all the time, using up to 22% of the CPU despite most of AVG being disabled. As the memory stick light was dead I pulled it out and no bleep, no error messages or dialogue boxes appeared, but the activity continued. Maybe AVG is the reason the computer is acting so strange?

I will have a play with the machine tomorrow, try to load DVD/CD files, try to find an ethernet cable to connect it to the modem and go online and run some of the various programs on the thing and let you know if any changes are apparent.

Anyway, thanks for your help, and here follows the Combofix log.

Kind regards,

Confused Lee

ComboFix 11-12-31.03 - Lee and Rong 31/12/2011 21:34:52.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.44.1033.18.959.591 [GMT 0:00]
Running from: C:\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Outdated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\Lee and Rong\Application Data\Neawry
c:\documents and settings\Lee and Rong\Application Data\Neawry\mebaa.ige
c:\documents and settings\Lee and Rong\Application Data\Neawry\mebaa.tmp
c:\documents and settings\Lee and Rong\Local Settings\Application Data\.#
c:\documents and settings\Lee and Rong\Local Settings\Application Data\.#\MBX@120@3934E0.###
c:\documents and settings\Lee and Rong\Local Settings\Application Data\.#\MBX@1D8@3934E0.###
c:\documents and settings\Lee and Rong\Local Settings\Application Data\.#\MBX@264@3934E0.###
c:\documents and settings\Lee and Rong\Local Settings\Application Data\.#\MBX@2EC@3934E0.###
c:\documents and settings\Lee and Rong\Local Settings\Application Data\.#\MBX@43C@3934E0.###
c:\documents and settings\Lee and Rong\Local Settings\Application Data\.#\MBX@4E4@3934E0.###
c:\documents and settings\Lee and Rong\Local Settings\Application Data\.#\MBX@570@3934E0.###
c:\documents and settings\Lee and Rong\Local Settings\Application Data\.#\MBX@650@3934E0.###
c:\documents and settings\Lee and Rong\Local Settings\Application Data\.#\MBX@6B0@3934E0.###
c:\documents and settings\Lee and Rong\Local Settings\Application Data\.#\MBX@71C@3934E0.###
c:\documents and settings\Lee and Rong\Local Settings\Application Data\.#\MBX@7D4@3934E0.###
c:\documents and settings\Lee and Rong\Local Settings\Application Data\.#\MBX@8B0@3934E0.###
c:\documents and settings\Lee and Rong\Local Settings\Application Data\.#\MBX@8B8@3934E0.###
c:\documents and settings\Lee and Rong\Local Settings\Application Data\.#\MBX@B9C@3934E0.###
c:\documents and settings\Lee and Rong\Local Settings\Application Data\.#\MBX@BD8@3934E0.###
c:\documents and settings\Lee and Rong\Local Settings\Application Data\.#\MBX@C14@3934E0.###
c:\documents and settings\Lee and Rong\Local Settings\Application Data\.#\MBX@E34@3934E0.###
c:\documents and settings\Lee and Rong\Local Settings\Application Data\.#\MBX@E64@3934E0.###
c:\documents and settings\Lee and Rong\Local Settings\Application Data\.#\MBX@E9C@3934E0.###
c:\documents and settings\Lee and Rong\Local Settings\Application Data\.#\MBX@EB4@3934E0.###
c:\documents and settings\Lee and Rong\Local Settings\Application Data\.#\MBX@ED0@3934E0.###
c:\documents and settings\Lee and Rong\Local Settings\Application Data\.#\MBX@FB8@3934E0.###
c:\documents and settings\Lee and Rong\Local Settings\Application Data\.#\MBX@FC0@3934E0.###
c:\documents and settings\Lee and Rong\System
c:\documents and settings\Lee and Rong\System\win_qs8.jqx
c:\windows\system32\drivers\eicon.txt
c:\windows\system32\SET7E.tmp
c:\windows\system32\SET8A.tmp
.
Infected copy of c:\windows\system32\kernel32.dll was found and disinfected
Restored copy from - c:\windows\$NtServicePackUninstall$\kernel32.dll
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_AMSERVICE
-------\Service_AMService
.
.
((((((((((((((((((((((((( Files Created from 2011-11-28 to 2011-12-31 )))))))))))))))))))))))))))))))
.
.
2011-12-18 14:56 . 2001-08-17 22:36 7168 ----a-w- c:\windows\system32\dllcache\EXCH_snprfdll.dll
2011-12-18 14:56 . 2001-08-17 22:36 12288 ----a-w- c:\windows\system32\dllcache\EXCH_smtpctrs.dll
2011-12-18 14:54 . 2001-08-17 22:36 26112 ----a-w- c:\windows\system32\dllcache\EXCH_seos.dll
2011-12-18 14:54 . 2001-08-17 22:36 57856 ----a-w- c:\windows\system32\dllcache\EXCH_scripto.dll
2011-12-18 14:52 . 2001-08-17 22:36 23040 ----a-w- c:\windows\system32\dllcache\EXCH_regtrace.exe
2011-12-18 14:48 . 2001-08-17 14:05 25088 ----a-w- c:\windows\system32\dllcache\ovca.sys
2011-12-18 14:48 . 2001-08-17 13:28 54186 ----a-w- c:\windows\system32\dllcache\otcsercb.sys
2011-12-18 14:48 . 2001-08-17 12:12 43689 ----a-w- c:\windows\system32\dllcache\otceth5.sys
2011-12-18 14:48 . 2001-08-17 12:12 27209 ----a-w- c:\windows\system32\dllcache\otc06x5.sys
2011-12-18 14:48 . 2001-08-17 12:20 54528 ----a-w- c:\windows\system32\dllcache\opl3sax.sys
2011-12-18 14:48 . 2008-04-13 19:46 61696 ----a-w- c:\windows\system32\dllcache\ohci1394.sys
2011-12-18 14:48 . 2001-08-17 12:50 198144 ----a-w- c:\windows\system32\dllcache\nv3.sys
2011-12-18 14:48 . 2001-08-17 22:36 123776 ----a-w- c:\windows\system32\dllcache\nv3.dll
2011-12-18 14:48 . 2001-08-17 22:36 38912 ----a-w- c:\windows\system32\dllcache\EXCH_ntfsdrv.dll
2011-12-18 14:48 . 2001-08-17 12:49 51552 ----a-w- c:\windows\system32\dllcache\ntgrip.sys
2011-12-18 14:46 . 2001-08-17 22:36 59104 ----a-w- c:\windows\system32\dllcache\n9i128v2.dll
2011-12-18 14:45 . 2001-08-17 14:00 2944 ----a-w- c:\windows\system32\dllcache\msmpu401.sys
2011-12-18 14:45 . 2008-04-13 19:54 22016 ----a-w- c:\windows\system32\dllcache\msircomm.sys
2011-12-18 14:45 . 2001-08-17 14:02 35200 ----a-w- c:\windows\system32\dllcache\msgame.sys
2011-12-18 14:45 . 2001-08-17 13:48 6016 ----a-w- c:\windows\system32\dllcache\msfsio.sys
2011-12-18 14:45 . 2008-04-13 19:46 51200 ----a-w- c:\windows\system32\dllcache\msdv.sys
2011-12-18 14:45 . 2008-04-13 19:46 15232 ----a-w- c:\windows\system32\dllcache\mpe.sys
2011-12-18 14:45 . 2001-08-17 13:57 16128 ----a-w- c:\windows\system32\dllcache\modemcsa.sys
2011-12-18 14:45 . 2001-08-17 13:52 6528 ----a-w- c:\windows\system32\dllcache\miniqic.sys
2011-12-18 14:45 . 2004-08-04 13:00 34304 ----a-w- c:\windows\system32\dllcache\migisol.exe
2011-12-18 14:43 . 2001-08-17 13:53 4992 ----a-w- c:\windows\system32\dllcache\loop.sys
2011-12-18 14:43 . 2001-08-17 12:12 70730 ----a-w- c:\windows\system32\dllcache\lne100tx.sys
2011-12-18 14:43 . 2001-08-17 12:12 20573 ----a-w- c:\windows\system32\dllcache\lne100.sys
2011-12-18 14:43 . 2001-08-17 12:11 25065 ----a-w- c:\windows\system32\dllcache\lmndis3.sys
2011-12-18 14:43 . 2001-08-17 13:51 15744 ----a-w- c:\windows\system32\dllcache\lit220p.sys
2011-12-18 14:43 . 2008-04-13 19:40 34688 ----a-w- c:\windows\system32\dllcache\lbrtfdc.sys
2011-12-18 14:43 . 2001-08-17 12:12 26442 ----a-w- c:\windows\system32\dllcache\lanepic5.sys
2011-12-18 14:43 . 2001-08-17 12:12 19016 ----a-w- c:\windows\system32\dllcache\ktc111.sys
2011-12-18 14:43 . 2001-08-17 22:36 37376 ----a-w- c:\windows\system32\dllcache\kousd.dll
2011-12-18 14:43 . 2008-04-14 01:11 253952 ----a-w- c:\windows\system32\dllcache\kdsusd.dll
2011-12-18 14:43 . 2008-04-14 01:11 48640 ----a-w- c:\windows\system32\dllcache\kdsui.dll
2011-12-18 14:42 . 2004-08-04 13:00 18432 ----a-w- c:\windows\system32\dllcache\jupiw.dll
2011-12-18 14:42 . 2001-08-17 13:49 26624 ----a-w- c:\windows\system32\dllcache\irstusb.sys
2011-12-18 14:42 . 2001-08-17 13:51 18688 ----a-w- c:\windows\system32\dllcache\irsir.sys
2011-12-18 14:42 . 2008-04-14 01:11 28160 ----a-w- c:\windows\system32\dllcache\irmon.dll
2011-12-18 14:42 . 2001-08-17 13:49 23552 ----a-w- c:\windows\system32\dllcache\irmk7.sys
2011-12-18 14:42 . 2008-04-14 01:12 151552 ----a-w- c:\windows\system32\dllcache\irftp.exe
2011-12-18 14:42 . 2008-04-13 19:54 88192 ----a-w- c:\windows\system32\dllcache\irda.sys
2011-12-18 14:42 . 2001-08-17 12:12 45632 ----a-w- c:\windows\system32\dllcache\ip5515.sys
2011-12-18 14:42 . 2001-08-17 22:36 90200 ----a-w- c:\windows\system32\dllcache\io8ports.dll
2011-12-18 14:42 . 2001-08-17 13:50 38784 ----a-w- c:\windows\system32\dllcache\io8.sys
2011-12-18 14:42 . 2001-08-17 13:47 13056 ----a-w- c:\windows\system32\dllcache\inport.sys
2011-12-18 14:40 . 2001-08-17 14:56 353184 ----a-w- c:\windows\system32\dllcache\i740dnt5.dll
2011-12-18 14:39 . 2001-08-17 13:52 5760 ----a-w- c:\windows\system32\dllcache\hpt4qic.sys
2011-12-18 14:38 . 2008-04-13 19:40 28288 ----a-w- c:\windows\system32\dllcache\grserial.sys
2011-12-18 14:37 . 2004-08-03 22:31 34173 ----a-w- c:\windows\system32\dllcache\forehe.sys
2011-12-18 14:36 . 2001-08-17 13:28 595647 ----a-w- c:\windows\system32\dllcache\es56cvmp.sys
2011-12-18 14:35 . 2001-08-17 12:10 26141 ----a-w- c:\windows\system32\dllcache\el589nd5.sys
2011-12-18 14:34 . 2001-08-17 22:36 236060 ----a-w- c:\windows\system32\dllcache\ditrace.exe
2011-12-18 14:33 . 2001-08-17 12:12 117760 ----a-w- c:\windows\system32\dllcache\d100ib5.sys
2011-12-18 14:32 . 2001-08-17 13:51 20736 ----a-w- c:\windows\system32\dllcache\cmbp0wdm.sys
2011-12-18 14:31 . 2001-08-17 13:51 13824 ----a-w- c:\windows\system32\dllcache\bulltlp3.sys
2011-12-18 14:30 . 2001-08-17 12:49 26624 ----a-w- c:\windows\system32\dllcache\ativxbar.sys
2011-12-17 22:02 . 2011-12-17 22:02 -------- d-----w- c:\documents and settings\Lee and Rong\Application Data\DriverCure
2011-12-17 22:02 . 2011-12-17 22:02 -------- d-----w- c:\documents and settings\Lee and Rong\Application Data\SpeedyPC Software
2011-12-17 22:02 . 2011-12-17 22:02 -------- d-----w- c:\program files\Common Files\SpeedyPC Software
2011-12-17 22:02 . 2011-12-17 22:02 -------- d-----w- c:\documents and settings\All Users\Application Data\SpeedyPC Software
2011-12-17 22:02 . 2011-12-17 22:02 -------- d-----w- c:\program files\SpeedyPC Software
2011-12-14 21:04 . 2011-12-15 19:35 -------- d-----w- c:\documents and settings\Lee and Rong\Application Data\calibre
2011-12-04 14:49 . 2011-12-04 14:50 -------- d-----w- c:\program files\Calibre2
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-23 13:25 . 2004-08-10 15:38 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-20 19:53 . 2011-06-05 14:56 129164 ----a-w- C:\MGlogs.zip
2011-11-14 18:22 . 2011-05-14 11:10 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-04 19:20 . 2004-08-10 15:38 916992 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 19:20 . 2004-08-10 15:37 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-11-04 19:20 . 2004-08-10 15:37 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-11-04 11:23 . 2004-08-10 15:37 385024 ----a-w- c:\windows\system32\html.iec
2011-11-01 19:30 . 2011-11-01 19:30 37027 ----a-w- c:\windows\atmoUn.exe
2011-11-01 16:07 . 2004-08-10 15:38 1288704 ----a-w- c:\windows\system32\ole32.dll
2011-10-28 05:31 . 2004-08-10 15:37 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-25 13:33 . 2004-08-10 15:38 2192768 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-25 12:52 . 2004-08-03 21:59 2069376 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-18 11:13 . 2004-08-10 15:37 186880 ----a-w- c:\windows\system32\encdec.dll
2011-10-10 14:22 . 2004-08-10 15:56 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-10-07 06:23 . 2011-01-07 05:41 230608 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2011-10-04 06:21 . 2011-02-10 06:53 16720 ----a-w- c:\windows\system32\drivers\AVGIDSShim.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{8020143D-5926-4394-A04D-DD0B649DA121}"= "c:\program files\Nectar Search Toolbar\Toolbar.dll" [2011-09-30 1604096]
.
[HKEY_CLASSES_ROOT\clsid\{8020143d-5926-4394-a04d-dd0b649da121}]
[HKEY_CLASSES_ROOT\FCTB000061465.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{22466F1F-0B10-41B0-A971-3A28599AA7C7}]
[HKEY_CLASSES_ROOT\FCTB000061465.IEToolbar]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{8020143D-5926-4394-A04D-DD0B649DA121}"= "c:\program files\Nectar Search Toolbar\Toolbar.dll" [2011-09-30 1604096]
.
[HKEY_CLASSES_ROOT\clsid\{8020143d-5926-4394-a04d-dd0b649da121}]
[HKEY_CLASSES_ROOT\FCTB000061465.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{22466F1F-0B10-41B0-A971-3A28599AA7C7}]
[HKEY_CLASSES_ROOT\FCTB000061465.IEToolbar]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-12-16 4616064]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-11-06 39408]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Acrobat Assistant.lnk - c:\program files\Adobe\Acrobat 6.0\Distillr\acrotray.exe [2003-10-24 217194]
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2011-7-14 113664]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-08-04 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\TalkTalk\\agent\\bin\\bcont.exe"=
"c:\\Program Files\\Common Files\\SupportSoft\\bin\\tgsrvc.exe"=
"c:\\Program Files\\TalkTalk\\agent\\bin\\bcont_nm.exe"=
"c:\\Program Files\\TalkTalk\\bin\\sprtcmd.exe"=
"c:\\Program Files\\BitComet\\BitComet.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\BitComet\\plugin_emule\\plugin_eMule.exe"=
"c:\\Program Files\\Nectar Search Toolbar\\TroubleShooter.exe"=
"c:\\Program Files\\Nectar Search Toolbar\\ToolbarUpdate.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"=
"c:\\Program Files\\BitComet\\Comet.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"21967:TCP"= 21967:TCP:BitComet 21967 TCP
"21967:UDP"= 21967:UDP:BitComet 21967 UDP
"8186:TCP"= 8186:TCP:BitComet 8186 TCP
"8186:UDP"= 8186:UDP:BitComet 8186 UDP
"11605:TCP"= 11605:TCP:BitComet 11605 TCP
"11605:UDP"= 11605:UDP:BitComet 11605 UDP
"23799:TCP"= 23799:TCP:BitComet 23799 TCP
"23799:UDP"= 23799:UDP:BitComet 23799 UDP
"13705:TCP"= 13705:TCP:BitComet 13705 TCP
"13705:UDP"= 13705:UDP:BitComet 13705 UDP
"12583:TCP"= 12583:TCP:BitComet 12583 TCP
"12583:UDP"= 12583:UDP:BitComet 12583 UDP
"24984:TCP"= 24984:TCP:BitComet 24984 TCP
"24984:UDP"= 24984:UDP:BitComet 24984 UDP
"22776:TCP"= 22776:TCP:BitComet 22776 TCP
"22776:UDP"= 22776:UDP:BitComet 22776 UDP
"20163:TCP"= 20163:TCP:BitComet 20163 TCP
"20163:UDP"= 20163:UDP:BitComet 20163 UDP
"16214:TCP"= 16214:TCP:BitComet 16214 TCP
"16214:UDP"= 16214:UDP:BitComet 16214 UDP
"12061:TCP"= 12061:TCP:BitComet 12061 TCP
"12061:UDP"= 12061:UDP:BitComet 12061 UDP
"19033:TCP"= 19033:TCP:BitComet 19033 TCP
"19033:UDP"= 19033:UDP:BitComet 19033 UDP
"25070:TCP"= 25070:TCP:BitComet 25070 TCP
"25070:UDP"= 25070:UDP:BitComet 25070 UDP
"10557:TCP"= 10557:TCP:BitComet 10557 TCP
"10557:UDP"= 10557:UDP:BitComet 10557 UDP
"20709:TCP"= 20709:TCP:BitComet 20709 TCP
"20709:UDP"= 20709:UDP:BitComet 20709 UDP
"26138:TCP"= 26138:TCP:BitComet 26138 TCP
"26138:UDP"= 26138:UDP:BitComet 26138 UDP
"9838:TCP"= 9838:TCP:BitComet 9838 TCP
"9838:UDP"= 9838:UDP:BitComet 9838 UDP
"11622:TCP"= 11622:TCP:BitComet 11622 TCP
"11622:UDP"= 11622:UDP:BitComet 11622 UDP
"22306:TCP"= 22306:TCP:BitComet 22306 TCP
"22306:UDP"= 22306:UDP:BitComet 22306 UDP
"12569:TCP"= 12569:TCP:BitComet 12569 TCP
"12569:UDP"= 12569:UDP:BitComet 12569 UDP
"9610:TCP"= 9610:TCP:BitComet 9610 TCP
"9610:UDP"= 9610:UDP:BitComet 9610 UDP
"9404:TCP"= 9404:TCP:BitComet 9404 TCP
"9404:UDP"= 9404:UDP:BitComet 9404 UDP
"20639:TCP"= 20639:TCP:BitComet 20639 TCP
"20639:UDP"= 20639:UDP:BitComet 20639 UDP
"20007:TCP"= 20007:TCP:BitComet 20007 TCP
"20007:UDP"= 20007:UDP:BitComet 20007 UDP
"16361:TCP"= 16361:TCP:BitComet 16361 TCP
"16361:UDP"= 16361:UDP:BitComet 16361 UDP
"20112:TCP"= 20112:TCP:BitComet 20112 TCP
"20112:UDP"= 20112:UDP:BitComet 20112 UDP
"27738:TCP"= 27738:TCP:BitComet 27738 TCP
"27738:UDP"= 27738:UDP:BitComet 27738 UDP
"13236:TCP"= 13236:TCP:BitComet 13236 TCP
"13236:UDP"= 13236:UDP:BitComet 13236 UDP
"27568:TCP"= 27568:TCP:BitComet 27568 TCP
"27568:UDP"= 27568:UDP:BitComet 27568 UDP
"8064:TCP"= 8064:TCP:BitComet 8064 TCP
"8064:UDP"= 8064:UDP:BitComet 8064 UDP
"10685:TCP"= 10685:TCP:BitComet 10685 TCP
"10685:UDP"= 10685:UDP:BitComet 10685 UDP
"16079:TCP"= 16079:TCP:BitComet 16079 TCP
"16079:UDP"= 16079:UDP:BitComet 16079 UDP
"8887:TCP"= 8887:TCP:BitComet 8887 TCP
"8887:UDP"= 8887:UDP:BitComet 8887 UDP
"8899:TCP"= 8899:TCP:BitComet 8899 TCP
"8899:UDP"= 8899:UDP:BitComet 8899 UDP
"8279:TCP"= 8279:TCP:BitComet 8279 TCP
"8279:UDP"= 8279:UDP:BitComet 8279 UDP
"27693:TCP"= 27693:TCP:BitComet 27693 TCP
"27693:UDP"= 27693:UDP:BitComet 27693 UDP
"7828:TCP"= 7828:TCP:BitComet 7828 TCP
"7828:UDP"= 7828:UDP:BitComet 7828 UDP
"18676:TCP"= 18676:TCP:BitComet 18676 TCP
"18676:UDP"= 18676:UDP:BitComet 18676 UDP
"24486:TCP"= 24486:TCP:BitComet 24486 TCP
"24486:UDP"= 24486:UDP:BitComet 24486 UDP
"26551:TCP"= 26551:TCP:BitComet 26551 TCP
"26551:UDP"= 26551:UDP:BitComet 26551 UDP
"21918:TCP"= 21918:TCP:BitComet 21918 TCP
"21918:UDP"= 21918:UDP:BitComet 21918 UDP
"20890:TCP"= 20890:TCP:BitComet 20890 TCP
"20890:UDP"= 20890:UDP:BitComet 20890 UDP
"9410:TCP"= 9410:TCP:BitComet 9410 TCP
"9410:UDP"= 9410:UDP:BitComet 9410 UDP
"26704:TCP"= 26704:TCP:BitComet 26704 TCP
"26704:UDP"= 26704:UDP:BitComet 26704 UDP
"20086:TCP"= 20086:TCP:BitComet 20086 TCP
"20086:UDP"= 20086:UDP:BitComet 20086 UDP
"17602:TCP"= 17602:TCP:BitComet 17602 TCP
"17602:UDP"= 17602:UDP:BitComet 17602 UDP
"10033:TCP"= 10033:TCP:BitComet 10033 TCP
"10033:UDP"= 10033:UDP:BitComet 10033 UDP
"18907:TCP"= 18907:TCP:BitComet 18907 TCP
"18907:UDP"= 18907:UDP:BitComet 18907 UDP
"7338:TCP"= 7338:TCP:BitComet 7338 TCP
"7338:UDP"= 7338:UDP:BitComet 7338 UDP
"19673:TCP"= 19673:TCP:BitComet 19673 TCP
"19673:UDP"= 19673:UDP:BitComet 19673 UDP
"19000:TCP"= 19000:TCP:BitComet 19000 TCP
"19000:UDP"= 19000:UDP:BitComet 19000 UDP
"10762:TCP"= 10762:TCP:BitComet 10762 TCP
"10762:UDP"= 10762:UDP:BitComet 10762 UDP
"15979:TCP"= 15979:TCP:BitComet 15979 TCP
"15979:UDP"= 15979:UDP:BitComet 15979 UDP
"13410:TCP"= 13410:TCP:BitComet 13410 TCP
"13410:UDP"= 13410:UDP:BitComet 13410 UDP
"7392:TCP"= 7392:TCP:BitComet 7392 TCP
"7392:UDP"= 7392:UDP:BitComet 7392 UDP
"20332:TCP"= 20332:TCP:BitComet 20332 TCP
"20332:UDP"= 20332:UDP:BitComet 20332 UDP
"8144:TCP"= 8144:TCP:BitComet 8144 TCP
"8144:UDP"= 8144:UDP:BitComet 8144 UDP
"13789:TCP"= 13789:TCP:BitComet 13789 TCP
"13789:UDP"= 13789:UDP:BitComet 13789 UDP
"11044:TCP"= 11044:TCP:BitComet 11044 TCP
"11044:UDP"= 11044:UDP:BitComet 11044 UDP
"7086:TCP"= 7086:TCP:BitComet 7086 TCP
"7086:UDP"= 7086:UDP:BitComet 7086 UDP
"16946:TCP"= 16946:TCP:BitComet 16946 TCP
"16946:UDP"= 16946:UDP:BitComet 16946 UDP
"8557:TCP"= 8557:TCP:BitComet 8557 TCP
"8557:UDP"= 8557:UDP:BitComet 8557 UDP
"13436:TCP"= 13436:TCP:BitComet 13436 TCP
"13436:UDP"= 13436:UDP:BitComet 13436 UDP
"7006:TCP"= 7006:TCP:BitComet 7006 TCP
"7006:UDP"= 7006:UDP:BitComet 7006 UDP
"22589:TCP"= 22589:TCP:BitComet 22589 TCP
"22589:UDP"= 22589:UDP:BitComet 22589 UDP
"7518:TCP"= 7518:TCP:BitComet 7518 TCP
"7518:UDP"= 7518:UDP:BitComet 7518 UDP
"23573:TCP"= 23573:TCP:BitComet 23573 TCP
"23573:UDP"= 23573:UDP:BitComet 23573 UDP
"17448:TCP"= 17448:TCP:BitComet 17448 TCP
"17448:UDP"= 17448:UDP:BitComet 17448 UDP
"25904:TCP"= 25904:TCP:BitComet 25904 TCP
"25904:UDP"= 25904:UDP:BitComet 25904 UDP
"7673:TCP"= 7673:TCP:BitComet 7673 TCP
"7673:UDP"= 7673:UDP:BitComet 7673 UDP
"12208:TCP"= 12208:TCP:BitComet 12208 TCP
"12208:UDP"= 12208:UDP:BitComet 12208 UDP
"18360:TCP"= 18360:TCP:BitComet 18360 TCP
"18360:UDP"= 18360:UDP:BitComet 18360 UDP
"9399:TCP"= 9399:TCP:BitComet 9399 TCP
"9399:UDP"= 9399:UDP:BitComet 9399 UDP
"26622:TCP"= 26622:TCP:BitComet 26622 TCP
"26622:UDP"= 26622:UDP:BitComet 26622 UDP
"10790:TCP"= 10790:TCP:BitComet 10790 TCP
"10790:UDP"= 10790:UDP:BitComet 10790 UDP
"8926:TCP"= 8926:TCP:BitComet 8926 TCP
"8926:UDP"= 8926:UDP:BitComet 8926 UDP
"27340:TCP"= 27340:TCP:BitComet 27340 TCP
"27340:UDP"= 27340:UDP:BitComet 27340 UDP
"24904:TCP"= 24904:TCP:BitComet 24904 TCP
"24904:UDP"= 24904:UDP:BitComet 24904 UDP
"9009:TCP"= 9009:TCP:BitComet 9009 TCP
"9009:UDP"= 9009:UDP:BitComet 9009 UDP
"12425:TCP"= 12425:TCP:BitComet 12425 TCP
"12425:UDP"= 12425:UDP:BitComet 12425 UDP
"15376:TCP"= 15376:TCP:BitComet 15376 TCP
"15376:UDP"= 15376:UDP:BitComet 15376 UDP
"22815:TCP"= 22815:TCP:BitComet 22815 TCP
"22815:UDP"= 22815:UDP:BitComet 22815 UDP
"25819:TCP"= 25819:TCP:BitComet 25819 TCP
"25819:UDP"= 25819:UDP:BitComet 25819 UDP
"9670:TCP"= 9670:TCP:BitComet 9670 TCP
"9670:UDP"= 9670:UDP:BitComet 9670 UDP
"22488:TCP"= 22488:TCP:BitComet 22488 TCP
"22488:UDP"= 22488:UDP:BitComet 22488 UDP
"16069:TCP"= 16069:TCP:BitComet 16069 TCP
"16069:UDP"= 16069:UDP:BitComet 16069 UDP
"23380:TCP"= 23380:TCP:BitComet 23380 TCP
"23380:UDP"= 23380:UDP:BitComet 23380 UDP
"9652:TCP"= 9652:TCP:BitComet 9652 TCP
"9652:UDP"= 9652:UDP:BitComet 9652 UDP
"8053:TCP"= 8053:TCP:BitComet 8053 TCP
"8053:UDP"= 8053:UDP:BitComet 8053 UDP
"18157:TCP"= 18157:TCP:BitComet 18157 TCP
"18157:UDP"= 18157:UDP:BitComet 18157 UDP
"22503:TCP"= 22503:TCP:BitComet 22503 TCP
"22503:UDP"= 22503:UDP:BitComet 22503 UDP
"10772:TCP"= 10772:TCP:BitComet 10772 TCP
"10772:UDP"= 10772:UDP:BitComet 10772 UDP
"17343:TCP"= 17343:TCP:BitComet 17343 TCP
"17343:UDP"= 17343:UDP:BitComet 17343 UDP
"13713:TCP"= 13713:TCP:BitComet 13713 TCP
"13713:UDP"= 13713:UDP:BitComet 13713 UDP
"15153:TCP"= 15153:TCP:BitComet 15153 TCP
"15153:UDP"= 15153:UDP:BitComet 15153 UDP
"25890:TCP"= 25890:TCP:BitComet 25890 TCP
"25890:UDP"= 25890:UDP:BitComet 25890 UDP
"14559:TCP"= 14559:TCP:BitComet 14559 TCP
"14559:UDP"= 14559:UDP:BitComet 14559 UDP
"22462:TCP"= 22462:TCP:BitComet 22462 TCP
"22462:UDP"= 22462:UDP:BitComet 22462 UDP
"23420:TCP"= 23420:TCP:BitComet 23420 TCP
"23420:UDP"= 23420:UDP:BitComet 23420 UDP
"7275:TCP"= 7275:TCP:BitComet 7275 TCP
"7275:UDP"= 7275:UDP:BitComet 7275 UDP
"10197:TCP"= 10197:TCP:BitComet 10197 TCP
"10197:UDP"= 10197:UDP:BitComet 10197 UDP
"15773:TCP"= 15773:TCP:BitComet 15773 TCP
"15773:UDP"= 15773:UDP:BitComet 15773 UDP
"16938:TCP"= 16938:TCP:BitComet 16938 TCP
"16938:UDP"= 16938:UDP:BitComet 16938 UDP
"19066:TCP"= 19066:TCP:BitComet 19066 TCP
"19066:UDP"= 19066:UDP:BitComet 19066 UDP
"15856:TCP"= 15856:TCP:BitComet 15856 TCP
"15856:UDP"= 15856:UDP:BitComet 15856 UDP
"16686:TCP"= 16686:TCP:BitComet 16686 TCP
"16686:UDP"= 16686:UDP:BitComet 16686 UDP
"26616:TCP"= 26616:TCP:BitComet 26616 TCP
"26616:UDP"= 26616:UDP:BitComet 26616 UDP
"17038:TCP"= 17038:TCP:BitComet 17038 TCP
"17038:UDP"= 17038:UDP:BitComet 17038 UDP
"9856:TCP"= 9856:TCP:BitComet 9856 TCP
"9856:UDP"= 9856:UDP:BitComet 9856 UDP
"13413:TCP"= 13413:TCP:BitComet 13413 TCP
"13413:UDP"= 13413:UDP:BitComet 13413 UDP
"26029:TCP"= 26029:TCP:BitComet 26029 TCP
"26029:UDP"= 26029:UDP:BitComet 26029 UDP
"26522:TCP"= 26522:TCP:BitComet 26522 TCP
"26522:UDP"= 26522:UDP:BitComet 26522 UDP
"18278:TCP"= 18278:TCP:BitComet 18278 TCP
"18278:UDP"= 18278:UDP:BitComet 18278 UDP
"24570:TCP"= 24570:TCP:BitComet 24570 TCP
"24570:UDP"= 24570:UDP:BitComet 24570 UDP
"22979:TCP"= 22979:TCP:BitComet 22979 TCP
"22979:UDP"= 22979:UDP:BitComet 22979 UDP
"8632:TCP"= 8632:TCP:BitComet 8632 TCP
"8632:UDP"= 8632:UDP:BitComet 8632 UDP
"24491:TCP"= 24491:TCP:BitComet 24491 TCP
"24491:UDP"= 24491:UDP:BitComet 24491 UDP
"24708:TCP"= 24708:TCP:BitComet 24708 TCP(ED2K)
"24708:UDP"= 24708:UDP:BitComet 24708 UDP(ED2K)
"11745:TCP"= 11745:TCP:BitComet 11745 TCP
"11745:UDP"= 11745:UDP:BitComet 11745 UDP
"24124:TCP"= 24124:TCP:BitComet 24124 TCP
"24124:UDP"= 24124:UDP:BitComet 24124 UDP
"23231:TCP"= 23231:TCP:BitComet 23231 TCP
"23231:UDP"= 23231:UDP:BitComet 23231 UDP
"19871:TCP"= 19871:TCP:BitComet 19871 TCP
"19871:UDP"= 19871:UDP:BitComet 19871 UDP
"23882:TCP"= 23882:TCP:BitComet 23882 TCP
"23882:UDP"= 23882:UDP:BitComet 23882 UDP
"12978:TCP"= 12978:TCP:BitComet 12978 TCP
"12978:UDP"= 12978:UDP:BitComet 12978 UDP
"20499:TCP"= 20499:TCP:BitComet 20499 TCP
"20499:UDP"= 20499:UDP:BitComet 20499 UDP
"9760:TCP"= 9760:TCP:BitComet 9760 TCP
"9760:UDP"= 9760:UDP:BitComet 9760 UDP
"21411:TCP"= 21411:TCP:BitComet 21411 TCP
"21411:UDP"= 21411:UDP:BitComet 21411 UDP
"25237:TCP"= 25237:TCP:BitComet 25237 TCP
"25237:UDP"= 25237:UDP:BitComet 25237 UDP
"12512:TCP"= 12512:TCP:BitComet 12512 TCP
"12512:UDP"= 12512:UDP:BitComet 12512 UDP
"7489:TCP"= 7489:TCP:BitComet 7489 TCP
"7489:UDP"= 7489:UDP:BitComet 7489 UDP
"17179:TCP"= 17179:TCP:BitComet 17179 TCP
"17179:UDP"= 17179:UDP:BitComet 17179 UDP
"17553:TCP"= 17553:TCP:BitComet 17553 TCP
"17553:UDP"= 17553:UDP:BitComet 17553 UDP
"23601:TCP"= 23601:TCP:BitComet 23601 TCP
"23601:UDP"= 23601:UDP:BitComet 23601 UDP
"12105:TCP"= 12105:TCP:BitComet 12105 TCP
"12105:UDP"= 12105:UDP:BitComet 12105 UDP
"9750:TCP"= 9750:TCP:BitComet 9750 TCP
"9750:UDP"= 9750:UDP:BitComet 9750 UDP
"14591:TCP"= 14591:TCP:BitComet 14591 TCP
"14591:UDP"= 14591:UDP:BitComet 14591 UDP
"20988:TCP"= 20988:TCP:BitComet 20988 TCP
"20988:UDP"= 20988:UDP:BitComet 20988 UDP
"17138:TCP"= 17138:TCP:BitComet 17138 TCP
"17138:UDP"= 17138:UDP:BitComet 17138 UDP
"10491:TCP"= 10491:TCP:BitComet 10491 TCP
"10491:UDP"= 10491:UDP:BitComet 10491 UDP
"13723:TCP"= 13723:TCP:BitComet 13723 TCP
"13723:UDP"= 13723:UDP:BitComet 13723 UDP
"9694:TCP"= 9694:TCP:BitComet 9694 TCP
"9694:UDP"= 9694:UDP:BitComet 9694 UDP
"15821:TCP"= 15821:TCP:BitComet 15821 TCP
"15821:UDP"= 15821:UDP:BitComet 15821 UDP
"18486:TCP"= 18486:TCP:BitComet 18486 TCP
"18486:UDP"= 18486:UDP:BitComet 18486 UDP
"24358:TCP"= 24358:TCP:BitComet 24358 TCP
"24358:UDP"= 24358:UDP:BitComet 24358 UDP
"12792:TCP"= 12792:TCP:BitComet 12792 TCP
"12792:UDP"= 12792:UDP:BitComet 12792 UDP
"19027:TCP"= 19027:TCP:BitComet 19027 TCP
"19027:UDP"= 19027:UDP:BitComet 19027 UDP
"20778:TCP"= 20778:TCP:BitComet 20778 TCP
"20778:UDP"= 20778:UDP:BitComet 20778 UDP
"22588:TCP"= 22588:TCP:BitComet 22588 TCP
"22588:UDP"= 22588:UDP:BitComet 22588 UDP
"13191:TCP"= 13191:TCP:BitComet 13191 TCP
"13191:UDP"= 13191:UDP:BitComet 13191 UDP
"10313:TCP"= 10313:TCP:BitComet 10313 TCP
"10313:UDP"= 10313:UDP:BitComet 10313 UDP
"22620:TCP"= 22620:TCP:BitComet 22620 TCP
"22620:UDP"= 22620:UDP:BitComet 22620 UDP
"8346:TCP"= 8346:TCP:BitComet 8346 TCP
"8346:UDP"= 8346:UDP:BitComet 8346 UDP
"8551:TCP"= 8551:TCP:BitComet 8551 TCP
"8551:UDP"= 8551:UDP:BitComet 8551 UDP
"13495:TCP"= 13495:TCP:BitComet 13495 TCP
"13495:UDP"= 13495:UDP:BitComet 13495 UDP
"14133:TCP"= 14133:TCP:BitComet 14133 TCP
"14133:UDP"= 14133:UDP:BitComet 14133 UDP
"7154:TCP"= 7154:TCP:BitComet 7154 TCP
"7154:UDP"= 7154:UDP:BitComet 7154 UDP
"14270:TCP"= 14270:TCP:BitComet 14270 TCP
"14270:UDP"= 14270:UDP:BitComet 14270 UDP
"7842:TCP"= 7842:TCP:BitComet 7842 TCP
"7842:UDP"= 7842:UDP:BitComet 7842 UDP
"8075:TCP"= 8075:TCP:BitComet 8075 TCP
"8075:UDP"= 8075:UDP:BitComet 8075 UDP
"14206:TCP"= 14206:TCP:BitComet 14206 TCP
"14206:UDP"= 14206:UDP:BitComet 14206 UDP
"20668:TCP"= 20668:TCP:BitComet 20668 TCP
"20668:UDP"= 20668:UDP:BitComet 20668 UDP
"9307:TCP"= 9307:TCP:BitComet 9307 TCP
"9307:UDP"= 9307:UDP:BitComet 9307 UDP
"22001:TCP"= 22001:TCP:BitComet 22001 TCP
"22001:UDP"= 22001:UDP:BitComet 22001 UDP
"9955:TCP"= 9955:TCP:BitComet 9955 TCP
"9955:UDP"= 9955:UDP:BitComet 9955 UDP
"24167:TCP"= 24167:TCP:BitComet 24167 TCP
"24167:UDP"= 24167:UDP:BitComet 24167 UDP
"13274:TCP"= 13274:TCP:BitComet 13274 TCP
"13274:UDP"= 13274:UDP:BitComet 13274 UDP
"12735:TCP"= 12735:TCP:BitComet 12735 TCP
"12735:UDP"= 12735:UDP:BitComet 12735 UDP
"19975:TCP"= 19975:TCP:BitComet 19975 TCP
"19975:UDP"= 19975:UDP:BitComet 19975 UDP
"9944:TCP"= 9944:TCP:BitComet 9944 TCP
"9944:UDP"= 9944:UDP:BitComet 9944 UDP
"20488:TCP"= 20488:TCP:BitComet 20488 TCP
"20488:UDP"= 20488:UDP:BitComet 20488 UDP
"19208:TCP"= 19208:TCP:BitComet 19208 TCP
"19208:UDP"= 19208:UDP:BitComet 19208 UDP
"12119:TCP"= 12119:TCP:BitComet 12119 TCP
"12119:UDP"= 12119:UDP:BitComet 12119 UDP
"26362:TCP"= 26362:TCP:BitComet 26362 TCP
"26362:UDP"= 26362:UDP:BitComet 26362 UDP
"9161:TCP"= 9161:TCP:BitComet 9161 TCP
"9161:UDP"= 9161:UDP:BitComet 9161 UDP
"20187:TCP"= 20187:TCP:BitComet 20187 TCP
"20187:UDP"= 20187:UDP:BitComet 20187 UDP
"15939:TCP"= 15939:TCP:BitComet 15939 TCP
"15939:UDP"= 15939:UDP:BitComet 15939 UDP
"8209:TCP"= 8209:TCP:BitComet 8209 TCP
"8209:UDP"= 8209:UDP:BitComet 8209 UDP
"11596:TCP"= 11596:TCP:BitComet 11596 TCP
"11596:UDP"= 11596:UDP:BitComet 11596 UDP
"16104:TCP"= 16104:TCP:BitComet 16104 TCP
"16104:UDP"= 16104:UDP:BitComet 16104 UDP
"18311:TCP"= 18311:TCP:BitComet 18311 TCP
"18311:UDP"= 18311:UDP:BitComet 18311 UDP
"12685:TCP"= 12685:TCP:BitComet 12685 TCP
"12685:UDP"= 12685:UDP:BitComet 12685 UDP
"21633:TCP"= 21633:TCP:BitComet 21633 TCP
"21633:UDP"= 21633:UDP:BitComet 21633 UDP
"19050:TCP"= 19050:TCP:BitComet 19050 TCP
"19050:UDP"= 19050:UDP:BitComet 19050 UDP
"19343:TCP"= 19343:TCP:BitComet 19343 TCP
"19343:UDP"= 19343:UDP:BitComet 19343 UDP
"8294:TCP"= 8294:TCP:BitComet 8294 TCP
"8294:UDP"= 8294:UDP:BitComet 8294 UDP
"14399:TCP"= 14399:TCP:BitComet 14399 TCP
"14399:UDP"= 14399:UDP:BitComet 14399 UDP
"12755:TCP"= 12755:TCP:BitComet 12755 TCP
"12755:UDP"= 12755:UDP:BitComet 12755 UDP
"7447:TCP"= 7447:TCP:BitComet 7447 TCP
"7447:UDP"= 7447:UDP:BitComet 7447 UDP
"12118:TCP"= 12118:TCP:BitComet 12118 TCP
"12118:UDP"= 12118:UDP:BitComet 12118 UDP
"24269:TCP"= 24269:TCP:BitComet 24269 TCP
"24269:UDP"= 24269:UDP:BitComet 24269 UDP
"18594:TCP"= 18594:TCP:BitComet 18594 TCP
"18594:UDP"= 18594:UDP:BitComet 18594 UDP
"14275:TCP"= 14275:TCP:BitComet 14275 TCP
"14275:UDP"= 14275:UDP:BitComet 14275 UDP
"27285:TCP"= 27285:TCP:BitComet 27285 TCP
"27285:UDP"= 27285:UDP:BitComet 27285 UDP
"22156:TCP"= 22156:TCP:BitComet 22156 TCP
"22156:UDP"= 22156:UDP:BitComet 22156 UDP
"7318:TCP"= 7318:TCP:BitComet 7318 TCP
"7318:UDP"= 7318:UDP:BitComet 7318 UDP
"22902:TCP"= 22902:TCP:BitComet 22902 TCP
"22902:UDP"= 22902:UDP:BitComet 22902 UDP
"21452:TCP"= 21452:TCP:BitComet 21452 TCP
"21452:UDP"= 21452:UDP:BitComet 21452 UDP
"24145:TCP"= 24145:TCP:BitComet 24145 TCP
"24145:UDP"= 24145:UDP:BitComet 24145 UDP
"23816:TCP"= 23816:TCP:BitComet 23816 TCP
"23816:UDP"= 23816:UDP:BitComet 23816 UDP
"19254:TCP"= 19254:TCP:BitComet 19254 TCP
"19254:UDP"= 19254:UDP:BitComet 19254 UDP
"14666:TCP"= 14666:TCP:BitComet 14666 TCP
"14666:UDP"= 14666:UDP:BitComet 14666 UDP
"12540:TCP"= 12540:TCP:BitComet 12540 TCP
"12540:UDP"= 12540:UDP:BitComet 12540 UDP
"23390:TCP"= 23390:TCP:BitComet 23390 TCP
"23390:UDP"= 23390:UDP:BitComet 23390 UDP
"27636:TCP"= 27636:TCP:BitComet 27636 TCP
"27636:UDP"= 27636:UDP:BitComet 27636 UDP
"11500:TCP"= 11500:TCP:BitComet 11500 TCP
"11500:UDP"= 11500:UDP:BitComet 11500 UDP
"14039:TCP"= 14039:TCP:BitComet 14039 TCP
"14039:UDP"= 14039:UDP:BitComet 14039 UDP
"11320:TCP"= 11320:TCP:BitComet 11320 TCP
"11320:UDP"= 11320:UDP:BitComet 11320 UDP
"25256:TCP"= 25256:TCP:BitComet 25256 TCP
"25256:UDP"= 25256:UDP:BitComet 25256 UDP
"15392:TCP"= 15392:TCP:BitComet 15392 TCP
"15392:UDP"= 15392:UDP:BitComet 15392 UDP
"13675:TCP"= 13675:TCP:BitComet 13675 TCP
"13675:UDP"= 13675:UDP:BitComet 13675 UDP
"25873:TCP"= 25873:TCP:BitComet 25873 TCP
"25873:UDP"= 25873:UDP:BitComet 25873 UDP
"21818:TCP"= 21818:TCP:BitComet 21818 TCP
"21818:UDP"= 21818:UDP:BitComet 21818 UDP
"22284:TCP"= 22284:TCP:BitComet 22284 TCP
"22284:UDP"= 22284:UDP:BitComet 22284 UDP
"12626:TCP"= 12626:TCP:BitComet 12626 TCP
"12626:UDP"= 12626:UDP:BitComet 12626 UDP
"10485:TCP"= 10485:TCP:BitComet 10485 TCP
"10485:UDP"= 10485:UDP:BitComet 10485 UDP
"9114:TCP"= 9114:TCP:BitComet 9114 TCP
"9114:UDP"= 9114:UDP:BitComet 9114 UDP
"9980:TCP"= 9980:TCP:BitComet 9980 TCP
"9980:UDP"= 9980:UDP:BitComet 9980 UDP
"9461:TCP"= 9461:TCP:BitComet 9461 TCP
"9461:UDP"= 9461:UDP:BitComet 9461 UDP
"16696:TCP"= 16696:TCP:BitComet 16696 TCP
"16696:UDP"= 16696:UDP:BitComet 16696 UDP
"26833:TCP"= 26833:TCP:BitComet 26833 TCP
"26833:UDP"= 26833:UDP:BitComet 26833 UDP
"22134:TCP"= 22134:TCP:BitComet 22134 TCP
"22134:UDP"= 22134:UDP:BitComet 22134 UDP
"16033:TCP"= 16033:TCP:BitComet 16033 TCP
"16033:UDP"= 16033:UDP:BitComet 16033 UDP
"14052:TCP"= 14052:TCP:BitComet 14052 TCP
"14052:UDP"= 14052:UDP:BitComet 14052 UDP
"11380:TCP"= 11380:TCP:BitComet 11380 TCP
"11380:UDP"= 11380:UDP:BitComet 11380 UDP
"10796:TCP"= 10796:TCP:BitComet 10796 TCP
"10796:UDP"= 10796:UDP:BitComet 10796 UDP
"11710:TCP"= 11710:TCP:BitComet 11710 TCP
"11710:UDP"= 11710:UDP:BitComet 11710 UDP
"8360:TCP"= 8360:TCP:BitComet 8360 TCP
"8360:UDP"= 8360:UDP:BitComet 8360 UDP
"22719:TCP"= 22719:TCP:BitComet 22719 TCP
"22719:UDP"= 22719:UDP:BitComet 22719 UDP
"8475:TCP"= 8475:TCP:BitComet 8475 TCP
"8475:UDP"= 8475:UDP:BitComet 8475 UDP
"26600:TCP"= 26600:TCP:BitComet 26600 TCP
"26600:UDP"= 26600:UDP:BitComet 26600 UDP
"15871:TCP"= 15871:TCP:BitComet 15871 TCP
"15871:UDP"= 15871:UDP:BitComet 15871 UDP
"14588:TCP"= 14588:TCP:BitComet 14588 TCP
"14588:UDP"= 14588:UDP:BitComet 14588 UDP
"7120:TCP"= 7120:TCP:BitComet 7120 TCP
"7120:UDP"= 7120:UDP:BitComet 7120 UDP
"17649:TCP"= 17649:TCP:BitComet 17649 TCP
"17649:UDP"= 17649:UDP:BitComet 17649 UDP
"24088:TCP"= 24088:TCP:BitComet 24088 TCP
"24088:UDP"= 24088:UDP:BitComet 24088 UDP
"18456:TCP"= 18456:TCP:BitComet 18456 TCP
"18456:UDP"= 18456:UDP:BitComet 18456 UDP
"9002:TCP"= 9002:TCP:BitComet 9002 TCP
"9002:UDP"= 9002:UDP:BitComet 9002 UDP
"8199:TCP"= 8199:TCP:BitComet 8199 TCP
"8199:UDP"= 8199:UDP:BitComet 8199 UDP
"12310:TCP"= 12310:TCP:BitComet 12310 TCP
"12310:UDP"= 12310:UDP:BitComet 12310 UDP
"22583:TCP"= 22583:TCP:BitComet 22583 TCP
"22583:UDP"= 22583:UDP:BitComet 22583 UDP
"11649:TCP"= 11649:TCP:BitComet 11649 TCP
"11649:UDP"= 11649:UDP:BitComet 11649 UDP
"12989:TCP"= 12989:TCP:BitComet 12989 TCP
"12989:UDP"= 12989:UDP:BitComet 12989 UDP
"20640:TCP"= 20640:TCP:BitComet 20640 TCP
"20640:UDP"= 20640:UDP:BitComet 20640 UDP
"21938:TCP"= 21938:TCP:BitComet 21938 TCP
"21938:UDP"= 21938:UDP:BitComet 21938 UDP
"27135:TCP"= 27135:TCP:BitComet 27135 TCP
"27135:UDP"= 27135:UDP:BitComet 27135 UDP
"17063:TCP"= 17063:TCP:BitComet 17063 TCP
"17063:UDP"= 17063:UDP:BitComet 17063 UDP
"22300:TCP"= 22300:TCP:BitComet 22300 TCP
"22300:UDP"= 22300:UDP:BitComet 22300 UDP
"19590:TCP"= 19590:TCP:BitComet 19590 TCP
"19590:UDP"= 19590:UDP:BitComet 19590 UDP
"10156:TCP"= 10156:TCP:BitComet 10156 TCP
"10156:UDP"= 10156:UDP:BitComet 10156 UDP
"22709:TCP"= 22709:TCP:BitComet 22709 TCP
"22709:UDP"= 22709:UDP:BitComet 22709 UDP
"10163:TCP"= 10163:TCP:BitComet 10163 TCP
"10163:UDP"= 10163:UDP:BitComet 10163 UDP
"10481:TCP"= 10481:TCP:BitComet 10481 TCP
"10481:UDP"= 10481:UDP:BitComet 10481 UDP
"10970:TCP"= 10970:TCP:BitComet 10970 TCP
"10970:UDP"= 10970:UDP:BitComet 10970 UDP
"25917:TCP"= 25917:TCP:BitComet 25917 TCP
"25917:UDP"= 25917:UDP:BitComet 25917 UDP
"17847:TCP"= 17847:TCP:BitComet 17847 TCP
"17847:UDP"= 17847:UDP:BitComet 17847 UDP
"15370:TCP"= 15370:TCP:BitComet 15370 TCP
"15370:UDP"= 15370:UDP:BitComet 15370 UDP
"12117:TCP"= 12117:TCP:BitComet 12117 TCP
"12117:UDP"= 12117:UDP:BitComet 12117 UDP
"18637:TCP"= 18637:TCP:BitComet 18637 TCP
"18637:UDP"= 18637:UDP:BitComet 18637 UDP
"18818:TCP"= 18818:TCP:BitComet 18818 TCP
"18818:UDP"= 18818:UDP:BitComet 18818 UDP
"17362:TCP"= 17362:TCP:BitComet 17362 TCP
"17362:UDP"= 17362:UDP:BitComet 17362 UDP
"17842:TCP"= 17842:TCP:BitComet 17842 TCP
"17842:UDP"= 17842:UDP:BitComet 17842 UDP
"17997:TCP"= 17997:TCP:BitComet 17997 TCP
"17997:UDP"= 17997:UDP:BitComet 17997 UDP
"15251:TCP"= 15251:TCP:BitComet 15251 TCP
"15251:UDP"= 15251:UDP:BitComet 15251 UDP
"7137:TCP"= 7137:TCP:BitComet 7137 TCP
"7137:UDP"= 7137:UDP:BitComet 7137 UDP
"16343:TCP"= 16343:TCP:BitComet 16343 TCP
"16343:UDP"= 16343:UDP:BitComet 16343 UDP
"15187:TCP"= 15187:TCP:BitComet 15187 TCP
"15187:UDP"= 15187:UDP:BitComet 15187 UDP
"11274:TCP"= 11274:TCP:BitComet 11274 TCP
"11274:UDP"= 11274:UDP:BitComet 11274 UDP
"13038:TCP"= 13038:TCP:BitComet 13038 TCP
"13038:UDP"= 13038:UDP:BitComet 13038 UDP
"16997:TCP"= 16997:TCP:BitComet 16997 TCP
"16997:UDP"= 16997:UDP:BitComet 16997 UDP
"15746:TCP"= 15746:TCP:BitComet 15746 TCP
"15746:UDP"= 15746:UDP:BitComet 15746 UDP
"11782:TCP"= 11782:TCP:BitComet 11782 TCP
"11782:UDP"= 11782:UDP:BitComet 11782 UDP
"9203:TCP"= 9203:TCP:BitComet 9203 TCP
"9203:UDP"= 9203:UDP:BitComet 9203 UDP
"25565:TCP"= 25565:TCP:BitComet 25565 TCP
"25565:UDP"= 25565:UDP:BitComet 25565 UDP
"16382:TCP"= 16382:TCP:BitComet 16382 TCP
"16382:UDP"= 16382:UDP:BitComet 16382 UDP
"17208:TCP"= 17208:TCP:BitComet 17208 TCP
"17208:UDP"= 17208:UDP:BitComet 17208 UDP
"15031:TCP"= 15031:TCP:BitComet 15031 TCP
"15031:UDP"= 15031:UDP:BitComet 15031 UDP
"16250:TCP"= 16250:TCP:BitComet 16250 TCP
"16250:UDP"= 16250:UDP:BitComet 16250 UDP
"9103:TCP"= 9103:TCP:BitComet 9103 TCP
"9103:UDP"= 9103:UDP:BitComet 9103 UDP
"11191:TCP"= 11191:TCP:BitComet 11191 TCP
"11191:UDP"= 11191:UDP:BitComet 11191 UDP
"18115:TCP"= 18115:TCP:BitComet 18115 TCP
"18115:UDP"= 18115:UDP:BitComet 18115 UDP
"17515:TCP"= 17515:TCP:BitComet 17515 TCP
"17515:UDP"= 17515:UDP:BitComet 17515 UDP
"10136:TCP"= 10136:TCP:BitComet 10136 TCP
"10136:UDP"= 10136:UDP:BitComet 10136 UDP
"21806:TCP"= 21806:TCP:BitComet 21806 TCP
"21806:UDP"= 21806:UDP:BitComet 21806 UDP
"21494:TCP"= 21494:TCP:BitComet 21494 TCP
"21494:UDP"= 21494:UDP:BitComet 21494 UDP
"25686:TCP"= 25686:TCP:BitComet 25686 TCP
"25686:UDP"= 25686:UDP:BitComet 25686 UDP
"7902:TCP"= 7902:TCP:BitComet 7902 TCP
"7902:UDP"= 7902:UDP:BitComet 7902 UDP
"17248:TCP"= 17248:TCP:BitComet 17248 TCP
"17248:UDP"= 17248:UDP:BitComet 17248 UDP
"14823:TCP"= 14823:TCP:BitComet 14823 TCP
"14823:UDP"= 14823:UDP:BitComet 14823 UDP
"8993:TCP"= 8993:TCP:BitComet 8993 TCP
"8993:UDP"= 8993:UDP:BitComet 8993 UDP
"7955:TCP"= 7955:TCP:BitComet 7955 TCP
"7955:UDP"= 7955:UDP:BitComet 7955 UDP
"12964:TCP"= 12964:TCP:BitComet 12964 TCP
"12964:UDP"= 12964:UDP:BitComet 12964 UDP
"12032:TCP"= 12032:TCP:BitComet 12032 TCP
"12032:UDP"= 12032:UDP:BitComet 12032 UDP
"11515:TCP"= 11515:TCP:BitComet 11515 TCP
"11515:UDP"= 11515:UDP:BitComet 11515 UDP
"12818:TCP"= 12818:TCP:BitComet 12818 TCP
"12818:UDP"= 12818:UDP:BitComet 12818 UDP
"13402:TCP"= 13402:TCP:BitComet 13402 TCP
"13402:UDP"= 13402:UDP:BitComet 13402 UDP
"13183:TCP"= 13183:TCP:BitComet 13183 TCP
"13183:UDP"= 13183:UDP:BitComet 13183 UDP
"7817:TCP"= 7817:TCP:BitComet 7817 TCP
"7817:UDP"= 7817:UDP:BitComet 7817 UDP
"14199:TCP"= 14199:TCP:BitComet 14199 TCP
"14199:UDP"= 14199:UDP:BitComet 14199 UDP
"13466:TCP"= 13466:TCP:BitComet 13466 TCP
"13466:UDP"= 13466:UDP:BitComet 13466 UDP
"12990:TCP"= 12990:TCP:BitComet 12990 TCP
"12990:UDP"= 12990:UDP:BitComet 12990 UDP
"7155:TCP"= 7155:TCP:BitComet 7155 TCP
"7155:UDP"= 7155:UDP:BitComet 7155 UDP
"19434:TCP"= 19434:TCP:BitComet 19434 TCP
"19434:UDP"= 19434:UDP:BitComet 19434 UDP
"21383:TCP"= 21383:TCP:BitComet 21383 TCP
"21383:UDP"= 21383:UDP:BitComet 21383 UDP
"22005:TCP"= 22005:TCP:BitComet 22005 TCP
"22005:UDP"= 22005:UDP:BitComet 22005 UDP
"9523:TCP"= 9523:TCP:BitComet 9523 TCP
"9523:UDP"= 9523:UDP:BitComet 9523 UDP
"15182:TCP"= 15182:TCP:BitComet 15182 TCP
"15182:UDP"= 15182:UDP:BitComet 15182 UDP
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [22/02/2011 07:13 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [16/03/2011 15:03 32592]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [07/01/2011 05:41 230608]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [04/04/2011 23:59 295248]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [17/02/2010 18:25 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [10/05/2010 18:41 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [29/06/2010 17:48 116608]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [12/10/2011 06:25 4433248]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [02/08/2011 05:09 192776]
R2 FreeAgentGoNext Service;Seagate Service;c:\program files\Seagate\SeagateManager\Sync\FreeAgentService.exe [18/12/2009 11:25 189736]
R2 MTC0007_STDSB;Scroll Bar Driver;c:\windows\system32\drivers\STDSB.sys [23/10/2010 20:45 11279]
R2 sprtsvc_TalkTalk;SupportSoft Sprocket Service (TalkTalk);c:\program files\TalkTalk\bin\sprtsvc.exe [12/10/2007 08:33 202016]
R2 tgsrvc_TalkTalk;SupportSoft Repair Service (TalkTalk);c:\program files\Common Files\SupportSoft\bin\tgsrvc.exe [02/08/2007 13:42 148768]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [14/04/2011 20:28 134608]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [10/02/2011 06:53 24272]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [10/02/2011 06:53 16720]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [06/11/2011 14:57 136176]
S2 STDSB;STDSB;c:\windows\system32\drivers\STDSB.sys [23/10/2010 20:45 11279]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [06/11/2011 14:57 136176]
S3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\drivers\ivusb.sys [28/07/2010 23:25 25112]
.
Contents of the 'Scheduled Tasks' folder
.
2011-12-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-11-06 14:57]
.
2011-12-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-11-06 14:57]
.
2011-12-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4176526733-4191318346-2997453395-1006Core.job
- c:\documents and settings\Lee and Rong\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-11-19 15:02]
.
2011-12-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4176526733-4191318346-2997453395-1006UA.job
- c:\documents and settings\Lee and Rong\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-11-19 15:02]
.
2011-12-31 c:\windows\Tasks\SDMsgUpdate (TE).job
- c:\progra~1\SMARTD~1\Messages\SDNotify.exe [2011-08-10 17:29]
.
2011-12-17 c:\windows\Tasks\SpeedyPC Pro.job
- c:\program files\SpeedyPC Software\SpeedyPC\SpeedyPC.exe [2011-10-09 01:19]
.
2011-12-26 c:\windows\Tasks\SpeedyPC Registration3.job
- c:\program files\Common Files\SpeedyPC Software\UUS3\UUS3.dll [2011-10-06 16:18]
.
2011-12-17 c:\windows\Tasks\SpeedyPC Update Version3.job
- c:\program files\Common Files\SpeedyPC Software\UUS3\SpeedyPC_Update3.exe [2011-10-06 16:18]
.
2011-12-31 c:\windows\Tasks\User_Feed_Synchronization-{B6B2C2D7-A710-4FA2-8253-DFE68C3AB2AB}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 03:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.co.uk/
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
HKCU-Run-TomTomHOME.exe - c:\program files\TomTom HOME 2\TomTomHOMERunner.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-31 22:18
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(940)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
.
- - - - - - - > 'explorer.exe'(180)
c:\windows\system32\WININET.dll
c:\program files\Windows Media Player\wmpband.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\progra~1\AVG\AVG2012\avgrsx.exe
c:\program files\AVG\AVG2012\avgcsrvx.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\slmdmsr.exe
c:\program files\AVG\AVG2012\avgnsx.exe
c:\program files\Canon\CAL\CALMAIN.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2011-12-31 22:24:50 - machine was rebooted
ComboFix-quarantined-files.txt 2011-12-31 22:24
ComboFix2.txt 2011-06-05 14:48
.
Pre-Run: 61,677,895,680 bytes free
Post-Run: 62,004,256,768 bytes free
.
- - End Of File - - 5C2B34525CC5E418D72B9986D6050B84

#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:04 AM

Posted 31 December 2011 - 06:17 PM

Greetings

Good That cleaned up some bad guys but I see some other stuff that we need to go after, so I want you to run this custom script for me.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 Confused Lee

Confused Lee
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Plymouth UK
  • Local time:09:04 AM

Posted 01 January 2012 - 05:01 PM

Hi Gringo,

Happy New Year!

I have run Combofix with the small additional file merged in and the log is below.

I have tried a DVD in the machine and it ran up and enabled me to read what was on it, so that is an improvement, and the machine shuts down when told to now! With AVG uninstalled at the request of Combofix, there is little or no activity when no applications are running, and the re-boot seemed faster, though that is just a feeling as I have never timed it.

I still cannot switch on the wireless facility, though that is a hardware problem and although I have nearly worn Google out, I cannot find an electronic solution to that problem other than replacing the keyboard, which for me is not an option. Oh well, I guess I will have to find a long ethernet cable!!

Kind regards,

Confused Lee

ComboFix 12-01-01.02 - Lee and Rong 01/01/2012 20:06:34.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.44.1033.18.959.681 [GMT 0:00]
Running from: c:\documents and settings\Lee and Rong\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Lee and Rong\Desktop\CFScript.txt
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_WUAUSERV
-------\Service_wuauserv
.
.
((((((((((((((((((((((((( Files Created from 2011-12-01 to 2012-01-01 )))))))))))))))))))))))))))))))
.
.
2011-12-18 14:56 . 2001-08-17 22:36 7168 ----a-w- c:\windows\system32\dllcache\EXCH_snprfdll.dll
2011-12-18 14:56 . 2001-08-17 22:36 12288 ----a-w- c:\windows\system32\dllcache\EXCH_smtpctrs.dll
2011-12-18 14:55 . 2001-08-17 12:50 68608 ----a-w- c:\windows\system32\dllcache\sis6306p.sys
2011-12-18 14:55 . 2001-08-17 14:56 252032 ----a-w- c:\windows\system32\dllcache\sis300iv.dll
2011-12-18 14:55 . 2004-08-04 13:00 18944 ----a-w- c:\windows\system32\dllcache\simptcp.dll
2011-12-18 14:55 . 2001-08-17 12:50 101760 ----a-w- c:\windows\system32\dllcache\sis300ip.sys
2011-12-18 14:53 . 2001-08-17 13:51 23936 ----a-w- c:\windows\system32\dllcache\sccmusbm.sys
2011-12-18 14:52 . 2001-08-17 12:50 166720 ----a-w- c:\windows\system32\dllcache\s3m.sys
2011-12-18 14:51 . 2001-08-17 13:51 19584 ----a-w- c:\windows\system32\dllcache\rasirda.sys
2011-12-18 14:50 . 2008-04-14 01:12 363520 ----a-w- c:\windows\system32\dllcache\psisdecd.dll
2011-12-18 14:49 . 2001-08-17 22:36 86016 ----a-w- c:\windows\system32\dllcache\pctspk.exe
2011-12-18 14:48 . 2001-08-17 14:05 28032 ----a-w- c:\windows\system32\dllcache\ovcd.sys
2011-12-18 14:48 . 2001-08-17 14:05 48000 ----a-w- c:\windows\system32\dllcache\ovcam2.sys
2011-12-18 14:48 . 2001-08-17 14:05 25088 ----a-w- c:\windows\system32\dllcache\ovca.sys
2011-12-18 14:48 . 2001-08-17 13:28 54186 ----a-w- c:\windows\system32\dllcache\otcsercb.sys
2011-12-18 14:48 . 2001-08-17 12:12 43689 ----a-w- c:\windows\system32\dllcache\otceth5.sys
2011-12-18 14:48 . 2001-08-17 12:12 27209 ----a-w- c:\windows\system32\dllcache\otc06x5.sys
2011-12-18 14:48 . 2001-08-17 12:20 54528 ----a-w- c:\windows\system32\dllcache\opl3sax.sys
2011-12-18 14:48 . 2008-04-13 19:46 61696 ----a-w- c:\windows\system32\dllcache\ohci1394.sys
2011-12-18 14:48 . 2001-08-17 12:50 198144 ----a-w- c:\windows\system32\dllcache\nv3.sys
2011-12-18 14:48 . 2001-08-17 22:36 123776 ----a-w- c:\windows\system32\dllcache\nv3.dll
2011-12-18 14:48 . 2001-08-17 22:36 38912 ----a-w- c:\windows\system32\dllcache\EXCH_ntfsdrv.dll
2011-12-18 14:48 . 2001-08-17 12:49 51552 ----a-w- c:\windows\system32\dllcache\ntgrip.sys
2011-12-18 14:46 . 2001-08-17 22:36 59104 ----a-w- c:\windows\system32\dllcache\n9i128v2.dll
2011-12-18 14:45 . 2001-08-17 14:00 2944 ----a-w- c:\windows\system32\dllcache\msmpu401.sys
2011-12-18 14:45 . 2008-04-13 19:54 22016 ----a-w- c:\windows\system32\dllcache\msircomm.sys
2011-12-18 14:45 . 2001-08-17 14:02 35200 ----a-w- c:\windows\system32\dllcache\msgame.sys
2011-12-18 14:45 . 2001-08-17 13:48 6016 ----a-w- c:\windows\system32\dllcache\msfsio.sys
2011-12-18 14:45 . 2008-04-13 19:46 51200 ----a-w- c:\windows\system32\dllcache\msdv.sys
2011-12-18 14:45 . 2008-04-13 19:46 15232 ----a-w- c:\windows\system32\dllcache\mpe.sys
2011-12-18 14:45 . 2001-08-17 13:57 16128 ----a-w- c:\windows\system32\dllcache\modemcsa.sys
2011-12-18 14:45 . 2001-08-17 13:52 6528 ----a-w- c:\windows\system32\dllcache\miniqic.sys
2011-12-18 14:45 . 2004-08-04 13:00 34304 ----a-w- c:\windows\system32\dllcache\migisol.exe
2011-12-18 14:43 . 2001-08-17 13:53 4992 ----a-w- c:\windows\system32\dllcache\loop.sys
2011-12-18 14:43 . 2001-08-17 12:12 70730 ----a-w- c:\windows\system32\dllcache\lne100tx.sys
2011-12-18 14:43 . 2001-08-17 12:12 20573 ----a-w- c:\windows\system32\dllcache\lne100.sys
2011-12-18 14:43 . 2001-08-17 12:11 25065 ----a-w- c:\windows\system32\dllcache\lmndis3.sys
2011-12-18 14:43 . 2001-08-17 13:51 15744 ----a-w- c:\windows\system32\dllcache\lit220p.sys
2011-12-18 14:43 . 2008-04-13 19:40 34688 ----a-w- c:\windows\system32\dllcache\lbrtfdc.sys
2011-12-18 14:43 . 2001-08-17 12:12 26442 ----a-w- c:\windows\system32\dllcache\lanepic5.sys
2011-12-18 14:43 . 2001-08-17 12:12 19016 ----a-w- c:\windows\system32\dllcache\ktc111.sys
2011-12-18 14:43 . 2001-08-17 22:36 37376 ----a-w- c:\windows\system32\dllcache\kousd.dll
2011-12-18 14:43 . 2008-04-14 01:11 253952 ----a-w- c:\windows\system32\dllcache\kdsusd.dll
2011-12-18 14:43 . 2008-04-14 01:11 48640 ----a-w- c:\windows\system32\dllcache\kdsui.dll
2011-12-18 14:42 . 2004-08-04 13:00 18432 ----a-w- c:\windows\system32\dllcache\jupiw.dll
2011-12-18 14:42 . 2001-08-17 13:49 26624 ----a-w- c:\windows\system32\dllcache\irstusb.sys
2011-12-18 14:42 . 2001-08-17 13:51 18688 ----a-w- c:\windows\system32\dllcache\irsir.sys
2011-12-18 14:42 . 2008-04-14 01:11 28160 ----a-w- c:\windows\system32\dllcache\irmon.dll
2011-12-18 14:42 . 2001-08-17 13:49 23552 ----a-w- c:\windows\system32\dllcache\irmk7.sys
2011-12-18 14:42 . 2008-04-14 01:12 151552 ----a-w- c:\windows\system32\dllcache\irftp.exe
2011-12-18 14:42 . 2008-04-13 19:54 88192 ----a-w- c:\windows\system32\dllcache\irda.sys
2011-12-18 14:42 . 2001-08-17 12:12 45632 ----a-w- c:\windows\system32\dllcache\ip5515.sys
2011-12-18 14:42 . 2001-08-17 22:36 90200 ----a-w- c:\windows\system32\dllcache\io8ports.dll
2011-12-18 14:42 . 2001-08-17 13:50 38784 ----a-w- c:\windows\system32\dllcache\io8.sys
2011-12-18 14:42 . 2001-08-17 13:47 13056 ----a-w- c:\windows\system32\dllcache\inport.sys
2011-12-18 14:40 . 2001-08-17 14:56 353184 ----a-w- c:\windows\system32\dllcache\i740dnt5.dll
2011-12-18 14:39 . 2001-08-17 13:52 5760 ----a-w- c:\windows\system32\dllcache\hpt4qic.sys
2011-12-18 14:38 . 2008-04-13 19:40 28288 ----a-w- c:\windows\system32\dllcache\grserial.sys
2011-12-18 14:37 . 2004-08-03 22:31 34173 ----a-w- c:\windows\system32\dllcache\forehe.sys
2011-12-18 14:36 . 2001-08-17 13:28 595647 ----a-w- c:\windows\system32\dllcache\es56cvmp.sys
2011-12-18 14:35 . 2001-08-17 12:10 26141 ----a-w- c:\windows\system32\dllcache\el589nd5.sys
2011-12-18 14:34 . 2001-08-17 22:36 236060 ----a-w- c:\windows\system32\dllcache\ditrace.exe
2011-12-18 14:33 . 2001-08-17 12:12 117760 ----a-w- c:\windows\system32\dllcache\d100ib5.sys
2011-12-18 14:32 . 2001-08-17 13:51 20736 ----a-w- c:\windows\system32\dllcache\cmbp0wdm.sys
2011-12-18 14:31 . 2001-08-17 13:51 13824 ----a-w- c:\windows\system32\dllcache\bulltlp3.sys
2011-12-18 14:30 . 2001-08-17 12:49 26624 ----a-w- c:\windows\system32\dllcache\ativxbar.sys
2011-12-18 14:29 . 2001-08-17 14:56 66048 ----a-w- c:\windows\system32\dllcache\s3legacy.dll
2011-12-17 22:02 . 2011-12-17 22:02 -------- d-----w- c:\documents and settings\Lee and Rong\Application Data\DriverCure
2011-12-17 22:02 . 2011-12-17 22:02 -------- d-----w- c:\documents and settings\Lee and Rong\Application Data\SpeedyPC Software
2011-12-17 22:02 . 2011-12-17 22:02 -------- d-----w- c:\program files\Common Files\SpeedyPC Software
2011-12-17 22:02 . 2011-12-17 22:02 -------- d-----w- c:\documents and settings\All Users\Application Data\SpeedyPC Software
2011-12-17 22:02 . 2011-12-17 22:02 -------- d-----w- c:\program files\SpeedyPC Software
2011-12-14 21:04 . 2011-12-15 19:35 -------- d-----w- c:\documents and settings\Lee and Rong\Application Data\calibre
2011-12-04 14:49 . 2011-12-04 14:50 -------- d-----w- c:\program files\Calibre2
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-23 13:25 . 2004-08-10 15:38 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-20 19:53 . 2011-06-05 14:56 129164 ----a-w- C:\MGlogs.zip
2011-11-14 18:22 . 2011-05-14 11:10 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-04 19:20 . 2004-08-10 15:38 916992 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 19:20 . 2004-08-10 15:37 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-11-04 19:20 . 2004-08-10 15:37 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-11-04 11:23 . 2004-08-10 15:37 385024 ----a-w- c:\windows\system32\html.iec
2011-11-01 19:30 . 2011-11-01 19:30 37027 ----a-w- c:\windows\atmoUn.exe
2011-11-01 16:07 . 2004-08-10 15:38 1288704 ----a-w- c:\windows\system32\ole32.dll
2011-10-28 05:31 . 2004-08-10 15:37 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-25 13:33 . 2004-08-10 15:38 2192768 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-25 12:52 . 2004-08-03 21:59 2069376 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-18 11:13 . 2004-08-10 15:37 186880 ----a-w- c:\windows\system32\encdec.dll
2011-10-10 14:22 . 2004-08-10 15:56 692736 ----a-w- c:\windows\system32\inetcomm.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-12-31_22.18.46 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-01-01 20:16 . 2012-01-01 20:16 16384 c:\windows\Temp\Perflib_Perfdata_750.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{8020143D-5926-4394-A04D-DD0B649DA121}"= "c:\program files\Nectar Search Toolbar\Toolbar.dll" [2011-09-30 1604096]
.
[HKEY_CLASSES_ROOT\clsid\{8020143d-5926-4394-a04d-dd0b649da121}]
[HKEY_CLASSES_ROOT\FCTB000061465.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{22466F1F-0B10-41B0-A971-3A28599AA7C7}]
[HKEY_CLASSES_ROOT\FCTB000061465.IEToolbar]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{8020143D-5926-4394-A04D-DD0B649DA121}"= "c:\program files\Nectar Search Toolbar\Toolbar.dll" [2011-09-30 1604096]
.
[HKEY_CLASSES_ROOT\clsid\{8020143d-5926-4394-a04d-dd0b649da121}]
[HKEY_CLASSES_ROOT\FCTB000061465.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{22466F1F-0B10-41B0-A971-3A28599AA7C7}]
[HKEY_CLASSES_ROOT\FCTB000061465.IEToolbar]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-12-16 4616064]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-11-06 39408]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Acrobat Assistant.lnk - c:\program files\Adobe\Acrobat 6.0\Distillr\acrotray.exe [2003-10-24 217194]
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2011-7-14 113664]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-08-04 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\TalkTalk\\agent\\bin\\bcont.exe"=
"c:\\Program Files\\Common Files\\SupportSoft\\bin\\tgsrvc.exe"=
"c:\\Program Files\\TalkTalk\\agent\\bin\\bcont_nm.exe"=
"c:\\Program Files\\TalkTalk\\bin\\sprtcmd.exe"=
"c:\\Program Files\\BitComet\\BitComet.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\BitComet\\plugin_emule\\plugin_eMule.exe"=
"c:\\Program Files\\Nectar Search Toolbar\\TroubleShooter.exe"=
"c:\\Program Files\\Nectar Search Toolbar\\ToolbarUpdate.exe"=
"c:\\Program Files\\BitComet\\Comet.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"21967:TCP"= 21967:TCP:BitComet 21967 TCP
"21967:UDP"= 21967:UDP:BitComet 21967 UDP
"8186:TCP"= 8186:TCP:BitComet 8186 TCP
"8186:UDP"= 8186:UDP:BitComet 8186 UDP
"11605:TCP"= 11605:TCP:BitComet 11605 TCP
"11605:UDP"= 11605:UDP:BitComet 11605 UDP
"23799:TCP"= 23799:TCP:BitComet 23799 TCP
"23799:UDP"= 23799:UDP:BitComet 23799 UDP
"13705:TCP"= 13705:TCP:BitComet 13705 TCP
"13705:UDP"= 13705:UDP:BitComet 13705 UDP
"12583:TCP"= 12583:TCP:BitComet 12583 TCP
"12583:UDP"= 12583:UDP:BitComet 12583 UDP
"24984:TCP"= 24984:TCP:BitComet 24984 TCP
"24984:UDP"= 24984:UDP:BitComet 24984 UDP
"22776:TCP"= 22776:TCP:BitComet 22776 TCP
"22776:UDP"= 22776:UDP:BitComet 22776 UDP
"20163:TCP"= 20163:TCP:BitComet 20163 TCP
"20163:UDP"= 20163:UDP:BitComet 20163 UDP
"16214:TCP"= 16214:TCP:BitComet 16214 TCP
"16214:UDP"= 16214:UDP:BitComet 16214 UDP
"12061:TCP"= 12061:TCP:BitComet 12061 TCP
"12061:UDP"= 12061:UDP:BitComet 12061 UDP
"19033:TCP"= 19033:TCP:BitComet 19033 TCP
"19033:UDP"= 19033:UDP:BitComet 19033 UDP
"25070:TCP"= 25070:TCP:BitComet 25070 TCP
"25070:UDP"= 25070:UDP:BitComet 25070 UDP
"10557:TCP"= 10557:TCP:BitComet 10557 TCP
"10557:UDP"= 10557:UDP:BitComet 10557 UDP
"20709:TCP"= 20709:TCP:BitComet 20709 TCP
"20709:UDP"= 20709:UDP:BitComet 20709 UDP
"26138:TCP"= 26138:TCP:BitComet 26138 TCP
"26138:UDP"= 26138:UDP:BitComet 26138 UDP
"9838:TCP"= 9838:TCP:BitComet 9838 TCP
"9838:UDP"= 9838:UDP:BitComet 9838 UDP
"11622:TCP"= 11622:TCP:BitComet 11622 TCP
"11622:UDP"= 11622:UDP:BitComet 11622 UDP
"22306:TCP"= 22306:TCP:BitComet 22306 TCP
"22306:UDP"= 22306:UDP:BitComet 22306 UDP
"12569:TCP"= 12569:TCP:BitComet 12569 TCP
"12569:UDP"= 12569:UDP:BitComet 12569 UDP
"9610:TCP"= 9610:TCP:BitComet 9610 TCP
"9610:UDP"= 9610:UDP:BitComet 9610 UDP
"9404:TCP"= 9404:TCP:BitComet 9404 TCP
"9404:UDP"= 9404:UDP:BitComet 9404 UDP
"20639:TCP"= 20639:TCP:BitComet 20639 TCP
"20639:UDP"= 20639:UDP:BitComet 20639 UDP
"20007:TCP"= 20007:TCP:BitComet 20007 TCP
"20007:UDP"= 20007:UDP:BitComet 20007 UDP
"16361:TCP"= 16361:TCP:BitComet 16361 TCP
"16361:UDP"= 16361:UDP:BitComet 16361 UDP
"20112:TCP"= 20112:TCP:BitComet 20112 TCP
"20112:UDP"= 20112:UDP:BitComet 20112 UDP
"27738:TCP"= 27738:TCP:BitComet 27738 TCP
"27738:UDP"= 27738:UDP:BitComet 27738 UDP
"13236:TCP"= 13236:TCP:BitComet 13236 TCP
"13236:UDP"= 13236:UDP:BitComet 13236 UDP
"27568:TCP"= 27568:TCP:BitComet 27568 TCP
"27568:UDP"= 27568:UDP:BitComet 27568 UDP
"8064:TCP"= 8064:TCP:BitComet 8064 TCP
"8064:UDP"= 8064:UDP:BitComet 8064 UDP
"10685:TCP"= 10685:TCP:BitComet 10685 TCP
"10685:UDP"= 10685:UDP:BitComet 10685 UDP
"16079:TCP"= 16079:TCP:BitComet 16079 TCP
"16079:UDP"= 16079:UDP:BitComet 16079 UDP
"8887:TCP"= 8887:TCP:BitComet 8887 TCP
"8887:UDP"= 8887:UDP:BitComet 8887 UDP
"8899:TCP"= 8899:TCP:BitComet 8899 TCP
"8899:UDP"= 8899:UDP:BitComet 8899 UDP
"8279:TCP"= 8279:TCP:BitComet 8279 TCP
"8279:UDP"= 8279:UDP:BitComet 8279 UDP
"27693:TCP"= 27693:TCP:BitComet 27693 TCP
"27693:UDP"= 27693:UDP:BitComet 27693 UDP
"7828:TCP"= 7828:TCP:BitComet 7828 TCP
"7828:UDP"= 7828:UDP:BitComet 7828 UDP
"18676:TCP"= 18676:TCP:BitComet 18676 TCP
"18676:UDP"= 18676:UDP:BitComet 18676 UDP
"24486:TCP"= 24486:TCP:BitComet 24486 TCP
"24486:UDP"= 24486:UDP:BitComet 24486 UDP
"26551:TCP"= 26551:TCP:BitComet 26551 TCP
"26551:UDP"= 26551:UDP:BitComet 26551 UDP
"21918:TCP"= 21918:TCP:BitComet 21918 TCP
"21918:UDP"= 21918:UDP:BitComet 21918 UDP
"20890:TCP"= 20890:TCP:BitComet 20890 TCP
"20890:UDP"= 20890:UDP:BitComet 20890 UDP
"9410:TCP"= 9410:TCP:BitComet 9410 TCP
"9410:UDP"= 9410:UDP:BitComet 9410 UDP
"26704:TCP"= 26704:TCP:BitComet 26704 TCP
"26704:UDP"= 26704:UDP:BitComet 26704 UDP
"20086:TCP"= 20086:TCP:BitComet 20086 TCP
"20086:UDP"= 20086:UDP:BitComet 20086 UDP
"17602:TCP"= 17602:TCP:BitComet 17602 TCP
"17602:UDP"= 17602:UDP:BitComet 17602 UDP
"10033:TCP"= 10033:TCP:BitComet 10033 TCP
"10033:UDP"= 10033:UDP:BitComet 10033 UDP
"18907:TCP"= 18907:TCP:BitComet 18907 TCP
"18907:UDP"= 18907:UDP:BitComet 18907 UDP
"7338:TCP"= 7338:TCP:BitComet 7338 TCP
"7338:UDP"= 7338:UDP:BitComet 7338 UDP
"19673:TCP"= 19673:TCP:BitComet 19673 TCP
"19673:UDP"= 19673:UDP:BitComet 19673 UDP
"19000:TCP"= 19000:TCP:BitComet 19000 TCP
"19000:UDP"= 19000:UDP:BitComet 19000 UDP
"10762:TCP"= 10762:TCP:BitComet 10762 TCP
"10762:UDP"= 10762:UDP:BitComet 10762 UDP
"15979:TCP"= 15979:TCP:BitComet 15979 TCP
"15979:UDP"= 15979:UDP:BitComet 15979 UDP
"13410:TCP"= 13410:TCP:BitComet 13410 TCP
"13410:UDP"= 13410:UDP:BitComet 13410 UDP
"7392:TCP"= 7392:TCP:BitComet 7392 TCP
"7392:UDP"= 7392:UDP:BitComet 7392 UDP
"20332:TCP"= 20332:TCP:BitComet 20332 TCP
"20332:UDP"= 20332:UDP:BitComet 20332 UDP
"8144:TCP"= 8144:TCP:BitComet 8144 TCP
"8144:UDP"= 8144:UDP:BitComet 8144 UDP
"13789:TCP"= 13789:TCP:BitComet 13789 TCP
"13789:UDP"= 13789:UDP:BitComet 13789 UDP
"11044:TCP"= 11044:TCP:BitComet 11044 TCP
"11044:UDP"= 11044:UDP:BitComet 11044 UDP
"7086:TCP"= 7086:TCP:BitComet 7086 TCP
"7086:UDP"= 7086:UDP:BitComet 7086 UDP
"16946:TCP"= 16946:TCP:BitComet 16946 TCP
"16946:UDP"= 16946:UDP:BitComet 16946 UDP
"8557:TCP"= 8557:TCP:BitComet 8557 TCP
"8557:UDP"= 8557:UDP:BitComet 8557 UDP
"13436:TCP"= 13436:TCP:BitComet 13436 TCP
"13436:UDP"= 13436:UDP:BitComet 13436 UDP
"7006:TCP"= 7006:TCP:BitComet 7006 TCP
"7006:UDP"= 7006:UDP:BitComet 7006 UDP
"22589:TCP"= 22589:TCP:BitComet 22589 TCP
"22589:UDP"= 22589:UDP:BitComet 22589 UDP
"7518:TCP"= 7518:TCP:BitComet 7518 TCP
"7518:UDP"= 7518:UDP:BitComet 7518 UDP
"23573:TCP"= 23573:TCP:BitComet 23573 TCP
"23573:UDP"= 23573:UDP:BitComet 23573 UDP
"17448:TCP"= 17448:TCP:BitComet 17448 TCP
"17448:UDP"= 17448:UDP:BitComet 17448 UDP
"25904:TCP"= 25904:TCP:BitComet 25904 TCP
"25904:UDP"= 25904:UDP:BitComet 25904 UDP
"7673:TCP"= 7673:TCP:BitComet 7673 TCP
"7673:UDP"= 7673:UDP:BitComet 7673 UDP
"12208:TCP"= 12208:TCP:BitComet 12208 TCP
"12208:UDP"= 12208:UDP:BitComet 12208 UDP
"18360:TCP"= 18360:TCP:BitComet 18360 TCP
"18360:UDP"= 18360:UDP:BitComet 18360 UDP
"9399:TCP"= 9399:TCP:BitComet 9399 TCP
"9399:UDP"= 9399:UDP:BitComet 9399 UDP
"26622:TCP"= 26622:TCP:BitComet 26622 TCP
"26622:UDP"= 26622:UDP:BitComet 26622 UDP
"10790:TCP"= 10790:TCP:BitComet 10790 TCP
"10790:UDP"= 10790:UDP:BitComet 10790 UDP
"8926:TCP"= 8926:TCP:BitComet 8926 TCP
"8926:UDP"= 8926:UDP:BitComet 8926 UDP
"27340:TCP"= 27340:TCP:BitComet 27340 TCP
"27340:UDP"= 27340:UDP:BitComet 27340 UDP
"24904:TCP"= 24904:TCP:BitComet 24904 TCP
"24904:UDP"= 24904:UDP:BitComet 24904 UDP
"9009:TCP"= 9009:TCP:BitComet 9009 TCP
"9009:UDP"= 9009:UDP:BitComet 9009 UDP
"12425:TCP"= 12425:TCP:BitComet 12425 TCP
"12425:UDP"= 12425:UDP:BitComet 12425 UDP
"15376:TCP"= 15376:TCP:BitComet 15376 TCP
"15376:UDP"= 15376:UDP:BitComet 15376 UDP
"22815:TCP"= 22815:TCP:BitComet 22815 TCP
"22815:UDP"= 22815:UDP:BitComet 22815 UDP
"25819:TCP"= 25819:TCP:BitComet 25819 TCP
"25819:UDP"= 25819:UDP:BitComet 25819 UDP
"9670:TCP"= 9670:TCP:BitComet 9670 TCP
"9670:UDP"= 9670:UDP:BitComet 9670 UDP
"22488:TCP"= 22488:TCP:BitComet 22488 TCP
"22488:UDP"= 22488:UDP:BitComet 22488 UDP
"16069:TCP"= 16069:TCP:BitComet 16069 TCP
"16069:UDP"= 16069:UDP:BitComet 16069 UDP
"23380:TCP"= 23380:TCP:BitComet 23380 TCP
"23380:UDP"= 23380:UDP:BitComet 23380 UDP
"9652:TCP"= 9652:TCP:BitComet 9652 TCP
"9652:UDP"= 9652:UDP:BitComet 9652 UDP
"8053:TCP"= 8053:TCP:BitComet 8053 TCP
"8053:UDP"= 8053:UDP:BitComet 8053 UDP
"18157:TCP"= 18157:TCP:BitComet 18157 TCP
"18157:UDP"= 18157:UDP:BitComet 18157 UDP
"22503:TCP"= 22503:TCP:BitComet 22503 TCP
"22503:UDP"= 22503:UDP:BitComet 22503 UDP
"10772:TCP"= 10772:TCP:BitComet 10772 TCP
"10772:UDP"= 10772:UDP:BitComet 10772 UDP
"17343:TCP"= 17343:TCP:BitComet 17343 TCP
"17343:UDP"= 17343:UDP:BitComet 17343 UDP
"13713:TCP"= 13713:TCP:BitComet 13713 TCP
"13713:UDP"= 13713:UDP:BitComet 13713 UDP
"15153:TCP"= 15153:TCP:BitComet 15153 TCP
"15153:UDP"= 15153:UDP:BitComet 15153 UDP
"25890:TCP"= 25890:TCP:BitComet 25890 TCP
"25890:UDP"= 25890:UDP:BitComet 25890 UDP
"14559:TCP"= 14559:TCP:BitComet 14559 TCP
"14559:UDP"= 14559:UDP:BitComet 14559 UDP
"22462:TCP"= 22462:TCP:BitComet 22462 TCP
"22462:UDP"= 22462:UDP:BitComet 22462 UDP
"23420:TCP"= 23420:TCP:BitComet 23420 TCP
"23420:UDP"= 23420:UDP:BitComet 23420 UDP
"7275:TCP"= 7275:TCP:BitComet 7275 TCP
"7275:UDP"= 7275:UDP:BitComet 7275 UDP
"10197:TCP"= 10197:TCP:BitComet 10197 TCP
"10197:UDP"= 10197:UDP:BitComet 10197 UDP
"15773:TCP"= 15773:TCP:BitComet 15773 TCP
"15773:UDP"= 15773:UDP:BitComet 15773 UDP
"16938:TCP"= 16938:TCP:BitComet 16938 TCP
"16938:UDP"= 16938:UDP:BitComet 16938 UDP
"19066:TCP"= 19066:TCP:BitComet 19066 TCP
"19066:UDP"= 19066:UDP:BitComet 19066 UDP
"15856:TCP"= 15856:TCP:BitComet 15856 TCP
"15856:UDP"= 15856:UDP:BitComet 15856 UDP
"16686:TCP"= 16686:TCP:BitComet 16686 TCP
"16686:UDP"= 16686:UDP:BitComet 16686 UDP
"26616:TCP"= 26616:TCP:BitComet 26616 TCP
"26616:UDP"= 26616:UDP:BitComet 26616 UDP
"17038:TCP"= 17038:TCP:BitComet 17038 TCP
"17038:UDP"= 17038:UDP:BitComet 17038 UDP
"9856:TCP"= 9856:TCP:BitComet 9856 TCP
"9856:UDP"= 9856:UDP:BitComet 9856 UDP
"13413:TCP"= 13413:TCP:BitComet 13413 TCP
"13413:UDP"= 13413:UDP:BitComet 13413 UDP
"26029:TCP"= 26029:TCP:BitComet 26029 TCP
"26029:UDP"= 26029:UDP:BitComet 26029 UDP
"26522:TCP"= 26522:TCP:BitComet 26522 TCP
"26522:UDP"= 26522:UDP:BitComet 26522 UDP
"18278:TCP"= 18278:TCP:BitComet 18278 TCP
"18278:UDP"= 18278:UDP:BitComet 18278 UDP
"24570:TCP"= 24570:TCP:BitComet 24570 TCP
"24570:UDP"= 24570:UDP:BitComet 24570 UDP
"22979:TCP"= 22979:TCP:BitComet 22979 TCP
"22979:UDP"= 22979:UDP:BitComet 22979 UDP
"8632:TCP"= 8632:TCP:BitComet 8632 TCP
"8632:UDP"= 8632:UDP:BitComet 8632 UDP
"24491:TCP"= 24491:TCP:BitComet 24491 TCP
"24491:UDP"= 24491:UDP:BitComet 24491 UDP
"24708:TCP"= 24708:TCP:BitComet 24708 TCP(ED2K)
"24708:UDP"= 24708:UDP:BitComet 24708 UDP(ED2K)
"11745:TCP"= 11745:TCP:BitComet 11745 TCP
"11745:UDP"= 11745:UDP:BitComet 11745 UDP
"24124:TCP"= 24124:TCP:BitComet 24124 TCP
"24124:UDP"= 24124:UDP:BitComet 24124 UDP
"23231:TCP"= 23231:TCP:BitComet 23231 TCP
"23231:UDP"= 23231:UDP:BitComet 23231 UDP
"19871:TCP"= 19871:TCP:BitComet 19871 TCP
"19871:UDP"= 19871:UDP:BitComet 19871 UDP
"23882:TCP"= 23882:TCP:BitComet 23882 TCP
"23882:UDP"= 23882:UDP:BitComet 23882 UDP
"12978:TCP"= 12978:TCP:BitComet 12978 TCP
"12978:UDP"= 12978:UDP:BitComet 12978 UDP
"20499:TCP"= 20499:TCP:BitComet 20499 TCP
"20499:UDP"= 20499:UDP:BitComet 20499 UDP
"9760:TCP"= 9760:TCP:BitComet 9760 TCP
"9760:UDP"= 9760:UDP:BitComet 9760 UDP
"21411:TCP"= 21411:TCP:BitComet 21411 TCP
"21411:UDP"= 21411:UDP:BitComet 21411 UDP
"25237:TCP"= 25237:TCP:BitComet 25237 TCP
"25237:UDP"= 25237:UDP:BitComet 25237 UDP
"12512:TCP"= 12512:TCP:BitComet 12512 TCP
"12512:UDP"= 12512:UDP:BitComet 12512 UDP
"7489:TCP"= 7489:TCP:BitComet 7489 TCP
"7489:UDP"= 7489:UDP:BitComet 7489 UDP
"17179:TCP"= 17179:TCP:BitComet 17179 TCP
"17179:UDP"= 17179:UDP:BitComet 17179 UDP
"17553:TCP"= 17553:TCP:BitComet 17553 TCP
"17553:UDP"= 17553:UDP:BitComet 17553 UDP
"23601:TCP"= 23601:TCP:BitComet 23601 TCP
"23601:UDP"= 23601:UDP:BitComet 23601 UDP
"12105:TCP"= 12105:TCP:BitComet 12105 TCP
"12105:UDP"= 12105:UDP:BitComet 12105 UDP
"9750:TCP"= 9750:TCP:BitComet 9750 TCP
"9750:UDP"= 9750:UDP:BitComet 9750 UDP
"14591:TCP"= 14591:TCP:BitComet 14591 TCP
"14591:UDP"= 14591:UDP:BitComet 14591 UDP
"20988:TCP"= 20988:TCP:BitComet 20988 TCP
"20988:UDP"= 20988:UDP:BitComet 20988 UDP
"17138:TCP"= 17138:TCP:BitComet 17138 TCP
"17138:UDP"= 17138:UDP:BitComet 17138 UDP
"10491:TCP"= 10491:TCP:BitComet 10491 TCP
"10491:UDP"= 10491:UDP:BitComet 10491 UDP
"13723:TCP"= 13723:TCP:BitComet 13723 TCP
"13723:UDP"= 13723:UDP:BitComet 13723 UDP
"9694:TCP"= 9694:TCP:BitComet 9694 TCP
"9694:UDP"= 9694:UDP:BitComet 9694 UDP
"15821:TCP"= 15821:TCP:BitComet 15821 TCP
"15821:UDP"= 15821:UDP:BitComet 15821 UDP
"18486:TCP"= 18486:TCP:BitComet 18486 TCP
"18486:UDP"= 18486:UDP:BitComet 18486 UDP
"24358:TCP"= 24358:TCP:BitComet 24358 TCP
"24358:UDP"= 24358:UDP:BitComet 24358 UDP
"12792:TCP"= 12792:TCP:BitComet 12792 TCP
"12792:UDP"= 12792:UDP:BitComet 12792 UDP
"19027:TCP"= 19027:TCP:BitComet 19027 TCP
"19027:UDP"= 19027:UDP:BitComet 19027 UDP
"20778:TCP"= 20778:TCP:BitComet 20778 TCP
"20778:UDP"= 20778:UDP:BitComet 20778 UDP
"22588:TCP"= 22588:TCP:BitComet 22588 TCP
"22588:UDP"= 22588:UDP:BitComet 22588 UDP
"13191:TCP"= 13191:TCP:BitComet 13191 TCP
"13191:UDP"= 13191:UDP:BitComet 13191 UDP
"10313:TCP"= 10313:TCP:BitComet 10313 TCP
"10313:UDP"= 10313:UDP:BitComet 10313 UDP
"22620:TCP"= 22620:TCP:BitComet 22620 TCP
"22620:UDP"= 22620:UDP:BitComet 22620 UDP
"8346:TCP"= 8346:TCP:BitComet 8346 TCP
"8346:UDP"= 8346:UDP:BitComet 8346 UDP
"8551:TCP"= 8551:TCP:BitComet 8551 TCP
"8551:UDP"= 8551:UDP:BitComet 8551 UDP
"13495:TCP"= 13495:TCP:BitComet 13495 TCP
"13495:UDP"= 13495:UDP:BitComet 13495 UDP
"14133:TCP"= 14133:TCP:BitComet 14133 TCP
"14133:UDP"= 14133:UDP:BitComet 14133 UDP
"7154:TCP"= 7154:TCP:BitComet 7154 TCP
"7154:UDP"= 7154:UDP:BitComet 7154 UDP
"14270:TCP"= 14270:TCP:BitComet 14270 TCP
"14270:UDP"= 14270:UDP:BitComet 14270 UDP
"7842:TCP"= 7842:TCP:BitComet 7842 TCP
"7842:UDP"= 7842:UDP:BitComet 7842 UDP
"8075:TCP"= 8075:TCP:BitComet 8075 TCP
"8075:UDP"= 8075:UDP:BitComet 8075 UDP
"14206:TCP"= 14206:TCP:BitComet 14206 TCP
"14206:UDP"= 14206:UDP:BitComet 14206 UDP
"20668:TCP"= 20668:TCP:BitComet 20668 TCP
"20668:UDP"= 20668:UDP:BitComet 20668 UDP
"9307:TCP"= 9307:TCP:BitComet 9307 TCP
"9307:UDP"= 9307:UDP:BitComet 9307 UDP
"22001:TCP"= 22001:TCP:BitComet 22001 TCP
"22001:UDP"= 22001:UDP:BitComet 22001 UDP
"9955:TCP"= 9955:TCP:BitComet 9955 TCP
"9955:UDP"= 9955:UDP:BitComet 9955 UDP
"24167:TCP"= 24167:TCP:BitComet 24167 TCP
"24167:UDP"= 24167:UDP:BitComet 24167 UDP
"13274:TCP"= 13274:TCP:BitComet 13274 TCP
"13274:UDP"= 13274:UDP:BitComet 13274 UDP
"12735:TCP"= 12735:TCP:BitComet 12735 TCP
"12735:UDP"= 12735:UDP:BitComet 12735 UDP
"19975:TCP"= 19975:TCP:BitComet 19975 TCP
"19975:UDP"= 19975:UDP:BitComet 19975 UDP
"9944:TCP"= 9944:TCP:BitComet 9944 TCP
"9944:UDP"= 9944:UDP:BitComet 9944 UDP
"20488:TCP"= 20488:TCP:BitComet 20488 TCP
"20488:UDP"= 20488:UDP:BitComet 20488 UDP
"19208:TCP"= 19208:TCP:BitComet 19208 TCP
"19208:UDP"= 19208:UDP:BitComet 19208 UDP
"12119:TCP"= 12119:TCP:BitComet 12119 TCP
"12119:UDP"= 12119:UDP:BitComet 12119 UDP
"26362:TCP"= 26362:TCP:BitComet 26362 TCP
"26362:UDP"= 26362:UDP:BitComet 26362 UDP
"9161:TCP"= 9161:TCP:BitComet 9161 TCP
"9161:UDP"= 9161:UDP:BitComet 9161 UDP
"20187:TCP"= 20187:TCP:BitComet 20187 TCP
"20187:UDP"= 20187:UDP:BitComet 20187 UDP
"15939:TCP"= 15939:TCP:BitComet 15939 TCP
"15939:UDP"= 15939:UDP:BitComet 15939 UDP
"8209:TCP"= 8209:TCP:BitComet 8209 TCP
"8209:UDP"= 8209:UDP:BitComet 8209 UDP
"11596:TCP"= 11596:TCP:BitComet 11596 TCP
"11596:UDP"= 11596:UDP:BitComet 11596 UDP
"16104:TCP"= 16104:TCP:BitComet 16104 TCP
"16104:UDP"= 16104:UDP:BitComet 16104 UDP
"18311:TCP"= 18311:TCP:BitComet 18311 TCP
"18311:UDP"= 18311:UDP:BitComet 18311 UDP
"12685:TCP"= 12685:TCP:BitComet 12685 TCP
"12685:UDP"= 12685:UDP:BitComet 12685 UDP
"21633:TCP"= 21633:TCP:BitComet 21633 TCP
"21633:UDP"= 21633:UDP:BitComet 21633 UDP
"19050:TCP"= 19050:TCP:BitComet 19050 TCP
"19050:UDP"= 19050:UDP:BitComet 19050 UDP
"19343:TCP"= 19343:TCP:BitComet 19343 TCP
"19343:UDP"= 19343:UDP:BitComet 19343 UDP
"8294:TCP"= 8294:TCP:BitComet 8294 TCP
"8294:UDP"= 8294:UDP:BitComet 8294 UDP
"14399:TCP"= 14399:TCP:BitComet 14399 TCP
"14399:UDP"= 14399:UDP:BitComet 14399 UDP
"12755:TCP"= 12755:TCP:BitComet 12755 TCP
"12755:UDP"= 12755:UDP:BitComet 12755 UDP
"7447:TCP"= 7447:TCP:BitComet 7447 TCP
"7447:UDP"= 7447:UDP:BitComet 7447 UDP
"12118:TCP"= 12118:TCP:BitComet 12118 TCP
"12118:UDP"= 12118:UDP:BitComet 12118 UDP
"24269:TCP"= 24269:TCP:BitComet 24269 TCP
"24269:UDP"= 24269:UDP:BitComet 24269 UDP
"18594:TCP"= 18594:TCP:BitComet 18594 TCP
"18594:UDP"= 18594:UDP:BitComet 18594 UDP
"14275:TCP"= 14275:TCP:BitComet 14275 TCP
"14275:UDP"= 14275:UDP:BitComet 14275 UDP
"27285:TCP"= 27285:TCP:BitComet 27285 TCP
"27285:UDP"= 27285:UDP:BitComet 27285 UDP
"22156:TCP"= 22156:TCP:BitComet 22156 TCP
"22156:UDP"= 22156:UDP:BitComet 22156 UDP
"7318:TCP"= 7318:TCP:BitComet 7318 TCP
"7318:UDP"= 7318:UDP:BitComet 7318 UDP
"22902:TCP"= 22902:TCP:BitComet 22902 TCP
"22902:UDP"= 22902:UDP:BitComet 22902 UDP
"21452:TCP"= 21452:TCP:BitComet 21452 TCP
"21452:UDP"= 21452:UDP:BitComet 21452 UDP
"24145:TCP"= 24145:TCP:BitComet 24145 TCP
"24145:UDP"= 24145:UDP:BitComet 24145 UDP
"23816:TCP"= 23816:TCP:BitComet 23816 TCP
"23816:UDP"= 23816:UDP:BitComet 23816 UDP
"19254:TCP"= 19254:TCP:BitComet 19254 TCP
"19254:UDP"= 19254:UDP:BitComet 19254 UDP
"14666:TCP"= 14666:TCP:BitComet 14666 TCP
"14666:UDP"= 14666:UDP:BitComet 14666 UDP
"12540:TCP"= 12540:TCP:BitComet 12540 TCP
"12540:UDP"= 12540:UDP:BitComet 12540 UDP
"23390:TCP"= 23390:TCP:BitComet 23390 TCP
"23390:UDP"= 23390:UDP:BitComet 23390 UDP
"27636:TCP"= 27636:TCP:BitComet 27636 TCP
"27636:UDP"= 27636:UDP:BitComet 27636 UDP
"11500:TCP"= 11500:TCP:BitComet 11500 TCP
"11500:UDP"= 11500:UDP:BitComet 11500 UDP
"14039:TCP"= 14039:TCP:BitComet 14039 TCP
"14039:UDP"= 14039:UDP:BitComet 14039 UDP
"11320:TCP"= 11320:TCP:BitComet 11320 TCP
"11320:UDP"= 11320:UDP:BitComet 11320 UDP
"25256:TCP"= 25256:TCP:BitComet 25256 TCP
"25256:UDP"= 25256:UDP:BitComet 25256 UDP
"15392:TCP"= 15392:TCP:BitComet 15392 TCP
"15392:UDP"= 15392:UDP:BitComet 15392 UDP
"13675:TCP"= 13675:TCP:BitComet 13675 TCP
"13675:UDP"= 13675:UDP:BitComet 13675 UDP
"25873:TCP"= 25873:TCP:BitComet 25873 TCP
"25873:UDP"= 25873:UDP:BitComet 25873 UDP
"21818:TCP"= 21818:TCP:BitComet 21818 TCP
"21818:UDP"= 21818:UDP:BitComet 21818 UDP
"22284:TCP"= 22284:TCP:BitComet 22284 TCP
"22284:UDP"= 22284:UDP:BitComet 22284 UDP
"12626:TCP"= 12626:TCP:BitComet 12626 TCP
"12626:UDP"= 12626:UDP:BitComet 12626 UDP
"10485:TCP"= 10485:TCP:BitComet 10485 TCP
"10485:UDP"= 10485:UDP:BitComet 10485 UDP
"9114:TCP"= 9114:TCP:BitComet 9114 TCP
"9114:UDP"= 9114:UDP:BitComet 9114 UDP
"9980:TCP"= 9980:TCP:BitComet 9980 TCP
"9980:UDP"= 9980:UDP:BitComet 9980 UDP
"9461:TCP"= 9461:TCP:BitComet 9461 TCP
"9461:UDP"= 9461:UDP:BitComet 9461 UDP
"16696:TCP"= 16696:TCP:BitComet 16696 TCP
"16696:UDP"= 16696:UDP:BitComet 16696 UDP
"26833:TCP"= 26833:TCP:BitComet 26833 TCP
"26833:UDP"= 26833:UDP:BitComet 26833 UDP
"22134:TCP"= 22134:TCP:BitComet 22134 TCP
"22134:UDP"= 22134:UDP:BitComet 22134 UDP
"16033:TCP"= 16033:TCP:BitComet 16033 TCP
"16033:UDP"= 16033:UDP:BitComet 16033 UDP
"14052:TCP"= 14052:TCP:BitComet 14052 TCP
"14052:UDP"= 14052:UDP:BitComet 14052 UDP
"11380:TCP"= 11380:TCP:BitComet 11380 TCP
"11380:UDP"= 11380:UDP:BitComet 11380 UDP
"10796:TCP"= 10796:TCP:BitComet 10796 TCP
"10796:UDP"= 10796:UDP:BitComet 10796 UDP
"11710:TCP"= 11710:TCP:BitComet 11710 TCP
"11710:UDP"= 11710:UDP:BitComet 11710 UDP
"8360:TCP"= 8360:TCP:BitComet 8360 TCP
"8360:UDP"= 8360:UDP:BitComet 8360 UDP
"22719:TCP"= 22719:TCP:BitComet 22719 TCP
"22719:UDP"= 22719:UDP:BitComet 22719 UDP
"8475:TCP"= 8475:TCP:BitComet 8475 TCP
"8475:UDP"= 8475:UDP:BitComet 8475 UDP
"26600:TCP"= 26600:TCP:BitComet 26600 TCP
"26600:UDP"= 26600:UDP:BitComet 26600 UDP
"15871:TCP"= 15871:TCP:BitComet 15871 TCP
"15871:UDP"= 15871:UDP:BitComet 15871 UDP
"14588:TCP"= 14588:TCP:BitComet 14588 TCP
"14588:UDP"= 14588:UDP:BitComet 14588 UDP
"7120:TCP"= 7120:TCP:BitComet 7120 TCP
"7120:UDP"= 7120:UDP:BitComet 7120 UDP
"17649:TCP"= 17649:TCP:BitComet 17649 TCP
"17649:UDP"= 17649:UDP:BitComet 17649 UDP
"24088:TCP"= 24088:TCP:BitComet 24088 TCP
"24088:UDP"= 24088:UDP:BitComet 24088 UDP
"18456:TCP"= 18456:TCP:BitComet 18456 TCP
"18456:UDP"= 18456:UDP:BitComet 18456 UDP
"9002:TCP"= 9002:TCP:BitComet 9002 TCP
"9002:UDP"= 9002:UDP:BitComet 9002 UDP
"8199:TCP"= 8199:TCP:BitComet 8199 TCP
"8199:UDP"= 8199:UDP:BitComet 8199 UDP
"12310:TCP"= 12310:TCP:BitComet 12310 TCP
"12310:UDP"= 12310:UDP:BitComet 12310 UDP
"22583:TCP"= 22583:TCP:BitComet 22583 TCP
"22583:UDP"= 22583:UDP:BitComet 22583 UDP
"11649:TCP"= 11649:TCP:BitComet 11649 TCP
"11649:UDP"= 11649:UDP:BitComet 11649 UDP
"12989:TCP"= 12989:TCP:BitComet 12989 TCP
"12989:UDP"= 12989:UDP:BitComet 12989 UDP
"20640:TCP"= 20640:TCP:BitComet 20640 TCP
"20640:UDP"= 20640:UDP:BitComet 20640 UDP
"21938:TCP"= 21938:TCP:BitComet 21938 TCP
"21938:UDP"= 21938:UDP:BitComet 21938 UDP
"27135:TCP"= 27135:TCP:BitComet 27135 TCP
"27135:UDP"= 27135:UDP:BitComet 27135 UDP
"17063:TCP"= 17063:TCP:BitComet 17063 TCP
"17063:UDP"= 17063:UDP:BitComet 17063 UDP
"22300:TCP"= 22300:TCP:BitComet 22300 TCP
"22300:UDP"= 22300:UDP:BitComet 22300 UDP
"19590:TCP"= 19590:TCP:BitComet 19590 TCP
"19590:UDP"= 19590:UDP:BitComet 19590 UDP
"10156:TCP"= 10156:TCP:BitComet 10156 TCP
"10156:UDP"= 10156:UDP:BitComet 10156 UDP
"22709:TCP"= 22709:TCP:BitComet 22709 TCP
"22709:UDP"= 22709:UDP:BitComet 22709 UDP
"10163:TCP"= 10163:TCP:BitComet 10163 TCP
"10163:UDP"= 10163:UDP:BitComet 10163 UDP
"10481:TCP"= 10481:TCP:BitComet 10481 TCP
"10481:UDP"= 10481:UDP:BitComet 10481 UDP
"10970:TCP"= 10970:TCP:BitComet 10970 TCP
"10970:UDP"= 10970:UDP:BitComet 10970 UDP
"25917:TCP"= 25917:TCP:BitComet 25917 TCP
"25917:UDP"= 25917:UDP:BitComet 25917 UDP
"17847:TCP"= 17847:TCP:BitComet 17847 TCP
"17847:UDP"= 17847:UDP:BitComet 17847 UDP
"15370:TCP"= 15370:TCP:BitComet 15370 TCP
"15370:UDP"= 15370:UDP:BitComet 15370 UDP
"12117:TCP"= 12117:TCP:BitComet 12117 TCP
"12117:UDP"= 12117:UDP:BitComet 12117 UDP
"18637:TCP"= 18637:TCP:BitComet 18637 TCP
"18637:UDP"= 18637:UDP:BitComet 18637 UDP
"18818:TCP"= 18818:TCP:BitComet 18818 TCP
"18818:UDP"= 18818:UDP:BitComet 18818 UDP
"17362:TCP"= 17362:TCP:BitComet 17362 TCP
"17362:UDP"= 17362:UDP:BitComet 17362 UDP
"17842:TCP"= 17842:TCP:BitComet 17842 TCP
"17842:UDP"= 17842:UDP:BitComet 17842 UDP
"17997:TCP"= 17997:TCP:BitComet 17997 TCP
"17997:UDP"= 17997:UDP:BitComet 17997 UDP
"15251:TCP"= 15251:TCP:BitComet 15251 TCP
"15251:UDP"= 15251:UDP:BitComet 15251 UDP
"7137:TCP"= 7137:TCP:BitComet 7137 TCP
"7137:UDP"= 7137:UDP:BitComet 7137 UDP
"16343:TCP"= 16343:TCP:BitComet 16343 TCP
"16343:UDP"= 16343:UDP:BitComet 16343 UDP
"15187:TCP"= 15187:TCP:BitComet 15187 TCP
"15187:UDP"= 15187:UDP:BitComet 15187 UDP
"11274:TCP"= 11274:TCP:BitComet 11274 TCP
"11274:UDP"= 11274:UDP:BitComet 11274 UDP
"13038:TCP"= 13038:TCP:BitComet 13038 TCP
"13038:UDP"= 13038:UDP:BitComet 13038 UDP
"16997:TCP"= 16997:TCP:BitComet 16997 TCP
"16997:UDP"= 16997:UDP:BitComet 16997 UDP
"15746:TCP"= 15746:TCP:BitComet 15746 TCP
"15746:UDP"= 15746:UDP:BitComet 15746 UDP
"11782:TCP"= 11782:TCP:BitComet 11782 TCP
"11782:UDP"= 11782:UDP:BitComet 11782 UDP
"9203:TCP"= 9203:TCP:BitComet 9203 TCP
"9203:UDP"= 9203:UDP:BitComet 9203 UDP
"25565:TCP"= 25565:TCP:BitComet 25565 TCP
"25565:UDP"= 25565:UDP:BitComet 25565 UDP
"16382:TCP"= 16382:TCP:BitComet 16382 TCP
"16382:UDP"= 16382:UDP:BitComet 16382 UDP
"17208:TCP"= 17208:TCP:BitComet 17208 TCP
"17208:UDP"= 17208:UDP:BitComet 17208 UDP
"15031:TCP"= 15031:TCP:BitComet 15031 TCP
"15031:UDP"= 15031:UDP:BitComet 15031 UDP
"16250:TCP"= 16250:TCP:BitComet 16250 TCP
"16250:UDP"= 16250:UDP:BitComet 16250 UDP
"9103:TCP"= 9103:TCP:BitComet 9103 TCP
"9103:UDP"= 9103:UDP:BitComet 9103 UDP
"11191:TCP"= 11191:TCP:BitComet 11191 TCP
"11191:UDP"= 11191:UDP:BitComet 11191 UDP
"18115:TCP"= 18115:TCP:BitComet 18115 TCP
"18115:UDP"= 18115:UDP:BitComet 18115 UDP
"17515:TCP"= 17515:TCP:BitComet 17515 TCP
"17515:UDP"= 17515:UDP:BitComet 17515 UDP
"10136:TCP"= 10136:TCP:BitComet 10136 TCP
"10136:UDP"= 10136:UDP:BitComet 10136 UDP
"21806:TCP"= 21806:TCP:BitComet 21806 TCP
"21806:UDP"= 21806:UDP:BitComet 21806 UDP
"21494:TCP"= 21494:TCP:BitComet 21494 TCP
"21494:UDP"= 21494:UDP:BitComet 21494 UDP
"25686:TCP"= 25686:TCP:BitComet 25686 TCP
"25686:UDP"= 25686:UDP:BitComet 25686 UDP
"7902:TCP"= 7902:TCP:BitComet 7902 TCP
"7902:UDP"= 7902:UDP:BitComet 7902 UDP
"17248:TCP"= 17248:TCP:BitComet 17248 TCP
"17248:UDP"= 17248:UDP:BitComet 17248 UDP
"14823:TCP"= 14823:TCP:BitComet 14823 TCP
"14823:UDP"= 14823:UDP:BitComet 14823 UDP
"8993:TCP"= 8993:TCP:BitComet 8993 TCP
"8993:UDP"= 8993:UDP:BitComet 8993 UDP
"7955:TCP"= 7955:TCP:BitComet 7955 TCP
"7955:UDP"= 7955:UDP:BitComet 7955 UDP
"12964:TCP"= 12964:TCP:BitComet 12964 TCP
"12964:UDP"= 12964:UDP:BitComet 12964 UDP
"12032:TCP"= 12032:TCP:BitComet 12032 TCP
"12032:UDP"= 12032:UDP:BitComet 12032 UDP
"11515:TCP"= 11515:TCP:BitComet 11515 TCP
"11515:UDP"= 11515:UDP:BitComet 11515 UDP
"12818:TCP"= 12818:TCP:BitComet 12818 TCP
"12818:UDP"= 12818:UDP:BitComet 12818 UDP
"13402:TCP"= 13402:TCP:BitComet 13402 TCP
"13402:UDP"= 13402:UDP:BitComet 13402 UDP
"13183:TCP"= 13183:TCP:BitComet 13183 TCP
"13183:UDP"= 13183:UDP:BitComet 13183 UDP
"7817:TCP"= 7817:TCP:BitComet 7817 TCP
"7817:UDP"= 7817:UDP:BitComet 7817 UDP
"14199:TCP"= 14199:TCP:BitComet 14199 TCP
"14199:UDP"= 14199:UDP:BitComet 14199 UDP
"13466:TCP"= 13466:TCP:BitComet 13466 TCP
"13466:UDP"= 13466:UDP:BitComet 13466 UDP
"12990:TCP"= 12990:TCP:BitComet 12990 TCP
"12990:UDP"= 12990:UDP:BitComet 12990 UDP
"7155:TCP"= 7155:TCP:BitComet 7155 TCP
"7155:UDP"= 7155:UDP:BitComet 7155 UDP
"19434:TCP"= 19434:TCP:BitComet 19434 TCP
"19434:UDP"= 19434:UDP:BitComet 19434 UDP
"21383:TCP"= 21383:TCP:BitComet 21383 TCP
"21383:UDP"= 21383:UDP:BitComet 21383 UDP
"22005:TCP"= 22005:TCP:BitComet 22005 TCP
"22005:UDP"= 22005:UDP:BitComet 22005 UDP
"9523:TCP"= 9523:TCP:BitComet 9523 TCP
"9523:UDP"= 9523:UDP:BitComet 9523 UDP
"15182:TCP"= 15182:TCP:BitComet 15182 TCP
"15182:UDP"= 15182:UDP:BitComet 15182 UDP
.
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [17/02/2010 18:25 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [10/05/2010 18:41 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [29/06/2010 17:48 116608]
R2 FreeAgentGoNext Service;Seagate Service;c:\program files\Seagate\SeagateManager\Sync\FreeAgentService.exe [18/12/2009 11:25 189736]
R2 MTC0007_STDSB;Scroll Bar Driver;c:\windows\system32\drivers\STDSB.sys [23/10/2010 20:45 11279]
R2 sprtsvc_TalkTalk;SupportSoft Sprocket Service (TalkTalk);c:\program files\TalkTalk\bin\sprtsvc.exe [12/10/2007 08:33 202016]
R2 tgsrvc_TalkTalk;SupportSoft Repair Service (TalkTalk);c:\program files\Common Files\SupportSoft\bin\tgsrvc.exe [02/08/2007 13:42 148768]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [06/11/2011 14:57 136176]
S2 STDSB;STDSB;c:\windows\system32\drivers\STDSB.sys [23/10/2010 20:45 11279]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [06/11/2011 14:57 136176]
S3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\drivers\ivusb.sys [28/07/2010 23:25 25112]
.
Contents of the 'Scheduled Tasks' folder
.
2012-01-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-11-06 14:57]
.
2011-12-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-11-06 14:57]
.
2011-12-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4176526733-4191318346-2997453395-1006Core.job
- c:\documents and settings\Lee and Rong\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-11-19 15:02]
.
2011-12-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4176526733-4191318346-2997453395-1006UA.job
- c:\documents and settings\Lee and Rong\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-11-19 15:02]
.
2012-01-01 c:\windows\Tasks\SDMsgUpdate (TE).job
- c:\progra~1\SMARTD~1\Messages\SDNotify.exe [2011-08-10 17:29]
.
2011-12-17 c:\windows\Tasks\SpeedyPC Pro.job
- c:\program files\SpeedyPC Software\SpeedyPC\SpeedyPC.exe [2011-10-09 01:19]
.
2011-12-26 c:\windows\Tasks\SpeedyPC Registration3.job
- c:\program files\Common Files\SpeedyPC Software\UUS3\UUS3.dll [2011-10-06 16:18]
.
2011-12-17 c:\windows\Tasks\SpeedyPC Update Version3.job
- c:\program files\Common Files\SpeedyPC Software\UUS3\SpeedyPC_Update3.exe [2011-10-06 16:18]
.
2012-01-01 c:\windows\Tasks\User_Feed_Synchronization-{B6B2C2D7-A710-4FA2-8253-DFE68C3AB2AB}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 03:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.co.uk/
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-01 20:16
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(716)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
.
- - - - - - - > 'explorer.exe'(516)
c:\windows\system32\WININET.dll
c:\program files\Windows Media Player\wmpband.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\wmvcore.dll
c:\windows\system32\WMASF.DLL
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\slmdmsr.exe
c:\program files\Canon\CAL\CALMAIN.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2012-01-01 20:20:56 - machine was rebooted
ComboFix-quarantined-files.txt 2012-01-01 20:20
ComboFix2.txt 2011-12-31 22:24
ComboFix3.txt 2011-06-05 14:48
.
Pre-Run: 62,189,363,200 bytes free
Post-Run: 62,169,759,744 bytes free
.
- - End Of File - - 7D86BB42CE279786B78544D9494FF46C

#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:04 AM

Posted 01 January 2012 - 05:22 PM

Hello


tell me about the wireless

what is happening

what you have tried?



gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#12 Confused Lee

Confused Lee
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Plymouth UK
  • Local time:09:04 AM

Posted 04 January 2012 - 04:07 PM

Hi Gringo,

I accidentally turned off my wireless by touching Fn + F1 without realising it. As the machine was behaving badly (slower than treacle in the snow at the time) I did not notice until later, then I had to sit down and read the manual to find how to turn wireless on again and found the key combination to do so. Unfortunately, pressing Fn + F1 slowly, quickly, softly, hard, with certain un-repeatable words or without does not result in wireless being switched back on!

Device manager tells me the wireless adapter is working fine, and all the other Fn + Function key switches work as listed in the manual. There is no help available on the manufacturer's web site as my machine is just sooooooo old (5 years) that the model number does not appear on the support site. I have Googled and read dozens of posts on dozens of web sites and the only answer I can find is to replace the keyboard, but I am not going to do that.

I had hoped there was an electronic way to override the physical switch, but so far I have not found one. If you or any of your colleagues at Bleeping Computer know of a workaround, I am more than willing to try, but not if it involves screwdrivers - I know what I am like, and would probably drop some vital spring or washer and spend the next 3 weeks searching for it behind the couch!!

Kind regards,

Confused Lee

#13 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:04 AM

Posted 04 January 2012 - 04:33 PM

Hello


when you do the Fn + F1 key combination does the indicator light turn on and off?
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#14 Confused Lee

Confused Lee
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Plymouth UK
  • Local time:09:04 AM

Posted 05 January 2012 - 02:44 PM

Hi Gringo,

There is no indicator light for wireless. The only indicators are mains power, battery charging, hard drive use, number lock and caps lock.

I have just run through all the Fn + F1-12 functions that I can remember the purpose of, and they all work (ie sound mute, brilliance up and down, screen on and off) but the dear old wireless on/off fails to do anything!

I pressed Fn + F1, refreshed network list and none seen (six showing on my other computer, my own at full strength). Pressed Fn + F1 again, refreshed, nothing. Sighhhhhhhhh. :(

Kind regards,

Confused Lee

#15 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:04 AM

Posted 05 January 2012 - 08:50 PM

hello

let me have the make and model of the computer just to do some checking myself


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users