offline
- canke
- Građanin
- Pridružio: 06 Maj 2008
- Poruke: 90
|
ComboFix 08-06-16.2 - stamenko 2008-06-17 15:08:39.4 - FAT32x86
Running from: C:\Documents and Settings\stamenko\Desktop\ComboFix.exe
* Created a new restore point
* Resident AV is active
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\BM39412636.xml
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\Cache
C:\WINDOWS\system32\cbXQHAtQ.dll
C:\WINDOWS\system32\drivers\npf.sys
C:\WINDOWS\system32\fccbASih.dll
C:\WINDOWS\system32\fccBSigh.dll
C:\WINDOWS\system32\fccCvtTM.dll
C:\WINDOWS\system32\jkklmMET.dll
C:\WINDOWS\system32\ljJBTMFy.dll
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\MSINET.oca
C:\WINDOWS\system32\packet.dll
C:\WINDOWS\system32\qjfiiewn.ini
C:\WINDOWS\system32\QtAHQXbc.ini
C:\WINDOWS\system32\QtAHQXbc.ini2
C:\WINDOWS\system32\rqRHBRKA.dll
C:\WINDOWS\system32\rqRIxUmk.dll
C:\WINDOWS\system32\ssqOFUNH.dll
C:\WINDOWS\system32\svdhost.exe
C:\WINDOWS\system32\vtUMfGwU.dll
C:\WINDOWS\system32\wpcap.dll
C:\WINDOWS\system32\yayvWomJ.dll
C:\WINDOWS\system32\yaywvsqN.dll
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_IPRIP
-------\Service_Iprip
-------\Service_NPF
((((((((((((((((((((((((( Files Created from 2008-05-17 to 2008-06-17 )))))))))))))))))))))))))))))))
.
2008-06-16 23:19 . 2008-06-16 23:19 <DIR> d---s---- C:\Documents and Settings\Administrator
2008-06-16 22:59 . 2004-08-03 23:04 156,672 --a------ C:\WINDOWS\system32\dllcache\winzm.ime
2008-06-16 22:59 . 2004-08-03 23:04 156,672 --a------ C:\WINDOWS\system32\dllcache\winsp.ime
2008-06-16 22:59 . 2004-08-03 23:04 156,672 --a------ C:\WINDOWS\system32\dllcache\winpy.ime
2008-06-16 22:59 . 2004-08-03 23:04 79,360 --a------ C:\WINDOWS\system32\dllcache\winar30.ime
2008-06-16 22:59 . 2001-08-23 14:00 69,120 --a------ C:\WINDOWS\system32\dllcache\wingb.ime
2008-06-16 22:59 . 2004-08-03 23:04 65,536 --a------ C:\WINDOWS\system32\dllcache\winime.ime
2008-06-16 22:59 . 2001-08-23 14:00 28,288 --a------ C:\WINDOWS\system32\dllcache\xjis.nls
2008-06-16 22:57 . 2001-08-23 14:00 13,463,552 --a------ C:\WINDOWS\system32\dllcache\hwxjpn.dll
2008-06-16 22:53 . 2008-06-16 22:53 488 -rah----- C:\WINDOWS\system32\logonui.exe.manifest
2008-06-16 22:52 . 2008-06-16 22:52 749 -rah----- C:\WINDOWS\WindowsShell.Manifest
2008-06-16 22:52 . 2008-06-16 22:52 749 -rah----- C:\WINDOWS\system32\wuaucpl.cpl.manifest
2008-06-16 22:52 . 2008-06-16 22:52 749 -rah----- C:\WINDOWS\system32\sapi.cpl.manifest
2008-06-16 22:52 . 2008-06-16 22:52 749 -rah----- C:\WINDOWS\system32\nwc.cpl.manifest
2008-06-16 22:52 . 2008-06-16 22:52 749 -rah----- C:\WINDOWS\system32\ncpa.cpl.manifest
2008-06-16 22:41 . 2004-08-04 00:56 363,520 --a------ C:\WINDOWS\system32\dllcache\w3svc.dll
2008-06-16 22:41 . 2004-08-04 00:56 259,072 --a------ C:\WINDOWS\system32\dllcache\snmpcl.dll
2008-06-16 22:41 . 2004-08-04 00:56 61,440 --a------ C:\WINDOWS\system32\dllcache\httpod51.dll
2008-06-16 22:41 . 2004-08-04 00:56 46,592 --a------ C:\WINDOWS\system32\dllcache\sspifilt.dll
2008-06-16 22:41 . 2004-08-04 00:56 40,448 --a------ C:\WINDOWS\system32\dllcache\snmpthrd.dll
2008-06-16 22:41 . 2004-08-04 00:56 8,192 --a------ C:\WINDOWS\system32\dllcache\httpmb51.dll
2008-06-16 22:41 . 2001-08-23 14:00 7,680 --a------ C:\WINDOWS\system32\dllcache\inetmgr.exe
2008-06-16 22:40 . 2004-08-04 00:56 152,576 --a------ C:\WINDOWS\system32\irftp.exe
2008-06-16 22:40 . 2004-08-03 23:00 87,424 --a------ C:\WINDOWS\system32\drivers\irda.sys
2008-06-16 22:40 . 2004-08-04 00:56 27,136 --a------ C:\WINDOWS\system32\irmon.dll
2008-06-16 22:40 . 2004-08-04 00:56 8,192 --a------ C:\WINDOWS\system32\wshirda.dll
2008-06-16 22:25 . 2001-08-17 13:51 19,584 --a------ C:\WINDOWS\system32\drivers\rasirda.sys
2008-06-16 22:23 . 2004-08-04 01:57 1,086,058 -ra------ C:\WINDOWS\SET4D.tmp
2008-06-16 22:23 . 2004-08-04 02:03 1,042,903 -ra------ C:\WINDOWS\SET4A.tmp
2008-06-16 22:23 . 2004-08-04 01:58 13,753 -ra------ C:\WINDOWS\SET5A.tmp
2008-06-14 22:28 . 2008-06-14 22:28 <DIR> d-------- C:\Program Files\bevel gear
2008-06-14 17:12 . 2008-06-14 17:12 <DIR> d-------- C:\Documents and Settings\stamenko\WLSCompanion
2008-06-14 05:33 . 2008-06-14 05:33 <DIR> d-------- C:\Program Files\Winamp Toolbar
2008-06-14 05:33 . 2008-06-14 05:33 <DIR> d-------- C:\Program Files\Winamp Remote
2008-06-14 05:33 . 2008-06-14 05:33 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Winamp Toolbar
2008-06-14 05:33 . 2008-06-14 05:33 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\OrbNetworks
2008-06-13 16:14 . 2008-06-13 16:14 <DIR> d-------- C:\Program Files\Rainbow Technologies
2008-06-13 16:09 . 2008-06-13 16:09 <DIR> d-------- C:\Program Files\ArtCAM Pro 8
2008-06-12 16:11 . 2008-06-12 16:11 <DIR> d-------- C:\CNC XYZ
2008-06-11 12:35 . 2008-06-11 12:35 <DIR> d--hs---- C:\FOUND.013
2008-06-11 10:04 . 2006-06-13 08:44 <DIR> d-------- C:\Program Files\TurnAddons
2008-06-11 10:04 . 2006-08-20 10:31 <DIR> d-------- C:\Program Files\Addons
2008-06-11 10:03 . 2008-06-11 10:03 <DIR> d-------- C:\Program Files\Subroutines
2008-06-11 10:03 . 2008-06-11 10:03 <DIR> d-------- C:\Program Files\SETUP
2008-06-11 10:03 . 2006-06-30 09:01 <DIR> d-------- C:\Program Files\macros
2008-06-11 10:03 . 2008-06-11 10:03 <DIR> d-------- C:\Program Files\Help
2008-06-11 10:03 . 2008-06-11 10:03 <DIR> d-------- C:\Program Files\GCode
2008-06-11 10:03 . 2006-02-21 10:29 <DIR> d-------- C:\Program Files\Bitmaps
2008-06-11 10:03 . 2006-08-18 20:25 5,040 --a------ C:\Program Files\LazyCamsDocs.zip
2008-06-11 10:03 . 2004-11-27 20:23 1,280 --a------ C:\Program Files\Outputs.bin
2008-06-11 10:03 . 2004-11-27 20:23 1,280 --a------ C:\Program Files\Inputs.bin
2008-06-11 10:03 . 2004-11-27 20:23 1,280 --a------ C:\Program Files\Data.bin
2008-06-11 00:58 . 2008-06-11 00:58 <DIR> d-------- C:\Program Files\New Folder(2)
2008-06-10 21:38 . 2008-06-10 21:38 <DIR> d-------- C:\DELCAM.ARTCAM.PRO.V2008-MAGNiTUDE
2008-06-10 15:21 . 2008-06-10 15:21 <DIR> d-------- C:\Program Files\a2
2008-06-10 14:06 . 2008-06-10 14:07 <DIR> d-------- C:\Program Files\free-downloads.net
2008-06-10 06:11 . 2008-06-10 06:11 <DIR> d-------- C:\Documents and Settings\stamenko\Application Data\Thinstall
2008-06-10 06:04 . 2008-06-10 06:04 <DIR> d-------- C:\Artsoft Mach3 + (zabranjeno)
2008-06-07 08:03 . 2008-06-07 08:03 <DIR> d-------- C:\Program Files\Alcohol Soft
2008-06-03 21:36 . 2008-06-03 21:36 <DIR> d-------- C:\Program Files\Optimik
2008-06-03 14:52 . 2008-06-03 14:52 <DIR> d-------- C:\Program Files\Blender Foundation
2008-06-03 14:52 . 2008-06-03 14:52 <DIR> d-------- C:\Documents and Settings\stamenko\Application Data\Blender Foundation
2008-05-24 00:51 . 2008-05-24 00:51 <DIR> d-------- C:\Program Files\gCAD3D
2008-05-20 09:24 . 2008-05-20 09:24 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Adobe(2)
2008-05-17 23:20 . 2008-06-17 15:06 41 --a------ C:\WINDOWS\Filzip.ini
2008-05-17 22:55 . 2008-05-17 22:55 <DIR> d-------- C:\Program Files\Filzip
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-12 14:32 397 ----a-w C:\Program Files\CNC 3d Upravljac.lnk
2008-06-12 12:40 8,704 --sha-w C:\Program Files\Thumbs.db
2008-06-11 10:13 55 ----a-w C:\Program Files\LastErrors.txt
2008-06-11 10:13 37,340 ----a-w C:\Program Files\Mach3Mill.xml
2008-06-11 10:08 9 ----a-w C:\Program Files\Profile.txt
2008-06-11 10:04 19,636 ----a-w C:\Program Files\.xml
2008-03-28 21:05 774,144 ----a-w C:\Program Files\RngInterstitial.dll
2008-03-25 13:28 264,097 ----a-w C:\WINDOWS\PDFCreator_Toolbar_Uninstaller_4679.exe
2008-03-15 22:30 2,449 ----a-w C:\Program Files\Microsoft FrontPage.lnk
2007-12-09 05:24 2,492 ----a-w C:\Documents and Settings\stamenko\Application Data\ViewerApp.dat
2006-08-17 03:11 104,096 ----a-w C:\Program Files\Mach3.noapic
2006-08-16 11:16 44,744 ------w C:\Program Files\Mach3_4axis.xml
2006-07-14 02:15 99,505 ----a-w C:\Program Files\1024.set
2006-07-13 21:19 50,487 ----a-w C:\Program Files\1024.lset
2006-05-04 06:00 30,054 ----a-w C:\Program Files\LegacyYellow.bmp
2006-05-04 06:00 30,054 ----a-w C:\Program Files\LegacyRed.bmp
2006-05-04 06:00 30,054 ----a-w C:\Program Files\LegacyGreen.bmp
2006-04-29 00:25 30,054 ----a-w C:\Program Files\LegacyRedGreen.bmp
2006-02-06 21:03 633 ----a-w C:\Program Files\Leds.txt
2006-02-06 20:44 386 ----a-w C:\Program Files\Buttons.txt
2006-02-06 20:01 501 ----a-w C:\Program Files\DROs.txt
2005-12-08 13:53 979 ----a-w C:\Program Files\ReadMe.txt
2005-10-18 00:23 42,804 ----a-w C:\Program Files\Mach3Turn.xml
2005-07-13 06:47 10,479 ----a-w C:\Program Files\m1076.m1s
2004-10-19 06:57 7,234 ----a-w C:\Program Files\MachTurn.txt
2004-05-09 01:30 136,124 ----a-w C:\Program Files\diags.wav
2003-09-11 04:59 44 ----a-w C:\Program Files\TurnJogIncs.txt
2003-09-11 04:59 44 ----a-w C:\Program Files\MillJogIncs.txt
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
2008-03-20 00:36 1267040 --a------ C:\Program Files\Winamp Toolbar\winamptb.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}"= "C:\Program Files\Winamp Toolbar\winamptb.dll" [2008-03-20 00:36 1267040]
[HKEY_CLASSES_ROOT\clsid\{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}"= C:\Program Files\Winamp Toolbar\winamptb.dll [2008-03-20 00:36 1267040]
[HKEY_CLASSES_ROOT\clsid\{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-05-15 10:40 68856]
"Orb"="C:\Program Files\Winamp Remote\bin\OrbTray.exe" [2008-04-01 03:54 507904]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 22:56 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Hcontrol"="C:\WINDOWS\ATK0100\Hcontrol.exe" [2004-01-19 11:07 65536]
"ATIModeChange"="Ati2mdxx.exe" [2004-04-01 21:43 28672 C:\WINDOWS\system32\Ati2mdxx.exe]
"MsmqIntCert"="regsvr32 /s mqrt.dll" []
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2008-04-01 20:49 36352]
"TWCU"="C:\Program Files\TP-LINK\TWCU\TWCU.exe" [2005-07-14 11:40 413696]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-01-28 21:28 185896]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2003-10-24 09:23 110592]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2003-10-24 09:23 618496]
"RemoteControl"="C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe" [2003-10-31 19:42 32768]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2006-11-28 16:50 917504]
"NeroCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 16:30 81920]
"ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [ ]
"Flashget"="C:\Program Files\FlashGet\flashget.exe" [2007-09-25 10:29 2007088]
"BM39412636"="C:\WINDOWS\system32\kywaeboh.dll" [ ]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2003-08-25 21:10 335872]
"3a7215aa"="C:\WINDOWS\system32\nweiifjq.dll" [ ]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"tscuninstall"="C:\WINDOWS\system32\tscupgrd.exe" [2004-08-03 22:59 44544]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [2006-11-21 11:00:02 394856]
Picture Package VCD Maker.lnk - C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe [2005-05-03 16:15:29 106496]
Picture Package Menu.lnk - C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe [2005-05-03 16:15:32 151552]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 12:05:56 65588]
AutoCAD Startup Accelerator.lnk - C:\Program Files\Common Files\Autodesk Shared\acstart16.exe [2004-02-25 02:35:22 10872]
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696]
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-04-26 13:33:18 98304]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"MSACM.CEGSM"= mobilev.acm
"SENTINEL"= snti386.dll
[HKLM\~\startupfolder\C:^Documents and Settings^stamenko^Start Menu^Programs^Startup^ubisoft register.lnk]
path=C:\Documents and Settings\stamenko\Start Menu\Programs\Startup\ubisoft register.lnk
backup=C:\WINDOWS\pss\ubisoft register.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"FreezeScreenSaver"=2 (0x2)
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\FlashGet\\FlashGet.exe"=
"C:\\Program Files\\ASUS\\AP Utilities\\Wireless.exe"=
"C:\\Program Files\\Winamp Remote\\bin\\Orb.exe"=
"C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"=
"C:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"=
"C:\\Documents and Settings\\STAMENKO\\Application Data\\Thinstall\\CatiaV5Lite\\400000c00002i\\CNEXT.EXE"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
R1 hwinterface;hwinterface;C:\WINDOWS\system32\Drivers\hwinterface.sys [2005-10-31 17:50]
R2 ddnt;ddnt;C:\WINDOWS\system32\drivers\ddnt.sys [2006-06-02 22:48]
R2 DLPortIO;DriverLINX Port I/O Driver;C:\WINDOWS\System32\DRIVERS\DLPortIO.SYS [1999-01-10 19:00]
R2 io.sys;IO.DLL Driver;C:\WINDOWS\System32\drivers\io.sys [2006-01-25 03:27]
R2 Pctspk;PCTEL Speaker Phone;C:\WINDOWS\system32\pctspk.exe [2001-08-17 22:36]
R3 Mach2;Mach2 Pulseing Service;C:\WINDOWS\system32\Drivers\Mach2.sys [2003-11-08 02:44]
R3 Mach3;Mach3 Pulseing Service;C:\WINDOWS\system32\Drivers\Mach3.sys [2006-03-16 06:07]
R3 Pulser;CNC Pulseing Service;C:\WINDOWS\system32\Drivers\Pulser.sys [2002-05-02 23:49]
S3 Ptserli;PCTEL Serial Device Driver for INTEL;C:\WINDOWS\system32\DRIVERS\ptserli.sys [2001-08-17 13:28]
S3 zlportio;zlportio;C:\Program Files\cp09632\temp\zlportio.sys []
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
\Shell\AutoRun\command - E:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{23c7e1c0-37a0-11dd-9230-00112fde9b0a}]
\Shell\AutoRun\command - E:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4f240481-072b-11dd-91ea-00112fde9b0a}]
\Shell\AutoRun\command - E:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{52931fd0-0d84-11dd-91ef-00112fde9b0a}]
\Shell\AutoRun\command - E:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d0e8d0b1-0150-11dd-91d9-00112fde9b0a}]
\Shell\AutoRun\command - E:\AutoRun.exe
.
Contents of the 'Scheduled Tasks' folder
"2008-06-15 19:29:02 C:\WINDOWS\Tasks\{016E2323-7D1D-49B1-8431-57F665BC6E08}_TRADICIJ-PHDH6Y_stamenko.job"
- C:\WINDOWS\system32\mobsync.exe
"2008-06-13 07:00:08 C:\WINDOWS\Tasks\{530A5723-BBAF-4112-AB67-22168A3C95BF}_TRADICIJ-PHDH6Y_stamenko.job"
- C:\WINDOWS\system32\mobsync.exeM /Schedule=
"2008-06-16 14:00:02 C:\WINDOWS\Tasks\{97F2A16A-507D-4D7C-A9E6-AB9CE53792DD}_TRADICIJ-PHDH6Y_stamenko.job"
- C:\WINDOWS\system32\mobsync.exeM /Schedule=
"2008-06-13 14:00:02 C:\WINDOWS\Tasks\{EDCBC54F-DDE2-4E5B-B274-DE8192C27494}_TRADICIJ-PHDH6Y_stamenko.job"
- C:\WINDOWS\system32\mobsync.exeM /Schedule=
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2008-06-17 15:16:28
Windows 5.1.2600 Service Pack 2 FAT NTAPI
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\SYSTEM32\ATI2EVXX.EXE
C:\WINDOWS\SYSTEM32\ACS.EXE
C:\WINDOWS\SYSTEM32\MSDTC.EXE
C:\WINDOWS\SYSTEM32\INETSRV\INETINFO.EXE
C:\PROGRAM FILES\AHEAD\INCD\INCDSRV.EXE
C:\PROGRAM FILES\ESET\NOD32KRN.EXE
C:\WINDOWS\SYSTEM32\TCPSVCS.EXE
C:\WINDOWS\SYSTEM32\SNMP.EXE
C:\WINDOWS\SYSTEM32\WSCNTFY.EXE
C:\WINDOWS\ATK0100\ATKOSD.EXE
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\program files\winamp toolbar\WinampTbServer.exe
.
**************************************************************************
.
Completion time: 2008-06-17 15:20:32 - machine was rebooted
ComboFix2.txt 2008-05-07 18:21:14
ComboFix-quarantined-files.txt 2008-06-17 13:20:26
Pre-Run: 30,708,826,112 bytes free
Post-Run: 31,316,639,744 bytes free
273 --- E O F --- 2008-05-02 20:03:52
|