plz help(downloaded winbluesoft)

View previous topic View next topic Go down

plz help(downloaded winbluesoft)

Post by ravi on Mon Jun 29, 2009 7:35 pm

i mistakenly downloaded winbluesoft virus and now it prompting me to buy that package. i uninstall it but the messages are still popping on my screen plz help asp

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:54:53, on 30-06-2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\DigitalPersona\Bin\DpAgent.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\WINDOWS\System32\rundll32.exe
C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
C:\Users\hp\Program Files\DNA\btdna.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\WINDOWS\System32\setup2.exe
C:\Users\hp\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\hp\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\hp\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\hp\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\hp\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\hp\Documents\Downloads\Hijack(GP)This.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb128\SearchSettings.dll
O1 - Hosts: ::1 localhost
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb128\SearchSettings.dll
O2 - BHO: DAPIELoader Class - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~1\DAP\DAPIEL~1.DLL
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\dpagent.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [MSConfig] "C:\WINDOWS\System32\msconfig.exe" /auto
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WinBlueSoft] C:\Program Files\WinBlueSoft Software\WinBlueSoft\WinBlueSoft.exe -min
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [ISUSPM] "C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\hp\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [setup2.exe] C:\Windows\system32\setup2.exe
O4 - HKCU\..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RMTray.exe /H
O4 - HKUS\S-1-5-18\..\RunOnce: [] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [] (User 'Default user')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - [You must be registered and logged in to see this link.]
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - [You must be registered and logged in to see this link.]
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{7A62AAB9-46DD-441C-93B8-F2DF0F71D5A5}: NameServer = 85.255.112.119,85.255.112.101
O17 - HKLM\System\CCS\Services\Tcpip\..\{EA7D91FB-0FB6-4BF8-9515-1508D76AB312}: NameServer = 85.255.112.119,85.255.112.101
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.112.119,85.255.112.101
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.119,85.255.112.101
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: @C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)

--
End of file - 7347 bytes

ravi
Novice
Novice

Status :
Online
Offline

Posts : 20
Joined : 2009-06-29
OS : windows vista 32 bit

View user profile

Back to top Go down

Re: plz help(downloaded winbluesoft)

Post by Belahzur on Mon Jun 29, 2009 8:37 pm

Hello.

  • Click Start >> Control Panel.
  • Under the Programs click Uninstall a Program
  • Highlight Search Settings
  • Click on the Uninstall/Change button at the top.

Next,

  • Open HijackThis
  • Choose "Do a system scan only"
  • Check the boxes in front of these lines:


    O4 - HKLM\..\Run: [WinBlueSoft] C:\Program Files\WinBlueSoft Software\WinBlueSoft\WinBlueSoft.exe -min
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\hp\Program Files\DNA\btdna.exe"
    O4 - HKCU\..\Run: [setup2.exe] C:\Windows\system32\setup2.exe
    O4 - HKUS\S-1-5-18\..\RunOnce: [] (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\RunOnce: [] (User 'Default user')
    O17 - HKLM\System\CCS\Services\Tcpip\..\{7A62AAB9-46DD-441C-93B8-F2DF0F71D5A5}: NameServer = 85.255.112.119,85.255.112.101
    O17 - HKLM\System\CCS\Services\Tcpip\..\{EA7D91FB-0FB6-4BF8-9515-1508D76AB312}: NameServer = 85.255.112.119,85.255.112.101
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.112.119,85.255.112.101
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.119,85.255.112.101


  • Press "Fix Checked"
  • Close Hijack This.

Please download and run this tool.

Download Malwarebytes' Anti-Malware from [You must be registered and logged in to see this link.]

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


Post the contents of the MBAM Log.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: plz help(downloaded winbluesoft)

Post by ravi on Tue Jun 30, 2009 5:41 am

can not open malwarebytes.........i think this virus is blocking it to open

ravi
Novice
Novice

Status :
Online
Offline

Posts : 20
Joined : 2009-06-29
OS : windows vista 32 bit

View user profile

Back to top Go down

Re: plz help(downloaded winbluesoft)

Post by ravi on Tue Jun 30, 2009 5:47 am

hey for your information.. your link for MBAM is broken......i've downloaded it from other source

ravi
Novice
Novice

Status :
Online
Offline

Posts : 20
Joined : 2009-06-29
OS : windows vista 32 bit

View user profile

Back to top Go down

Re: plz help(downloaded winbluesoft)

Post by ravi on Tue Jun 30, 2009 6:20 am

hey i think virus is gone coz those alerts are not popping now....but certain programmes are still not working like MBAM

ravi
Novice
Novice

Status :
Online
Offline

Posts : 20
Joined : 2009-06-29
OS : windows vista 32 bit

View user profile

Back to top Go down

Re: plz help(downloaded winbluesoft)

Post by Belahzur on Tue Jun 30, 2009 8:55 am

1. If you are using Firefox, make sure that your download settings are as follows:

* Tools->Options->Main tab
* Set to "Always ask me where to Save the files".

2. During the download, rename Combofix to Combo-Fix as follows:





3. It is important you rename Combofix during the download, but not after.
4. Please do not rename Combofix to other names, but only to the one indicated.
5. Close any open browsers.
6. We need to disable your local AV (Anti-virus) before running Combofix.

  • See [You must be registered and logged in to see this link.] for how to disable your AV. (AVG8)
  • Double click on ComboFix.exe.
  • Follow the prompts. NOTE:
  • Allow combofix to run
  • Post C:\combofix.txt back here.

    Note:
    Do not mouse click combofix's window whilst it's running. That may cause it to stall.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: plz help(downloaded winbluesoft)

Post by ravi on Tue Jun 30, 2009 2:43 pm

hey mate i went in and renamed MBAM executable and it worked after that and has removed some malwares. Is this software provide real time protection from these kind of malwares ? If not can you plz suggest anyone so that i'll not face these kind of problems in fiture. thank you vry much you guys are jus great

Malwarebytes' Anti-Malware 1.38
Database version: 2297
Windows 6.0.6001 Service Pack 1

30-06-2009 15:03:58
mbam-log-2009-06-30 (15-03-58).txt

Scan type: Quick Scan
Objects scanned: 82687
Time elapsed: 4 minute(s), 33 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 6
Registry Values Infected: 1
Registry Data Items Infected: 12
Folders Infected: 2
Files Infected: 4

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\WinBlueSoft (Rogue.WinBlue) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PluginVideo (Trojan.DNSChanger) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\PluginVideo (Trojan.DNSChanger) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\urlsearchhook.toolbarurlsearchhook (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\urlsearchhook.toolbarurlsearchhook.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ColdWare (Malware.Trace) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\WinBlueSoft (Rogue.WinBlue) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.119,85.255.112.101 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{7a62aab9-46dd-441c-93b8-f2df0f71d5a5}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.119,85.255.112.101 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{ea7d91fb-0fb6-4bf8-9515-1508d76ab312}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.119,85.255.112.101 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{ea7d91fb-0fb6-4bf8-9515-1508d76ab312}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.119,85.255.112.101 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.119,85.255.112.101 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{7a62aab9-46dd-441c-93b8-f2df0f71d5a5}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.119,85.255.112.101 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{ea7d91fb-0fb6-4bf8-9515-1508d76ab312}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.119,85.255.112.101 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{ea7d91fb-0fb6-4bf8-9515-1508d76ab312}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.119,85.255.112.101 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.119,85.255.112.101 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{7a62aab9-46dd-441c-93b8-f2df0f71d5a5}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.119,85.255.112.101 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{ea7d91fb-0fb6-4bf8-9515-1508d76ab312}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.119,85.255.112.101 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{ea7d91fb-0fb6-4bf8-9515-1508d76ab312}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.119,85.255.112.101 -> Quarantined and deleted successfully.

Folders Infected:
c:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PluginVideo (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\Program Files\PluginVideo (Trojan.DNSChanger) -> Quarantined and deleted successfully.

Files Infected:
c:\Users\hp\AppData\Roaming\microsoft\Windows\start menu\Programs\pluginvideo\Uninstall.lnk (Trojan.DNSChanger) -> Quarantined and deleted successfully.
c:\program files\pluginvideo\Uninstall.exe (Trojan.DNSChanger) -> Quarantined and deleted successfully.
c:\WINDOWS\Tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\MSIVXcount (Trojan.Agent) -> Delete on reboot.

ravi
Novice
Novice

Status :
Online
Offline

Posts : 20
Joined : 2009-06-29
OS : windows vista 32 bit

View user profile

Back to top Go down

Re: plz help(downloaded winbluesoft)

Post by Belahzur on Tue Jun 30, 2009 3:55 pm

Hello.
I still need you to run Combofix, because there is a rootkit present on your machine.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: plz help(downloaded winbluesoft)

Post by ravi on Wed Jul 01, 2009 7:50 am

hi i'd performed combo fix task

ComboFix 09-06-29.07 - hp 01-07-2009 1:15.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.91.1033.18.958.377 [GMT 5.5:30]
Running from: c:\users\hp\Documents\My Completed Downloads\Combo-Fix.exe
AV: AVG Anti-Virus *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: AVG Anti-Virus *enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: Windows Defender *enabled* (Outdated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\1012spamzot915.cpl
c:\windows\109179zrm46f5.cpl
c:\windows\1093b9czdoor445.dll
c:\windows\11942v5r9s456z.ocx
c:\windows\12375spambot9z5.cpl
c:\windows\1253zwo9m3d4.dll
c:\windows\1259s5ywa9e19z0.cpl
c:\windows\125fsp9rse2063z.dll
c:\windows\13175o9mzb3.ocx
c:\windows\1335w5zm4b69.exe
c:\windows\134959roj5z5.exe
c:\windows\13770hzcktoo91345.cpl
c:\windows\1419szea93915.exe
c:\windows\144z2viru97f5.ocx
c:\windows\144zspa9se15655.exe
c:\windows\147z8s5y934.dll
c:\windows\15219v9ru5z74.dll
c:\windows\153s5eal31z9.ocx
c:\windows\15891trzj35f.ocx
c:\windows\15914not-a-virzs36e.cpl
c:\windows\15z695pambot7b9.ocx
c:\windows\1630v593215z.exe
c:\windows\163ddownlo9zer1857.bin
c:\windows\16554woz92b4.cpl
c:\windows\1692s5arsz2392.bin
c:\windows\16z0dow9loader459.dll
c:\windows\16z549py49a.ocx
c:\windows\1715hack5ooz3f9.exe
c:\windows\1735vir919z.cpl
c:\windows\1753zha5k9ool799.ocx
c:\windows\17559wzr5209.cpl
c:\windows\175z5hackt9ol544.ocx
c:\windows\178z7hack5ool79.cpl
c:\windows\179d5p9waze1650.bin
c:\windows\17eead5warez2689.bin
c:\windows\17ezsp5rse2699.bin
c:\windows\1855d9wnzoader15.exe
c:\windows\18631hac5tooz9bf.dll
c:\windows\18893w95mz27.bin
c:\windows\190spa9bo561ez.exe
c:\windows\19155vzru57449.bin
c:\windows\192759iz5s477.exe
c:\windows\194195pambotzf5.dll
c:\windows\194faddware57z6.exe
c:\windows\195509irzs37d.bin
c:\windows\19595not-5-zirus7ac.ocx
c:\windows\19595otza-viru9127.dll
c:\windows\195z59py685.cpl
c:\windows\19739vir5z449.ocx
c:\windows\1983viz21465.exe
c:\windows\19950worm39z.cpl
c:\windows\19dzsteal9025.dll
c:\windows\19z089o5m7b4.bin
c:\windows\1ab5thiz92083.ocx
c:\windows\1ad5add5zre2398.cpl
c:\windows\1azesteal5999.dll
c:\windows\1c93a59waze1014.bin
c:\windows\1d569ze5l3049.bin
c:\windows\1eca9pa5se2z90.exe
c:\windows\1f5e9tzal487.cpl
c:\windows\1f98bazkdoo92775.bin
c:\windows\1z52addwar92374.bin
c:\windows\1z826s5ambo946a.bin
c:\windows\1z9315roj766.dll
c:\windows\1z9ddware9975.ocx
c:\windows\20409t5ojz49.cpl
c:\windows\2079nzt-5-vir9s1df.exe
c:\windows\2185495zmdd.cpl
c:\windows\2195zworm9cd.ocx
c:\windows\222cz5arse2991.bin
c:\windows\22331h5cktoo92fz.dll
c:\windows\22559troz9c.exe
c:\windows\229z55p93ad.cpl
c:\windows\23299trojz05.exe
c:\windows\2348z5wnloa9er2131.ocx
c:\windows\2354stz9l3142.exe
c:\windows\23715nzt-a5vi9us81.ocx
c:\windows\239z6spy5c9.ocx
c:\windows\24478viz9s3815.ocx
c:\windows\24998tr5j9cz.bin
c:\windows\24a9th5zat9722.exe
c:\windows\24z3thi9f2525.ocx
c:\windows\2542395rus1f8z.ocx
c:\windows\25549not-azvirus5fd.ocx
c:\windows\2556v9r65z.bin
c:\windows\25902spambotz0a5.bin
c:\windows\2591szeal1941.exe
c:\windows\25941troz559.exe
c:\windows\25d8downloader59z.ocx
c:\windows\25z42not-a-9irus5295.bin
c:\windows\26094vi5usz4d.bin
c:\windows\2643tr9j557z.ocx
c:\windows\26469vir9z56.cpl
c:\windows\2665spywarz1691.exe
c:\windows\26975owzloader2059.exe
c:\windows\269aadzware2539.ocx
c:\windows\26dat5rea92z896.bin
c:\windows\26f9s5ywarez227.bin
c:\windows\27610wor95e7z.ocx
c:\windows\27691spa5bo9zb.cpl
c:\windows\27799s5azbot913.cpl
c:\windows\27951zpy4d2.cpl
c:\windows\28170spam5otz96.dll
c:\windows\281zt95ef1952.ocx
c:\windows\28977sp5718z.cpl
c:\windows\29199spamzot4a5.ocx
c:\windows\29425hrea9z1122.bin
c:\windows\29457v5rus5z7.bin
c:\windows\29695viruszb6.dll
c:\windows\29774zo9-a-vir5s127.exe
c:\windows\2a685aczd9or1544.exe
c:\windows\2a6da9dwarez055.ocx
c:\windows\2ddethz59577.dll
c:\windows\2e00bacz9oor1051.cpl
c:\windows\2e7aad5wa9e8z3.ocx
c:\windows\2z5dst9al2678.bin
c:\windows\2z649viru5915.cpl
c:\windows\2z6529py555.bin
c:\windows\2z889h59ktool403.ocx
c:\windows\2za4b95kdoor744.dll
c:\windows\303bt9reatz590.exe
c:\windows\305019ot-a-virusze0.dll
c:\windows\30508hack5oz9742.bin
c:\windows\30f1spars9554z.bin
c:\windows\3175zha95tool67d.ocx
c:\windows\31894virus5z7.cpl
c:\windows\31z06tr5j3f39.ocx
c:\windows\31z44worm958.cpl
c:\windows\322ad59zre2468.bin
c:\windows\32924spamzo5142.dll
c:\windows\32954zpy7ea5.dll
c:\windows\3337sp9mbo57z5.cpl
c:\windows\333t5ief109z.cpl
c:\windows\346badzwa5e8989.bin
c:\windows\356ds5ars9z994.exe
c:\windows\357zspy539.dll
c:\windows\3598a9dw5rz2084.ocx
c:\windows\363bdow9loadzr1754.dll
c:\windows\365dspywa9e2z40.dll
c:\windows\373do9nloa5erz983.bin
c:\windows\3892thief1z53.exe
c:\windows\38bfdownl9zder1150.exe
c:\windows\39035zirus5e3.dll
c:\windows\39057hazktool3fa.bin
c:\windows\395ezackdoor20.cpl
c:\windows\395fst5alz179.ocx
c:\windows\396z95wnloader2228.exe
c:\windows\39d8adzware2573.cpl
c:\windows\39fcthreatz9358.cpl
c:\windows\39z56hacktool53d.bin
c:\windows\39z7backdoo51169.exe
c:\windows\3ac85owzloa9er3069.cpl
c:\windows\3af1downlo5derz599.exe
c:\windows\3cb5thrzat8998.ocx
c:\windows\3d55b9zkdoor257.bin
c:\windows\3eacsz9wa5e426.dll
c:\windows\3f95a5dwaze23599.exe
c:\windows\3z69backdoo52569.exe
c:\windows\3z82t59ef2995.cpl
c:\windows\3z9backd5or1172.ocx
c:\windows\402dst59l20z.exe
c:\windows\40635ir2z679.bin
c:\windows\40b7back9zor532.dll
c:\windows\41ftzreat514109.bin
c:\windows\4334stealz590.dll
c:\windows\4397th5eatz3870.bin
c:\windows\439ezte9l1549.exe
c:\windows\44885ddwarez4989.cpl
c:\windows\450zthr9at21985.dll
c:\windows\453notza-vi95s28f.exe
c:\windows\455zsparse9045.ocx
c:\windows\4561addwa9e236z.ocx
c:\windows\456backdo9r2z405.cpl
c:\windows\4586sp9rze1055.ocx

ravi
Novice
Novice

Status :
Online
Offline

Posts : 20
Joined : 2009-06-29
OS : windows vista 32 bit

View user profile

Back to top Go down

Re: plz help(downloaded winbluesoft)

Post by ravi on Wed Jul 01, 2009 7:50 am

c:\windows\458evir19z7.bin
c:\windows\45cbth9eat201z9.cpl
c:\windows\45z2worm7989.dll
c:\windows\465hackzool9e8.dll
c:\windows\46d9szarse21865.ocx
c:\windows\47cft5z9at5753.cpl
c:\windows\48z0vi91851.ocx
c:\windows\4easzyware1955.exe
c:\windows\4z8659rus48b.bin
c:\windows\500cvir9z62.ocx
c:\windows\500vzr95.dll
c:\windows\50399tr9z598.exe
c:\windows\50497hacktzol592.bin
c:\windows\5055backd9orz192.bin
c:\windows\5056zir119.cpl
c:\windows\50722ziru92b5.bin
c:\windows\509zvir9s45f5.exe
c:\windows\50cesparze2298.dll
c:\windows\50czhreat32209.ocx
c:\windows\5109sp5rsz1213.ocx
c:\windows\5116steal90z2.exe
c:\windows\5155spyz089.dll
c:\windows\518dthrezt99080.ocx
c:\windows\5238downzoader1955.dll
c:\windows\5294add5ar9515z.dll
c:\windows\52z7sp5rse197.bin
c:\windows\5304downloadz52932.exe
c:\windows\5353th5eatz896.dll
c:\windows\535addw9re243z.exe
c:\windows\53cfthrezt28924.dll
c:\windows\5459wzrm593.exe
c:\windows\54854spzmbo9700.cpl
c:\windows\54eet5re9tz4194.dll
c:\windows\550c9oznloader1728.bin
c:\windows\55165parse1z95.exe
c:\windows\551csteaz1995.cpl
c:\windows\5537addwaze2059.cpl
c:\windows\5555sp939cz.cpl
c:\windows\5599viruz269.bin
c:\windows\55dfzh9eat26558.exe
c:\windows\56492worm9ze.exe
c:\windows\569addware1925z.cpl
c:\windows\56a8back9ooz2117.ocx
c:\windows\56z53troj139.bin
c:\windows\5795spz543.cpl
c:\windows\57dzwnloade58519.ocx
c:\windows\57fav5rz1469.exe
c:\windows\5835worz19.dll
c:\windows\5855za9ktool159.cpl
c:\windows\5858h5cztool289.bin
c:\windows\5899virz995.dll
c:\windows\58a49o5nloader337z.ocx
c:\windows\5908s5yware29z6.exe
c:\windows\596ztroj19a.exe
c:\windows\5977threat1884z.cpl
c:\windows\5977zteal5083.bin
c:\windows\597ste9l623z.ocx
c:\windows\599cs5arse2z6.dll
c:\windows\59e5vir5z1.ocx
c:\windows\5a55tz9eat20315.exe
c:\windows\5ae6azd9are357.ocx
c:\windows\5afadzware3290.cpl
c:\windows\5b9athi9f154z.bin
c:\windows\5b9bt9zef1534.exe
c:\windows\5cdzthie95381.ocx
c:\windows\5da4add9are2592z.cpl
c:\windows\5de09ddwarz3085.ocx
c:\windows\5de2t5reat15993z.dll
c:\windows\5dz5th5ef2189.exe
c:\windows\5e5bthrea9z3655.cpl
c:\windows\5ed5sparsz739.cpl
c:\windows\5f1cthzeat121649.cpl
c:\windows\5z049sp91d5.ocx
c:\windows\5z09backdo5r2782.exe
c:\windows\5z15spam9ot29d.bin
c:\windows\5z3839pambot9f.bin
c:\windows\5zffbackdoor691.dll
c:\windows\6045zirus595.cpl
c:\windows\6059vi9zs52.cpl
c:\windows\610bspar5z17359.dll
c:\windows\61759ac5tooz335.dll
c:\windows\61b1downloade529z8.ocx
c:\windows\61b9sparze2351.cpl
c:\windows\62d0s59rse2z53.bin
c:\windows\63f9backdo9r1z675.dll
c:\windows\643zthief20595.exe
c:\windows\6485spy9are18z.ocx
c:\windows\65z9vir2324.bin
c:\windows\6663thr5atz9657.exe
c:\windows\67z4spa5bot5209.ocx
c:\windows\694359r3z4.cpl
c:\windows\695z5p9mbot2bc.ocx
c:\windows\6975spyware5z0.cpl
c:\windows\6995stealz563.bin
c:\windows\69dzvir6459.cpl
c:\windows\69f0st5zl619.dll
c:\windows\6a48tzi9f2537.dll
c:\windows\6a82zhief9105.exe
c:\windows\6c9b5pywarz687.dll
c:\windows\6d67ba95door3z68.cpl
c:\windows\6d69spa5ze360.bin
c:\windows\6ez9vir1059.dll
c:\windows\6f85zh95f2255.ocx
c:\windows\6f9fdoznload5r2539.exe
c:\windows\6z45vir9s26a.dll
c:\windows\6z59vir99.cpl
c:\windows\6za7downloader18559.ocx
c:\windows\7001st5al1z94.bin
c:\windows\7025zpambo5899.dll
c:\windows\70e5ad5war9z660.bin
c:\windows\7148spars5z6619.bin
c:\windows\71659teal2z55.cpl
c:\windows\721cd5wnloa9er1265z.cpl
c:\windows\72545ackdz9r2852.bin
c:\windows\7397z95rse904.ocx
c:\windows\73f7bzck5oor1794.dll
c:\windows\7485th9z5t5873.bin
c:\windows\749dspzw5re15669.bin
c:\windows\74e6stza5395.cpl
c:\windows\74z9spywa5e3017.cpl
c:\windows\7553zir2996.dll
c:\windows\7562wzr519b.exe
c:\windows\75f8thi9f9z.cpl
c:\windows\75ft9z5at6656.bin
c:\windows\7775spamb5t3z9.dll
c:\windows\7805v59us2z3.cpl
c:\windows\783eaddwa9ez751.bin
c:\windows\7849zpambot195.bin
c:\windows\7856spzmbot30c9.cpl
c:\windows\79395parsz615.ocx
c:\windows\7955thrzat22750.dll
c:\windows\799vir5s54z.ocx
c:\windows\7a44thie9324z5.cpl
c:\windows\7be49pzrse5566.exe
c:\windows\7d3dtzi9f1254.cpl
c:\windows\7d74baz5d9or1224.bin
c:\windows\7ezcthi5f984.cpl
c:\windows\7z25thief9166.dll
c:\windows\805downloa9ez1965.exe
c:\windows\80905pza3.dll
c:\windows\81dthrzat54729.cpl
c:\windows\869hacktozl754.ocx
c:\windows\8727v5zus695.dll
c:\windows\8973wo5mz20.ocx
c:\windows\89dthr5at15z65.exe
c:\windows\90565hacktool52z.exe
c:\windows\905cszeal1077.dll
c:\windows\907cback5zor2869.dll
c:\windows\91115szy7e5.cpl
c:\windows\9133s5ambotza9.exe
c:\windows\92579orm5zc.dll
c:\windows\92937spy1z5.ocx
c:\windows\92d95ir13z3.cpl
c:\windows\9359hacktool9cz.bin
c:\windows\9373hzckt9ol245.bin
c:\windows\93z54vir5s1c5.bin
c:\windows\9446zo5m311.dll
c:\windows\94555spy5fz.exe
c:\windows\9546wzrm159.dll
c:\windows\9555vizu5570.exe
c:\windows\95596hackzool40b.exe
c:\windows\95z0tro568d.cpl
c:\windows\96v5z1509.ocx
c:\windows\9752troj59z.dll
c:\windows\97z1not-a-v9rus55.ocx
c:\windows\9810hack5ozl249.exe
c:\windows\983virus55z.exe
c:\windows\99127not-a5vizus394.cpl
c:\windows\9956szyware538.exe
c:\windows\995zspy252.bin
c:\windows\99cbbazk5oor3195.dll
c:\windows\99f7spzwar5635.exe
c:\windows\9az3vi52275.bin
c:\windows\9b5d5pywarz1275.exe
c:\windows\9b8bspywz5e995.ocx
c:\windows\9cz4spar5e673.ocx
c:\windows\9d4zste5l654.cpl
c:\windows\9da8backdozr20945.dll
c:\windows\9ezs5yware958.exe
c:\windows\9z75viru93ee5.dll
c:\windows\a34zp5rse992.dll
c:\windows\b59ba5zdoor2331.cpl
c:\windows\d5dd5wnloade9449z.bin
c:\windows\fz4v9r2425.dll
c:\windows\system32\10589vzrus649.dll
c:\windows\system32\1131ste9l547z.exe
c:\windows\system32\1131z9ir5s91.exe
c:\windows\system32\117z3virus5975.dll
c:\windows\system32\11925vir5zbd.cpl
c:\windows\system32\1194add5arz2872.exe
c:\windows\system32\12267spamz5t96b.ocx
c:\windows\system32\125z09or525.exe
c:\windows\system32\12726spam5ot5z9.exe
c:\windows\system32\12799zpambot2b5.dll
c:\windows\system32\128z0w9rm5d8.bin
c:\windows\system32\12cback59oz1614.ocx
c:\windows\system32\12z5s9eal9865.ocx
c:\windows\system32\13f8ad5warz3295.cpl
c:\windows\system32\14326spam5o99ez.dll
c:\windows\system32\1449z5roj91.exe
c:\windows\system32\14796not5a-9zrus3be.bin
c:\windows\system32\15038zro94a2.cpl
c:\windows\system32\15089w5rm53z9.dll
c:\windows\system32\15421v95us7dz.ocx
c:\windows\system32\1544h5ckt9ol18z.cpl
c:\windows\system32\15569hzc9to5l735.ocx
c:\windows\system32\15590hackto5l4ez.exe
c:\windows\system32\15877hackt9ol65z.bin
c:\windows\system32\1589zsp510b9.bin
c:\windows\system32\15a1zir23379.cpl
c:\windows\system32\15e0zh5eat6579.bin
c:\windows\system32\160695zrus3f7.exe
c:\windows\system32\161athrea5181z9.bin
c:\windows\system32\16519dzware921.bin
c:\windows\system32\16959spy6az5.dll

ravi
Novice
Novice

Status :
Online
Offline

Posts : 20
Joined : 2009-06-29
OS : windows vista 32 bit

View user profile

Back to top Go down

Re: plz help(downloaded winbluesoft)

Post by ravi on Wed Jul 01, 2009 7:51 am

c:\windows\system32\17965zot-a-virus5b.bin
c:\windows\system32\1819viru97f5z.dll
c:\windows\system32\18459sz5503.bin
c:\windows\system32\1849z5acktool69e.bin
c:\windows\system32\18699ddzare1531.cpl
c:\windows\system32\18891hazktool525.exe
c:\windows\system32\19055ac9door245z.exe
c:\windows\system32\1912viz2055.cpl
c:\windows\system32\1914vzr1656.dll
c:\windows\system32\19408sp9325z.cpl
c:\windows\system32\195345zoj14b9.ocx
c:\windows\system32\1955s9amboz5fd.dll
c:\windows\system32\19584s9y759z.ocx
c:\windows\system32\19590troj7zc5.ocx
c:\windows\system32\1959thzef2885.exe
c:\windows\system32\197as5y9are3z57.ocx
c:\windows\system32\19829n5t-a-vzrus74d.exe
c:\windows\system32\19z95spy5d55.ocx
c:\windows\system32\19zfthrea599899.ocx
c:\windows\system32\1a1espywzre98005.exe
c:\windows\system32\1b9dzddware555.exe
c:\windows\system32\1badt9rza521177.bin
c:\windows\system32\1cc8spzw5r9224.dll
c:\windows\system32\1e58zteal9205.exe
c:\windows\system32\1e6zbackdo5r359.bin
c:\windows\system32\1e92vzr15405.dll
c:\windows\system32\1faz5hie92728.exe
c:\windows\system32\1z32w95m5ab.exe
c:\windows\system32\1z459spambot5e85.exe
c:\windows\system32\1z942worm45d.bin
c:\windows\system32\1za1ad5ware1694.bin
c:\windows\system32\200bsteaz5599.dll
c:\windows\system32\2061zs9y658.ocx
c:\windows\system32\209znot-a-9irus585.dll
c:\windows\system32\21867hazk5ool9e.cpl
c:\windows\system32\21az9pyw5re2425.dll
c:\windows\system32\2253sp9waze1565.ocx
c:\windows\system32\2256doznl95der2984.dll
c:\windows\system32\226509ot-a-zirus260.dll
c:\windows\system32\227935pz7d89.ocx
c:\windows\system32\2287tr9j7z75.exe
c:\windows\system32\2295zwo5m594.dll
c:\windows\system32\22965s5amboz6d7.bin
c:\windows\system32\22z35wor9301.ocx
c:\windows\system32\2385zspa5bot539.exe
c:\windows\system32\239ezhief3125.cpl
c:\windows\system32\24f5z951741.bin
c:\windows\system32\25189p5warez13.exe
c:\windows\system32\252659yz50.dll
c:\windows\system32\25890hacktoo59dz.ocx
c:\windows\system32\25909virus2z7.cpl
c:\windows\system32\2591znot-a9virus415.cpl
c:\windows\system32\25999spy705z.exe
c:\windows\system32\25bs9eal832z.exe
c:\windows\system32\25z9ir2048.dll
c:\windows\system32\26559teal183z.dll
c:\windows\system32\26605zro972.bin
c:\windows\system32\27199spy3z5.exe
c:\windows\system32\27315spambot925z.cpl
c:\windows\system32\27591sp5591z.ocx
c:\windows\system32\2780sz9al26215.cpl
c:\windows\system32\2858d95nlozder1800.dll
c:\windows\system32\285z6ha9kto5l131.ocx
c:\windows\system32\286da5dwarez914.ocx
c:\windows\system32\286espywa9e53z.bin
c:\windows\system32\29269sp5ddz.exe
c:\windows\system32\2929worm5dz5.ocx
c:\windows\system32\29309tr591dz.ocx
c:\windows\system32\29312z5y558.cpl
c:\windows\system32\294c95dware7z.dll
c:\windows\system32\294zst5al2537.ocx
c:\windows\system32\29592w9rm5ez.exe
c:\windows\system32\296505irzs6c3.ocx
c:\windows\system32\29709wormz51.bin
c:\windows\system32\29752zpa95otac.exe
c:\windows\system32\297z5wor932a.cpl
c:\windows\system32\29891z5y2ed.bin
c:\windows\system32\299abackzoo915835.dll
c:\windows\system32\2bz5t9ief1995.dll
c:\windows\system32\2cdc5ackdozr1099.cpl
c:\windows\system32\2f45viz9977.ocx
c:\windows\system32\2z5dspyware2059.exe
c:\windows\system32\2z9w5rmf0.cpl
c:\windows\system32\30459azktool452.exe
c:\windows\system32\31327zir9sdf5.cpl
c:\windows\system32\3144spam9z5542.ocx
c:\windows\system32\31589sp53z9.bin
c:\windows\system32\31905zac5tool517.dll
c:\windows\system32\31a9threat1312z5.dll
c:\windows\system32\321zor5696.dll
c:\windows\system32\32310spz958.exe
c:\windows\system32\3274b5ckdzo92317.dll
c:\windows\system32\32c69h5eat3266z.dll
c:\windows\system32\32d9sz9ware31095.bin
c:\windows\system32\339athzeat9541.cpl
c:\windows\system32\3469bazkdoo923055.ocx
c:\windows\system32\34b2bzc9door5886.bin
c:\windows\system32\3531spzware13979.bin
c:\windows\system32\35astzal3595.ocx
c:\windows\system32\36z2back95or228.dll
c:\windows\system32\36z9spars9625.bin
c:\windows\system32\37z6s95rse662.bin
c:\windows\system32\3879azdware20095.cpl
c:\windows\system32\39259zpa5bot3fa.cpl
c:\windows\system32\3992z9r1592.dll
c:\windows\system32\3996do9nzoa5er1767.dll
c:\windows\system32\3a48azdware1935.cpl
c:\windows\system32\3adzthrea591969.ocx
c:\windows\system32\3d25thr9atz6268.dll
c:\windows\system32\3f0b5t9al1728z.ocx
c:\windows\system32\3f2sparsz559.ocx
c:\windows\system32\3f52zt9al1411.bin
c:\windows\system32\3f98zte5l757.dll
c:\windows\system32\3z51spambo9df.cpl
c:\windows\system32\40aath9zat143295.exe
c:\windows\system32\4171s5amzo9c6.dll
c:\windows\system32\4191wzrm75b.dll
c:\windows\system32\4258not9a-virus39z.dll
c:\windows\system32\42e3downzoader1597.exe
c:\windows\system32\42zdspyware55259.ocx
c:\windows\system32\4356s9yb8z.cpl
c:\windows\system32\435db9c5door189z.cpl
c:\windows\system32\43ezsp9war574.exe
c:\windows\system32\4440backd9or354z.exe
c:\windows\system32\447fzpa9s51641.cpl
c:\windows\system32\45e7szarse9102.exe
c:\windows\system32\4645zdd9are1050.bin
c:\windows\system32\466b5h9ef24z2.ocx
c:\windows\system32\4869dozn5oader1770.bin
c:\windows\system32\4955vir1661z.ocx
c:\windows\system32\49eesp5zse859.bin
c:\windows\system32\4a48doz9loader1459.exe
c:\windows\system32\4aczt9i5f2203.exe
c:\windows\system32\4b7cspywa9z1915.exe
c:\windows\system32\4c8fz59nloader2705.bin
c:\windows\system32\4cz9threat4653.ocx
c:\windows\system32\4z75sparse9609.dll
c:\windows\system32\50248v9zuscc.ocx
c:\windows\system32\502hzckto9l458.bin
c:\windows\system32\508dste9z4385.ocx
c:\windows\system32\509z3tr9j367.dll
c:\windows\system32\50c2adzware2985.cpl
c:\windows\system32\510zspyw59e634.cpl
c:\windows\system32\51172wo9z2a.dll
c:\windows\system32\5119z95rse899.exe
c:\windows\system32\5196szyw5re1640.cpl
c:\windows\system32\51zath5ea917331.ocx
c:\windows\system32\52499roj595z.dll
c:\windows\system32\5254w9rm7zc.bin
c:\windows\system32\526bsp5ware9z06.cpl
c:\windows\system32\535evi919z35.bin
c:\windows\system32\537ct9ief58z.exe
c:\windows\system32\5392z9roj445.dll
c:\windows\system32\5397noz-9-virus24e.dll
c:\windows\system32\53fspyzare25569.cpl
c:\windows\system32\547adownlo5ze91580.ocx
c:\windows\system32\5490troj73z.exe
c:\windows\system32\54bespzrs91770.cpl
c:\windows\system32\55195not-a-viru958z.ocx
c:\windows\system32\5519sparsez525.bin
c:\windows\system32\55279spy7z9.ocx
c:\windows\system32\5539s9zr5e1592.ocx
c:\windows\system32\5546zacktool9ea.ocx
c:\windows\system32\5549t9reat8113z.exe
c:\windows\system32\5579worm1z0.bin
c:\windows\system32\55b1zpyw9re44.bin
c:\windows\system32\562b9hiefz868.dll
c:\windows\system32\5659tz9eat19291.exe
c:\windows\system32\56d4dowzl5ader18669.ocx
c:\windows\system32\577zth9ef3185.ocx
c:\windows\system32\579dtzi9f3024.exe
c:\windows\system32\58379roj27z.cpl
c:\windows\system32\5921zor55e9.bin
c:\windows\system32\59539pywarez2355.ocx
c:\windows\system32\59546tzoj295.cpl
c:\windows\system32\5962baczdo593049.ocx
c:\windows\system32\5987zspy339.bin
c:\windows\system32\59f5spazse12129.exe
c:\windows\system32\5b9avirz6805.ocx
c:\windows\system32\5dabs59rsz2447.bin
c:\windows\system32\5e6d9ownloader106z.dll
c:\windows\system32\5e99steaz1534.ocx
c:\windows\system32\5ea6zir32529.ocx
c:\windows\system32\5eza9ir1295.bin
c:\windows\system32\5f69szeal5040.ocx
c:\windows\system32\5f89backdoor2554z.cpl
c:\windows\system32\5fe9szeal840.exe
c:\windows\system32\5z0eaddware2967.cpl
c:\windows\system32\5z359worm395.dll
c:\windows\system32\5z52do9nloader1162.ocx
c:\windows\system32\5z90vir513.cpl
c:\windows\system32\5z9vir2873.bin
c:\windows\system32\5ze9s5arse2229.cpl
c:\windows\system32\611ddownlo59er2894z.bin
c:\windows\system32\6168spyzare5595.bin
c:\windows\system32\61885zrm5a9.cpl
c:\windows\system32\6198wor592z.dll
c:\windows\system32\6219spam95t34z.ocx
c:\windows\system32\624bdownloade5992z.exe
c:\windows\system32\6358vzrus90.exe
c:\windows\system32\637fba5k9oor1714z.bin
c:\windows\system32\64aedownloa5er3z59.exe
c:\windows\system32\6530downlzad9r2529.cpl
c:\windows\system32\65c9s9yware5z3.dll
c:\windows\system32\6658v9rusz8c.dll
c:\windows\system32\6666trzj5069.bin
c:\windows\system32\67f55ddware9429z.ocx
c:\windows\system32\6896s5arze2429.exe
c:\windows\system32\6904addwaze5898.exe
c:\windows\system32\6924bac5dozr596.ocx
c:\windows\system32\6956virz403.bin
c:\windows\system32\699zhackt9ol56f.dll
c:\windows\system32\69z9worm3795.ocx
c:\windows\system32\6a04t5rza95.exe
c:\windows\system32\6adbsp9r5z380.cpl
c:\windows\system32\6ae65hizf9455.exe
c:\windows\system32\6e5b9ackdooz116.dll
c:\windows\system32\6e70downlzader1695.exe
c:\windows\system32\6fba5ownloazer1893.ocx
c:\windows\system32\7019st5alz5359.exe
c:\windows\system32\715z9orm15a.bin
c:\windows\system32\7197th5zf55.dll
c:\windows\system32\7235stezl24519.ocx
c:\windows\system32\740zsteal2915.exe
c:\windows\system32\7504thi9f3z26.bin
c:\windows\system32\750ebaz9door1147.exe
c:\windows\system32\7578zackdoor2019.dll
c:\windows\system32\76a59hreat24z52.ocx
c:\windows\system32\76cast9az835.dll
c:\windows\system32\7735irus50z9.cpl
c:\windows\system32\779fadzw59e1504.bin
c:\windows\system32\7846s9z754.exe
c:\windows\system32\784edzwnloa95r2292.ocx
c:\windows\system32\789dd9znloader5925.bin
c:\windows\system32\790zthr5at94096.dll
c:\windows\system32\793abackdo5r296z.dll
c:\windows\system32\7952spz95.dll
c:\windows\system32\79azth9e5t23564.bin
c:\windows\system32\79ba5pyware9z5.exe
c:\windows\system32\79d7zownloader9885.dll
c:\windows\system32\7a21t5reat87z9.cpl
c:\windows\system32\7a52t5rza912.bin
c:\windows\system32\7ab9hz5f3064.exe
c:\windows\system32\7b99szarse256.cpl
c:\windows\system32\7ba5vir9z81.bin
c:\windows\system32\7bz6threat968225.bin
c:\windows\system32\7c50v9r1z55.ocx
c:\windows\system32\7d7zback9oor520.dll
c:\windows\system32\7z79sp5ware10469.cpl
c:\windows\system32\7z83vir549.bin
c:\windows\system32\7z84do9nloader5389.bin
c:\windows\system32\8117zp925f5.exe
c:\windows\system32\813v5rz209.exe

ravi
Novice
Novice

Status :
Online
Offline

Posts : 20
Joined : 2009-06-29
OS : windows vista 32 bit

View user profile

Back to top Go down

Re: plz help(downloaded winbluesoft)

Post by ravi on Wed Jul 01, 2009 7:52 am

c:\windows\system32\8362tr9jz25.bin
c:\windows\system32\8441zor529.ocx
c:\windows\system32\8685tr5j9z.dll
c:\windows\system32\8725hie92z9.bin
c:\windows\system32\8735nz5-a-virus5fc9.ocx
c:\windows\system32\88029orz57b.cpl
c:\windows\system32\8840ha9ktz5l40a.dll
c:\windows\system32\884z5r9j21f.exe
c:\windows\system32\8950hackt9ol5fz.ocx
c:\windows\system32\91483szy531.exe
c:\windows\system32\917z85roj1d8.exe
c:\windows\system32\9213zroj365.exe
c:\windows\system32\9386sp5rse1465z.exe
c:\windows\system32\9486v5rus462z.ocx
c:\windows\system32\958zparse1983.exe
c:\windows\system32\9590szycb.bin
c:\windows\system32\959zirus4a9.bin
c:\windows\system32\959zt9oj3ab.ocx
c:\windows\system32\95bespyzare26105.dll
c:\windows\system32\95z86hacktool1ff.ocx
c:\windows\system32\96a5zackdoo53021.dll
c:\windows\system32\970bback5oor1717z.ocx
c:\windows\system32\9851wo9m64z.dll
c:\windows\system32\996thiez5595.exe
c:\windows\system32\99z8wor9635.cpl
c:\windows\system32\9a6fb5ckzoor271.exe
c:\windows\system32\9a9zspyware5643.dll
c:\windows\system32\9bz5steal3083.ocx
c:\windows\system32\9db0viz1513.dll
c:\windows\system32\9e5spyw59ez52.dll
c:\windows\system32\9e78s5ywarz1540.bin
c:\windows\system32\9e83zpyware5739.cpl
c:\windows\system32\9eazi5570.exe
c:\windows\system32\9ecdbackd5oz83.cpl
c:\windows\system32\9z06vi5us35e.dll
c:\windows\system32\9z559iru5514.cpl
c:\windows\system32\9zc1spy5are484.bin
c:\windows\system32\a3zthr5at5959.ocx
c:\windows\system32\aa5sparze29059.cpl
c:\windows\system32\b5cs5ywa9e2159z.exe
c:\windows\system32\b9cdow5lo9der7z1.bin
c:\windows\system32\d79t9i5z212.cpl
c:\windows\system32\dc7sp9rse5z1.exe
c:\windows\system32\drivers\MSIVXwnpoqexaterxewqxyrnyiwsjrmjnxnnc.sys
c:\windows\system32\ee5vzr28549.ocx
c:\windows\system32\MSIVXcount
c:\windows\system32\MSIVXifvayxvrqtvatdneccuaborqbngqbtub.dll
c:\windows\system32\MSIVXspcifaedoxmsmtwfxxpleuvrnhpciiyd.dll
c:\windows\system32\z013t9ief1358.bin
c:\windows\system32\z0917not-a9virus95.bin
c:\windows\system32\z0995parse399.exe
c:\windows\system32\z1597n9t-a-viru513b.ocx
c:\windows\system32\z1618spam9ot5fc.dll
c:\windows\system32\z219wor5679.cpl
c:\windows\system32\z245spywa9e2440.ocx
c:\windows\system32\z283195cktool636.ocx
c:\windows\system32\z354tr9j1f3.dll
c:\windows\system32\z50669p53c8.ocx
c:\windows\system32\z54359ot-a-virus3c5.cpl
c:\windows\system32\z59fs9e5l918.dll
c:\windows\system32\z5dcstea9690.cpl
c:\windows\system32\z65fs9yware2304.bin
c:\windows\system32\z6935o9m7c7.dll
c:\windows\system32\z6aadownloa95r826.cpl
c:\windows\system32\z6ebspar5e2569.dll
c:\windows\system32\z7770troj95.cpl
c:\windows\system32\z803spywar9635.cpl
c:\windows\system32\z867ba5k9oor759.bin
c:\windows\system32\z88w95m59.bin
c:\windows\system32\zc89s95al922.dll
c:\windows\system32\ze08down9oader5605.exe
c:\windows\system32\ze74addw9re556.bin
c:\windows\system32\zf1ath5ef9189.bin
c:\windows\system32\zf9st5al1187.exe
c:\windows\z0393spambot5a59.cpl
c:\windows\z094s5y59a.bin
c:\windows\z11235orm36f9.ocx
c:\windows\z342spa95e2351.exe
c:\windows\z371st5al1992.ocx
c:\windows\z37529roj235.dll
c:\windows\z3afback9o5r336.bin
c:\windows\z4191not-a-viru559c.cpl
c:\windows\z5911troj613.cpl
c:\windows\z599sp5795.dll
c:\windows\z6988virus72f5.bin
c:\windows\z9638ha5ktool4f5.bin
c:\windows\z9690spy353.dll
c:\windows\z986addw9re10985.dll
c:\windows\zabfthr5at29960.bin
c:\windows\zb3eth5eat29064.dll
c:\windows\zbbca5d9are263.ocx
c:\windows\zc95bac9door1212.ocx
c:\windows\zcb25ack9oor3219.dll
D:\Desktop.ini

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_MSIVXserv.sys


((((((((((((((((((((((((( Files Created from 2009-05-28 to 2009-06-30 )))))))))))))))))))))))))))))))
.

2009-06-30 19:54 . 2009-06-30 19:54 -------- d-----w- c:\users\hp\AppData\Local\temp
2009-06-30 08:00 . 2009-06-30 08:00 -------- d-----w- c:\users\hp\AppData\Roaming\Malwarebytes
2009-06-30 07:56 . 2009-06-17 05:57 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-30 07:56 . 2009-06-30 08:00 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-06-30 07:56 . 2009-06-30 07:56 -------- d-----w- c:\programdata\Malwarebytes
2009-06-30 07:56 . 2009-06-17 05:57 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-06-28 06:34 . 2009-06-28 06:34 -------- d-----w- c:\users\hp\AppData\Roaming\DivX
2009-06-25 17:16 . 2009-06-25 17:16 65536 ----a-w- c:\windows\IFinst27.exe
2009-06-24 19:06 . 2009-06-24 19:06 -------- d-----w- c:\program files\RocketDock
2009-06-23 04:12 . 2009-06-23 04:12 -------- d-----w- C:\PerfLogs
2009-06-23 03:44 . 2009-06-23 03:08 47560 ----a-w- c:\windows\system32\SPReview.exe
2009-06-23 03:44 . 2009-06-23 03:08 152576 ----a-w- c:\windows\system32\SPWizUI.dll
2009-06-23 03:17 . 2008-01-18 18:03 193024 ----a-w- c:\windows\system32\recdisc.exe
2009-06-23 03:17 . 2008-01-18 18:06 6656 ----a-w- c:\windows\system32\sdspres.dll
2009-06-23 03:15 . 2008-01-18 18:06 98816 ----a-w- c:\windows\system32\sdshext.dll
2009-06-23 03:14 . 2008-01-18 18:04 200704 ----a-w- c:\windows\system32\input.dll
2009-06-23 03:11 . 2008-01-18 18:03 44032 ----a-w- c:\windows\system32\cbsra.exe
2009-06-23 03:08 . 2009-06-23 03:08 -------- d-----w- C:\6e35e1b8da2284ef31f9b796cbad3d
2009-06-22 10:34 . 2009-06-22 10:34 177152 ----a-w- C:\utorent.exe
2009-06-17 05:49 . 2003-01-16 22:29 1984 ----a-w- c:\windows\system32\drivers\papycpu2.sys
2009-06-17 05:49 . 2003-01-16 22:29 1856 ----a-w- c:\windows\system32\drivers\papyjoy.sys
2009-06-17 05:48 . 2009-06-17 05:48 -------- d-----w- C:\Papyrus
2009-06-15 11:50 . 2009-06-15 11:50 -------- d-----w- c:\program files\Search Settings
2009-06-14 18:55 . 2009-06-14 19:43 -------- d-sha-w- c:\users\Public\DRM
2009-06-14 17:01 . 2009-06-16 15:49 83456 ----a-w- c:\programdata\SpeedBit\DAP\SDCondition.dll
2009-06-14 13:42 . 2009-06-14 13:42 2169880 ----a-w- c:\programdata\SpeedBit\DAP\Offers\spo3.exe
2009-06-14 13:42 . 2009-06-14 13:40 3530776 ----a-w- c:\programdata\SpeedBit\DAP\Offers\VA23_DAPSO.exe
2009-06-14 13:34 . 2009-06-30 19:14 95744 ----a-w- c:\programdata\SpeedBit\DAP\Updates\Condition.dll
2009-06-14 13:33 . 2009-06-22 09:31 -------- d-----w- c:\programdata\SpeedBit
2009-06-14 13:32 . 2009-06-22 09:30 -------- d-----w- c:\program files\SpeedBit Toolbar
2009-06-14 13:32 . 2009-06-14 13:32 50688 ----a-w- c:\windows\system32\wbhelp2.dll
2009-06-14 13:32 . 2009-06-14 13:42 -------- d-----w- c:\program files\DAP
2009-06-12 13:05 . 2009-06-12 13:05 -------- d-----w- c:\users\hp\AppData\Roaming\HP
2009-06-12 13:04 . 2009-06-17 18:15 -------- d-----w- c:\users\hp\AppData\Local\QuickPlay
2009-06-09 15:28 . 2009-06-09 15:28 -------- d-----w- c:\users\hp\AppData\Local\NeoSmart_Technologies
2009-06-09 15:22 . 2009-06-22 09:39 -------- d-----w- c:\program files\NeoSmart Technologies
2009-06-09 14:28 . 2009-06-09 14:28 -------- d-----w- c:\program files\PROnetworks
2009-06-02 08:55 . 2009-06-25 18:33 -------- d-----w- c:\users\hp\AppData\Roaming\skypePM
2009-06-02 07:31 . 2009-06-30 06:31 -------- d-----w- c:\programdata\Skype

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-30 19:43 . 2009-03-25 20:08 -------- d-----w- c:\program files\Common Files\Akamai
2009-06-30 19:35 . 2007-08-04 10:11 12 ----a-w- c:\windows\bthservsdp.dat
2009-06-30 19:35 . 2009-04-06 12:38 -------- d-----w- c:\users\hp\AppData\Roaming\BitTorrent
2009-06-30 19:35 . 2009-04-06 12:37 -------- d-----w- c:\users\hp\AppData\Roaming\DNA
2009-06-29 15:56 . 2009-04-08 16:27 -------- d-----w- c:\programdata\avg8
2009-06-28 18:47 . 2007-06-16 07:31 -------- d-----w- c:\programdata\Roxio
2009-06-28 06:30 . 2009-03-19 16:31 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2009-06-24 18:01 . 2009-03-18 18:54 -------- d-----w- c:\users\hp\AppData\Roaming\dvdcss
2009-06-23 15:58 . 2009-06-23 15:58 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-06-23 04:40 . 2009-03-09 12:29 -------- d-----w- c:\programdata\NVIDIA
2009-06-23 04:22 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2009-06-23 04:22 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2009-06-23 04:22 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-06-23 04:22 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2009-06-23 04:22 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal
2009-06-23 04:22 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2009-06-23 04:21 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2009-06-23 04:12 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-06-23 03:53 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2009-06-23 03:53 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll
2009-06-23 03:21 . 2009-03-21 08:32 41666 ----a-w- c:\programdata\nvModes.dat
2009-06-22 10:37 . 2009-03-19 16:38 -------- d-----w- c:\users\hp\AppData\Roaming\uTorrent
2009-06-22 07:53 . 2009-03-25 19:39 -------- d-----w- c:\programdata\Metacafe
2009-06-22 04:49 . 2009-03-25 19:40 -------- d-----w- c:\users\hp\AppData\Roaming\Metacafe
2009-06-21 19:50 . 2009-03-07 09:16 118928 ----a-w- c:\users\hp\AppData\Local\GDIPFONTCACHEV1.DAT
2009-06-21 19:40 . 2007-06-16 07:49 -------- d-----w- c:\program files\Microsoft Works
2009-06-21 14:53 . 2009-03-19 09:22 1356 ----a-w- c:\users\hp\AppData\Local\d3d9caps.dat
2009-06-17 18:09 . 2007-06-16 07:11 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-17 18:09 . 2007-06-16 07:57 -------- d-----w- c:\program files\HP
2009-06-17 05:47 . 2007-06-16 07:11 -------- d-----w- c:\program files\Common Files\InstallShield
2009-06-15 03:51 . 2009-04-08 16:27 327688 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-06-15 03:45 . 2007-06-16 08:15 -------- d-----w- c:\program files\Google
2009-06-14 20:30 . 2009-04-02 16:48 481280 ----a-w- c:\users\hp\AppData\Roaming\GRETECH\GomPlayer\GrLauncherTempSetup.exe
2009-06-14 17:47 . 2007-06-16 08:20 -------- d-----w- c:\program files\Common Files\muvee Technologies
2009-06-12 13:05 . 2007-06-16 08:11 -------- d-----w- c:\programdata\HP
2009-06-02 18:57 . 2007-06-16 07:34 -------- d-----w- c:\programdata\Symantec
2009-06-02 18:57 . 2007-06-16 07:33 -------- d-----w- c:\program files\Common Files\Symantec Shared
2009-06-02 18:56 . 2009-05-01 04:08 -------- d-----w- c:\programdata\Screentime
2009-06-02 08:55 . 2009-06-02 08:55 56 ---ha-w- c:\programdata\ezsidmv.dat
2009-06-02 07:13 . 2009-04-15 16:40 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-06-02 07:12 . 2009-03-21 18:20 -------- d-----w- c:\program files\AviSynth 2.5
2009-05-08 05:03 . 2009-04-23 07:50 -------- d-----w- c:\users\hp\AppData\Roaming\GetRightToGo
2009-05-03 05:04 . 2009-04-08 16:28 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-05-03 05:04 . 2009-04-08 16:27 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-05-03 05:03 . 2009-04-08 16:27 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-05-03 05:03 . 2009-04-08 16:27 12552 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2009-05-01 21:03 . 2007-02-06 23:03 129784 ------w- c:\windows\system32\PxAFS.DLL
2009-05-01 18:30 . 2009-05-01 18:30 3366912 ----a-w- c:\windows\system32\GPhotos.scr
2009-04-07 17:14 . 2009-04-07 17:17 410984 ----a-w- c:\windows\system32\deploytk.dll

ravi
Novice
Novice

Status :
Online
Offline

Posts : 20
Joined : 2009-06-29
OS : windows vista 32 bit

View user profile

Back to top Go down

Re: plz help(downloaded winbluesoft)

Post by ravi on Wed Jul 01, 2009 7:57 am

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\programdata\Macrovision\FLEXnet Connect\6\ISUSPM.exe" [2007-07-12 226904]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"BitTorrent DNA"="c:\users\hp\Program Files\DNA\btdna.exe" [2009-06-24 321344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-06-20 1316136]
"DpAgent"="c:\program files\DigitalPersona\Bin\dpagent.exe" [2008-07-14 814144]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-04-07 148888]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-06-15 1948440]
"SearchSettings"="c:\program files\Search Settings\SearchSettings.exe" [2009-04-09 970240]
"MSConfig"="c:\windows\System32\msconfig.exe" [2008-01-18 227840]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-09-18 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-09-18 8497696]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-09-18 81920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\windows\SMINST\launcher.exe" [2006-11-08 44128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli DPPWDFLT

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Metacafe.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Metacafe.lnk
backup=c:\windows\pss\Metacafe.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{EF6E5B49-BBA8-49AE-A51C-9ED0C2002360}"= c:\program files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"TCP Query User{8FB731A1-D26B-4A3D-A5FF-B8D00DA72DB9}c:\\windows\\explorer.exe"= UDP:c:\windows\explorer.exe:Windows Explorer
"UDP Query User{3BC859E8-728B-4636-AD24-4E1B3A9B1D6D}c:\\windows\\explorer.exe"= TCP:c:\windows\explorer.exe:Windows Explorer
"{A732598F-3D0B-4D37-A508-F8E58D3CCE82}"= UDP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{5A5500A8-869E-4023-8819-2292B7A4628B}"= TCP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{22377BAE-A321-411D-9829-D24414AD88DA}"= UDP:c:\program files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
"{DA0EB794-3FB8-48B4-A40F-E297D0C2BDEB}"= TCP:c:\program files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
"{D5658A95-43B9-49E2-B7C8-5242119ECFE2}"= UDP:c:\program files\uTorrent\utorrent.exe:µTorrent
"{0CCEEA9E-8B85-4FBA-B6EB-AAF2DF371557}"= TCP:c:\program files\uTorrent\utorrent.exe:µTorrent
"{D4DC9C1A-2461-48B1-BC46-277957E49294}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{90B8A10B-680C-4699-99BA-A7AA7DA34018}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{F53D2E1D-2FF8-4F90-9169-CDB13C1AC769}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{7F27DB23-C31F-4614-A457-7367A097D512}"= UDP:51968:Akamai NetSession Interface
"{76768FD7-CF72-4D00-B2DF-F3D9F1A52C33}"= TCP:5000:Akamai NetSession Interface
"{DB8EC403-3A9D-4E89-9B53-D5361678BD3B}"= UDP:49161:Akamai NetSession Interface
"{2E18E4AC-4001-4E77-8425-964045B632BD}"= UDP:49249:Akamai NetSession Interface
"{3FB80342-C85D-4EA2-B578-8EE4976DC3D0}"= UDP:49266:Akamai NetSession Interface
"{AE2B4BDE-36E4-4832-9C85-24FA8147D991}"= UDP:49180:Akamai NetSession Interface
"{B43E96E4-CFD6-474C-82D2-856B4A4B5CC4}"= UDP:49620:Akamai NetSession Interface
"{D012D3C1-4154-43E8-AEF3-394C3A8AEB78}"= UDP:51893:Akamai NetSession Interface
"{9967B9F0-328C-443F-ABC8-DCEA844CEBA9}"= UDP:55852:Akamai NetSession Interface
"{4726BB93-ADF4-4DE8-B28E-68C40FCFD104}"= UDP:63294:Akamai NetSession Interface
"{432A864E-C23A-4776-88AE-F2C99B1AB12F}"= UDP:49163:Akamai NetSession Interface
"{9DF59416-8610-4245-8E86-8797E3C34D40}"= TCP:5000:Akamai NetSession Interface
"{92E00D6D-DC9F-4CB1-9A61-8AED7007C1E7}"= UDP:49507:Akamai NetSession Interface
"{752D737D-2814-486E-9174-B4C3976CA950}"= UDP:49788:Akamai NetSession Interface

ravi
Novice
Novice

Status :
Online
Offline

Posts : 20
Joined : 2009-06-29
OS : windows vista 32 bit

View user profile

Back to top Go down

Re: plz help(downloaded winbluesoft)

Post by ravi on Wed Jul 01, 2009 8:00 am

"{C89E4F55-C358-40ED-8935-5042BFCA8813}"= UDP:49918:Akamai NetSession Interface
"{05134B18-FB37-468E-AD0E-E7D03C513918}"= UDP:49198:Akamai NetSession Interface
"{A33D73D3-062E-4D38-A744-B36D2F625B5C}"= UDP:49940:Akamai NetSession Interface
"{5F79CCDD-2D38-450A-B3F0-5095F1786397}"= UDP:50929:Akamai NetSession Interface
"{74AB4D40-4F69-4E4D-8714-084454E7657C}"= UDP:49206:Akamai NetSession Interface
"{F40C3D23-ED12-4FCC-870C-203AF614D77B}"= UDP:51369:Akamai NetSession Interface
"{78F157C2-44E8-4E7B-966A-A868A5614757}"= UDP:51380:Akamai NetSession Interface
"{5C1D13EF-A72C-43BD-90C7-D8FFE05ECB9A}"= UDP:51436:Akamai NetSession Interface
"{C6C02801-32C1-463E-9EFC-88213B1EFC05}"= UDP:49160:Akamai NetSession Interface
"{2A2558EA-3846-4531-AF06-F0A835BD530E}"= UDP:49166:Akamai NetSession Interface
"{82B6567E-A91F-4932-B6A5-67FC9769558D}"= UDP:49209:Akamai NetSession Interface
"{7297434E-5D90-495D-8C45-FF72EC990AE1}"= UDP:49212:Akamai NetSession Interface
"{F6DDCFD2-9E34-4C23-A20A-899EE00CCA9C}"= UDP:56465:Akamai NetSession Interface
"{F7D32B96-E825-4261-BC8B-137D1FB5E06E}"= UDP:56507:Akamai NetSession Interface
"{31F0028F-2E77-48E4-A90D-E66B894B8DD4}"= UDP:63452:Akamai NetSession Interface
"{CC030727-85E8-4ABB-8EB5-077D5FB402E8}"= UDP:64085:Akamai NetSession Interface
"{858F9453-FC84-4DD7-AF3D-02FAD8A6F74D}"= UDP:49402:Akamai NetSession Interface
"{AE22802D-8371-421D-99B2-365BCD0230C7}"= UDP:51993:Akamai NetSession Interface
"{9C1A94D4-BFDE-4C42-8C4B-2BA65AF29F8F}"= UDP:52494:Akamai NetSession Interface
"{8D98DE10-4BA7-40F2-BD86-ED2D8056A13D}"= UDP:49174:Akamai NetSession Interface
"{03525A23-DD93-4F7A-8898-7BB636F01E35}"= UDP:49408:Akamai NetSession Interface
"{FB792627-F413-4E19-85FA-FDD60C14BA70}"= UDP:49428:Akamai NetSession Interface
"{62037E94-9FAB-4F35-87A2-DD207D4B70FC}"= UDP:49376:Akamai NetSession Interface
"{58E0B620-E9EC-49AA-9C9B-2AAB209597D9}"= UDP:49194:Akamai NetSession Interface
"{3910C73D-45EF-4AEA-9AE2-C232C29B2448}"= UDP:52152:Akamai NetSession Interface
"{A4F65EB0-6D02-4F02-9574-249E9C876FF2}"= UDP:55922:Akamai NetSession Interface
"{98723B48-F4E0-4D89-A071-6ABAB7AB7A50}"= UDP:56411:Akamai NetSession Interface
"{07850643-A25F-450B-9721-0472907EFEF1}"= UDP:56513:Akamai NetSession Interface
"{357CF38D-C00D-461C-ADEE-6B34DF5AD741}"= UDP:58393:Akamai NetSession Interface
"{163DCB02-30F9-49B2-A512-A9A1DFC8E4E5}"= UDP:58883:Akamai NetSession Interface
"{8BE3F0BB-C62E-4FA6-BDBA-7D9664531F65}"= UDP:59218:Akamai NetSession Interface
"{FC2FEB4A-A32A-4686-AE04-23A91EEECCB0}"= UDP:59741:Akamai NetSession Interface
"{1659B809-E11A-4EE9-A5D6-A34B24CCDB50}"= UDP:60773:Akamai NetSession Interface
"{02617764-160E-46B1-81B1-48D51BDDA7F1}"= UDP:c:\program files\DNA\btdna.exe:DNA (TCP-In)
"{D133D43A-CAD4-44B9-B355-5E368FC79C02}"= TCP:c:\program files\DNA\btdna.exe:DNA (UDP-In)
"{9C055BAE-CDB9-4ECA-9AD4-858A8803C216}"= UDP:56686:Akamai NetSession Interface
"{A0AEEB25-D827-4C74-96F0-6D9B376245D2}"= UDP:57047:Akamai NetSession Interface
"{8A55DAF4-DEC9-4AA5-B7C2-BD5EF85A98DA}"= UDP:58331:Akamai NetSession Interface
"{54B3E3E2-4861-46DC-A54F-FCCD3F174756}"= UDP:62733:Akamai NetSession Interface
"{CAB35FD4-959B-41E9-98C1-0FEA68093C01}"= UDP:49173:Akamai NetSession Interface
"{9DEE0B76-C266-4557-9C1D-F646C39279FD}"= UDP:58420:Akamai NetSession Interface
"{D094F185-399B-4B04-A614-CC215E59B0E0}"= UDP:59775:Akamai NetSession Interface
"{DADF3FDB-F947-4919-8774-245250E23774}"= UDP:63989:Akamai NetSession Interface
"{E5BB6ABE-7846-435A-BFB0-B918F22948EC}"= UDP:64790:Akamai NetSession Interface
"{CAC07C06-386F-4304-BAB4-97C501F8BE7B}"= UDP:49352:Akamai NetSession Interface
"{7AD702B0-CEA7-432A-B4C0-443D8CE9EA10}"= UDP:49496:Akamai NetSession Interface
"{49587E4F-5720-4C7F-B6B7-B0FC62E7088C}"= UDP:49532:Akamai NetSession Interface
"{F2ABFB2B-E38D-46D2-92E1-F8945BE717E4}"= UDP:49579:Akamai NetSession Interface
"{F4D81F2A-FA71-4975-822E-A5DB870BEE48}"= UDP:49673:Akamai NetSession Interface
"{CB3DC765-E4D6-4FA0-B932-4B53E1C6197E}"= UDP:49827:Akamai NetSession Interface
"{89A58E56-CFE5-40F6-8666-3FCCE97C2F6F}"= UDP:50451:Akamai NetSession Interface
"{7CD9FFE4-DD99-4F9B-8CBF-0E780186A9D1}"= UDP:49221:Akamai NetSession Interface
"{BAEB085F-21C7-4CE2-9058-0147321DE227}"= UDP:49274:Akamai NetSession Interface
"{AF1D1E94-AF8C-4765-8EF9-8FF35CFCA1FA}"= UDP:49343:Akamai NetSession Interface
"{9372298C-12FB-4695-BB7F-6808D0637926}"= UDP:49413:Akamai NetSession Interface
"{582C04B0-B957-4929-8E00-BE2A995777A8}"= c:\program files\AVG\AVG8\avgam.exe:avgam.exe
"{2EF36FF6-AB07-445A-B4D4-FCC0AD5107A5}"= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe
"{981ADDF7-3C24-450B-96A3-F201CDEAB588}"= c:\program files\AVG\AVG8\avgnsx.exe:avgnsx.exe
"{DA62FB6E-FEDD-4639-82E9-F3E793DBBBC7}"= UDP:56328:Akamai NetSession Interface
"TCP Query User{BBBD5B5B-D1F3-4B3C-A4E1-3C1B31E178DE}c:\\program files\\bittorrent\\bittorrent.exe"= UDP:c:\program files\bittorrent\bittorrent.exe:BitTorrent
"UDP Query User{1B57D935-38D8-4C1F-BFAE-1CB18190A74E}c:\\program files\\bittorrent\\bittorrent.exe"= TCP:c:\program files\bittorrent\bittorrent.exe:BitTorrent
"TCP Query User{4EA1C16F-72A5-4C75-9314-5EDDDCFBCA80}c:\\users\\hp\\program files\\dna\\btdna.exe"= UDP:c:\users\hp\program files\dna\btdna.exe:btdna.exe
"UDP Query User{5F890DB7-F718-475C-8CFB-4C662321785E}c:\\users\\hp\\program files\\dna\\btdna.exe"= TCP:c:\users\hp\program files\dna\btdna.exe:btdna.exe
"{76BA5AD2-9BCB-4EB9-BDF7-136410303447}"= UDP:49172:Akamai NetSession Interface
"{DA51AFAD-EB7D-4329-8FF7-A80ACEB2D496}"= UDP:49187:Akamai NetSession Interface
"{79776BBE-9388-409D-974C-2F53FC7577EC}"= UDP:51626:Akamai NetSession Interface
"{B42E2807-C7B6-4495-A605-CA8147383925}"= UDP:52678:Akamai NetSession Interface
"{A5E196A4-027E-4FCB-BF11-E650B19B53B6}"= UDP:59584:Akamai NetSession Interface
"{8C2592A7-B934-4E55-86DC-EE4A68F068AA}"= UDP:62079:Akamai NetSession Interface
"{001E5A2C-820C-4511-83D9-D953E4B97019}"= UDP:64106:Akamai NetSession Interface
"{0B158E20-4644-4C45-8A90-311305540E1E}"= UDP:52760:Akamai NetSession Interface
"{45A9860C-6DA3-416C-AF31-01206F519E6C}"= UDP:54305:Akamai NetSession Interface
"{F5E54D83-BFE4-490D-B016-F4304109226C}"= UDP:54457:Akamai NetSession Interface
"{0F48F6C3-6608-4829-98ED-A7329058B7D6}"= UDP:54592:Akamai NetSession Interface
"{B5E6AA96-3C6D-4B61-B601-EC46C6CB1A8C}"= UDP:49190:Akamai NetSession Interface
"{65CF9F4C-0785-422F-ABBE-68FBB5B5ECBE}"= UDP:49304:Akamai NetSession Interface
"{B05F8E2B-1EBB-40C6-BEE2-BB86C8011FBD}"= UDP:49406:Akamai NetSession Interface
"{A6487EA8-9098-4264-A934-EC149B27C48B}"= UDP:51576:Akamai NetSession Interface
"{22D27788-D49A-470E-B211-34E5D1397688}"= UDP:49169:Akamai NetSession Interface
"{E11B1647-8046-400B-899D-2BF384F1F0A6}"= UDP:49419:Akamai NetSession Interface
"{BFDE9109-3249-489E-BA92-966581E34A25}"= UDP:49489:Akamai NetSession Interface
"{E0569E10-9452-413C-B840-D94DFBD02B5E}"= UDP:49523:Akamai NetSession Interface
"TCP Query User{C50119B2-F44E-4E3E-B535-138286CB6774}c:\\users\\hp\\program files\\dna\\btdna.exe"= UDP:c:\users\hp\program files\dna\btdna.exe:btdna.exe
"UDP Query User{70433B01-CD56-477B-A2AD-57C7566D776C}c:\\users\\hp\\program files\\dna\\btdna.exe"= TCP:c:\users\hp\program files\dna\btdna.exe:btdna.exe
"{4E51FA06-F206-4CE9-B54E-42B4E743E6CE}"= UDP:49195:Akamai NetSession Interface
"{ABF41979-1C66-4387-AA09-E5C42B6AB504}"= UDP:50005:Akamai NetSession Interface
"{34E7FFDB-D79F-415F-AAB8-E0A1A21B7146}"= UDP:50475:Akamai NetSession Interface

ravi
Novice
Novice

Status :
Online
Offline

Posts : 20
Joined : 2009-06-29
OS : windows vista 32 bit

View user profile

Back to top Go down

Re: plz help(downloaded winbluesoft)

Post by ravi on Wed Jul 01, 2009 8:03 am

"{73DA2BE6-9418-43E8-828B-860B83A8B932}"= UDP:49216:Akamai NetSession Interface
"{2EF717E8-EA23-4414-81B9-ADBF8F3AFE55}"= UDP:49168:Akamai NetSession Interface
"{24302A38-12AC-4E58-B5ED-71F91FBA7DE1}"= UDP:49486:Akamai NetSession Interface
"{FCF5CF5A-86DC-4871-8BC5-F7A075868348}"= UDP:49770:Akamai NetSession Interface
"{72CB39CA-6466-4359-BB7E-9E86D702079B}"= UDP:49778:Akamai NetSession Interface
"{40C9C59E-721E-4217-AD85-F16EB68CE417}"= UDP:49850:Akamai NetSession Interface
"{404A68FC-CC2A-4905-A7F9-91E6801E9945}"= UDP:49903:Akamai NetSession Interface
"{BB46D24F-C395-4F8D-955A-388D6A755680}"= UDP:49928:Akamai NetSession Interface
"{D256FECE-BD1D-4236-A2EA-12DE322F2E83}"= UDP:49949:Akamai NetSession Interface
"{552AEB9F-38A6-4497-868E-27CCF014567E}"= UDP:50879:Akamai NetSession Interface
"{8890767C-8337-43FB-AF8F-925AB3BEB16E}"= UDP:49167:Akamai NetSession Interface
"{66A82220-566D-4097-B3C3-F8EDC95385DD}"= UDP:49328:Akamai NetSession Interface
"{E5488F87-018E-4A3F-A803-7B422082688B}"= UDP:49345:Akamai NetSession Interface
"{BB71034D-92D4-4F2B-AF50-F567B061DCD1}"= UDP:51198:Akamai NetSession Interface
"{573D318E-DACB-4CF4-9FDD-3BD4E9C33CAC}"= UDP:53050:Akamai NetSession Interface
"{6198899E-9C4D-4023-8DB3-6CA685A4F1D1}"= UDP:53794:Akamai NetSession Interface
"{94775253-51C7-444A-A939-0CFE3085EB4F}"= UDP:55871:Akamai NetSession Interface
"{6F2AE439-8BBB-4BFC-991A-20CC20E7D156}"= UDP:56993:Akamai NetSession Interface
"{3D949BC0-BC34-4035-8E1F-5CC7B46CE8C5}"= UDP:57543:Akamai NetSession Interface
"{AF179B62-9552-429E-A046-F801F001AC96}"= UDP:59108:Akamai NetSession Interface
"{06ECB7F2-CE26-400A-A1C0-00AC975F2CC8}"= UDP:59619:Akamai NetSession Interface
"{B1E3B93B-D31B-469E-8395-636AB96B17C1}"= UDP:60233:Akamai NetSession Interface
"{841FBD66-01BB-4543-BAB6-DE0C7968D0C5}"= UDP:62192:Akamai NetSession Interface
"{E932F057-55B0-4079-A5A5-2DCC296AF6F7}"= UDP:49185:Akamai NetSession Interface
"{D646355A-C057-477F-93EF-252D3BC536DD}"= UDP:49324:Akamai NetSession Interface
"{CD38DFCC-8713-40F7-93A8-2B3FB94E6106}"= UDP:49162:Akamai NetSession Interface
"TCP Query User{CD2AA86F-4A32-44FD-A15A-5C732AEE96DE}c:\\program files\\bittorrent\\bittorrent.exe"= UDP:c:\program files\bittorrent\bittorrent.exe:BitTorrent
"UDP Query User{269BC0C9-11CC-4C39-B94B-8CA314C48582}c:\\program files\\bittorrent\\bittorrent.exe"= TCP:c:\program files\bittorrent\bittorrent.exe:BitTorrent
"{9F05B915-B51C-4D54-AB47-11D0FFE1EF08}"= UDP:51348:Akamai NetSession Interface
"{879A1462-31F9-4440-B6EB-9F2403206083}"= UDP:51413:Akamai NetSession Interface
"{B2F3C4B7-0679-4A74-A8BB-5FA3F1F04FA4}"= UDP:53409:Akamai NetSession Interface
"{1041DC05-DA24-4BA1-9303-7151F3EF11F0}"= UDP:53941:Akamai NetSession Interface
"{7995D0F7-106E-4451-9FD0-7B1A285848B7}"= UDP:56172:Akamai NetSession Interface
"{2672F68F-23A0-43B0-A999-397EB9F0D401}"= UDP:56261:Akamai NetSession Interface
"{02938619-64A5-4D2A-9FC3-EEC031110CE8}"= UDP:49163:Akamai NetSession Interface
"{86AC2B48-E8CA-48ED-8FBF-789225FC80B1}"= UDP:54272:Akamai NetSession Interface
"{82B1B1CA-C630-467C-A841-D8D5CE3A10AF}"= UDP:49316:Akamai NetSession Interface
"{472734E0-F8F2-4E13-A7DE-F6BE7F7E09A4}"= UDP:49160:Akamai NetSession Interface
"{45ABD68D-8E4B-4AF2-B007-49647EFDF123}"= UDP:51497:Akamai NetSession Interface
"{C04591F3-B27C-4DB5-B78C-3CD62F68AAED}"= UDP:53128:Akamai NetSession Interface
"{62C4B6F2-9AE7-4631-BA0F-831E8D9CF16B}"= UDP:53165:Akamai NetSession Interface
"{691300C0-4247-4972-A210-8E7CE2C0382D}"= UDP:53390:Akamai NetSession Interface
"{361B2BD1-A0C9-4E60-B8C7-3ABABB24FA81}"= UDP:49435:Akamai NetSession Interface
"{0E5F1FFC-2CF8-4873-A3FA-8B7F6DB63BCE}"= UDP:55072:Akamai NetSession Interface
"{54279DC0-C4CD-4A89-B4B0-52AD97952ABE}"= UDP:49179:Akamai NetSession Interface
"{52EB67FE-16FC-4E59-8DBF-73BEF9262A5B}"= UDP:49362:Akamai NetSession Interface
"{44A73F11-85D8-477D-8BFE-D114D7B4AD54}"= UDP:49628:Akamai NetSession Interface
"{6FDBADB2-3087-4B22-95D5-C7C547BAA962}"= UDP:49691:Akamai NetSession Interface
"{E40E7E58-926A-4678-A9F1-E84870AEB2D2}"= UDP:51981:Akamai NetSession Interface
"{18A162FD-D801-4A09-A2BC-9A8FCA0DFDE1}"= UDP:49202:Akamai NetSession Interface
"{6E93A2E3-78C0-4470-B44B-E4B9E7A02FA9}"= UDP:50195:Akamai NetSession Interface
"{33A7DE28-38AB-4298-B55E-E59BE8A991E4}"= UDP:51275:Akamai NetSession Interface
"{F0D068D6-D3A1-4A46-B130-4ED8C6D86C58}"= UDP:52534:Akamai NetSession Interface
"{15321E8C-6BF7-4F91-94A3-D53DECC6DFBD}"= UDP:53052:Akamai NetSession Interface
"{7A07F081-D4C9-4181-8F80-70DBEAE48E7E}"= UDP:55204:Akamai NetSession Interface
"{6BE2EE46-0E0C-4D24-B41E-F2A72EB4A559}"= UDP:55822:Akamai NetSession Interface
"{33C97E67-8761-465F-98BB-F954C6D38827}"= UDP:56074:Akamai NetSession Interface
"{BD155B40-F8F4-4306-BCAB-ECF0D0A6E4C9}"= UDP:49354:Akamai NetSession Interface
"{BC862F92-BED2-49D5-8422-C3BFB29A73F7}"= UDP:50100:Akamai NetSession Interface
"{C82A7C6D-2268-4E04-8353-9E53FE7AA84B}"= UDP:51984:Akamai NetSession Interface
"{0C32D573-0FAA-4D1C-B94F-1CB855534E95}"= UDP:52612:Akamai NetSession Interface
"{841B9D76-B2A6-4669-87F7-F37EE95BDFE3}"= UDP:49183:Akamai NetSession Interface
"{52A7F471-63C3-4F3A-8952-A3FB00EBFD58}"= UDP:49242:Akamai NetSession Interface
"{E9E604EE-4E5D-496D-A592-92336D77F950}"= UDP:49512:Akamai NetSession Interface
"{00EA2E9C-A1FA-4B3A-9157-19FD79714480}"= UDP:50154:Akamai NetSession Interface
"{77369B2E-FA61-446B-89E3-92EB3FE2E010}"= UDP:51850:Akamai NetSession Interface
"{30762D61-7DCA-46EA-AC96-DFCF797ED287}"= UDP:52379:Akamai NetSession Interface
"{0FE3D751-E550-4AFB-A3CE-3241AB2F091A}"= UDP:52692:Akamai NetSession Interface
"{83257846-8FF6-4CD1-BF3B-491EB39FDC32}"= UDP:54925:Akamai NetSession Interface
"{1F29C583-D013-40E0-99C3-44A59EDA5B6E}"= UDP:55329:Akamai NetSession Interface
"{4ABB7E1B-439F-4C6D-A3FC-D25C6ACD38F3}"= UDP:55695:Akamai NetSession Interface
"{3F8690FA-284D-4331-B62D-BABA5D877E44}"= UDP:56267:Akamai NetSession Interface
"{845CAC23-A614-4E33-BE85-CD11B75C704C}"= UDP:57234:Akamai NetSession Interface
"{83544F87-C16F-4882-8513-56B0C29FDCB1}"= UDP:49330:Akamai NetSession Interface
"{61E70586-B384-4B91-AC75-16B6B094A8E6}"= UDP:51989:Akamai NetSession Interface
"{4529D42F-8AA7-40A6-AA78-0299DECF3F7A}"= UDP:54476:Akamai NetSession Interface
"{41A2116B-0C0E-4C87-96BC-61705502597E}"= UDP:49285:Akamai NetSession Interface
"{A569180C-5825-4D38-81D1-2F1A0A70DBF3}"= UDP:49578:Akamai NetSession Interface
"{600DC049-AFD2-4F87-B4A8-8F5AA621CA0B}"= UDP:52059:Akamai NetSession Interface
"{9CD6CC19-E3EC-4D8A-9E45-AE5755CA0A8C}"= UDP:49184:Akamai NetSession Interface
"{EBBC63C9-2887-4440-959B-A0435724C94F}"= UDP:50168:Akamai NetSession Interface
"{6CDC92FC-0867-4756-BE50-85E786CF92AF}"= UDP:49382:Akamai NetSession Interface
"{2C5CCD37-ECCA-4D01-8524-55D6D90D3F46}"= UDP:50110:Akamai NetSession Interface

ravi
Novice
Novice

Status :
Online
Offline

Posts : 20
Joined : 2009-06-29
OS : windows vista 32 bit

View user profile

Back to top Go down

Re: plz help(downloaded winbluesoft)

Post by ravi on Wed Jul 01, 2009 8:03 am

"{6E7D8CE6-225B-4189-A86C-C17C4D6DE583}"= UDP:50688:Akamai NetSession Interface
"{20CE0B17-A01B-4D02-9B7B-A77DBFD44B0D}"= UDP:50767:Akamai NetSession Interface
"{F9501E36-2A0F-4DDF-8306-B5438F8B1A11}"= UDP:51432:Akamai NetSession Interface
"{11A5C4E9-46C7-4280-B209-E4901999C5A5}"= UDP:51571:Akamai NetSession Interface
"{C2411712-FD68-4C42-87A7-726A3B996062}"= UDP:51847:Akamai NetSession Interface
"{E4682D94-E260-4D25-868A-D528D4297C40}"= UDP:52528:Akamai NetSession Interface
"{09771D6A-F158-484F-B121-D0B7B2000FB9}"= UDP:52597:Akamai NetSession Interface
"{B0CD242D-6B1B-4C71-B6D4-A4DE7DAF601B}"= UDP:52610:Akamai NetSession Interface
"{D02A6768-6FDE-4398-B944-47B442BE74FB}"= UDP:52722:Akamai NetSession Interface
"{D896B5ED-E926-4EF5-9321-0AA258263E31}"= UDP:52729:Akamai NetSession Interface
"{52513DBF-9A92-42C5-861A-611AFFA5D782}"= UDP:52769:Akamai NetSession Interface
"{A73FA2AA-1277-40F3-A9B4-75A1AFDE06D1}"= UDP:52857:Akamai NetSession Interface
"{A0EA8C4A-C4AC-4EA5-96CD-044D3D168751}"= UDP:53282:Akamai NetSession Interface
"{EBB996EA-E594-4E7B-B99F-AAA68B995311}"= UDP:53449:Akamai NetSession Interface
"{890E7F4C-53F2-4025-9FA9-72AB227BB6B0}"= UDP:54217:Akamai NetSession Interface
"{3359E2F1-65B2-4F59-BB97-93625F0789B0}"= UDP:54867:Akamai NetSession Interface
"{03F79B56-5460-4B53-937E-C7556AE67B50}"= UDP:49189:Akamai NetSession Interface
"{AC5468CD-002B-4AB2-9EFD-B7BD60F096CA}"= UDP:49752:Akamai NetSession Interface
"{8DC78EBE-AF4C-456E-A4F9-DD25C3AA2CCF}"= UDP:51335:Akamai NetSession Interface
"{33641E14-DED9-40A9-B0AC-75AA9F152164}"= UDP:51356:Akamai NetSession Interface
"{CCFB66F3-8A4E-4D3D-8E76-ABD8C8E73FC6}"= UDP:51603:Akamai NetSession Interface
"{B4C9C981-01B5-4FBD-A309-CAE2DE7833C6}"= UDP:52154:Akamai NetSession Interface
"{1BE3D106-F42C-4961-9916-942FF6B4F6A8}"= UDP:52938:Akamai NetSession Interface
"{40900651-7E86-4346-8665-5E817E16067A}"= UDP:53718:Akamai NetSession Interface
"{53B39DBC-7288-4275-A6A4-EB112F9C2E9D}"= UDP:53763:Akamai NetSession Interface
"{D64692D4-D46B-4B67-B7B9-5AF057A0A873}"= UDP:54242:Akamai NetSession Interface
"{FF1734E2-5C37-4526-97E3-64BDFBB39C68}"= UDP:54271:Akamai NetSession Interface
"{813E9A3C-BDFF-420A-8E5A-6D7E55499DE1}"= UDP:54980:Akamai NetSession Interface
"{CB7E5885-9F35-4A1A-9F37-D798B02AF26D}"= UDP:56483:Akamai NetSession Interface
"{E93C0A04-1DF7-494A-B92F-B9BA1FADAC73}"= UDP:49524:Akamai NetSession Interface
"{8C6DEFD7-7D86-49EF-8FC0-87781A24944E}"= UDP:51819:Akamai NetSession Interface
"{4156D500-69B4-4066-86D1-612089C1A102}"= UDP:52444:Akamai NetSession Interface
"{0C51DDEA-6D4A-4D23-B6E2-4C2815F55FCB}"= UDP:53088:Akamai NetSession Interface
"{B6050C0C-6A7D-408D-84A6-B58AD24E6F02}"= UDP:54903:Akamai NetSession Interface
"{E1C9725B-864C-4735-9729-8913C25E87DB}"= UDP:49243:Akamai NetSession Interface
"{273C2F8A-B2A5-488D-8485-91368D0FAD89}"= UDP:51986:Akamai NetSession Interface
"{4B22292C-8FAD-4B6A-9C9A-09B13A6B067F}"= UDP:53864:Akamai NetSession Interface
"{9CEB3191-4DAA-42F1-8998-E3B7420E9C4A}"= UDP:53983:Akamai NetSession Interface
"{BCDC2873-C551-4468-BDC7-C68DD293C07A}"= UDP:54033:Akamai NetSession Interface
"{3867F9A7-EAB3-4FE8-BB88-4E6AF87A5AC9}"= UDP:49287:Akamai NetSession Interface
"{6023F505-7307-4E13-98A0-3823258B102F}"= UDP:49813:Akamai NetSession Interface
"TCP Query User{2F60B2E0-3F6A-4D1B-B063-0AF5FF30FACB}c:\\users\\hp\\desktop\\codemasters\\igi 2\\pc\\igi2.exe"= UDP:c:\users\hp\desktop\codemasters\igi 2\pc\igi2.exe:igi2.exe
"UDP Query User{B4FD5D22-B1FD-4E4E-B8D3-07D0D3E62296}c:\\users\\hp\\desktop\\codemasters\\igi 2\\pc\\igi2.exe"= TCP:c:\users\hp\desktop\codemasters\igi 2\pc\igi2.exe:igi2.exe
"{1D1B8CB9-E1EA-40FE-B28F-3AA18C965EFA}"= UDP:49256:Akamai NetSession Interface
"{8B9C1C75-8910-4233-B1C5-78A6B7916FBF}"= UDP:51255:Akamai NetSession Interface
"{D1E81F1B-B1C4-4583-BAC1-9DB6573F0C3F}"= UDP:49236:Akamai NetSession Interface
"{A0D0D8D7-39F4-4CE0-9441-B22FAEBA9672}"= UDP:49436:Akamai NetSession Interface
"{67238FE5-CB71-49DD-BF53-D890E44E02AE}"= UDP:51152:Akamai NetSession Interface
"{398BD6E4-2899-4D1D-8CAB-BE687BBA6230}"= UDP:52304:Akamai NetSession Interface
"{32D518BA-49CE-48C4-8327-B53F8F4380EA}"= UDP:49379:Akamai NetSession Interface
"{9A15C0DB-58F1-49B3-8BB2-352349742917}"= UDP:c:\program files\Skype\Phone\Skype.exe:Skype
"{523F8D1E-0C9C-4513-97D3-3C373E2E5274}"= UDP:51228:Akamai NetSession Interface
"{B7D82A55-EAEB-4793-946D-C30858D6094B}"= UDP:53666:Akamai NetSession Interface
"{12D707C0-FC81-4B25-8350-517CA6214F36}"= UDP:54144:Akamai NetSession Interface
"{9EC3A475-684D-4CC1-A317-4F44ABE96162}"= UDP:54573:Akamai NetSession Interface
"{53A60AB6-DC2F-4C53-A938-23D053056EE9}"= UDP:60530:Akamai NetSession Interface
"{5A0D6645-B49D-4775-B10B-ED61FA2D26C7}"= UDP:49214:Akamai NetSession Interface
"{BCD74E95-DF60-4A2F-86CB-3DA1681B4DBB}"= UDP:51505:Akamai NetSession Interface
"{64F63D79-5DB3-4EAD-8018-7209E96DA6F3}"= UDP:55424:Akamai NetSession Interface
"{17D9FB85-66C5-450C-A2CA-D45A776B54D3}"= UDP:57198:Akamai NetSession Interface
"{121DB374-BD57-46EF-9F1C-8513436A65B5}"= UDP:57839:Akamai NetSession Interface
"{5EE89E72-CB13-4A90-B4F3-FCE93C9694B5}"= UDP:58182:Akamai NetSession Interface
"{62AD9513-CDCF-448F-B2AD-26739CE5AAAA}"= UDP:49203:Akamai NetSession Interface
"{EEB44924-C3BF-4A10-B79F-091BA217EA9B}"= UDP:49207:Akamai NetSession Interface
"{48DC56AC-32C6-42E1-96C6-EB7EF80E5CBB}"= UDP:49226:Akamai NetSession Interface
"{A3ACE924-26AD-49E3-A3EF-4F8614DA6D7A}"= UDP:49225:Akamai NetSession Interface
"{1046108C-ACE6-47AA-8693-B914AB1BBE5A}"= UDP:49232:Akamai NetSession Interface
"{478C66C8-3C4A-4A73-B2BD-FEAC2EC0176C}"= UDP:49229:Akamai NetSession Interface
"{6469D678-6407-4A47-A6BA-DE965F8FF0DF}"= UDP:49239:Akamai NetSession Interface
"{D762D277-30C3-4D27-AD13-1C503A430BFC}"= UDP:50052:Akamai NetSession Interface
"{4BAA2FE1-06ED-4C7F-8F0A-8BF9B4A8D385}"= UDP:50098:Akamai NetSession Interface
"{61917FAA-D1E5-4B42-8575-2CCADF2376EB}"= UDP:50256:Akamai NetSession Interface
"{9976FEA4-0223-4597-BD97-918BBF97F652}"= UDP:55047:Akamai NetSession Interface
"{CD2AFB31-0BBA-4196-83CD-0C34899E98DB}"= UDP:56776:Akamai NetSession Interface
"{F61CEA1A-061F-43D1-B26E-C822088168D3}"= UDP:49581:Akamai NetSession Interface
"{32756134-3BB1-4FA6-8FD7-3A1F271A841B}"= UDP:50006:Akamai NetSession Interface
"{A3F96F7E-07CC-445F-807F-BF1D331E99D2}"= UDP:52160:Akamai NetSession Interface
"{DD80A1DD-4111-4A6F-8D76-A62F87F62F79}"= UDP:54130:Akamai NetSession Interface
"{0FFB803E-C858-49EE-89D8-1A02BDFB9EBC}"= UDP:55565:Akamai NetSession Interface
"{0063AC6E-3696-4BC9-B8DF-6D2EA1800E94}"= UDP:56123:Akamai NetSession Interface
"{4647CE05-28F8-4ADC-9AB4-1A1B55AA233D}"= UDP:57241:Akamai NetSession Interface
"{FBA58319-D456-4E9F-A15B-A52CFCF136CE}"= UDP:52045:Akamai NetSession Interface
"{660CD1F8-8780-407F-A41A-4785EA32FD85}"= UDP:62832:Akamai NetSession Interface
"{B05C555B-6C9B-4818-B452-E1AE7542CD16}"= UDP:49935:Akamai NetSession Interface
"{3FFB57B8-D02B-4F5F-81A9-3C22C70A09A4}"= c:\program files\HP\QuickPlay\QP.exe:Quick Play
"{9D4B3306-5D87-4CF9-BE3A-36D7D56B07FE}"= c:\program files\HP\QuickPlay\QPService.exe:Quick Play Resident Program
"{CA4404F2-D170-4BA3-949B-BCB115B3A7C9}"= UDP:49227:Akamai NetSession Interface
"{67EE7A2D-2687-4DBD-B866-CCFA7D7EE2F1}"= UDP:49663:Akamai NetSession Interface
"{67DCF31E-643F-4DD9-A9B4-C62BAE4C6DC7}"= UDP:52476:Akamai NetSession Interface
"{835E5FB2-5F40-414B-BCE9-CFCD8AFE7B08}"= UDP:53641:Akamai NetSession Interface
"{2965A69E-0A44-44B1-8A6D-60CA3606BD80}"= UDP:56347:Akamai NetSession Interface
"{8408F35E-3D38-483F-AA47-B1C8A15F89EC}"= UDP:50316:Akamai NetSession Interface
"{9ADA7AC7-D03B-44C8-8F08-7155012E9738}"= UDP:49816:Akamai NetSession Interface
"{BECF40F8-5E31-4CD3-BFC0-FDA823D53ADA}"= UDP:C:\utorent.exe:µTorrent
"{4F7A8BC3-2260-476A-B194-B9A861CF2F68}"= TCP:C:\utorent.exe:µTorrent
"{1089C7A3-385E-4E44-BCF3-B93884F99638}"= UDP:c:\program files\Spyware Doctor\pctsGui.exe:Spyware Doctor
"{009ACAAE-82BD-40CA-AC89-1BD36F154337}"= TCP:c:\program files\Spyware Doctor\pctsGui.exe:Spyware Doctor

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent

ravi
Novice
Novice

Status :
Online
Offline

Posts : 20
Joined : 2009-06-29
OS : windows vista 32 bit

View user profile

Back to top Go down

Re: plz help(downloaded winbluesoft)

Post by ravi on Wed Jul 01, 2009 8:04 am

R0 AvgRkx86;avgrkx86.sys;c:\windows\System32\drivers\avgrkx86.sys [4/8/2009 9:57 PM 12552]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [4/8/2009 9:57 PM 327688]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\System32\drivers\avgtdix.sys [4/8/2009 9:57 PM 108552]
R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [6/23/2009 8:44 AM 21504]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [4/8/2009 9:57 PM 298776]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
Akamai REG_MULTI_SZ Akamai
.
Contents of the 'Scheduled Tasks' folder

2009-06-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-476638140-902087077-1952224165-1000.job
- c:\users\hp\AppData\Local\Google\Update\GoogleUpdate.exe [2009-03-21 13:09]

2009-06-30 c:\windows\Tasks\User_Feed_Synchronization-{FA941214-5DD4-4C06-AFE5-FFF568C87543}.job
- c:\windows\system32\msfeedssync.exe [2009-06-23 18:03]
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
mStart Page = [You must be registered and logged in to see this link.]
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: {7A62AAB9-46DD-441C-93B8-F2DF0F71D5A5} = 203.122.63.154,203.122.63.152
FF - ProfilePath - c:\users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\qdnac629.default\
FF - prefs.js: browser.startup.homepage - [You must be registered and logged in to see this link.]
FF - component: c:\program files\DAP\DAPFireFox\components\DAPFireFox.dll
FF - component: c:\program files\DigitalPersona\Bin\firefoxext\components\dpffcli.dll
FF - component: c:\program files\Mozilla Firefox\extensions\search@searchsettings.com\components\SearchSettingsFF.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\users\hp\AppData\Local\Google\Update\1.2.145.5\npGoogleOneClick8.dll
FF - plugin: c:\users\hp\Program Files\DNA\plugins\npbtdna.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2009-07-01 01:24
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-476638140-902087077-1952224165-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{EABE5450-598E-1DFC-3D4B-9F6093505EFD}*]
"bbpkgghchafpemimfbmgjfmkhkgplflahkln"=hex:61,61,00,00
"abpkgghchafpemimfbjgefaapmckgmmmde"=hex:61,61,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'lsass.exe'(684)
c:\windows\system32\DPPWDFLT.dll
.
Completion time: 2009-06-30 1:25
ComboFix-quarantined-files.txt 2009-06-30 19:55

Pre-Run: 24,457,850,880 bytes free
Post-Run: 24,572,186,624 bytes free

1257 --- E O F --- 2009-04-01 07:52

ravi
Novice
Novice

Status :
Online
Offline

Posts : 20
Joined : 2009-06-29
OS : windows vista 32 bit

View user profile

Back to top Go down

Re: plz help(downloaded winbluesoft)

Post by Belahzur on Wed Jul 01, 2009 2:49 pm

Hello.

Now open a new notepad file.
Input this into the notepad file:

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=-
"InternetSettingsDisableNotify"=-
"AutoUpdateDisableNotify"=-

RegNull::
[HKEY_USERS\S-1-5-21-476638140-902087077-1952224165-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{EABE5450-598E-1DFC-3D4B-9F6093505EFD}*]

Save this as CFScript.txt, save it to your desktop also.
Then drag and drop CFScript.txt into combofix as seen below:


This will open combofix again, agree to it's terms and allow it to run.
It may want to reboot after it's done. (It will warn you if it wants to)
Post the resulting log back here.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: plz help(downloaded winbluesoft)

Post by ravi on Thu Jul 02, 2009 4:30 pm

hi

ComboFix 09-06-29.07 - hp 01-07-2009 23:13.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.91.1033.18.958.334 [GMT 5.5:30]
Running from: g:\my own\extra softwares\security related\Combo-Fix.exe
Command switches used :: g:\my own\extra softwares\security related\CFScript.txt
AV: AVG Anti-Virus *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: AVG Anti-Virus *enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: Windows Defender *enabled* (Outdated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Created a new restore point
.

((((((((((((((((((((((((( Files Created from 2009-06-01 to 2009-07-01 )))))))))))))))))))))))))))))))
.

2009-07-01 17:50 . 2009-07-01 17:50 -------- d-----w- c:\users\hp\AppData\Local\temp
2009-07-01 11:00 . 2009-07-01 11:00 -------- d-----w- c:\windows\LastGood
2009-07-01 10:58 . 2009-07-01 11:18 -------- d--h--w- c:\windows\system32\dwrcssft
2009-07-01 08:55 . 2009-07-01 08:55 -------- d-----w- c:\users\hp\AppData\Local\WindowsUpdate
2009-06-30 08:00 . 2009-06-30 08:00 -------- d-----w- c:\users\hp\AppData\Roaming\Malwarebytes
2009-06-30 07:56 . 2009-06-17 05:57 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-30 07:56 . 2009-06-30 08:00 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-06-30 07:56 . 2009-06-30 07:56 -------- d-----w- c:\programdata\Malwarebytes
2009-06-30 07:56 . 2009-06-17 05:57 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-06-28 06:34 . 2009-06-28 06:34 -------- d-----w- c:\users\hp\AppData\Roaming\DivX
2009-06-25 17:16 . 2009-06-25 17:16 65536 ----a-w- c:\windows\IFinst27.exe
2009-06-24 19:06 . 2009-06-24 19:06 -------- d-----w- c:\program files\RocketDock
2009-06-23 04:12 . 2009-06-23 04:12 -------- d-----w- C:\PerfLogs
2009-06-23 03:44 . 2009-06-23 03:08 47560 ----a-w- c:\windows\system32\SPReview.exe
2009-06-23 03:44 . 2009-06-23 03:08 152576 ----a-w- c:\windows\system32\SPWizUI.dll
2009-06-23 03:17 . 2008-01-18 18:03 193024 ----a-w- c:\windows\system32\recdisc.exe
2009-06-23 03:17 . 2008-01-18 18:06 6656 ----a-w- c:\windows\system32\sdspres.dll
2009-06-23 03:15 . 2008-01-18 18:06 98816 ----a-w- c:\windows\system32\sdshext.dll
2009-06-23 03:14 . 2008-01-18 18:04 200704 ----a-w- c:\windows\system32\input.dll
2009-06-23 03:11 . 2008-01-18 18:03 44032 ----a-w- c:\windows\system32\cbsra.exe
2009-06-23 03:08 . 2009-06-23 03:08 -------- d-----w- C:\6e35e1b8da2284ef31f9b796cbad3d
2009-06-22 10:34 . 2009-06-22 10:34 177152 ----a-w- C:\utorent.exe
2009-06-17 05:49 . 2003-01-16 22:29 1984 ----a-w- c:\windows\system32\drivers\papycpu2.sys
2009-06-17 05:49 . 2003-01-16 22:29 1856 ----a-w- c:\windows\system32\drivers\papyjoy.sys
2009-06-17 05:48 . 2009-06-17 05:48 -------- d-----w- C:\Papyrus
2009-06-15 11:50 . 2009-06-15 11:50 -------- d-----w- c:\program files\Search Settings
2009-06-14 18:55 . 2009-06-14 19:43 -------- d-sha-w- c:\users\Public\DRM
2009-06-14 17:01 . 2009-06-16 15:49 83456 ----a-w- c:\programdata\SpeedBit\DAP\SDCondition.dll
2009-06-14 13:42 . 2009-06-14 13:42 2169880 ----a-w- c:\programdata\SpeedBit\DAP\Offers\spo3.exe
2009-06-14 13:42 . 2009-06-14 13:40 3530776 ----a-w- c:\programdata\SpeedBit\DAP\Offers\VA23_DAPSO.exe
2009-06-14 13:34 . 2009-06-30 19:14 95744 ----a-w- c:\programdata\SpeedBit\DAP\Updates\Condition.dll
2009-06-14 13:33 . 2009-06-22 09:31 -------- d-----w- c:\programdata\SpeedBit
2009-06-14 13:32 . 2009-06-22 09:30 -------- d-----w- c:\program files\SpeedBit Toolbar
2009-06-14 13:32 . 2009-06-14 13:32 50688 ----a-w- c:\windows\system32\wbhelp2.dll
2009-06-14 13:32 . 2009-06-14 13:42 -------- d-----w- c:\program files\DAP
2009-06-12 13:05 . 2009-06-12 13:05 -------- d-----w- c:\users\hp\AppData\Roaming\HP
2009-06-12 13:04 . 2009-06-17 18:15 -------- d-----w- c:\users\hp\AppData\Local\QuickPlay
2009-06-09 15:28 . 2009-06-09 15:28 -------- d-----w- c:\users\hp\AppData\Local\NeoSmart_Technologies
2009-06-09 15:22 . 2009-06-22 09:39 -------- d-----w- c:\program files\NeoSmart Technologies
2009-06-09 14:28 . 2009-06-09 14:28 -------- d-----w- c:\program files\PROnetworks
2009-06-02 08:55 . 2009-06-25 18:33 -------- d-----w- c:\users\hp\AppData\Roaming\skypePM
2009-06-02 07:31 . 2009-06-30 06:31 -------- d-----w- c:\programdata\Skype

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-01 17:48 . 2009-04-06 12:37 -------- d-----w- c:\users\hp\AppData\Roaming\DNA
2009-07-01 17:41 . 2009-04-06 12:38 -------- d-----w- c:\users\hp\AppData\Roaming\BitTorrent
2009-07-01 17:40 . 2009-03-25 20:08 -------- d-----w- c:\program files\Common Files\Akamai
2009-06-30 21:11 . 2007-08-04 10:11 12 ----a-w- c:\windows\bthservsdp.dat
2009-06-29 15:56 . 2009-04-08 16:27 -------- d-----w- c:\programdata\avg8
2009-06-28 18:47 . 2007-06-16 07:31 -------- d-----w- c:\programdata\Roxio
2009-06-28 06:30 . 2009-03-19 16:31 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2009-06-24 18:01 . 2009-03-18 18:54 -------- d-----w- c:\users\hp\AppData\Roaming\dvdcss
2009-06-23 15:58 . 2009-06-23 15:58 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-06-23 04:40 . 2009-03-09 12:29 -------- d-----w- c:\programdata\NVIDIA
2009-06-23 04:22 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2009-06-23 04:22 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2009-06-23 04:22 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-06-23 04:22 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2009-06-23 04:22 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal
2009-06-23 04:22 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2009-06-23 04:21 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2009-06-23 04:12 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-06-23 03:53 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2009-06-23 03:53 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll
2009-06-23 03:21 . 2009-03-21 08:32 41666 ----a-w- c:\programdata\nvModes.dat
2009-06-22 10:37 . 2009-03-19 16:38 -------- d-----w- c:\users\hp\AppData\Roaming\uTorrent
2009-06-22 07:53 . 2009-03-25 19:39 -------- d-----w- c:\programdata\Metacafe
2009-06-22 04:49 . 2009-03-25 19:40 -------- d-----w- c:\users\hp\AppData\Roaming\Metacafe
2009-06-21 19:50 . 2009-03-07 09:16 118928 ----a-w- c:\users\hp\AppData\Local\GDIPFONTCACHEV1.DAT
2009-06-21 19:40 . 2007-06-16 07:49 -------- d-----w- c:\program files\Microsoft Works
2009-06-21 14:53 . 2009-03-19 09:22 1356 ----a-w- c:\users\hp\AppData\Local\d3d9caps.dat
2009-06-17 18:09 . 2007-06-16 07:11 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-17 18:09 . 2007-06-16 07:57 -------- d-----w- c:\program files\HP
2009-06-17 05:47 . 2007-06-16 07:11 -------- d-----w- c:\program files\Common Files\InstallShield
2009-06-15 03:51 . 2009-04-08 16:27 327688 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-06-15 03:45 . 2007-06-16 08:15 -------- d-----w- c:\program files\Google
2009-06-14 20:30 . 2009-04-02 16:48 481280 ----a-w- c:\users\hp\AppData\Roaming\GRETECH\GomPlayer\GrLauncherTempSetup.exe
2009-06-14 17:47 . 2007-06-16 08:20 -------- d-----w- c:\program files\Common Files\muvee Technologies
2009-06-12 13:05 . 2007-06-16 08:11 -------- d-----w- c:\programdata\HP
2009-06-02 18:57 . 2007-06-16 07:34 -------- d-----w- c:\programdata\Symantec
2009-06-02 18:57 . 2007-06-16 07:33 -------- d-----w- c:\program files\Common Files\Symantec Shared
2009-06-02 18:56 . 2009-05-01 04:08 -------- d-----w- c:\programdata\Screentime
2009-06-02 08:55 . 2009-06-02 08:55 56 ---ha-w- c:\programdata\ezsidmv.dat
2009-06-02 07:13 . 2009-04-15 16:40 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-06-02 07:12 . 2009-03-21 18:20 -------- d-----w- c:\program files\AviSynth 2.5
2009-05-08 05:03 . 2009-04-23 07:50 -------- d-----w- c:\users\hp\AppData\Roaming\GetRightToGo
2009-05-03 05:04 . 2009-04-08 16:28 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-05-03 05:04 . 2009-04-08 16:27 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-05-03 05:03 . 2009-04-08 16:27 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-05-03 05:03 . 2009-04-08 16:27 12552 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2009-05-01 21:03 . 2007-02-06 23:03 129784 ------w- c:\windows\system32\PxAFS.DLL
2009-05-01 18:30 . 2009-05-01 18:30 3366912 ----a-w- c:\windows\system32\GPhotos.scr
2009-04-07 17:14 . 2009-04-07 17:17 410984 ----a-w- c:\windows\system32\deploytk.dll
.

((((((((((((((((((((((((((((( [You must be registered and logged in to see this link.] )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-06-16 07:08 . 2009-07-01 07:12 53808 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 13:05 . 2009-07-01 07:12 80528 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2008-03-24 07:16 . 2008-03-24 07:16 78848 c:\windows\System32\DWRCST.exe
+ 2008-03-24 07:16 . 2008-03-24 07:16 61440 c:\windows\System32\DWRCSI.dll
+ 2008-03-24 07:16 . 2008-03-24 07:16 61440 c:\windows\System32\DWRCSh32.DLL
+ 2008-03-24 07:16 . 2008-03-24 07:16 53248 c:\windows\System32\DWRCK.dll

ravi
Novice
Novice

Status :
Online
Offline

Posts : 20
Joined : 2009-06-29
OS : windows vista 32 bit

View user profile

Back to top Go down

Re: plz help(downloaded winbluesoft)

Post by ravi on Thu Jul 02, 2009 4:31 pm

+ 2007-02-15 21:30 . 2007-02-15 21:30 26624 c:\windows\System32\DriverStore\FileRepository\dwvkbd.inf_8a5b9e18\dwvkbd.sys
+ 2007-02-07 21:30 . 2007-02-07 21:30 14592 c:\windows\System32\DriverStore\FileRepository\dwmirror.inf_73e4ce48\DamewareDisp.dll
+ 2007-02-15 21:30 . 2007-02-15 21:30 26624 c:\windows\System32\drivers\dwvkbd.sys
+ 2007-02-07 21:30 . 2007-02-07 21:30 14592 c:\windows\System32\DamewareDisp.dll
- 2006-11-02 10:25 . 2009-06-23 04:30 86016 c:\windows\inf\infstor.dat
+ 2006-11-02 10:25 . 2009-07-01 11:00 86016 c:\windows\inf\infstor.dat
- 2006-11-02 10:25 . 2009-06-23 04:30 51200 c:\windows\inf\infpub.dat
+ 2006-11-02 10:25 . 2009-07-01 11:00 51200 c:\windows\inf\infpub.dat
+ 2009-03-07 09:10 . 2009-07-01 07:12 8506 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-476638140-902087077-1952224165-1000_UserData.bin
+ 2007-02-07 21:30 . 2007-02-07 21:30 3712 c:\windows\System32\DriverStore\FileRepository\dwmirror.inf_73e4ce48\DamewareMini.sys
+ 2007-02-07 21:30 . 2007-02-07 21:30 3712 c:\windows\System32\drivers\DamewareMini.sys
+ 2009-07-01 07:10 . 2009-07-01 07:10 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2009-06-30 19:43 . 2009-06-30 19:43 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-07-01 07:10 . 2009-07-01 07:10 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-06-30 19:43 . 2009-06-30 19:43 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-03-10 07:31 . 2009-07-01 16:08 336520 c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2006-11-02 10:33 . 2009-07-01 16:46 600378 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2009-06-29 18:02 600378 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2009-06-29 18:02 105852 c:\windows\System32\perfc009.dat
+ 2006-11-02 10:33 . 2009-07-01 16:46 105852 c:\windows\System32\perfc009.dat
+ 2008-03-24 07:16 . 2008-03-24 07:16 233472 c:\windows\System32\DWRCSET.dll
+ 2008-03-24 07:16 . 2008-03-24 07:16 232448 c:\windows\System32\DWRCS.exe
+ 2006-11-02 10:25 . 2009-07-01 11:00 143360 c:\windows\inf\infstrng.dat
- 2006-11-02 10:25 . 2009-06-23 04:30 143360 c:\windows\inf\infstrng.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\programdata\Macrovision\FLEXnet Connect\6\ISUSPM.exe" [2007-07-12 226904]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"BitTorrent DNA"="c:\users\hp\Program Files\DNA\btdna.exe" [2009-06-24 321344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-06-20 1316136]
"DpAgent"="c:\program files\DigitalPersona\Bin\dpagent.exe" [2008-07-14 814144]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-04-07 148888]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-06-15 1948440]
"SearchSettings"="c:\program files\Search Settings\SearchSettings.exe" [2009-04-09 970240]
"MSConfig"="c:\windows\System32\msconfig.exe" [2008-01-18 227840]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-09-18 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-09-18 8497696]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-09-18 81920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\windows\SMINST\launcher.exe" [2006-11-08 44128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli DPPWDFLT

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Metacafe.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Metacafe.lnk
backup=c:\windows\pss\Metacafe.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{EF6E5B49-BBA8-49AE-A51C-9ED0C2002360}"= c:\program files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"TCP Query User{8FB731A1-D26B-4A3D-A5FF-B8D00DA72DB9}c:\\windows\\explorer.exe"= UDP:c:\windows\explorer.exe:Windows Explorer
"UDP Query User{3BC859E8-728B-4636-AD24-4E1B3A9B1D6D}c:\\windows\\explorer.exe"= TCP:c:\windows\explorer.exe:Windows Explorer
"{A732598F-3D0B-4D37-A508-F8E58D3CCE82}"= UDP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{5A5500A8-869E-4023-8819-2292B7A4628B}"= TCP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{22377BAE-A321-411D-9829-D24414AD88DA}"= UDP:c:\program files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
"{DA0EB794-3FB8-48B4-A40F-E297D0C2BDEB}"= TCP:c:\program files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
"{D5658A95-43B9-49E2-B7C8-5242119ECFE2}"= UDP:c:\program files\uTorrent\utorrent.exe:µTorrent
"{0CCEEA9E-8B85-4FBA-B6EB-AAF2DF371557}"= TCP:c:\program files\uTorrent\utorrent.exe:µTorrent
"{D4DC9C1A-2461-48B1-BC46-277957E49294}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{90B8A10B-680C-4699-99BA-A7AA7DA34018}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{F53D2E1D-2FF8-4F90-9169-CDB13C1AC769}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{7F27DB23-C31F-4614-A457-7367A097D512}"= UDP:51968:Akamai NetSession Interface
"{76768FD7-CF72-4D00-B2DF-F3D9F1A52C33}"= TCP:5000:Akamai NetSession Interface
"{DB8EC403-3A9D-4E89-9B53-D5361678BD3B}"= UDP:49161:Akamai NetSession Interface
"{2E18E4AC-4001-4E77-8425-964045B632BD}"= UDP:49249:Akamai NetSession Interface
"{3FB80342-C85D-4EA2-B578-8EE4976DC3D0}"= UDP:49266:Akamai NetSession Interface
"{AE2B4BDE-36E4-4832-9C85-24FA8147D991}"= UDP:49180:Akamai NetSession Interface
"{B43E96E4-CFD6-474C-82D2-856B4A4B5CC4}"= UDP:49620:Akamai NetSession Interface
"{D012D3C1-4154-43E8-AEF3-394C3A8AEB78}"= UDP:51893:Akamai NetSession Interface
"{9967B9F0-328C-443F-ABC8-DCEA844CEBA9}"= UDP:55852:Akamai NetSession Interface
"{4726BB93-ADF4-4DE8-B28E-68C40FCFD104}"= UDP:63294:Akamai NetSession Interface
"{432A864E-C23A-4776-88AE-F2C99B1AB12F}"= UDP:49163:Akamai NetSession Interface
"{9DF59416-8610-4245-8E86-8797E3C34D40}"= TCP:5000:Akamai NetSession Interface
"{92E00D6D-DC9F-4CB1-9A61-8AED7007C1E7}"= UDP:49507:Akamai NetSession Interface
"{752D737D-2814-486E-9174-B4C3976CA950}"= UDP:49788:Akamai NetSession Interface
"{C89E4F55-C358-40ED-8935-5042BFCA8813}"= UDP:49918:Akamai NetSession Interface
"{05134B18-FB37-468E-AD0E-E7D03C513918}"= UDP:49198:Akamai NetSession Interface
"{A33D73D3-062E-4D38-A744-B36D2F625B5C}"= UDP:49940:Akamai NetSession Interface
"{5F79CCDD-2D38-450A-B3F0-5095F1786397}"= UDP:50929:Akamai NetSession Interface
"{74AB4D40-4F69-4E4D-8714-084454E7657C}"= UDP:49206:Akamai NetSession Interface
"{F40C3D23-ED12-4FCC-870C-203AF614D77B}"= UDP:51369:Akamai NetSession Interface
"{78F157C2-44E8-4E7B-966A-A868A5614757}"= UDP:51380:Akamai NetSession Interface
"{5C1D13EF-A72C-43BD-90C7-D8FFE05ECB9A}"= UDP:51436:Akamai NetSession Interface
"{C6C02801-32C1-463E-9EFC-88213B1EFC05}"= UDP:49160:Akamai NetSession Interface
"{2A2558EA-3846-4531-AF06-F0A835BD530E}"= UDP:49166:Akamai NetSession Interface
"{82B6567E-A91F-4932-B6A5-67FC9769558D}"= UDP:49209:Akamai NetSession Interface
"{7297434E-5D90-495D-8C45-FF72EC990AE1}"= UDP:49212:Akamai NetSession Interface
"{F6DDCFD2-9E34-4C23-A20A-899EE00CCA9C}"= UDP:56465:Akamai NetSession Interface
"{F7D32B96-E825-4261-BC8B-137D1FB5E06E}"= UDP:56507:Akamai NetSession Interface

ravi
Novice
Novice

Status :
Online
Offline

Posts : 20
Joined : 2009-06-29
OS : windows vista 32 bit

View user profile

Back to top Go down

Re: plz help(downloaded winbluesoft)

Post by ravi on Thu Jul 02, 2009 4:31 pm

"{31F0028F-2E77-48E4-A90D-E66B894B8DD4}"= UDP:63452:Akamai NetSession Interface
"{CC030727-85E8-4ABB-8EB5-077D5FB402E8}"= UDP:64085:Akamai NetSession Interface
"{858F9453-FC84-4DD7-AF3D-02FAD8A6F74D}"= UDP:49402:Akamai NetSession Interface
"{AE22802D-8371-421D-99B2-365BCD0230C7}"= UDP:51993:Akamai NetSession Interface
"{9C1A94D4-BFDE-4C42-8C4B-2BA65AF29F8F}"= UDP:52494:Akamai NetSession Interface
"{8D98DE10-4BA7-40F2-BD86-ED2D8056A13D}"= UDP:49174:Akamai NetSession Interface
"{03525A23-DD93-4F7A-8898-7BB636F01E35}"= UDP:49408:Akamai NetSession Interface
"{FB792627-F413-4E19-85FA-FDD60C14BA70}"= UDP:49428:Akamai NetSession Interface
"{62037E94-9FAB-4F35-87A2-DD207D4B70FC}"= UDP:49376:Akamai NetSession Interface
"{58E0B620-E9EC-49AA-9C9B-2AAB209597D9}"= UDP:49194:Akamai NetSession Interface
"{3910C73D-45EF-4AEA-9AE2-C232C29B2448}"= UDP:52152:Akamai NetSession Interface
"{A4F65EB0-6D02-4F02-9574-249E9C876FF2}"= UDP:55922:Akamai NetSession Interface
"{98723B48-F4E0-4D89-A071-6ABAB7AB7A50}"= UDP:56411:Akamai NetSession Interface
"{07850643-A25F-450B-9721-0472907EFEF1}"= UDP:56513:Akamai NetSession Interface
"{357CF38D-C00D-461C-ADEE-6B34DF5AD741}"= UDP:58393:Akamai NetSession Interface
"{163DCB02-30F9-49B2-A512-A9A1DFC8E4E5}"= UDP:58883:Akamai NetSession Interface
"{8BE3F0BB-C62E-4FA6-BDBA-7D9664531F65}"= UDP:59218:Akamai NetSession Interface
"{FC2FEB4A-A32A-4686-AE04-23A91EEECCB0}"= UDP:59741:Akamai NetSession Interface
"{1659B809-E11A-4EE9-A5D6-A34B24CCDB50}"= UDP:60773:Akamai NetSession Interface
"{02617764-160E-46B1-81B1-48D51BDDA7F1}"= UDP:c:\program files\DNA\btdna.exe:DNA (TCP-In)
"{D133D43A-CAD4-44B9-B355-5E368FC79C02}"= TCP:c:\program files\DNA\btdna.exe:DNA (UDP-In)
"{9C055BAE-CDB9-4ECA-9AD4-858A8803C216}"= UDP:56686:Akamai NetSession Interface
"{A0AEEB25-D827-4C74-96F0-6D9B376245D2}"= UDP:57047:Akamai NetSession Interface
"{8A55DAF4-DEC9-4AA5-B7C2-BD5EF85A98DA}"= UDP:58331:Akamai NetSession Interface
"{54B3E3E2-4861-46DC-A54F-FCCD3F174756}"= UDP:62733:Akamai NetSession Interface
"{CAB35FD4-959B-41E9-98C1-0FEA68093C01}"= UDP:49173:Akamai NetSession Interface
"{9DEE0B76-C266-4557-9C1D-F646C39279FD}"= UDP:58420:Akamai NetSession Interface
"{D094F185-399B-4B04-A614-CC215E59B0E0}"= UDP:59775:Akamai NetSession Interface
"{DADF3FDB-F947-4919-8774-245250E23774}"= UDP:63989:Akamai NetSession Interface
"{E5BB6ABE-7846-435A-BFB0-B918F22948EC}"= UDP:64790:Akamai NetSession Interface
"{CAC07C06-386F-4304-BAB4-97C501F8BE7B}"= UDP:49352:Akamai NetSession Interface
"{7AD702B0-CEA7-432A-B4C0-443D8CE9EA10}"= UDP:49496:Akamai NetSession Interface
"{49587E4F-5720-4C7F-B6B7-B0FC62E7088C}"= UDP:49532:Akamai NetSession Interface
"{F2ABFB2B-E38D-46D2-92E1-F8945BE717E4}"= UDP:49579:Akamai NetSession Interface
"{F4D81F2A-FA71-4975-822E-A5DB870BEE48}"= UDP:49673:Akamai NetSession Interface
"{CB3DC765-E4D6-4FA0-B932-4B53E1C6197E}"= UDP:49827:Akamai NetSession Interface
"{89A58E56-CFE5-40F6-8666-3FCCE97C2F6F}"= UDP:50451:Akamai NetSession Interface
"{7CD9FFE4-DD99-4F9B-8CBF-0E780186A9D1}"= UDP:49221:Akamai NetSession Interface
"{BAEB085F-21C7-4CE2-9058-0147321DE227}"= UDP:49274:Akamai NetSession Interface
"{AF1D1E94-AF8C-4765-8EF9-8FF35CFCA1FA}"= UDP:49343:Akamai NetSession Interface
"{9372298C-12FB-4695-BB7F-6808D0637926}"= UDP:49413:Akamai NetSession Interface
"{582C04B0-B957-4929-8E00-BE2A995777A8}"= c:\program files\AVG\AVG8\avgam.exe:avgam.exe
"{2EF36FF6-AB07-445A-B4D4-FCC0AD5107A5}"= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe
"{981ADDF7-3C24-450B-96A3-F201CDEAB588}"= c:\program files\AVG\AVG8\avgnsx.exe:avgnsx.exe
"{DA62FB6E-FEDD-4639-82E9-F3E793DBBBC7}"= UDP:56328:Akamai NetSession Interface
"TCP Query User{BBBD5B5B-D1F3-4B3C-A4E1-3C1B31E178DE}c:\\program files\\bittorrent\\bittorrent.exe"= UDP:c:\program files\bittorrent\bittorrent.exe:BitTorrent
"UDP Query User{1B57D935-38D8-4C1F-BFAE-1CB18190A74E}c:\\program files\\bittorrent\\bittorrent.exe"= TCP:c:\program files\bittorrent\bittorrent.exe:BitTorrent
"TCP Query User{4EA1C16F-72A5-4C75-9314-5EDDDCFBCA80}c:\\users\\hp\\program files\\dna\\btdna.exe"= UDP:c:\users\hp\program files\dna\btdna.exe:btdna.exe
"UDP Query User{5F890DB7-F718-475C-8CFB-4C662321785E}c:\\users\\hp\\program files\\dna\\btdna.exe"= TCP:c:\users\hp\program files\dna\btdna.exe:btdna.exe
"{76BA5AD2-9BCB-4EB9-BDF7-136410303447}"= UDP:49172:Akamai NetSession Interface
"{DA51AFAD-EB7D-4329-8FF7-A80ACEB2D496}"= UDP:49187:Akamai NetSession Interface
"{79776BBE-9388-409D-974C-2F53FC7577EC}"= UDP:51626:Akamai NetSession Interface
"{B42E2807-C7B6-4495-A605-CA8147383925}"= UDP:52678:Akamai NetSession Interface
"{A5E196A4-027E-4FCB-BF11-E650B19B53B6}"= UDP:59584:Akamai NetSession Interface
"{8C2592A7-B934-4E55-86DC-EE4A68F068AA}"= UDP:62079:Akamai NetSession Interface
"{001E5A2C-820C-4511-83D9-D953E4B97019}"= UDP:64106:Akamai NetSession Interface
"{0B158E20-4644-4C45-8A90-311305540E1E}"= UDP:52760:Akamai NetSession Interface
"{45A9860C-6DA3-416C-AF31-01206F519E6C}"= UDP:54305:Akamai NetSession Interface
"{F5E54D83-BFE4-490D-B016-F4304109226C}"= UDP:54457:Akamai NetSession Interface
"{0F48F6C3-6608-4829-98ED-A7329058B7D6}"= UDP:54592:Akamai NetSession Interface
"{B5E6AA96-3C6D-4B61-B601-EC46C6CB1A8C}"= UDP:49190:Akamai NetSession Interface
"{65CF9F4C-0785-422F-ABBE-68FBB5B5ECBE}"= UDP:49304:Akamai NetSession Interface
"{B05F8E2B-1EBB-40C6-BEE2-BB86C8011FBD}"= UDP:49406:Akamai NetSession Interface
"{A6487EA8-9098-4264-A934-EC149B27C48B}"= UDP:51576:Akamai NetSession Interface
"{22D27788-D49A-470E-B211-34E5D1397688}"= UDP:49169:Akamai NetSession Interface
"{E11B1647-8046-400B-899D-2BF384F1F0A6}"= UDP:49419:Akamai NetSession Interface
"{BFDE9109-3249-489E-BA92-966581E34A25}"= UDP:49489:Akamai NetSession Interface
"{E0569E10-9452-413C-B840-D94DFBD02B5E}"= UDP:49523:Akamai NetSession Interface
"TCP Query User{C50119B2-F44E-4E3E-B535-138286CB6774}c:\\users\\hp\\program files\\dna\\btdna.exe"= UDP:c:\users\hp\program files\dna\btdna.exe:btdna.exe
"UDP Query User{70433B01-CD56-477B-A2AD-57C7566D776C}c:\\users\\hp\\program files\\dna\\btdna.exe"= TCP:c:\users\hp\program files\dna\btdna.exe:btdna.exe
"{4E51FA06-F206-4CE9-B54E-42B4E743E6CE}"= UDP:49195:Akamai NetSession Interface
"{ABF41979-1C66-4387-AA09-E5C42B6AB504}"= UDP:50005:Akamai NetSession Interface
"{34E7FFDB-D79F-415F-AAB8-E0A1A21B7146}"= UDP:50475:Akamai NetSession Interface
"{73DA2BE6-9418-43E8-828B-860B83A8B932}"= UDP:49216:Akamai NetSession Interface
"{2EF717E8-EA23-4414-81B9-ADBF8F3AFE55}"= UDP:49168:Akamai NetSession Interface
"{24302A38-12AC-4E58-B5ED-71F91FBA7DE1}"= UDP:49486:Akamai NetSession Interface

ravi
Novice
Novice

Status :
Online
Offline

Posts : 20
Joined : 2009-06-29
OS : windows vista 32 bit

View user profile

Back to top Go down

Re: plz help(downloaded winbluesoft)

Post by ravi on Thu Jul 02, 2009 4:32 pm

"{FCF5CF5A-86DC-4871-8BC5-F7A075868348}"= UDP:49770:Akamai NetSession Interface
"{72CB39CA-6466-4359-BB7E-9E86D702079B}"= UDP:49778:Akamai NetSession Interface
"{40C9C59E-721E-4217-AD85-F16EB68CE417}"= UDP:49850:Akamai NetSession Interface
"{404A68FC-CC2A-4905-A7F9-91E6801E9945}"= UDP:49903:Akamai NetSession Interface
"{BB46D24F-C395-4F8D-955A-388D6A755680}"= UDP:49928:Akamai NetSession Interface
"{D256FECE-BD1D-4236-A2EA-12DE322F2E83}"= UDP:49949:Akamai NetSession Interface
"{552AEB9F-38A6-4497-868E-27CCF014567E}"= UDP:50879:Akamai NetSession Interface
"{8890767C-8337-43FB-AF8F-925AB3BEB16E}"= UDP:49167:Akamai NetSession Interface
"{66A82220-566D-4097-B3C3-F8EDC95385DD}"= UDP:49328:Akamai NetSession Interface
"{E5488F87-018E-4A3F-A803-7B422082688B}"= UDP:49345:Akamai NetSession Interface
"{BB71034D-92D4-4F2B-AF50-F567B061DCD1}"= UDP:51198:Akamai NetSession Interface
"{573D318E-DACB-4CF4-9FDD-3BD4E9C33CAC}"= UDP:53050:Akamai NetSession Interface
"{6198899E-9C4D-4023-8DB3-6CA685A4F1D1}"= UDP:53794:Akamai NetSession Interface
"{94775253-51C7-444A-A939-0CFE3085EB4F}"= UDP:55871:Akamai NetSession Interface
"{6F2AE439-8BBB-4BFC-991A-20CC20E7D156}"= UDP:56993:Akamai NetSession Interface
"{3D949BC0-BC34-4035-8E1F-5CC7B46CE8C5}"= UDP:57543:Akamai NetSession Interface
"{AF179B62-9552-429E-A046-F801F001AC96}"= UDP:59108:Akamai NetSession Interface
"{06ECB7F2-CE26-400A-A1C0-00AC975F2CC8}"= UDP:59619:Akamai NetSession Interface
"{B1E3B93B-D31B-469E-8395-636AB96B17C1}"= UDP:60233:Akamai NetSession Interface
"{841FBD66-01BB-4543-BAB6-DE0C7968D0C5}"= UDP:62192:Akamai NetSession Interface
"{E932F057-55B0-4079-A5A5-2DCC296AF6F7}"= UDP:49185:Akamai NetSession Interface
"{D646355A-C057-477F-93EF-252D3BC536DD}"= UDP:49324:Akamai NetSession Interface
"{CD38DFCC-8713-40F7-93A8-2B3FB94E6106}"= UDP:49162:Akamai NetSession Interface
"TCP Query User{CD2AA86F-4A32-44FD-A15A-5C732AEE96DE}c:\\program files\\bittorrent\\bittorrent.exe"= UDP:c:\program files\bittorrent\bittorrent.exe:BitTorrent
"UDP Query User{269BC0C9-11CC-4C39-B94B-8CA314C48582}c:\\program files\\bittorrent\\bittorrent.exe"= TCP:c:\program files\bittorrent\bittorrent.exe:BitTorrent
"{9F05B915-B51C-4D54-AB47-11D0FFE1EF08}"= UDP:51348:Akamai NetSession Interface
"{879A1462-31F9-4440-B6EB-9F2403206083}"= UDP:51413:Akamai NetSession Interface
"{B2F3C4B7-0679-4A74-A8BB-5FA3F1F04FA4}"= UDP:53409:Akamai NetSession Interface
"{1041DC05-DA24-4BA1-9303-7151F3EF11F0}"= UDP:53941:Akamai NetSession Interface
"{7995D0F7-106E-4451-9FD0-7B1A285848B7}"= UDP:56172:Akamai NetSession Interface
"{2672F68F-23A0-43B0-A999-397EB9F0D401}"= UDP:56261:Akamai NetSession Interface
"{02938619-64A5-4D2A-9FC3-EEC031110CE8}"= UDP:49163:Akamai NetSession Interface
"{86AC2B48-E8CA-48ED-8FBF-789225FC80B1}"= UDP:54272:Akamai NetSession Interface
"{82B1B1CA-C630-467C-A841-D8D5CE3A10AF}"= UDP:49316:Akamai NetSession Interface
"{472734E0-F8F2-4E13-A7DE-F6BE7F7E09A4}"= UDP:49160:Akamai NetSession Interface
"{45ABD68D-8E4B-4AF2-B007-49647EFDF123}"= UDP:51497:Akamai NetSession Interface
"{C04591F3-B27C-4DB5-B78C-3CD62F68AAED}"= UDP:53128:Akamai NetSession Interface
"{62C4B6F2-9AE7-4631-BA0F-831E8D9CF16B}"= UDP:53165:Akamai NetSession Interface
"{691300C0-4247-4972-A210-8E7CE2C0382D}"= UDP:53390:Akamai NetSession Interface
"{361B2BD1-A0C9-4E60-B8C7-3ABABB24FA81}"= UDP:49435:Akamai NetSession Interface
"{0E5F1FFC-2CF8-4873-A3FA-8B7F6DB63BCE}"= UDP:55072:Akamai NetSession Interface
"{54279DC0-C4CD-4A89-B4B0-52AD97952ABE}"= UDP:49179:Akamai NetSession Interface
"{52EB67FE-16FC-4E59-8DBF-73BEF9262A5B}"= UDP:49362:Akamai NetSession Interface
"{44A73F11-85D8-477D-8BFE-D114D7B4AD54}"= UDP:49628:Akamai NetSession Interface
"{6FDBADB2-3087-4B22-95D5-C7C547BAA962}"= UDP:49691:Akamai NetSession Interface
"{E40E7E58-926A-4678-A9F1-E84870AEB2D2}"= UDP:51981:Akamai NetSession Interface
"{18A162FD-D801-4A09-A2BC-9A8FCA0DFDE1}"= UDP:49202:Akamai NetSession Interface
"{6E93A2E3-78C0-4470-B44B-E4B9E7A02FA9}"= UDP:50195:Akamai NetSession Interface
"{33A7DE28-38AB-4298-B55E-E59BE8A991E4}"= UDP:51275:Akamai NetSession Interface
"{F0D068D6-D3A1-4A46-B130-4ED8C6D86C58}"= UDP:52534:Akamai NetSession Interface
"{15321E8C-6BF7-4F91-94A3-D53DECC6DFBD}"= UDP:53052:Akamai NetSession Interface
"{7A07F081-D4C9-4181-8F80-70DBEAE48E7E}"= UDP:55204:Akamai NetSession Interface
"{6BE2EE46-0E0C-4D24-B41E-F2A72EB4A559}"= UDP:55822:Akamai NetSession Interface
"{33C97E67-8761-465F-98BB-F954C6D38827}"= UDP:56074:Akamai NetSession Interface
"{BD155B40-F8F4-4306-BCAB-ECF0D0A6E4C9}"= UDP:49354:Akamai NetSession Interface
"{BC862F92-BED2-49D5-8422-C3BFB29A73F7}"= UDP:50100:Akamai NetSession Interface
"{C82A7C6D-2268-4E04-8353-9E53FE7AA84B}"= UDP:51984:Akamai NetSession Interface
"{0C32D573-0FAA-4D1C-B94F-1CB855534E95}"= UDP:52612:Akamai NetSession Interface
"{841B9D76-B2A6-4669-87F7-F37EE95BDFE3}"= UDP:49183:Akamai NetSession Interface
"{52A7F471-63C3-4F3A-8952-A3FB00EBFD58}"= UDP:49242:Akamai NetSession Interface
"{E9E604EE-4E5D-496D-A592-92336D77F950}"= UDP:49512:Akamai NetSession Interface
"{00EA2E9C-A1FA-4B3A-9157-19FD79714480}"= UDP:50154:Akamai NetSession Interface
"{77369B2E-FA61-446B-89E3-92EB3FE2E010}"= UDP:51850:Akamai NetSession Interface
"{30762D61-7DCA-46EA-AC96-DFCF797ED287}"= UDP:52379:Akamai NetSession Interface
"{0FE3D751-E550-4AFB-A3CE-3241AB2F091A}"= UDP:52692:Akamai NetSession Interface
"{83257846-8FF6-4CD1-BF3B-491EB39FDC32}"= UDP:54925:Akamai NetSession Interface
"{1F29C583-D013-40E0-99C3-44A59EDA5B6E}"= UDP:55329:Akamai NetSession Interface
"{4ABB7E1B-439F-4C6D-A3FC-D25C6ACD38F3}"= UDP:55695:Akamai NetSession Interface
"{3F8690FA-284D-4331-B62D-BABA5D877E44}"= UDP:56267:Akamai NetSession Interface
"{845CAC23-A614-4E33-BE85-CD11B75C704C}"= UDP:57234:Akamai NetSession Interface
"{83544F87-C16F-4882-8513-56B0C29FDCB1}"= UDP:49330:Akamai NetSession Interface
"{61E70586-B384-4B91-AC75-16B6B094A8E6}"= UDP:51989:Akamai NetSession Interface
"{4529D42F-8AA7-40A6-AA78-0299DECF3F7A}"= UDP:54476:Akamai NetSession Interface
"{41A2116B-0C0E-4C87-96BC-61705502597E}"= UDP:49285:Akamai NetSession Interface
"{A569180C-5825-4D38-81D1-2F1A0A70DBF3}"= UDP:49578:Akamai NetSession Interface
"{600DC049-AFD2-4F87-B4A8-8F5AA621CA0B}"= UDP:52059:Akamai NetSession Interface
"{9CD6CC19-E3EC-4D8A-9E45-AE5755CA0A8C}"= UDP:49184:Akamai NetSession Interface
"{EBBC63C9-2887-4440-959B-A0435724C94F}"= UDP:50168:Akamai NetSession Interface
"{6CDC92FC-0867-4756-BE50-85E786CF92AF}"= UDP:49382:Akamai NetSession Interface
"{2C5CCD37-ECCA-4D01-8524-55D6D90D3F46}"= UDP:50110:Akamai NetSession Interface
"{6E7D8CE6-225B-4189-A86C-C17C4D6DE583}"= UDP:50688:Akamai NetSession Interface
"{20CE0B17-A01B-4D02-9B7B-A77DBFD44B0D}"= UDP:50767:Akamai NetSession Interface
"{F9501E36-2A0F-4DDF-8306-B5438F8B1A11}"= UDP:51432:Akamai NetSession Interface
"{11A5C4E9-46C7-4280-B209-E4901999C5A5}"= UDP:51571:Akamai NetSession Interface
"{C2411712-FD68-4C42-87A7-726A3B996062}"= UDP:51847:Akamai NetSession Interface
"{E4682D94-E260-4D25-868A-D528D4297C40}"= UDP:52528:Akamai NetSession Interface
"{09771D6A-F158-484F-B121-D0B7B2000FB9}"= UDP:52597:Akamai NetSession Interface
"{B0CD242D-6B1B-4C71-B6D4-A4DE7DAF601B}"= UDP:52610:Akamai NetSession Interface
"{D02A6768-6FDE-4398-B944-47B442BE74FB}"= UDP:52722:Akamai NetSession Interface
"{D896B5ED-E926-4EF5-9321-0AA258263E31}"= UDP:52729:Akamai NetSession Interface
"{52513DBF-9A92-42C5-861A-611AFFA5D782}"= UDP:52769:Akamai NetSession Interface
"{A73FA2AA-1277-40F3-A9B4-75A1AFDE06D1}"= UDP:52857:Akamai NetSession Interface
"{A0EA8C4A-C4AC-4EA5-96CD-044D3D168751}"= UDP:53282:Akamai NetSession Interface
"{EBB996EA-E594-4E7B-B99F-AAA68B995311}"= UDP:53449:Akamai NetSession Interface
"{890E7F4C-53F2-4025-9FA9-72AB227BB6B0}"= UDP:54217:Akamai NetSession Interface
"{3359E2F1-65B2-4F59-BB97-93625F0789B0}"= UDP:54867:Akamai NetSession Interface
"{03F79B56-5460-4B53-937E-C7556AE67B50}"= UDP:49189:Akamai NetSession Interface
"{AC5468CD-002B-4AB2-9EFD-B7BD60F096CA}"= UDP:49752:Akamai NetSession Interface
"{8DC78EBE-AF4C-456E-A4F9-DD25C3AA2CCF}"= UDP:51335:Akamai NetSession Interface
"{33641E14-DED9-40A9-B0AC-75AA9F152164}"= UDP:51356:Akamai NetSession Interface
"{CCFB66F3-8A4E-4D3D-8E76-ABD8C8E73FC6}"= UDP:51603:Akamai NetSession Interface
"{B4C9C981-01B5-4FBD-A309-CAE2DE7833C6}"= UDP:52154:Akamai NetSession Interface
"{1BE3D106-F42C-4961-9916-942FF6B4F6A8}"= UDP:52938:Akamai NetSession Interface
"{40900651-7E86-4346-8665-5E817E16067A}"= UDP:53718:Akamai NetSession Interface
"{53B39DBC-7288-4275-A6A4-EB112F9C2E9D}"= UDP:53763:Akamai NetSession Interface
"{D64692D4-D46B-4B67-B7B9-5AF057A0A873}"= UDP:54242:Akamai NetSession Interface
"{FF1734E2-5C37-4526-97E3-64BDFBB39C68}"= UDP:54271:Akamai NetSession Interface
"{813E9A3C-BDFF-420A-8E5A-6D7E55499DE1}"= UDP:54980:Akamai NetSession Interface
"{CB7E5885-9F35-4A1A-9F37-D798B02AF26D}"= UDP:56483:Akamai NetSession Interface
"{E93C0A04-1DF7-494A-B92F-B9BA1FADAC73}"= UDP:49524:Akamai NetSession Interface
"{8C6DEFD7-7D86-49EF-8FC0-87781A24944E}"= UDP:51819:Akamai NetSession Interface
"{4156D500-69B4-4066-86D1-612089C1A102}"= UDP:52444:Akamai NetSession Interface
"{0C51DDEA-6D4A-4D23-B6E2-4C2815F55FCB}"= UDP:53088:Akamai NetSession Interface
"{B6050C0C-6A7D-408D-84A6-B58AD24E6F02}"= UDP:54903:Akamai NetSession Interface
"{E1C9725B-864C-4735-9729-8913C25E87DB}"= UDP:49243:Akamai NetSession Interface
"{273C2F8A-B2A5-488D-8485-91368D0FAD89}"= UDP:51986:Akamai NetSession Interface
"{4B22292C-8FAD-4B6A-9C9A-09B13A6B067F}"= UDP:53864:Akamai NetSession Interface
"{9CEB3191-4DAA-42F1-8998-E3B7420E9C4A}"= UDP:53983:Akamai NetSession Interface
"{BCDC2873-C551-4468-BDC7-C68DD293C07A}"= UDP:54033:Akamai NetSession Interface
"{3867F9A7-EAB3-4FE8-BB88-4E6AF87A5AC9}"= UDP:49287:Akamai NetSession Interface
"{6023F505-7307-4E13-98A0-3823258B102F}"= UDP:49813:Akamai NetSession Interface
"TCP Query User{2F60B2E0-3F6A-4D1B-B063-0AF5FF30FACB}c:\\users\\hp\\desktop\\codemasters\\igi 2\\pc\\igi2.exe"= UDP:c:\users\hp\desktop\codemasters\igi 2\pc\igi2.exe:igi2.exe
"UDP Query User{B4FD5D22-B1FD-4E4E-B8D3-07D0D3E62296}c:\\users\\hp\\desktop\\codemasters\\igi 2\\pc\\igi2.exe"= TCP:c:\users\hp\desktop\codemasters\igi 2\pc\igi2.exe:igi2.exe

ravi
Novice
Novice

Status :
Online
Offline

Posts : 20
Joined : 2009-06-29
OS : windows vista 32 bit

View user profile

Back to top Go down

Re: plz help(downloaded winbluesoft)

Post by ravi on Thu Jul 02, 2009 4:33 pm

"{1D1B8CB9-E1EA-40FE-B28F-3AA18C965EFA}"= UDP:49256:Akamai NetSession Interface
"{8B9C1C75-8910-4233-B1C5-78A6B7916FBF}"= UDP:51255:Akamai NetSession Interface
"{D1E81F1B-B1C4-4583-BAC1-9DB6573F0C3F}"= UDP:49236:Akamai NetSession Interface
"{A0D0D8D7-39F4-4CE0-9441-B22FAEBA9672}"= UDP:49436:Akamai NetSession Interface
"{67238FE5-CB71-49DD-BF53-D890E44E02AE}"= UDP:51152:Akamai NetSession Interface
"{398BD6E4-2899-4D1D-8CAB-BE687BBA6230}"= UDP:52304:Akamai NetSession Interface
"{32D518BA-49CE-48C4-8327-B53F8F4380EA}"= UDP:49379:Akamai NetSession Interface
"{9A15C0DB-58F1-49B3-8BB2-352349742917}"= UDP:c:\program files\Skype\Phone\Skype.exe:Skype
"{523F8D1E-0C9C-4513-97D3-3C373E2E5274}"= UDP:51228:Akamai NetSession Interface
"{B7D82A55-EAEB-4793-946D-C30858D6094B}"= UDP:53666:Akamai NetSession Interface
"{12D707C0-FC81-4B25-8350-517CA6214F36}"= UDP:54144:Akamai NetSession Interface
"{9EC3A475-684D-4CC1-A317-4F44ABE96162}"= UDP:54573:Akamai NetSession Interface
"{53A60AB6-DC2F-4C53-A938-23D053056EE9}"= UDP:60530:Akamai NetSession Interface
"{5A0D6645-B49D-4775-B10B-ED61FA2D26C7}"= UDP:49214:Akamai NetSession Interface
"{BCD74E95-DF60-4A2F-86CB-3DA1681B4DBB}"= UDP:51505:Akamai NetSession Interface
"{64F63D79-5DB3-4EAD-8018-7209E96DA6F3}"= UDP:55424:Akamai NetSession Interface
"{17D9FB85-66C5-450C-A2CA-D45A776B54D3}"= UDP:57198:Akamai NetSession Interface
"{121DB374-BD57-46EF-9F1C-8513436A65B5}"= UDP:57839:Akamai NetSession Interface
"{5EE89E72-CB13-4A90-B4F3-FCE93C9694B5}"= UDP:58182:Akamai NetSession Interface
"{62AD9513-CDCF-448F-B2AD-26739CE5AAAA}"= UDP:49203:Akamai NetSession Interface
"{EEB44924-C3BF-4A10-B79F-091BA217EA9B}"= UDP:49207:Akamai NetSession Interface
"{48DC56AC-32C6-42E1-96C6-EB7EF80E5CBB}"= UDP:49226:Akamai NetSession Interface
"{A3ACE924-26AD-49E3-A3EF-4F8614DA6D7A}"= UDP:49225:Akamai NetSession Interface
"{1046108C-ACE6-47AA-8693-B914AB1BBE5A}"= UDP:49232:Akamai NetSession Interface
"{478C66C8-3C4A-4A73-B2BD-FEAC2EC0176C}"= UDP:49229:Akamai NetSession Interface
"{6469D678-6407-4A47-A6BA-DE965F8FF0DF}"= UDP:49239:Akamai NetSession Interface
"{D762D277-30C3-4D27-AD13-1C503A430BFC}"= UDP:50052:Akamai NetSession Interface
"{4BAA2FE1-06ED-4C7F-8F0A-8BF9B4A8D385}"= UDP:50098:Akamai NetSession Interface
"{61917FAA-D1E5-4B42-8575-2CCADF2376EB}"= UDP:50256:Akamai NetSession Interface
"{9976FEA4-0223-4597-BD97-918BBF97F652}"= UDP:55047:Akamai NetSession Interface
"{CD2AFB31-0BBA-4196-83CD-0C34899E98DB}"= UDP:56776:Akamai NetSession Interface
"{F61CEA1A-061F-43D1-B26E-C822088168D3}"= UDP:49581:Akamai NetSession Interface
"{32756134-3BB1-4FA6-8FD7-3A1F271A841B}"= UDP:50006:Akamai NetSession Interface
"{A3F96F7E-07CC-445F-807F-BF1D331E99D2}"= UDP:52160:Akamai NetSession Interface
"{DD80A1DD-4111-4A6F-8D76-A62F87F62F79}"= UDP:54130:Akamai NetSession Interface
"{0FFB803E-C858-49EE-89D8-1A02BDFB9EBC}"= UDP:55565:Akamai NetSession Interface
"{0063AC6E-3696-4BC9-B8DF-6D2EA1800E94}"= UDP:56123:Akamai NetSession Interface
"{4647CE05-28F8-4ADC-9AB4-1A1B55AA233D}"= UDP:57241:Akamai NetSession Interface
"{FBA58319-D456-4E9F-A15B-A52CFCF136CE}"= UDP:52045:Akamai NetSession Interface
"{660CD1F8-8780-407F-A41A-4785EA32FD85}"= UDP:62832:Akamai NetSession Interface
"{B05C555B-6C9B-4818-B452-E1AE7542CD16}"= UDP:49935:Akamai NetSession Interface
"{3FFB57B8-D02B-4F5F-81A9-3C22C70A09A4}"= c:\program files\HP\QuickPlay\QP.exe:Quick Play
"{9D4B3306-5D87-4CF9-BE3A-36D7D56B07FE}"= c:\program files\HP\QuickPlay\QPService.exe:Quick Play Resident Program
"{CA4404F2-D170-4BA3-949B-BCB115B3A7C9}"= UDP:49227:Akamai NetSession Interface
"{67EE7A2D-2687-4DBD-B866-CCFA7D7EE2F1}"= UDP:49663:Akamai NetSession Interface
"{67DCF31E-643F-4DD9-A9B4-C62BAE4C6DC7}"= UDP:52476:Akamai NetSession Interface
"{835E5FB2-5F40-414B-BCE9-CFCD8AFE7B08}"= UDP:53641:Akamai NetSession Interface
"{2965A69E-0A44-44B1-8A6D-60CA3606BD80}"= UDP:56347:Akamai NetSession Interface
"{8408F35E-3D38-483F-AA47-B1C8A15F89EC}"= UDP:50316:Akamai NetSession Interface
"{9ADA7AC7-D03B-44C8-8F08-7155012E9738}"= UDP:49816:Akamai NetSession Interface
"{BECF40F8-5E31-4CD3-BFC0-FDA823D53ADA}"= UDP:C:\utorent.exe:µTorrent
"{4F7A8BC3-2260-476A-B194-B9A861CF2F68}"= TCP:C:\utorent.exe:µTorrent
"{1089C7A3-385E-4E44-BCF3-B93884F99638}"= UDP:c:\program files\Spyware Doctor\pctsGui.exe:Spyware Doctor
"{009ACAAE-82BD-40CA-AC89-1BD36F154337}"= TCP:c:\program files\Spyware Doctor\pctsGui.exe:Spyware Doctor
"TCP Query User{8E24A7D3-9130-4FF8-8EE2-91EFC36E0853}c:\\program files\\dap\\dap.exe"= UDP:c:\program files\dap\dap.exe:Download Accelerator Plus (DAP)
"UDP Query User{EED6B295-C370-4ACF-97CB-1AC5780CCEC3}c:\\program files\\dap\\dap.exe"= TCP:c:\program files\dap\dap.exe:Download Accelerator Plus (DAP)
"{A57F2319-5D83-4CE1-9EFC-3B468CA7FA8C}"= UDP:6129:DameWare Mini Remote Control Service

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent

R0 AvgRkx86;avgrkx86.sys;c:\windows\System32\drivers\avgrkx86.sys [4/8/2009 9:57 PM 12552]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [4/8/2009 9:57 PM 327688]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\System32\drivers\avgtdix.sys [4/8/2009 9:57 PM 108552]
R1 dwvkbd;DameWare Virtual Keyboard 32 bit Driver;c:\windows\System32\drivers\dwvkbd.sys [2/16/2007 3:00 AM 26624]
R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [6/23/2009 8:44 AM 21504]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [4/8/2009 9:57 PM 298776]
R3 DwMirror;DwMirror;c:\windows\System32\drivers\DamewareMini.sys [2/8/2007 3:00 AM 3712]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
Akamai REG_MULTI_SZ Akamai
.
Contents of the 'Scheduled Tasks' folder

2009-06-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-476638140-902087077-1952224165-1000.job
- c:\users\hp\AppData\Local\Google\Update\GoogleUpdate.exe [2009-03-21 13:09]

2009-07-01 c:\windows\Tasks\User_Feed_Synchronization-{FA941214-5DD4-4C06-AFE5-FFF568C87543}.job
- c:\windows\system32\msfeedssync.exe [2009-06-23 18:03]
.
- - - - ORPHANS REMOVED - - - -

BHO-{FF6C3CF0-4B15-11D1-ABED-709549C10000} - (no file)

ravi
Novice
Novice

Status :
Online
Offline

Posts : 20
Joined : 2009-06-29
OS : windows vista 32 bit

View user profile

Back to top Go down

Re: plz help(downloaded winbluesoft)

Post by ravi on Thu Jul 02, 2009 4:33 pm

.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
mStart Page = [You must be registered and logged in to see this link.]
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: {7A62AAB9-46DD-441C-93B8-F2DF0F71D5A5} = 203.122.63.154,203.122.63.152
FF - ProfilePath - c:\users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\qdnac629.default\
FF - prefs.js: browser.startup.homepage - [You must be registered and logged in to see this link.]
FF - component: c:\program files\DAP\DAPFireFox\components\DAPFireFox.dll
FF - component: c:\program files\DigitalPersona\Bin\firefoxext\components\dpffcli.dll
FF - component: c:\program files\Mozilla Firefox\extensions\search@searchsettings.com\components\SearchSettingsFF.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\users\hp\AppData\Local\Google\Update\1.2.145.5\npGoogleOneClick8.dll
FF - plugin: c:\users\hp\Program Files\DNA\plugins\npbtdna.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2009-07-01 23:20
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'lsass.exe'(652)
c:\windows\system32\DPPWDFLT.dll

- - - - - - - > 'Explorer.exe'(4760)
c:\program files\RocketDock\RocketDock.dll
c:\program files\DigitalPersona\Bin\DpoFeedb.dll
c:\program files\DigitalPersona\Bin\DpoSet.dll
.
Completion time: 2009-07-01 23:21
ComboFix-quarantined-files.txt 2009-07-01 17:51
ComboFix2.txt 2009-06-30 19:56

Pre-Run: 24,669,945,856 bytes free
Post-Run: 24,645,349,376 bytes free

556 --- E O F --- 2009-04-01 07:52

ravi
Novice
Novice

Status :
Online
Offline

Posts : 20
Joined : 2009-06-29
OS : windows vista 32 bit

View user profile

Back to top Go down

Re: plz help(downloaded winbluesoft)

Post by Origin on Thu Jul 02, 2009 5:02 pm

Now open a new notepad file.
Input this into the notepad file:

Folder::
c:\users\hp\AppData\Roaming\DNA
c:\users\hp\AppData\Roaming\uTorrent

File::
C:\utorent.exe

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BitTorrent DNA"=-
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{D5658A95-43B9-49E2-B7C8-5242119ECFE2}"=-
"{0CCEEA9E-8B85-4FBA-B6EB-AAF2DF371557}"=-
"TCP Query User{BBBD5B5B-D1F3-4B3C-A4E1-3C1B31E178DE}c:\\program files\\bittorrent\\bittorrent.exe"=-
"UDP Query User{1B57D935-38D8-4C1F-BFAE-1CB18190A74E}c:\\program files\\bittorrent\\bittorrent.exe"=-
"TCP Query User{4EA1C16F-72A5-4C75-9314-5EDDDCFBCA80}c:\\users\\hp\\program files\\dna\\btdna.exe"=-
"UDP Query User{5F890DB7-F718-475C-8CFB-4C662321785E}c:\\users\\hp\\program files\\dna\\btdna.exe"=-
"TCP Query User{C50119B2-F44E-4E3E-B535-138286CB6774}c:\\users\\hp\\program files\\dna\\btdna.exe"=-
"UDP Query User{70433B01-CD56-477B-A2AD-57C7566D776C}c:\\users\\hp\\program files\\dna\\btdna.exe"=-
"TCP Query User{CD2AA86F-4A32-44FD-A15A-5C732AEE96DE}c:\\program files\\bittorrent\\bittorrent.exe"=-
"UDP Query User{269BC0C9-11CC-4C39-B94B-8CA314C48582}c:\\program files\\bittorrent\\bittorrent.exe"=-
"{BECF40F8-5E31-4CD3-BFC0-FDA823D53ADA}"=-
"{4F7A8BC3-2260-476A-B194-B9A861CF2F68}"=-
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
c:\\Program Files\\BitTorrent\\bittorrent.exe"=-



Save this as CFScript.txt, save it to your desktop also.
Then drag and drop CFScript.txt into combofix as seen below:


This will open combofix again, agree to it's terms and allow it to run.
It may want to reboot after it's done. (It will warn you if it wants to)
Post the resulting log back here.


While my help is always free, please consider donating to keep this site alive: [You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

Origin
Master
Master

Status :
Online
Offline

Posts : 2685
Joined : 2009-05-05
Gender : Male
OS : Windows Xp Sp3

View user profile

Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum