Trojan

Page 1 of 2 1, 2  Next

View previous topic View next topic Go down

Trojan

Post by aybsee on 8th July 2009, 12:58 pm

I have IE automatically opening every 2-3 minutes even though i use opera.The same page opens and remains until i manually close it.I did a Ad-aware scan and found 2 trojans which were removed then rebooted.The problem remmains and Malwarebytes and spybot find nothing now.Help,please.

Heres my log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:54:05, on 08/07/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18248)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Thomson\ST330\diagnostics\diagnostics.exe
C:\Program Files\Froddle Pod\ipm_as.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Roxio Creator 2009\5.0\CPMonitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Users\aybsee\Working Files\Documents\Backups\Windows\Windows_security_backup files\Windows_security_update_3475_36_d.exe
C:\Users\aybsee\Working Files\Documents\Live Microsoft Update.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\hp\kbd\kbd.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\Java\jre6\bin\javaw.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\Explorer.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\aybsee\Desktop\winlogon.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [diagnostics] "C:\Program Files\Thomson\ST330\diagnostics\diagnostics.exe" /icon -l:en
O4 - HKLM\..\Run: [IpodManagerService] C:\Program Files\Froddle Pod\ipm_as.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatchTray11.exe"
O4 - HKLM\..\Run: [CPMonitor] "C:\Program Files\Roxio Creator 2009\5.0\CPMonitor.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton 360\osCheck.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Windows Security Update] C:\Users\aybsee\Working Files\Documents\Backups\Windows\Windows_security_backup files\Windows_security_update_3475_36_d.exe
O4 - HKCU\..\Run: [Windows Live Updater] C:\Users\aybsee\Working Files\Documents\Live Microsoft Update.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Download with &Shareaza - [You must be registered and logged in to see this link.] Files\Gnutella Turbo\Plugins\RazaWebHook.dll/3000
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - [You must be registered and logged in to see this link.]
O17 - HKLM\System\CCS\Services\Tcpip\..\{990D65D1-2159-41E8-B150-CBC833F36E3A}: NameServer = 212.139.132.11 212.139.132.10
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Update Service (gupdate1c98b96f0dcc87) (gupdate1c98b96f0dcc87) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Roxio UPnP Renderer 11 - Sonic Solutions - C:\Program Files\Roxio Creator 2009\Digital Home 11\RoxioUPnPRenderer11.exe
O23 - Service: Roxio Upnp Server 11 - Sonic Solutions - C:\Program Files\Roxio Creator 2009\Digital Home 11\RoxioUpnpService11.exe
O23 - Service: LiveShare P2P Server 11 (RoxLiveShare11) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxLiveShare11.exe
O23 - Service: RoxMediaDB11 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxMediaDB11.exe
O23 - Service: Roxio Hard Drive Watcher 11 (RoxWatch11) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatch11.exe
O23 - Service: SpeedTouch 330 Manager (st330service) - THOMSON Telecom Belgium - C:\Program Files/Thomson/ST330/service/st330service.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

--
End of file - 11250 bytes

aybsee
Intermediate
Intermediate

Posts Posts : 102
Joined Joined : 2008-12-19
OS OS : wnidows vista home premium
Points Points : 29512
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Trojan

Post by Belahzur on 8th July 2009, 2:18 pm

Please download and run this tool.

Download Malwarebytes' Anti-Malware from [You must be registered and logged in to see this link.]

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


Post the contents of the MBAM Log.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245121
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Trojan

Post by aybsee on 8th July 2009, 2:27 pm

Malwarebytes' Anti-Malware 1.38
Database version: 2384
Windows 6.0.6001 Service Pack 1

08/07/2009 02:05:50
mbam-log-2009-07-08 (02-05-50).txt

Scan type: Quick Scan
Objects scanned: 84086
Time elapsed: 5 minute(s), 47 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


This is my last log that i ran today prior to contacting you. Should i re run it again?

aybsee
Intermediate
Intermediate

Posts Posts : 102
Joined Joined : 2008-12-19
OS OS : wnidows vista home premium
Points Points : 29512
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Trojan

Post by aybsee on 8th July 2009, 5:22 pm

Here is the new log,thank you

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:21:29, on 08/07/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18248)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Thomson\ST330\diagnostics\diagnostics.exe
C:\Program Files\Froddle Pod\ipm_as.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\Roxio Creator 2009\5.0\CPMonitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Users\aybsee\Working Files\Documents\Backups\Windows\Windows_security_backup files\Windows_security_update_3475_36_d.exe
C:\Users\aybsee\Working Files\Documents\Live Microsoft Update.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\Program Files\Java\jre6\bin\javaw.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\hp\kbd\kbd.exe
C:\Users\aybsee\Desktop\winlogon.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [diagnostics] "C:\Program Files\Thomson\ST330\diagnostics\diagnostics.exe" /icon -l:en
O4 - HKLM\..\Run: [IpodManagerService] C:\Program Files\Froddle Pod\ipm_as.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatchTray11.exe"
O4 - HKLM\..\Run: [CPMonitor] "C:\Program Files\Roxio Creator 2009\5.0\CPMonitor.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton 360\osCheck.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Windows Security Update] C:\Users\aybsee\Working Files\Documents\Backups\Windows\Windows_security_backup files\Windows_security_update_3475_36_d.exe
O4 - HKCU\..\Run: [Windows Live Updater] C:\Users\aybsee\Working Files\Documents\Live Microsoft Update.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Download with &Shareaza - [You must be registered and logged in to see this link.] Files\Gnutella Turbo\Plugins\RazaWebHook.dll/3000
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - [You must be registered and logged in to see this link.]
O17 - HKLM\System\CCS\Services\Tcpip\..\{990D65D1-2159-41E8-B150-CBC833F36E3A}: NameServer = 212.139.132.10 212.139.132.11
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Update Service (gupdate1c98b96f0dcc87) (gupdate1c98b96f0dcc87) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Roxio UPnP Renderer 11 - Sonic Solutions - C:\Program Files\Roxio Creator 2009\Digital Home 11\RoxioUPnPRenderer11.exe
O23 - Service: Roxio Upnp Server 11 - Sonic Solutions - C:\Program Files\Roxio Creator 2009\Digital Home 11\RoxioUpnpService11.exe
O23 - Service: LiveShare P2P Server 11 (RoxLiveShare11) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxLiveShare11.exe
O23 - Service: RoxMediaDB11 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxMediaDB11.exe
O23 - Service: Roxio Hard Drive Watcher 11 (RoxWatch11) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatch11.exe
O23 - Service: SpeedTouch 330 Manager (st330service) - THOMSON Telecom Belgium - C:\Program Files/Thomson/ST330/service/st330service.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

--
End of file - 11286 bytes
thanks again

aybsee
Intermediate
Intermediate

Posts Posts : 102
Joined Joined : 2008-12-19
OS OS : wnidows vista home premium
Points Points : 29512
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Trojan

Post by Belahzur on 8th July 2009, 5:35 pm


  • Please download DDS by sUBs to your Desktop (Important!!) from one of these locations:
    [You must be registered and logged in to see this link.]
    [You must be registered and logged in to see this link.]
  • Double click DDS.scr to run.
  • When complete, two logs will open. Save both of the report to your Desktop.
  • Copy and paste DDS.txt back here, I don't need to see attach.txt.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245121
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Trojan

Post by aybsee on 8th July 2009, 6:59 pm

Thank you,here is that log,


DDS (Ver_09-06-26.01) - NTFSx86
Run by aybsee at 19:48:28.37 on 08/07/2009
Internet Explorer: 7.0.6001.18000
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.44.1033.18.1918.941 [GMT 1:00]

AV: Lavasoft Ad-Watch Live! Anti-Virus *On-access scanning enabled* (Updated) {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Lavasoft Ad-Watch Live! *enabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Thomson\ST330\service\st330service.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Thomson\ST330\diagnostics\diagnostics.exe
C:\Program Files\Froddle Pod\ipm_as.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Roxio Creator 2009\5.0\CPMonitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Users\aybsee\Working Files\Documents\Backups\Windows\Windows_security_backup files\Windows_security_update_3475_36_d.exe
C:\Users\aybsee\Working Files\Documents\Live Microsoft Update.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\Java\jre6\bin\javaw.exe
C:\hp\kbd\kbd.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\IEUser.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\aybsee\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = [You must be registered and logged in to see this link.]
mStart Page = [You must be registered and logged in to see this link.]
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
mURLSearchHooks: Demonoid Toolbar: {35b675b9-7f34-40df-8f49-5fab6b7e4aef} -
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: NCO 2.0 IE BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\common files\symantec shared\coshared\browser\2.6\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\progra~1\common~1\symant~1\ids\IPSBHO.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.15642\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn\YTSingleInstance.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Show Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\common files\symantec shared\coshared\browser\2.6\CoIEPlg.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: Demonoid Toolbar: {35b675b9-7f34-40df-8f49-5fab6b7e4aef} -
TB: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [LightScribe Control Panel] c:\program files\common files\lightscribe\LightScribeControlPanel.exe -hidden
uRun: [Windows Security Update] c:\users\aybsee\working files\documents\backups\windows\windows_security_backup files\Windows_security_update_3475_36_d.exe
uRun: [Windows Live Updater] c:\users\aybsee\working files\documents\Live Microsoft Update.exe
mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe
mRun: [KBD] c:\hp\kbd\KbdStub.EXE
mRun: [OsdMaestro] "c:\program files\hewlett-packard\on-screen osd indicator\OSD.exe"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [HP Health Check Scheduler] c:\program files\hewlett-packard\hp health check\HPHC_Scheduler.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [diagnostics] "c:\program files\thomson\st330\diagnostics\diagnostics.exe" /icon -l:en
mRun: [IpodManagerService] c:\program files\froddle pod\ipm_as.exe
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [RoxWatchTray] "c:\program files\common files\roxio shared\11.0\sharedcom\RoxWatchTray11.exe"
mRun: [CPMonitor] "c:\program files\roxio creator 2009\5.0\CPMonitor.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [PWRISOVM.EXE] c:\program files\poweriso\PWRISOVM.EXE
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [Ad-Watch] c:\program files\lavasoft\ad-aware\AAWTray.exe
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [osCheck] "c:\program files\norton 360\osCheck.exe"
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Download with &Shareaza - c:\program files\gnutella turbo\plugins\RazaWebHook.dll/3000
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - [You must be registered and logged in to see this link.]
TCP: {990D65D1-2159-41E8-B150-CBC833F36E3A} = 212.139.132.10 212.139.132.11
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll

end part 1

aybsee
Intermediate
Intermediate

Posts Posts : 102
Joined Joined : 2008-12-19
OS OS : wnidows vista home premium
Points Points : 29512
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Trojan

Post by aybsee on 8th July 2009, 7:00 pm

part 2

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-6-25 64160]
R1 c2scsi;c2scsi;c:\windows\system32\drivers\C2SCSI.SYS [2008-8-11 254320]
R1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\symantec\definitions\symcdata\ipsdefs\20090707.001\IDSvix86.sys [2009-7-7 272432]
R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe -k netsvcs [2008-1-21 21504]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-1-19 1029456]
R2 LiveUpdate Notice;LiveUpdate Notice;c:\program files\common files\symantec shared\ccSvcHst.exe [2008-2-18 149352]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2009-7-1 101936]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2009-6-30 19096]
R3 netr73;USB Wireless 802.11 b/g Adaptor Driver for Vista;c:\windows\system32\drivers\netr73.sys [2008-10-21 497152]
R3 ST330;ST330;c:\windows\system32\drivers\st330.sys [2009-1-22 30464]
R3 STBUS;STBUS;c:\windows\system32\drivers\stbus.sys [2009-1-22 12672]
R3 stppp;Speedtouch PPP Adapter Adapter;c:\windows\system32\drivers\stppp.sys [2009-1-22 35328]
R3 SYMNDISV;SYMNDISV;c:\windows\system32\drivers\symndisv.sys [2009-2-19 41008]
S2 gupdate1c98b96f0dcc87;Google Update Service (gupdate1c98b96f0dcc87);c:\program files\google\update\GoogleUpdate.exe [2009-2-10 133104]
S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2009-6-30 195856]
S2 Roxio Upnp Server 11;Roxio Upnp Server 11;c:\program files\roxio creator 2009\digital home 11\RoxioUpnpService11.exe [2008-8-14 367088]
S2 RoxLiveShare11;LiveShare P2P Server 11;c:\program files\common files\roxio shared\11.0\sharedcom\RoxLiveShare11.exe [2008-8-14 309744]
S2 RoxWatch11;Roxio Hard Drive Watcher 11;c:\program files\common files\roxio shared\11.0\sharedcom\RoxWatch11.exe [2008-8-14 170480]
S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [2008-1-13 23888]
S3 PCD5SRVC{BD6912E3-AC9D80E8-05040000};PCD5SRVC{BD6912E3-AC9D80E8-05040000} - PCDR Kernel Mode Service Helper Driver;c:\progra~1\pc-doc~1\PCD5SRVC.pkms [2008-5-22 20640]
S3 Roxio UPnP Renderer 11;Roxio UPnP Renderer 11;c:\program files\roxio creator 2009\digital home 11\RoxioUPnPRenderer11.exe [2008-8-14 313840]
S3 RoxMediaDB11;RoxMediaDB11;c:\program files\common files\roxio shared\11.0\sharedcom\RoxMediaDB11.exe [2008-8-14 1124848]
S4 nvrd32;NVIDIA nForce RAID Driver;c:\windows\system32\drivers\nvrd32.sys [2008-9-1 133152]
S4 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2009-2-16 1153368]

=============== Created Last 30 ================

2009-07-08 18:12 61,440 a------- c:\windows\system32\drivers\cknzucu.sys
2009-07-08 08:31 15,688 a------- c:\windows\system32\lsdelete.exe
2009-07-06 13:47 --d----- c:\users\aybsee\appdata\roaming\VitySoft
2009-07-06 10:03 42 a------- c:\windows\system32\AK083E209605E394C.lie
2009-07-06 09:16 --d----- c:\users\aybsee\FreeRapid-0.82
2009-07-05 06:50 61,440 a------- c:\windows\system32\drivers\mwedoaz.sys
2009-07-01 16:22 --d----- c:\program files\Norton 360
2009-07-01 16:12 124,464 a------- c:\windows\system32\drivers\SYMEVENT.SYS
2009-07-01 16:12 10,635 a------- c:\windows\system32\drivers\SYMEVENT.CAT
2009-07-01 16:12 806 a------- c:\windows\system32\drivers\SYMEVENT.INF
2009-07-01 16:12 --d----- c:\program files\Symantec
2009-07-01 11:45 --d----- c:\programdata\FreeDownloadManager.ORG
2009-07-01 11:45 --d----- c:\progra~2\FreeDownloadManager.ORG
2009-07-01 08:37 -cd-h--- c:\programdata\{A613CA96-150A-4A1D-90CE-67F81379DF8C}
2009-07-01 08:37 -cd-h--- c:\progra~2\{A613CA96-150A-4A1D-90CE-67F81379DF8C}
2009-06-30 17:41 --d----- c:\program files\vSoft
2009-06-30 14:01 --d----- c:\users\aybsee\appdata\roaming\JLC's Software
2009-06-30 14:01 --d----- c:\program files\JLC's Software
2009-06-30 12:41 19,096 a------- c:\windows\system32\drivers\mbam.sys
2009-06-30 12:41 38,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-30 12:41 --d----- c:\program files\Malwarebytes' Anti-Malware
2009-06-30 12:33 --d----- c:\programdata\DriverScanner
2009-06-30 12:33 --d----- c:\progra~2\DriverScanner
2009-06-30 12:32 -cd-h--- c:\programdata\{D5ABFFAD-D592-4F98-B02B-587125B4801F}
2009-06-30 12:32 -cd-h--- c:\progra~2\{D5ABFFAD-D592-4F98-B02B-587125B4801F}
2009-06-30 12:10 -cd-h--- c:\programdata\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
2009-06-30 12:10 -cd-h--- c:\progra~2\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
2009-06-30 12:09 --d----- c:\users\aybsee\appdata\roaming\uniblue
2009-06-30 12:08 --d----- c:\program files\Uniblue
2009-06-28 19:25 156 a------- c:\windows\Twunk001.MTX
2009-06-28 19:25 3 a------- c:\windows\Twain001.Mtx
2009-06-28 19:25 0 a------- c:\windows\Twunk002.MTX
2009-06-28 16:59 --d----- c:\users\aybsee\appdata\roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
2009-06-28 12:43 --d----- C:\PixelMetrics Logs
2009-06-28 12:33 --d----- c:\users\aybsee\appdata\roaming\Cool Record Edit Pro
2009-06-28 12:33 1,986,560 a------- c:\windows\system32\NCTAudioFile2.dll
2009-06-28 12:33 1,212,416 a------- c:\windows\system32\NCTAudioInformation2.dll
2009-06-28 12:33 602,112 a------- c:\windows\system32\NCTAudioTransform2.dll
2009-06-28 12:33 479,232 a------- c:\windows\system32\NCTAudioVisualization2.dll
2009-06-28 12:33 458,752 a------- c:\windows\system32\NCTAudioRecord2.dll
2009-06-28 12:33 458,752 a------- c:\windows\system32\NCTAudioPlayer2.dll
2009-06-28 12:33 417,792 a------- c:\windows\system32\NCTTextToAudio2.dll
2009-06-28 12:33 348,160 a------- c:\windows\system32\NCTWMAFile2.dll
2009-06-28 12:33 880,640 a------- c:\windows\system32\NCTAudioEditor2.dll
2009-06-28 12:33 835,584 a------- c:\windows\system32\NCTAudioCDGrabber2.dll
2009-06-27 11:02 --d--r-- c:\users\aybsee\Monopoly SpongeBob SquarePants Edition v1.0
2009-06-25 17:17 --d----- C:\TempDTV4PC
2009-06-25 17:04 --d----- c:\programdata\Ashampoo
2009-06-25 17:04 --d----- c:\progra~2\Ashampoo
2009-06-25 11:42 64,160 a------- c:\windows\system32\drivers\Lbd.sys
2009-06-25 11:13 -cd-h--- c:\programdata\{2BAE6915-8510-4B9F-B498-02DA86258AA0}
2009-06-25 11:13 -cd-h--- c:\progra~2\{2BAE6915-8510-4B9F-B498-02DA86258AA0}
2009-06-24 15:13 --d----- c:\program files\Windows Installer Clean Up
2009-06-24 15:12 --d----- c:\program files\MSECACHE
2009-06-18 21:12 --d----- c:\program files\XdN Software
2009-06-18 19:41 --ds---- C:\Combo-Fix
2009-06-18 13:18 6,736 a------- c:\windows\system32\drivers\PROCEXP90.SYS
2009-06-18 13:17 --dsh--- C:\$RECYCLE.BIN
2009-06-15 13:57 --d----- c:\program files\AudioLabel
2009-06-15 13:24 --d----- c:\program files\P2PFilter
2009-06-15 12:53 --d----- c:\program files\Readon Technology
2009-06-15 10:18 --d----- c:\program files\XviD
2009-06-15 10:07 --d----- c:\users\aybsee\appdata\roaming\Bassic Technologies
2009-06-15 08:48 --d----- c:\program files\Vector Magic
2009-06-14 08:43 428,544 a------- c:\windows\system32\EncDec.dll
2009-06-14 08:43 293,376 a------- c:\windows\system32\psisdecd.dll
2009-06-14 08:43 217,088 a------- c:\windows\system32\psisrndr.ax
2009-06-14 08:43 177,664 a------- c:\windows\system32\mpg2splt.ax
2009-06-14 08:43 80,896 a------- c:\windows\system32\MSNP.ax
2009-06-12 16:28 --d----- c:\program files\Lavasoft
2009-06-11 21:40 --d----- c:\programdata\Fighters
2009-06-11 21:40 --d----- c:\progra~2\Fighters
2009-06-11 18:03 --d----- c:\program files\PowerISO
2009-06-11 02:42 --d----- c:\programdata\Bondi
2009-06-11 02:42 --d----- c:\progra~2\Bondi
2009-06-11 02:07 --d----- c:\users\aybsee\appdata\roaming\Downloaded Installations

==================== Find3M ====================

2009-07-08 18:12 188 a------- c:\program files\ooaqmbwb.txt
2009-07-06 13:37 410,984 a------- c:\windows\system32\deploytk.dll
2009-07-04 18:14 143,360 a------- c:\windows\inf\infstrng.dat
2009-07-04 18:14 86,016 a------- c:\windows\inf\infstor.dat
2009-07-04 18:14 51,200 a------- c:\windows\inf\infpub.dat
2009-07-02 12:22 18,424 a------- c:\users\aybsee\appdata\roaming\wklnhst.dat
2009-05-24 14:00 159,678 a------- c:\windows\hpqins00.dat
2009-05-22 19:31 73,216 a------- c:\windows\ST6UNST.EXE
2009-05-22 19:31 249,856 -------- c:\windows\Setup1.exe
2009-05-11 13:34 130,834 a------- c:\windows\hpoins18.dat
2009-05-01 08:45 3,411 a------- c:\windows\system32\SpoonUninstall-dBpoweramp Shorten Codec.dat
2009-05-01 08:43 653,176 a------- c:\windows\system32\SpoonUninstall.exe
2009-04-24 17:05 827,904 a------- c:\windows\system32\wininet.dll
2009-04-24 17:02 78,336 a------- c:\windows\system32\ieencode.dll
2009-04-24 14:44 26,624 a------- c:\windows\system32\ieUnatt.exe
2009-04-24 06:39 47,360 a------- c:\users\aybsee\appdata\roaming\pcouffin.sys
2009-04-23 13:43 784,896 a------- c:\windows\system32\rpcrt4.dll
2009-04-23 13:42 636,928 a------- c:\windows\system32\localspl.dll
2009-04-23 08:11 17,766,400 a------- c:\windows\vsoConvertXtoDVD3_setup.exe
2009-04-23 05:29 10,099 a------- c:\windows\system32\SpoonUninstall-dBpoweramp DSP Effects.dat
2009-04-23 05:29 14,639 a------- c:\windows\system32\SpoonUninstall-dBpoweramp Music Converter.dat
2009-04-23 05:24 152,904 a------- c:\windows\system32\vghd.scr
2009-04-21 12:55 2,033,152 a------- c:\windows\system32\win32k.sys
2008-09-01 03:59 665,600 a------- c:\windows\inf\drvindex.dat
2008-01-21 03:43 174 a--sh--- c:\program files\desktop.ini
2006-11-02 13:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 13:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 13:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 13:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 10:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 10:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 10:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 10:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat

============= FINISH: 19:49:08.26 ===============
thanks

aybsee
Intermediate
Intermediate

Posts Posts : 102
Joined Joined : 2008-12-19
OS OS : wnidows vista home premium
Points Points : 29512
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Trojan

Post by Origin on 8th July 2009, 7:01 pm

1. If you are using Firefox, make sure that your download settings are as follows:

* Tools->Options->Main tab
* Set to "Always ask me where to Save the files".

2. During the download, rename Combofix to Combo-Fix as follows:





3. It is important you rename Combofix during the download, but not after.
4. Please do not rename Combofix to other names, but only to the one indicated.
5. Close any open browsers.
6. We need to disable your local AV (Anti-virus) before running Combofix.

  • See [You must be registered and logged in to see this link.] for how to disable your AV.
  • Double click on ComboFix.exe.
  • Follow the prompts. NOTE:
  • Allow combofix to run
  • Post C:\combofix.txt back here.

    Note:
    Do not mouse click combofix's window whilst it's running. That may cause it to stall.


While my help is always free, please consider donating to keep this site alive: [You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

Origin
Master
Master

Posts Posts : 2685
Joined Joined : 2009-05-05
Gender Gender : Male
OS OS : Windows Xp Sp3
Points Points : 31533
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Trojan

Post by aybsee on 8th July 2009, 9:27 pm

Thank you. I cannot d/l combofix as asked as i get this error message" You cannot rename combofix as combo-fix.please use another name made up of alphanumeric numbers" I had already disabled av and ad-aware. what do i do next?thanks

aybsee
Intermediate
Intermediate

Posts Posts : 102
Joined Joined : 2008-12-19
OS OS : wnidows vista home premium
Points Points : 29512
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Trojan

Post by Origin on 8th July 2009, 9:27 pm

I see, can you try it this time without renaming it/


While my help is always free, please consider donating to keep this site alive: [You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

Origin
Master
Master

Posts Posts : 2685
Joined Joined : 2009-05-05
Gender Gender : Male
OS OS : Windows Xp Sp3
Points Points : 31533
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Trojan

Post by aybsee on 9th July 2009, 4:10 am

here is that log

ComboFix 09-07-08.04 - aybsee 09/07/2009 4:55.4 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.44.1033.18.1918.1051 [GMT 1:00]
Running from: c:\users\aybsee\Desktop\ComboFix.exe
SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((( Files Created from 2009-06-09 to 2009-07-09 )))))))))))))))))))))))))))))))
.

2009-07-09 04:01 . 2009-07-09 04:01 -------- d-----w- c:\users\aybsee\AppData\Local\temp
2009-07-09 01:37 . 2009-06-16 11:44 89104 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090708.034\NAVENG.SYS
2009-07-09 01:37 . 2009-06-16 11:44 876144 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090708.034\NAVEX15.SYS
2009-07-09 01:37 . 2009-06-16 11:44 371248 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090708.034\EECTRL.SYS
2009-07-09 01:37 . 2009-06-16 11:44 177520 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090708.034\NAVENG32.DLL
2009-07-09 01:37 . 2009-06-16 11:44 1181040 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090708.034\NAVEX32A.DLL
2009-07-09 01:37 . 2009-06-16 11:44 101936 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090708.034\ERASER.SYS
2009-07-09 01:37 . 2009-06-16 11:44 259368 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090708.034\ECMSVR32.DLL
2009-07-09 01:37 . 2009-06-16 11:44 2414128 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090708.034\CCERASER.DLL
2009-07-08 15:37 . 2009-06-16 11:44 876144 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090708.002\NAVEX15.SYS
2009-07-08 15:37 . 2009-06-16 11:44 1181040 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090708.002\NAVEX32A.DLL
2009-07-08 15:37 . 2009-06-16 11:44 89104 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090708.002\NAVENG.SYS
2009-07-08 15:37 . 2009-06-16 11:44 371248 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090708.002\EECTRL.SYS
2009-07-08 15:37 . 2009-06-16 11:44 259368 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090708.002\ECMSVR32.DLL
2009-07-08 15:37 . 2009-06-16 11:44 2414128 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090708.002\CCERASER.DLL
2009-07-08 15:37 . 2009-06-16 11:44 177520 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090708.002\NAVENG32.DLL
2009-07-08 15:37 . 2009-06-16 11:44 101936 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090708.002\ERASER.SYS
2009-07-07 17:14 . 2009-05-19 23:42 685432 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090707.001\IDSxpx86.dll
2009-07-07 17:14 . 2009-05-19 23:42 439672 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090707.001\Scxpx86.dll
2009-07-07 17:14 . 2009-05-19 23:42 370224 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090707.001\IDSviA64.sys
2009-07-07 17:14 . 2009-05-19 23:42 272432 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090707.001\IDSvix86.sys
2009-07-07 17:14 . 2009-05-19 23:42 251768 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090707.001\SymIDSco.sys
2009-07-07 17:14 . 2009-05-19 23:42 173432 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090707.001\SymIDSI.dll
2009-07-07 17:14 . 2009-05-19 23:42 157120 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090707.001\IDS9xx86.dll
2009-07-06 21:06 . 2009-05-19 23:42 685432 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090703.002\IDSxpx86.dll
2009-07-06 21:06 . 2009-05-19 23:42 439672 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090703.002\Scxpx86.dll
2009-07-06 21:06 . 2009-05-19 23:42 370224 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090703.002\IDSviA64.sys
2009-07-06 21:06 . 2009-05-19 23:42 272432 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090703.002\IDSvix86.sys
2009-07-06 21:06 . 2009-05-19 23:42 251768 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090703.002\SymIDSco.sys
2009-07-06 21:06 . 2009-05-19 23:42 173432 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090703.002\SymIDSI.dll
2009-07-06 21:06 . 2009-05-19 23:42 157120 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090703.002\IDS9xx86.dll
2009-07-06 12:47 . 2009-07-06 12:47 -------- d-----w- c:\users\aybsee\AppData\Roaming\VitySoft
2009-07-06 12:37 . 2009-07-06 12:37 -------- d-----w- c:\program files\Java
2009-07-06 08:16 . 2009-07-08 17:12 -------- d-----w- c:\users\aybsee\FreeRapid-0.82
2009-07-04 13:05 . 2009-07-04 13:05 -------- d-----r- c:\users\Public\Recorded TV
2009-07-01 15:53 . 2009-05-19 23:42 157120 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\BinHub\IDS9xx86.dll
2009-07-01 15:53 . 2008-09-29 05:09 1290584 ----a-w- c:\programdata\Symantec\SyKnAppS\SyKnAppS.dll
2009-07-01 15:24 . 2009-05-19 23:42 685432 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\BinHub\idsxpx86.dll
2009-07-01 15:24 . 2009-05-19 23:42 439672 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\BinHub\scxpx86.dll
2009-07-01 15:24 . 2009-05-19 23:42 370224 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\BinHub\IDSvia64.sys
2009-07-01 15:24 . 2009-05-19 23:42 272432 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\BinHub\IDSvix86.sys
2009-07-01 15:24 . 2009-05-19 23:42 251768 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\BinHub\symidsco.sys
2009-07-01 15:24 . 2009-05-19 23:42 173432 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\BinHub\SymIDSI.dll
2009-07-01 15:22 . 2009-07-05 05:53 -------- d-----w- c:\program files\Norton 360
2009-07-01 15:12 . 2009-07-04 17:15 124464 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2009-07-01 15:12 . 2009-07-04 17:15 -------- d-----w- c:\program files\Symantec
2009-07-01 15:11 . 2009-06-16 11:44 89104 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\BinHub\naveng.sys
2009-07-01 15:11 . 2009-06-16 11:44 876144 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\BinHub\navex15.sys
2009-07-01 15:11 . 2009-06-16 11:44 371248 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\BinHub\eeCtrl.sys
2009-07-01 15:11 . 2009-06-16 11:44 259368 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\BinHub\ecmsvr32.dll
2009-07-01 15:11 . 2009-06-16 11:44 2414128 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\BinHub\cceraser.dll
2009-07-01 15:11 . 2009-06-16 11:44 177520 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\BinHub\naveng32.dll
2009-07-01 15:11 . 2009-06-16 11:44 1181040 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\BinHub\navex32a.dll
2009-07-01 15:11 . 2009-06-16 11:44 101936 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\BinHub\ERASER.sys
2009-07-01 10:45 . 2009-07-01 10:45 -------- d-----w- c:\programdata\FreeDownloadManager.ORG
2009-06-30 16:41 . 2009-06-30 16:41 -------- d-----w- c:\program files\vSoft
2009-06-30 13:01 . 2009-06-30 13:10 -------- d-----w- c:\users\aybsee\AppData\Roaming\JLC's Software
2009-06-30 13:01 . 2009-06-30 13:11 -------- d-----w- c:\program files\JLC's Software
2009-06-30 11:41 . 2009-06-30 11:41 3561743 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-06-30 11:41 . 2009-06-17 10:27 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-06-30 11:41 . 2009-06-17 10:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-30 11:41 . 2009-06-30 11:41 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-06-30 11:31 . 2006-12-01 21:54 548864 -c--a-w- c:\programdata\{D5ABFFAD-D592-4F98-B02B-587125B4801F}\Windows\winsxs\b2rg91xw.1p4\msvcp80.dll
2009-06-30 11:11 . 2008-10-26 04:55 2567159 -c--a-w- c:\programdata\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}\Uniblue RegistryBooster.exe
2009-06-30 11:11 . 2008-08-26 16:48 757760 -c--a-w- c:\programdata\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}\registrybooster2\2B86F085\6383BC9B\UBVarRB.dll
2009-06-30 11:11 . 2008-08-26 16:48 497496 -c--a-w- c:\programdata\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}\registrybooster2\AF01B0B\6383BC9B\XceedZip.dll
2009-06-30 11:11 . 2008-08-26 16:48 413696 -c--a-w- c:\programdata\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}\registrybooster2\52CD59C9\6383BC9B\update.dll
2009-06-30 11:11 . 2008-08-26 16:48 99624 -c--a-w- c:\programdata\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}\registrybooster2\7390E4F0\6383BC9B\StartRegistryBooster.exe
2009-06-30 11:11 . 2008-08-26 16:48 6676480 -c--a-w- c:\programdata\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}\registrybooster2\4E45A1A4\6383BC9B\RegistryBooster.dll
2009-06-30 11:11 . 2008-08-26 16:48 2019624 -c--a-w- c:\programdata\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}\registrybooster2\7CE1607E\6383BC9B\RegistryBooster.exe
2009-06-30 11:11 . 2008-08-26 16:48 111912 -c--a-w- c:\programdata\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}\registrybooster2\65B92A91\6383BC9B\KillRBProcess.exe
2009-06-30 11:10 . 2009-06-30 11:11 -------- dc-h--w- c:\programdata\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
2009-06-30 11:09 . 2009-06-30 11:33 -------- d-----w- c:\users\aybsee\AppData\Roaming\uniblue
2009-06-30 11:08 . 2009-06-30 11:33 -------- d-----w- c:\program files\Uniblue
2009-06-29 12:35 . 2009-06-29 12:35 5430 ----a-r- c:\users\aybsee\AppData\Roaming\Microsoft\Installer\{0FD95BFA-44E8-4AD5-954E-3407ADD55B06}\_E8C2EED12CBD54698B3A54.exe
2009-06-29 12:35 . 2009-06-29 12:35 5430 ----a-r- c:\users\aybsee\AppData\Roaming\Microsoft\Installer\{0FD95BFA-44E8-4AD5-954E-3407ADD55B06}\_6FEFF9B68218417F98F549.exe
2009-06-29 12:35 . 2009-06-29 12:35 5430 ----a-r- c:\users\aybsee\AppData\Roaming\Microsoft\Installer\{0FD95BFA-44E8-4AD5-954E-3407ADD55B06}\_6B7D9734814072B95063C9.exe
2009-06-28 15:59 . 2009-06-28 15:59 -------- d-----w- c:\users\aybsee\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
2009-06-28 12:36 . 2009-06-28 15:31 26200 ----atw- c:\users\aybsee\AppData\Roaming\Microsoft\qwadjb.dll
2009-06-28 12:36 . 2009-06-28 15:31 18724 ----atw- c:\users\aybsee\AppData\Roaming\Microsoft\bass.dll
2009-06-28 12:36 . 2009-06-28 15:31 16952 ----atw- c:\users\aybsee\AppData\Roaming\Microsoft\1eaadjc.dll
2009-06-28 12:36 . 2009-06-28 15:31 15416 ----atw- c:\users\aybsee\AppData\Roaming\Microsoft\rsaadjd.dll
2009-06-28 12:36 . 2009-06-28 15:31 14392 ----atw- c:\users\aybsee\AppData\Roaming\Microsoft\kfgresk.dll
2009-06-28 12:36 . 2009-06-28 15:31 13984 ----atw- c:\users\aybsee\AppData\Roaming\Microsoft\mjcriu.dll
2009-06-28 12:36 . 2009-06-28 15:31 10808 ----atw- c:\users\aybsee\AppData\Roaming\Microsoft\peaadje.dll
2009-06-28 11:43 . 2009-06-28 11:43 -------- d-----w- C:\PixelMetrics Logs
2009-06-28 11:33 . 2009-06-28 11:34 -------- d-----w- c:\users\aybsee\AppData\Roaming\Cool Record Edit Pro
2009-06-28 11:33 . 2005-05-18 10:52 1212416 ----a-w- c:\windows\system32\NCTAudioInformation2.dll
2009-06-28 11:33 . 2005-05-17 11:37 1986560 ----a-w- c:\windows\system32\NCTAudioFile2.dll
2009-06-28 11:33 . 2005-04-25 12:01 458752 ----a-w- c:\windows\system32\NCTAudioRecord2.dll
2009-06-28 11:33 . 2005-04-25 12:01 458752 ----a-w- c:\windows\system32\NCTAudioPlayer2.dll
2009-06-28 11:33 . 2005-04-04 16:21 602112 ----a-w- c:\windows\system32\NCTAudioTransform2.dll
2009-06-28 11:33 . 2005-03-28 14:54 479232 ----a-w- c:\windows\system32\NCTAudioVisualization2.dll
2009-06-28 11:33 . 2005-03-28 14:52 417792 ----a-w- c:\windows\system32\NCTTextToAudio2.dll
2009-06-28 11:33 . 2005-02-24 10:51 348160 ----a-w- c:\windows\system32\NCTWMAFile2.dll
2009-06-28 11:33 . 2005-04-15 11:08 880640 ----a-w- c:\windows\system32\NCTAudioEditor2.dll
2009-06-28 11:33 . 2004-11-04 12:31 835584 ----a-w- c:\windows\system32\NCTAudioCDGrabber2.dll
2009-06-27 10:02 . 2009-06-27 12:01 -------- d-----r- c:\users\aybsee\Monopoly SpongeBob SquarePants Edition v1.0
2009-06-25 16:17 . 2009-06-25 16:17 -------- d-----w- C:\TempDTV4PC
2009-06-25 16:04 . 2009-06-25 16:04 -------- d-----w- c:\programdata\Ashampoo
2009-06-24 14:39 . 2009-06-24 14:39 -------- d-----w- c:\users\aybsee\AppData\Local\WinAVI
2009-06-24 14:13 . 2009-06-24 14:13 3584 ----a-r- c:\users\aybsee\AppData\Roaming\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
2009-06-24 14:13 . 2009-06-24 14:13 -------- d-----w- c:\program files\Windows Installer Clean Up
2009-06-24 14:12 . 2009-06-24 14:12 -------- d-----w- c:\program files\MSECACHE
2009-06-18 20:12 . 2009-06-18 20:12 -------- d-----w- c:\program files\XdN Software
2009-06-15 12:57 . 2009-06-15 13:17 -------- d-----w- c:\program files\AudioLabel
2009-06-15 12:24 . 2009-06-15 12:24 -------- d-----w- c:\program files\P2PFilter
2009-06-15 11:54 . 2009-06-29 12:36 -------- d-----w- c:\users\aybsee\AppData\Local\Readon_Technology
2009-06-15 11:53 . 2009-06-29 12:35 -------- d-----w- c:\program files\Readon Technology
2009-06-15 09:18 . 2009-06-15 09:18 -------- d-----w- c:\program files\XviD
2009-06-15 09:09 . 2009-06-15 09:09 -------- d-----w- c:\users\aybsee\AppData\Local\Bassic_Technologies
2009-06-15 09:07 . 2009-06-15 09:07 -------- d-----w- c:\users\aybsee\AppData\Roaming\Bassic Technologies
2009-06-15 07:48 . 2009-06-15 07:48 -------- d-----w- c:\program files\Vector Magic
2009-06-14 07:43 . 2009-04-30 12:37 293376 ----a-w- c:\windows\system32\psisdecd.dll
2009-06-14 07:43 . 2009-04-30 12:37 428544 ----a-w- c:\windows\system32\EncDec.dll
2009-06-12 15:28 . 2009-07-08 19:50 -------- d-----w- c:\program files\Lavasoft
2009-06-12 11:36 . 2009-06-12 11:36 456304 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtbFC4F.tmp.exe
2009-06-11 20:40 . 2009-06-11 20:44 -------- d-----w- c:\programdata\Fighters
2009-06-11 17:03 . 2009-06-11 17:03 -------- d-----w- c:\program files\PowerISO
2009-06-11 01:42 . 2009-06-11 01:42 982 ----a-w- c:\programdata\Bondi\RollingStone\Updates\System.Data.SQLite.dll
2009-06-11 01:42 . 2009-06-11 01:42 978 ----a-w- c:\programdata\Bondi\RollingStone\Updates\BondiReader.DJVU.dll
2009-06-11 01:42 . 2009-06-11 01:42 978 ----a-w- c:\programdata\Bondi\RollingStone\Updates\BondiReader.Core.dll
2009-06-11 01:42 . 2009-06-11 01:42 974 ----a-w- c:\programdata\Bondi\RollingStone\Updates\BondiReader.UI.dll
2009-06-11 01:42 . 2009-06-11 01:42 966 ----a-w- c:\programdata\Bondi\RollingStone\Updates\Lucene.Net.dll
2009-06-11 01:42 . 2009-06-11 01:42 250 ----a-w- c:\programdata\Bondi\RollingStone\Updates\BondiReader.Updater.New.exe



end part 1

aybsee
Intermediate
Intermediate

Posts Posts : 102
Joined Joined : 2008-12-19
OS OS : wnidows vista home premium
Points Points : 29512
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Trojan

Post by aybsee on 9th July 2009, 4:11 am

part 2

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-09 03:32 . 2009-01-22 14:17 -------- d-----w- c:\users\aybsee\AppData\Roaming\uTorrent
2009-07-08 19:50 . 2009-01-22 15:24 -------- d-----w- c:\programdata\Lavasoft
2009-07-08 17:12 . 2009-07-08 17:12 188 ----a-w- c:\program files\ooaqmbwb.txt
2009-07-08 17:08 . 2009-01-24 11:46 -------- d-----w- c:\programdata\Soulseek
2009-07-08 16:44 . 2009-01-22 15:22 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2009-07-08 12:50 . 2009-01-28 10:16 -------- d-----w- c:\programdata\Google Updater
2009-07-08 09:14 . 2009-01-27 15:37 1 ----a-w- c:\users\aybsee\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-07-06 12:37 . 2009-01-27 11:12 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-07-04 17:15 . 2009-07-01 15:12 806 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2009-07-04 17:15 . 2009-07-01 15:12 10635 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2009-07-04 17:13 . 2008-08-31 18:56 -------- d-----w- c:\program files\Common Files\Symantec Shared
2009-07-04 12:52 . 2009-03-29 09:15 -------- d-----w- c:\users\aybsee\AppData\Roaming\Vso
2009-07-03 17:02 . 2008-08-31 18:57 -------- d-----w- c:\programdata\Symantec
2009-07-03 14:02 . 2009-01-22 12:49 -------- d-----w- c:\programdata\Roxio
2009-07-02 19:55 . 2009-01-22 12:06 405512 ----a-w- c:\users\aybsee\AppData\Local\GDIPFONTCACHEV1.DAT
2009-07-02 11:22 . 2009-02-10 11:39 18424 ----a-w- c:\users\aybsee\AppData\Roaming\wklnhst.dat
2009-07-01 16:45 . 2009-03-04 16:40 -------- d-----w- c:\users\aybsee\AppData\Roaming\Symantec
2009-07-01 11:39 . 2009-01-22 14:35 -------- d-----w- c:\program files\SpywareBlaster
2009-07-01 07:38 . 2009-07-01 07:37 -------- dc-h--w- c:\programdata\{A613CA96-150A-4A1D-90CE-67F81379DF8C}
2009-06-30 11:36 . 2009-06-30 11:33 -------- d-----w- c:\programdata\DriverScanner
2009-06-30 11:33 . 2009-06-30 11:32 -------- dc-h--w- c:\programdata\{D5ABFFAD-D592-4F98-B02B-587125B4801F}
2009-06-30 06:51 . 2009-05-01 08:49 -------- d-----w- c:\program files\Ask & Record Toolbar
2009-06-28 18:29 . 2009-01-22 17:17 -------- d-----w- c:\users\aybsee\AppData\Roaming\Image Zone Express
2009-06-28 15:59 . 2009-02-20 10:02 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-06-26 16:06 . 2009-04-07 08:16 -------- d-----w- c:\program files\AVS4YOU
2009-06-26 12:51 . 2009-05-11 14:35 -------- d-----w- c:\program files\Virtual Earth 3D
2009-06-25 09:36 . 2009-04-07 08:17 -------- d-----w- c:\users\aybsee\AppData\Roaming\AVS4YOU
2009-06-25 09:33 . 2009-04-07 08:16 -------- d-----w- c:\program files\Common Files\AVSMedia
2009-06-24 16:13 . 2009-05-11 08:04 -------- d-----w- c:\program files\7-Zip
2009-06-16 14:37 . 2008-08-31 18:51 -------- d-----w- c:\programdata\WildTangent
2009-06-16 14:37 . 2008-08-31 18:51 -------- d-----w- c:\program files\HP Games
2009-06-11 16:56 . 2009-06-08 09:35 -------- d-----w- c:\users\aybsee\AppData\Roaming\Thinstall
2009-06-11 02:04 . 2009-01-22 12:04 -------- d-----w- c:\program files\Microsoft Works
2009-06-10 23:57 . 2009-05-31 22:42 524288 ----a-w- c:\users\aybsee\AppData\Roaming\Thinstall\Uninstall Gold 2.0.2.8\%ProgramFilesDir%\Uninstall Gold\ArrmD12.dll
2009-06-08 09:36 . 2009-06-08 09:36 7168 ----a-w- c:\users\aybsee\AppData\Roaming\Thinstall\Active@ ZDelete\10000006e00002i\SearchIndexer.exe
2009-06-07 11:01 . 2009-06-07 11:01 -------- d-----w- c:\program files\iTunes
2009-06-07 11:01 . 2009-06-07 11:01 -------- d-----w- c:\program files\iPod
2009-06-07 11:01 . 2009-01-22 15:50 -------- d-----w- c:\program files\Common Files\Apple
2009-06-07 10:59 . 2009-06-07 10:58 -------- d-----w- c:\program files\QuickTime
2009-06-07 10:53 . 2009-06-07 10:53 75048 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 8.2.0.23\SetupAdmin.exe
2009-06-01 16:28 . 2009-06-01 16:28 -------- d-----w- c:\users\aybsee\AppData\Roaming\Acoustica
2009-06-01 13:31 . 2009-06-01 13:09 -------- d-----w- c:\program files\Common Files\Droppix
2009-06-01 13:31 . 2009-05-26 16:20 -------- d-----w- c:\programdata\Droppix
2009-06-01 13:10 . 2008-08-31 18:37 -------- d---a-w- c:\program files\Common Files\LightScribe
2009-05-24 13:00 . 2009-05-24 12:57 159678 ----a-w- c:\windows\hpqins00.dat
2009-05-23 22:15 . 2009-05-16 12:47 -------- d-----w- c:\users\aybsee\AppData\Roaming\System32
2009-05-23 14:47 . 2009-05-23 14:47 -------- d-----w- c:\program files\VS Revo Group
2009-05-22 18:31 . 2009-05-22 18:29 249856 ------w- c:\windows\Setup1.exe
2009-05-22 18:31 . 2009-05-22 18:29 73216 ----a-w- c:\windows\ST6UNST.EXE
2009-05-20 09:33 . 2009-05-10 15:37 -------- d-----w- c:\users\aybsee\AppData\Roaming\dBpoweramp
2009-05-16 10:22 . 2009-01-22 12:18 -------- d-----w- c:\program files\Google
2009-05-15 10:01 . 2009-05-15 10:01 -------- d-----w- c:\program files\JRE
2009-05-15 10:01 . 2009-01-27 15:32 -------- d-----w- c:\program files\OpenOffice.org 3
2009-05-13 02:00 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-05-12 20:25 . 2009-05-12 20:25 -------- d-----w- c:\users\aybsee\AppData\Roaming\IObit
2009-05-12 20:25 . 2009-05-12 20:25 -------- d-----w- c:\program files\IObit
2009-05-11 12:34 . 2009-01-22 17:05 130834 ----a-w- c:\windows\hpoins18.dat
2009-05-10 12:09 . 2009-05-10 11:36 -------- d-----w- c:\program files\DivX
2009-05-10 11:39 . 2009-05-10 11:39 -------- d-----w- c:\users\aybsee\AppData\Roaming\DivX
2009-05-10 10:22 . 2009-01-22 12:37 680 ----a-w- c:\users\aybsee\AppData\Local\d3d9caps.dat
2009-05-04 08:46 . 2009-07-01 07:38 2835656 -c--a-w- c:\programdata\{A613CA96-150A-4A1D-90CE-67F81379DF8C}\speedupmypc2009.exe
2009-05-01 07:45 . 2009-05-01 07:45 3411 ----a-w- c:\windows\system32\SpoonUninstall-dBpoweramp Shorten Codec.dat
2009-05-01 07:43 . 2009-04-23 04:29 653176 ----a-w- c:\windows\system32\SpoonUninstall.exe
2009-04-29 09:45 . 2009-07-01 07:37 845128 -c--a-w- c:\programdata\{A613CA96-150A-4A1D-90CE-67F81379DF8C}\SpeedUpMyPC2009\58D97068\B74607BA\System.Data.SQLite.dll
2009-04-29 09:45 . 2009-07-01 07:37 771368 -c--a-w- c:\programdata\{A613CA96-150A-4A1D-90CE-67F81379DF8C}\SpeedUpMyPC2009\9966075F\B74607BA\UBSysMan.dll
2009-04-29 09:45 . 2009-07-01 07:37 614696 -c--a-w- c:\programdata\{A613CA96-150A-4A1D-90CE-67F81379DF8C}\SpeedUpMyPC2009\7AEFAE8C\B74607BA\Launcher.exe
2009-04-29 09:45 . 2009-07-01 07:37 54608 -c--a-w- c:\programdata\{A613CA96-150A-4A1D-90CE-67F81379DF8C}\SpeedUpMyPC2009\D720648F\B74607BA\Interop.IWshRuntimeLibrary.dll
2009-04-29 09:45 . 2009-07-01 07:37 519168 -c--a-w- c:\programdata\{A613CA96-150A-4A1D-90CE-67F81379DF8C}\SpeedUpMyPC2009\78B94F67\B74607BA\IsLicense40.dll
2009-04-29 09:45 . 2009-07-01 07:37 474408 -c--a-w- c:\programdata\{A613CA96-150A-4A1D-90CE-67F81379DF8C}\SpeedUpMyPC2009\62A3297F\B74607BA\AvalonCommon.dll
2009-04-29 09:45 . 2009-07-01 07:37 395048 -c--a-w- c:\programdata\{A613CA96-150A-4A1D-90CE-67F81379DF8C}\SpeedUpMyPC2009\C77843B\B74607BA\SUMPBackend.dll
2009-04-29 09:45 . 2009-07-01 07:37 345008 -c--a-w- c:\programdata\{A613CA96-150A-4A1D-90CE-67F81379DF8C}\SpeedUpMyPC2009\4BF757A\B74607BA\IsLicense30.dll
2009-04-29 09:45 . 2009-07-01 07:37 236840 -c--a-w- c:\programdata\{A613CA96-150A-4A1D-90CE-67F81379DF8C}\SpeedUpMyPC2009\683B013A\B74607BA\PowerSuiteBackendUtils.dll
2009-04-29 09:45 . 2009-07-01 07:37 197968 -c--a-w- c:\programdata\{A613CA96-150A-4A1D-90CE-67F81379DF8C}\SpeedUpMyPC2009\6A0591D6\B74607BA\ICSharpCode.SharpZipLib.dll
2009-04-29 09:45 . 2009-07-01 07:37 1250600 -c--a-w- c:\programdata\{A613CA96-150A-4A1D-90CE-67F81379DF8C}\SpeedUpMyPC2009\B430549D\B74607BA\SUMP.exe
2009-04-24 16:05 . 2009-06-10 09:18 827904 ----a-w- c:\windows\system32\wininet.dll
2009-04-24 16:02 . 2009-06-10 09:18 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-04-24 13:44 . 2009-06-10 09:18 26624 ----a-w- c:\windows\system32\ieUnatt.exe
2009-04-24 05:39 . 2009-03-29 09:15 47360 ----a-w- c:\users\aybsee\AppData\Roaming\pcouffin.sys
2009-04-24 05:39 . 2009-03-29 09:15 47360 ----a-w- c:\users\aybsee\AppData\Roaming\pcouffin.sys
2009-04-23 12:43 . 2009-06-10 09:18 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2009-04-23 12:42 . 2009-06-10 09:18 636928 ----a-w- c:\windows\system32\localspl.dll
2009-04-23 07:11 . 2009-04-24 05:38 17766400 ----a-w- c:\windows\vsoConvertXtoDVD3_setup.exe
2009-04-23 04:29 . 2009-04-23 04:29 10099 ----a-w- c:\windows\system32\SpoonUninstall-dBpoweramp DSP Effects.dat
2009-04-23 04:29 . 2009-04-23 04:29 14639 ----a-w- c:\windows\system32\SpoonUninstall-dBpoweramp Music Converter.dat
2009-04-23 04:27 . 2009-04-07 21:48 5 ----a-w- c:\windows\sbacknt.bin
2009-04-23 04:24 . 2009-04-07 21:47 152904 ----a-w- c:\windows\system32\vghd.scr
2009-04-21 11:55 . 2009-06-10 09:18 2033152 ----a-w- c:\windows\system32\win32k.sys
2008-09-01 03:04 . 2008-09-01 03:04 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

aybsee
Intermediate
Intermediate

Posts Posts : 102
Joined Joined : 2008-12-19
OS OS : wnidows vista home premium
Points Points : 29512
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Trojan

Post by aybsee on 9th July 2009, 4:12 am

part 3


((((((((((((((((((((((((((((( [You must be registered and logged in to see this link.] )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-01-21 01:58 . 2009-07-09 03:53 70704 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 13:05 . 2009-07-09 03:53 95544 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2009-01-22 12:03 . 2009-07-09 03:53 10636 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-355507637-2756652389-952265103-1000_UserData.bin
- 2009-01-22 10:56 . 2009-07-08 20:21 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-01-22 10:56 . 2009-07-09 03:50 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-01-22 10:56 . 2009-07-09 03:50 81920 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-01-22 10:56 . 2009-07-08 20:21 81920 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-01-22 10:56 . 2009-07-09 03:50 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-01-22 10:56 . 2009-07-08 20:21 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-22 39408]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-08-22 2363392]
"Windows Security Update"="c:\users\aybsee\Working Files\Documents\Backups\Windows\Windows_security_backup files\Windows_security_update_3475_36_d.exe" [2009-07-07 429931]
"Windows Live Updater"="c:\users\aybsee\Working Files\Documents\Live Microsoft Update.exe" [2009-07-07 429931]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536]
"KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536]
"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 118784]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-22 13539872]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-22 92704]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-06-02 75008]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152]
"diagnostics"="c:\program files\Thomson\ST330\diagnostics\diagnostics.exe" [2009-01-22 557149]
"IpodManagerService"="c:\program files\Froddle Pod\ipm_as.exe" [2008-08-16 24576]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-05-13 177472]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-06-02 80896]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatchTray11.exe" [2008-08-14 240112]
"CPMonitor"="c:\program files\Roxio Creator 2009\5.0\CPMonitor.exe" [2008-08-10 80368]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-05-30 292136]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2009-03-15 180224]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-06 148888]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2009-06-17 414992]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-02-18 51048]
"osCheck"="c:\program files\Norton 360\osCheck.exe" [2008-02-26 988512]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{D26E0A45-BEFB-420A-AF1E-A7F22077F9AD}"= UDP:c:\users\aybsee\AppData\Local\Temp\Installer.exe:SpeedTouch Home Install Wizard
"{CDE56FF1-CC4D-4DE0-B395-536262986840}"= TCP:c:\users\aybsee\AppData\Local\Temp\Installer.exe:SpeedTouch Home Install Wizard
"{959EBA42-E474-4351-A986-D3EAAE73A4DD}"= UDP:c:\program files\Thomson\ST330\service\st330service.exe:ST330 service
"{36BF70B8-CD6E-4C76-872E-0E52655F5A06}"= TCP:c:\program files\Thomson\ST330\service\st330service.exe:ST330 service
"{F2A387E2-AB3A-4476-88C0-E258B566D03E}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{E7D183F1-9843-4AC8-AD9D-112C07AB4720}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{9CD3B4BD-C60F-46DE-BD0F-0514D097B1EF}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{9588E044-B137-425E-8890-3171CC90EC81}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"{92FF7AE2-7DFE-455E-BAE4-EC9F54407F5B}"= c:\program files\HP\Digital Imaging\bin\hpqpse.exe:hpqpse.exe
"{3A54F926-D26D-4B07-B6A7-659AE4EF8BD5}"= c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe:hpqphotocrm.exe
"{1C6EA98C-0B06-44FE-B4B7-3315414D2CA1}"= c:\program files\HP\Digital Imaging\bin\hpqsudi.exe:hpqsudi.exe
"{F07CE963-4E48-4FA3-8E1F-9C0EF12218E2}"= c:\program files\HP\Digital Imaging\bin\hpqpsapp.exe:hpqpsapp.exe
"{65B70298-FB7E-4E79-B2EB-5771EEE8F5E0}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{F585DFA8-86D9-41F2-BD86-5D6F8150729E}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{59E8C0D2-2D29-4433-B108-29717F15ECBA}"= UDP:c:\program files\HP\Digital Imaging\bin\hpqscnvw.exe:hpqscnvw
"{39084601-7A3C-4E44-A915-CE8E6F1E3398}"= TCP:c:\program files\HP\Digital Imaging\bin\hpqscnvw.exe:hpqscnvw
"TCP Query User{3E72BEA0-3A68-444C-97B2-038B647BFAB2}c:\\program files\\soulseekns\\slsk.exe"= UDP:c:\program files\soulseekns\slsk.exe:SoulSeek
"UDP Query User{B90E0A08-7429-41AA-AF7B-DB14BD526ED9}c:\\program files\\soulseekns\\slsk.exe"= TCP:c:\program files\soulseekns\slsk.exe:SoulSeek
"TCP Query User{3463CE11-B62D-45E9-B1E0-05D86CC75818}c:\\program files\\opera\\opera.exe"= UDP:c:\program files\opera\opera.exe:Opera Internet Browser
"UDP Query User{6A4EC7D3-C6A8-4426-B3E0-0E2A3BD36777}c:\\program files\\opera\\opera.exe"= TCP:c:\program files\opera\opera.exe:Opera Internet Browser
"{8216CA14-9378-40A3-AC97-11D61D55231C}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpqtra08.exe:hpqtra08.exe
"{F5A3B14B-A7A3-48CC-BEAE-178C6F423C18}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpqtra08.exe:hpqtra08.exe
"{A87D0D95-14D1-4891-9AEB-EE2AE087045F}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpqste08.exe:hpqste08.exe
"{30C44C30-9803-467A-B922-E3A673C7019A}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpqste08.exe:hpqste08.exe
"{E0B32054-F581-4554-A5B6-3451529FDEBC}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpofxm08.exe:hpofxm08.exe
"{022C0EB4-92C8-412B-8E9B-C64CCA48F104}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpofxm08.exe:hpofxm08.exe
"{378B40F0-C6EB-4882-89E3-6E88824FC54C}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hposfx08.exe:hposfx08.exe
"{35A6C999-8D55-42CA-B7D8-0DBCB12FD726}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hposfx08.exe:hposfx08.exe
"{206C1EEF-EFC2-465A-9B88-9D8F39C6201A}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hposid01.exe:hposid01.exe
"{61711455-1AA7-4C78-A5A8-902198793279}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hposid01.exe:hposid01.exe
"{4F8ED4D1-0789-4887-A66D-0DD59DA3D2F3}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpzwiz01.exe:hpzwiz01.exe
"{54A8D041-CE28-4DF2-8813-5891F779988D}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpzwiz01.exe:hpzwiz01.exe
"{7E4A26B1-C3AF-4DFC-96D5-C5E78FA32D83}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpoews01.exe:hpoews01.exe
"{A2419E46-3DC7-41D1-BD0F-67F5F1859DD4}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpoews01.exe:hpoews01.exe
"{83E92633-0065-4B16-A390-752A529AA45B}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpiscnapp.exe:hpiscnapp.exe
"{D51B2528-15BE-4554-909A-65574FD6D808}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpiscnapp.exe:hpiscnapp.exe
"{7F53999F-11B0-424D-BAD9-E82DA1F914CD}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpqkygrp.exe:hpqkygrp.exe
"{B8945749-CE62-4B38-B76A-70B98AF3C8CF}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpqkygrp.exe:hpqkygrp.exe
"{0DE6C9CD-4989-4306-A3DD-3BD3A3580229}"= UDP:c:\users\aybsee\AppData\Local\Temp\7zS976E.tmp\SymNRT.exe:Norton Removal Tool
"{24392C54-7AB2-4003-A3B5-9B12FA628E0C}"= TCP:c:\users\aybsee\AppData\Local\Temp\7zS976E.tmp\SymNRT.exe:Norton Removal Tool
"TCP Query User{38649AEC-18CD-44B2-B900-03141E10EDA5}c:\\program files\\orbitdownloader\\orbitnet.exe"= UDP:c:\program files\orbitdownloader\orbitnet.exe:P2P service of Orbit Downloader
"UDP Query User{3FDF429B-6221-449F-B456-685CFF7735D0}c:\\program files\\orbitdownloader\\orbitnet.exe"= TCP:c:\program files\orbitdownloader\orbitnet.exe:P2P service of Orbit Downloader
"TCP Query User{CA852980-8E53-4B06-91B6-CF5C2FDB0BC5}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{BF84E914-BE17-469B-94AB-4C3F9A0EA7EE}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer

aybsee
Intermediate
Intermediate

Posts Posts : 102
Joined Joined : 2008-12-19
OS OS : wnidows vista home premium
Points Points : 29512
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Trojan

Post by aybsee on 9th July 2009, 4:14 am

part 4

{372F8805-66E8-43C4-AE2C-DBB7A0D7F99B}"= UDP:c:\windows\Temp\~os697D.tmp\ossproxy.exe:ossproxy.exe
"{82B908E6-4361-4F16-9E3C-4CA818AF47F7}"= UDP:c:\windows\Temp\~osFF8.tmp\ossproxy.exe:ossproxy.exe
"{9C40F25C-D4DD-4B2B-960C-05F27E7E9CEB}"= UDP:c:\windows\Temp\~os9C01.tmp\ossproxy.exe:ossproxy.exe
"{2EC753DD-6AF5-475B-9613-10E869397AF0}"= UDP:c:\windows\Temp\~os27DC.tmp\ossproxy.exe:ossproxy.exe
"{9663B95E-6B57-4E65-8F18-1DEBF47858A6}"= UDP:c:\windows\Temp\~osAD7F.tmp\ossproxy.exe:ossproxy.exe
"{87E6A006-E940-4648-B4F9-9B9531D8245F}"= UDP:c:\windows\Temp\~os33FC.tmp\ossproxy.exe:ossproxy.exe
"{DB1E7BF1-09B0-44A7-9992-B990F29D6B57}"= UDP:c:\windows\Temp\~os45D7.tmp\ossproxy.exe:ossproxy.exe
"{076AC9BA-9FBA-4836-A9A4-04A3869E8619}"= UDP:c:\windows\Temp\~osCF60.tmp\ossproxy.exe:ossproxy.exe
"{F981BA21-8E65-481C-81F2-4AAFAB1D1A00}"= UDP:c:\windows\Temp\~os5938.tmp\ossproxy.exe:ossproxy.exe
"{5B30EB09-8874-4FAF-8775-DDECCB86C3B2}"= UDP:c:\windows\Temp\~osE466.tmp\ossproxy.exe:ossproxy.exe
"{33981B4B-F0F3-4CB1-97D5-789DF3960079}"= UDP:c:\windows\Temp\~os7050.tmp\ossproxy.exe:ossproxy.exe
"{6B074D2F-AD43-414E-A563-577631475F03}"= UDP:c:\windows\Temp\~osFA47.tmp\ossproxy.exe:ossproxy.exe
"{3DC8D359-2C2F-419F-8FAC-6A21D2D54C87}"= UDP:c:\windows\Temp\~os8344.tmp\ossproxy.exe:ossproxy.exe
"{F158436A-E3C7-4897-8A12-280432BF0044}"= UDP:c:\windows\Temp\~os964.tmp\ossproxy.exe:ossproxy.exe
"{B4404DD4-E81C-4FCF-A07E-00E82ADAB4D5}"= UDP:c:\windows\Temp\~os9666.tmp\ossproxy.exe:ossproxy.exe
"{EDA42005-798E-4F86-9533-17A9DF4CE980}"= UDP:c:\windows\Temp\~os259B.tmp\ossproxy.exe:ossproxy.exe
"{B21BFDC9-F732-4BCF-A494-3799B306E15C}"= UDP:c:\windows\Temp\~osE5ED.tmp\ossproxy.exe:ossproxy.exe
"{B860FB7A-3B98-4E8F-A9B6-CF6AEBEAC892}"= UDP:c:\windows\Temp\~os7234.tmp\ossproxy.exe:ossproxy.exe
"{ECAE0193-8C5C-47D3-824E-3E129E71ADC5}"= UDP:c:\windows\Temp\~os3840.tmp\ossproxy.exe:ossproxy.exe
"{D5905EEB-B08E-4506-94F2-81775A7BD4F8}"= UDP:c:\windows\Temp\~osC582.tmp\ossproxy.exe:ossproxy.exe
"{4E5F9487-060C-4D9D-9941-7B61EC7094D3}"= UDP:c:\windows\Temp\~os4E50.tmp\ossproxy.exe:ossproxy.exe
"{0D16F14D-1DC5-4C66-89BD-B3799CBE1BAD}"= UDP:c:\windows\Temp\~osD3B4.tmp\ossproxy.exe:ossproxy.exe
"{DC44D0F0-AB2C-44CE-8304-F985D2FEC41F}"= UDP:c:\windows\Temp\~os5CC1.tmp\ossproxy.exe:ossproxy.exe
"{EE1696E8-BEE4-40A8-9F6F-0F13DA863003}"= UDP:c:\windows\Temp\~osE689.tmp\ossproxy.exe:ossproxy.exe
"{9B1A2D57-D913-4E04-802E-3B486BD7ABFB}"= UDP:c:\windows\Temp\~os6E2F.tmp\ossproxy.exe:ossproxy.exe
"{AC904869-DBCB-4489-A8AC-76DB2992B08D}"= UDP:c:\windows\Temp\~osEC.tmp\ossproxy.exe:ossproxy.exe
"{D1F2D22B-5A08-46DF-8779-650B0ECEB39D}"= UDP:c:\windows\Temp\~os89BA.tmp\ossproxy.exe:ossproxy.exe
"{A71E96BB-D04F-4342-84A3-E8FD21584849}"= UDP:c:\windows\Temp\~osEE0.tmp\ossproxy.exe:ossproxy.exe
"{D0783B8B-89B2-4A63-BE71-B1AFEC40F58F}"= UDP:c:\windows\Temp\~osA037.tmp\ossproxy.exe:ossproxy.exe
"{B4F3A850-A756-4A59-954F-F0D30533971B}"= UDP:c:\windows\Temp\~os26E3.tmp\ossproxy.exe:ossproxy.exe
"{47CC9268-82E2-47BF-88B2-7124B5F852B8}"= UDP:c:\windows\Temp\~os4107.tmp\ossproxy.exe:ossproxy.exe
"{4E7D280B-800E-4CA6-921F-BA7732596B46}"= UDP:c:\windows\Temp\~osCA91.tmp\ossproxy.exe:ossproxy.exe
"{2802E7DB-040C-4986-927E-2ACBD7878310}"= UDP:c:\windows\Temp\~os56E8.tmp\ossproxy.exe:ossproxy.exe
"{26B59B79-1266-425C-8351-AFCD619B2158}"= UDP:c:\windows\Temp\~osE293.tmp\ossproxy.exe:ossproxy.exe
"{08287EA4-C688-498E-B911-7702EFDE0176}"= UDP:c:\windows\Temp\~os6EBB.tmp\ossproxy.exe:ossproxy.exe
"{1B1D9241-4A79-4395-9E81-87E71AAC9468}"= UDP:c:\windows\Temp\~osF7E7.tmp\ossproxy.exe:ossproxy.exe
"{C00BFAB8-94D7-4872-8687-2BBC0AEBD517}"= UDP:c:\windows\Temp\~os8104.tmp\ossproxy.exe:ossproxy.exe
"{59B78775-D7A7-458D-A219-EED2F08AAD73}"= UDP:c:\windows\Temp\~os15C3.tmp\ossproxy.exe:ossproxy.exe
"{193D0EA3-5BBB-4155-8410-292BDD6C94DC}"= UDP:c:\windows\Temp\~osA1EC.tmp\ossproxy.exe:ossproxy.exe
"{6026B35E-EE9E-42C0-B46B-73FE89AEBAD7}"= UDP:c:\windows\Temp\~os2CEC.tmp\ossproxy.exe:ossproxy.exe
"{A297FBF0-0627-477B-8797-9CF9EFE46D34}"= UDP:c:\windows\Temp\~osB981.tmp\ossproxy.exe:ossproxy.exe
"{EC26A3CB-239C-4F45-8AAE-72BEAA299EF3}"= UDP:c:\windows\Temp\~os5717.tmp\ossproxy.exe:ossproxy.exe
"{78F313B3-A455-4C61-8C78-1586A8195278}"= UDP:c:\windows\Temp\~os4B4.tmp\ossproxy.exe:ossproxy.exe
"{670A4702-934D-41F2-A8BE-E409497175B2}"= UDP:c:\windows\Temp\~os7FE.tmp\ossproxy.exe:ossproxy.exe
"{D86658E1-8C8D-4EDB-88DC-264D1F9434EF}"= UDP:c:\windows\Temp\~os9417.tmp\ossproxy.exe:ossproxy.exe
"{A1E1DA1B-B1DA-472A-8B71-BFE60F6CBBA5}"= UDP:c:\windows\Temp\~os1D90.tmp\ossproxy.exe:ossproxy.exe
"{A53955CF-3209-4EBB-BFAF-C73772FEFDDB}"= UDP:c:\windows\Temp\~osAAA3.tmp\ossproxy.exe:ossproxy.exe
"{4D47842E-F5C3-4310-BD13-DDE5D92FBE97}"= UDP:c:\windows\Temp\~os3D9E.tmp\ossproxy.exe:ossproxy.exe
"{F19107BB-8208-4DE7-9FC0-71A220276E7A}"= UDP:c:\windows\Temp\~osCFDE.tmp\ossproxy.exe:ossproxy.exe
"{E05BC5C0-391E-43C0-A4F2-EC34C8F79A28}"= UDP:c:\windows\Temp\~os589D.tmp\ossproxy.exe:ossproxy.exe
"{307C7464-B280-439C-855C-3C9F2E8B6DF0}"= UDP:c:\windows\Temp\~osE468.tmp\ossproxy.exe:ossproxy.exe
"{DA3E2223-116A-4428-B811-CB2B4FD30989}"= UDP:c:\windows\Temp\~os6FB6.tmp\ossproxy.exe:ossproxy.exe
"{D203DCF3-38AB-4581-BCAD-662FE37DB2FB}"= UDP:c:\windows\Temp\~osF6EE.tmp\ossproxy.exe:ossproxy.exe
"{30AF3383-B4C8-4510-80B4-214FC329DC7F}"= UDP:c:\windows\Temp\~os1B8.tmp\ossproxy.exe:ossproxy.exe
"{CD0899F9-B5A8-4217-A48D-4A24B07BFCAB}"= UDP:c:\windows\Temp\~osFDE1.tmp\ossproxy.exe:ossproxy.exe
"{8163E022-86F4-48FF-964C-DC2C02CC5BA4}"= UDP:c:\windows\Temp\~osFA0A.tmp\ossproxy.exe:ossproxy.exe
"{E9BE5AF9-01F5-442A-ADA5-9AA21E2F3426}"= UDP:c:\windows\Temp\~osEF8F.tmp\ossproxy.exe:ossproxy.exe
"{9E9F1EA9-DF0D-4DD1-B719-2BA1115F00B1}"= UDP:c:\windows\Temp\~osD674.tmp\ossproxy.exe:ossproxy.exe
"{8D145027-418C-459B-B015-A18D1EAC3AA9}"= UDP:c:\windows\Temp\~osBFD8.tmp\ossproxy.exe:ossproxy.exe
"{13DC02BD-6F69-48D5-97A7-93D6C61D13E3}"= UDP:c:\windows\Temp\~osB09C.tmp\ossproxy.exe:ossproxy.exe
"{0B10ED1F-E1A0-43B8-A7DF-21A584A32F8A}"= UDP:c:\windows\Temp\~os9D99.tmp\ossproxy.exe:ossproxy.exe
"{89B5F68E-3D89-49E0-81ED-233578CBC10D}"= UDP:c:\windows\Temp\~os61E1.tmp\ossproxy.exe:ossproxy.exe
"{E2DC5EA4-360F-4F8A-A07C-C1521C6BB51B}"= UDP:c:\windows\Temp\~osEC16.tmp\ossproxy.exe:ossproxy.exe
"{9BB46AA8-9D9E-4C93-A0B4-E5005502E431}"= UDP:c:\windows\Temp\~osD78D.tmp\ossproxy.exe:ossproxy.exe
"{87B34B45-BDF7-4315-BB4A-08BDE965D801}"= UDP:c:\windows\Temp\~os3AB.tmp\ossproxy.exe:ossproxy.exe
"{D61E4001-A197-41A8-8B4A-C8EDBDC8A3E6}"= UDP:c:\windows\Temp\~osDDD4.tmp\ossproxy.exe:ossproxy.exe
"{A3909EF3-972D-408C-8980-723A793ABDEF}"= UDP:c:\windows\Temp\~osC277.tmp\ossproxy.exe:ossproxy.exe
"{E79FF07E-8FFF-45B1-B149-5A66F33F007B}"= UDP:c:\windows\Temp\~osA805.tmp\ossproxy.exe:ossproxy.exe
"{0C5687B8-22C6-4B09-95AD-16D0D3A15CCE}"= UDP:c:\windows\Temp\~os92B1.tmp\ossproxy.exe:ossproxy.exe
"{54A5DAEE-5AE9-4A2D-BC12-0E2A2FA8A418}"= UDP:c:\windows\Temp\~os719A.tmp\ossproxy.exe:ossproxy.exe
"{C4C94B1B-85ED-42A2-A832-A2FD9120AA02}"= UDP:c:\windows\Temp\~os6673.tmp\ossproxy.exe:ossproxy.exe
"{91072AA5-9CE3-4266-96FD-728C156970CA}"= UDP:c:\windows\Temp\~os58CD.tmp\ossproxy.exe:ossproxy.exe
"{DCA3555B-711A-4C24-9959-380FB7467BCE}"= UDP:c:\windows\Temp\~os3565.tmp\ossproxy.exe:ossproxy.exe
"{7328CCFE-FFFC-492B-B3A1-1106FC2A2A94}"= UDP:c:\windows\Temp\~os371A.tmp\ossproxy.exe:ossproxy.exe
"{84704CC8-0D3D-4856-9EF9-7B981F9C3197}"= UDP:c:\windows\Temp\~os1613.tmp\ossproxy.exe:ossproxy.exe
"{DF32BE7B-A245-4CB1-95BB-08275280A9C3}"= UDP:c:\windows\Temp\~os3DA.tmp\ossproxy.exe:ossproxy.exe
"{F7A28B4F-A50C-441D-9D8C-B20BCF96056C}"= UDP:c:\windows\Temp\~osDF1C.tmp\ossproxy.exe:ossproxy.exe
"{048B8271-D311-4A0D-9351-F6C8FEFB006A}"= UDP:c:\windows\Temp\~osABBD.tmp\ossproxy.exe:ossproxy.exe
"{F0FD0085-2EE1-418F-AF3E-5464456DB41C}"= UDP:c:\windows\Temp\~osB168.tmp\ossproxy.exe:ossproxy.exe
"{E884332A-7ACB-4228-812E-8AADB7A25359}"= UDP:c:\windows\Temp\~os91A8.tmp\ossproxy.exe:ossproxy.exe
"{1D71E728-6866-49F4-8982-0335808F82CC}"= UDP:c:\windows\Temp\~os8EAC.tmp\ossproxy.exe:ossproxy.exe
"{4CA27AD1-192D-4D54-806F-41A62372544A}"= UDP:c:\windows\Temp\~os8A29.tmp\ossproxy.exe:ossproxy.exe
"{101EDBAE-8F34-4D5E-9663-E06E9D7669B7}"= UDP:c:\windows\Temp\~os9DF4.tmp\ossproxy.exe:ossproxy.exe
"{E943C365-0A4D-44E0-B973-98F06605EA17}"= UDP:c:\windows\Temp\~os2FC7.tmp\ossproxy.exe:ossproxy.exe
"{3FD679E8-BE8B-4B59-9516-38AB3DF8D60B}"= UDP:c:\windows\Temp\~osB895.tmp\ossproxy.exe:ossproxy.exe
"{401C7E8F-EE40-4B5A-B339-E57EEF0DBB22}"= UDP:c:\windows\Temp\~os4C7B.tmp\ossproxy.exe:ossproxy.exe
"{6DCA2AE4-0E6A-403B-8B2C-99A0645EFD08}"= UDP:c:\windows\Temp\~osF22B.tmp\ossproxy.exe:ossproxy.exe
"{323C77B8-0852-4402-9BEC-BA177A0B0B6E}"= UDP:c:\windows\Temp\~osD3E2.tmp\ossproxy.exe:ossproxy.exe
"{8CA04FD1-9974-4779-AA92-1598C504C0EE}"= UDP:c:\windows\Temp\~osA361.tmp\ossproxy.exe:ossproxy.exe
"{035443C1-007C-47D3-B800-6B780554CFD8}"= UDP:c:\windows\Temp\~os844D.tmp\ossproxy.exe:ossproxy.exe
"{68395E13-AC1E-46E9-A32B-2A16E7971C54}"= UDP:c:\windows\Temp\~os1AB2.tmp\ossproxy.exe:ossproxy.exe
"{60D95EB2-B65F-4894-BD1B-A591A3D28B72}"= UDP:c:\windows\Temp\~osB819.tmp\ossproxy.exe:ossproxy.exe
"{0726F895-EFD8-448E-A34F-B1A1A22E86D5}"= UDP:c:\windows\Temp\~os5F9D.tmp\ossproxy.exe:ossproxy.exe
"{420C3332-E545-4233-A02D-6E1516542636}"= UDP:c:\windows\Temp\~osEB0B.tmp\ossproxy.exe:ossproxy.exe
"{BC811F14-0EEC-430B-9CBA-8BD386AB8A22}"= UDP:c:\windows\Temp\~os5207.tmp\ossproxy.exe:ossproxy.exe
"{35246859-6B95-49BF-B63E-78463D1C92F9}"= UDP:c:\windows\Temp\~os73C9.tmp\ossproxy.exe:ossproxy.exe
"{3494B1E7-DB41-4FC0-9331-2B1E7D4DD296}"= UDP:c:\windows\Temp\~osA3E.tmp\ossproxy.exe:ossproxy.exe
"{F20A8329-BCDD-47F0-9AFF-67D23E1833E4}"= UDP:c:\windows\Temp\~os95CA.tmp\ossproxy.exe:ossproxy.exe
"{8E517BA1-07DA-4CF6-9875-B7C7F6E0AD17}"= UDP:c:\windows\Temp\~osBEBE.tmp\ossproxy.exe:ossproxy.exe
"{A9F8055C-0E96-4EA3-9270-31C0DB9BBF72}"= UDP:c:\windows\Temp\~osC37E.tmp\ossproxy.exe:ossproxy.exe
"{C48E0B15-3EE8-4147-8F04-E9AD5D8FE1D6}"= UDP:c:\windows\Temp\~osCC93.tmp\ossproxy.exe:ossproxy.exe
"{B9A16DB4-64D0-433D-94CF-BB62E24470A7}"= UDP:c:\windows\Temp\~osD52A.tmp\ossproxy.exe:ossproxy.exe
"{B75EAF5D-4FF8-4F06-AF29-A57EEAEF78AC}"= UDP:c:\windows\Temp\~os15B3.tmp\ossproxy.exe:ossproxy.exe
"{65D0C498-26E5-47CD-90DB-42EC1AC3F82A}"= UDP:c:\windows\Temp\~os7926.tmp\ossproxy.exe:ossproxy.exe
"{E65109DA-DBA3-47BF-9673-A9C7033AE0EA}"= UDP:c:\windows\Temp\~os9D0B.tmp\ossproxy.exe:ossproxy.exe
"{3B698975-A2AA-45EC-AC09-124B4A2F31E7}"= UDP:c:\windows\Temp\~osCE29.tmp\ossproxy.exe:ossproxy.exe
"{922598CB-E8AA-4DF4-B6E1-712ADFC4F208}"= UDP:c:\windows\Temp\~osBE60.tmp\ossproxy.exe:ossproxy.exe
"{23EC15AA-59EA-4D51-ADCE-3305F3500256}"= UDP:c:\windows\Temp\~osCAFE.tmp\ossproxy.exe:ossproxy.exe
"{0B0904A5-13DB-4D28-B193-88985FAC4669}"= UDP:c:\windows\Temp\~osDFA6.tmp\ossproxy.exe:ossproxy.exe
"{9D3EFE6F-37C1-4F7D-808B-D804659A8C48}"= UDP:c:\windows\Temp\~os4A3.tmp\ossproxy.exe:ossproxy.exe
"{CA5E823E-3F61-480B-9A98-5437836FB301}"= UDP:c:\windows\Temp\~os1C87.tmp\ossproxy.exe:ossproxy.exe
"{77B97120-3D75-40D8-903A-97B594792B47}"= UDP:c:\windows\Temp\~os9CDC.tmp\ossproxy.exe:ossproxy.exe
"{55A3E40F-F8D6-4556-9E79-A327BAF3691F}"= UDP:c:\windows\Temp\~osE6D7.tmp\ossproxy.exe:ossproxy.exe
"{41EDC04A-4721-40DD-9B3E-6F09F8319595}"= UDP:c:\windows\Temp\~osEF9E.tmp\ossproxy.exe:ossproxy.exe
"{64550A54-18A1-4485-A771-BF7B549D62DB}"= UDP:c:\windows\Temp\~os34F6.tmp\ossproxy.exe:ossproxy.exe
"{69B87AB9-D2CC-4FD5-8F3A-759ACDABFF66}"= UDP:c:\windows\Temp\~os8D24.tmp\ossproxy.exe:ossproxy.exe
"{508D2C00-E3A0-418F-ACA0-6B05EA7F755F}"= UDP:c:\windows\Temp\~os1D33.tmp\ossproxy.exe:ossproxy.exe
"{0081B9D1-9A96-48D9-A3BD-80CA1C1DEE84}"= UDP:c:\windows\Temp\~osA17E.tmp\ossproxy.exe:ossproxy.exe
"{51F36185-E075-4ECC-A6B6-03DCCEA2D9C4}"= UDP:c:\windows\Temp\~osE043.tmp\ossproxy.exe:ossproxy.exe
"{27FCC72F-F035-44F3-BAD8-AB6D66F8D6C0}"= UDP:c:\windows\Temp\~os7994.tmp\ossproxy.exe:ossproxy.exe
"{D25B0BB1-0287-4B7F-87E0-C7FAD3867F6A}"= UDP:c:\windows\Temp\~os95AC.tmp\ossproxy.exe:ossproxy.exe
"{842F18FC-4323-4123-B9EF-43382301E551}"= UDP:c:\windows\Temp\~osABC.tmp\ossproxy.exe:ossproxy.exe
"{73D01DEB-DB12-43EE-9D8B-C689813833E0}"= UDP:c:\windows\Temp\~osEF6F.tmp\ossproxy.exe:ossproxy.exe
"{9E2BB4C6-8BE3-48AE-BF6B-9164241AE3FE}"= UDP:c:\windows\Temp\~os17A7.tmp\ossproxy.exe:ossproxy.exe
"{EB8E6CAF-F680-4B1E-B402-134C37ACA5DD}"= UDP:c:\windows\Temp\~osAFC1.tmp\ossproxy.exe:ossproxy.exe
"{42BAC2FF-DC23-4AB1-9E05-2484CF9BA2A2}"= UDP:c:\windows\Temp\~os3F15.tmp\ossproxy.exe:ossproxy.exe
"{F2AC3B3C-753A-42E9-9F68-25D12B06C10B}"= UDP:c:\windows\Temp\~os35B2.tmp\ossproxy.exe:ossproxy.exe
"{D890841C-25C5-45A0-A958-DFF900A9895A}"= UDP:c:\windows\Temp\~os31BC.tmp\ossproxy.exe:ossproxy.exe
"{9047D8FF-C094-48A8-BCE5-FD327B2BA432}"= UDP:c:\windows\Temp\~osB1F3.tmp\ossproxy.exe:ossproxy.exe
"{5EEB8541-7DFD-4EC6-A248-E908B696A836}"= UDP:c:\windows\Temp\~osB675.tmp\ossproxy.exe:ossproxy.exe
"{45704D37-12DB-4E2C-94FE-4EB9847FFCF4}"= UDP:c:\windows\Temp\~osD6C1.tmp\ossproxy.exe:ossproxy.exe
"{09FE1F4B-9017-41F3-BAB5-56E48605B759}"= UDP:c:\windows\Temp\~os6E30.tmp\ossproxy.exe:ossproxy.exe
"{4C43326B-C440-4DCE-B452-C30D043E7BE3}"= UDP:c:\windows\Temp\~os8087.tmp\ossproxy.exe:ossproxy.exe
"{9CA549F0-794A-4081-9403-43BBD4A5514A}"= UDP:c:\windows\Temp\~os2BE3.tmp\ossproxy.exe:ossproxy.exe
"{0747129E-2E5A-4AAC-A4B6-240B52FA7893}"= UDP:c:\windows\Temp\~os9F5D.tmp\ossproxy.exe:ossproxy.exe
"{8C57FC4D-3C24-4CD7-914F-FD86107576E7}"= UDP:c:\windows\Temp\~os7DBA.tmp\ossproxy.exe:ossproxy.exe
"{656B5A26-23D4-4F6D-ACA7-623EB8AECF7E}"= UDP:c:\windows\Temp\~os6319.tmp\ossproxy.exe:ossproxy.exe
"{02D1F3EE-A0DB-4059-9D5D-D023A865D60F}"= UDP:c:\windows\Temp\~os740A.tmp\ossproxy.exe:ossproxy.exe
"{E6A5B73A-805F-4805-A731-4F076EB04726}"= UDP:c:\windows\Temp\~osD9A.tmp\ossproxy.exe:ossproxy.exe
"{DA7BDA63-D04B-4DE5-8330-5BE73B7231D7}"= UDP:c:\windows\Temp\~osF366.tmp\ossproxy.exe:ossproxy.exe
"{992372C2-EDD4-4B98-B832-F242885C6CC3}"= UDP:c:\windows\Temp\~osB51F.tmp\ossproxy.exe:ossproxy.exe
"{F36909ED-8C37-4F36-8C52-5EDD2EFA5B7A}"= UDP:c:\windows\Temp\~os37A6.tmp\ossproxy.exe:ossproxy.exe
"{7426A13E-FDFC-45CB-8292-68D2D23484E6}"= UDP:c:\windows\Temp\~osA759.tmp\ossproxy.exe:ossproxy.exe
"{4C6ACC03-1148-4882-A116-14AAE84BB1BF}"= UDP:c:\windows\Temp\~os8365.tmp\ossproxy.exe:ossproxy.exe
"{47B77C18-5B4F-4F61-974C-3E7B9BD0BC57}"= UDP:c:\windows\Temp\~os2713.tmp\ossproxy.exe:ossproxy.exe
"{5277EC45-A026-469B-9E03-83C2903CAB0E}"= UDP:c:\windows\Temp\~osB129.tmp\ossproxy.exe:ossproxy.exe
"{FC675E0D-8434-4767-814E-B13C6E883434}"= UDP:c:\windows\Temp\~os453D.tmp\ossproxy.exe:ossproxy.exe

aybsee
Intermediate
Intermediate

Posts Posts : 102
Joined Joined : 2008-12-19
OS OS : wnidows vista home premium
Points Points : 29512
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Trojan

Post by aybsee on 9th July 2009, 4:18 am

Do you require the entire log as it's likely to be 12 parts,thanks

aybsee
Intermediate
Intermediate

Posts Posts : 102
Joined Joined : 2008-12-19
OS OS : wnidows vista home premium
Points Points : 29512
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Trojan

Post by Origin on 9th July 2009, 4:26 am

Yes please I need the whole thing.


While my help is always free, please consider donating to keep this site alive: [You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

Origin
Master
Master

Posts Posts : 2685
Joined Joined : 2009-05-05
Gender Gender : Male
OS OS : Windows Xp Sp3
Points Points : 31533
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Trojan

Post by aybsee on 9th July 2009, 4:33 am

Please disregard part 4,Here it is now

"{372F8805-66E8-43C4-AE2C-DBB7A0D7F99B}"= UDP:c:\windows\Temp\~os697D.tmp\ossproxy.exe:ossproxy.exe
"{82B908E6-4361-4F16-9E3C-4CA818AF47F7}"= UDP:c:\windows\Temp\~osFF8.tmp\ossproxy.exe:ossproxy.exe
"{9C40F25C-D4DD-4B2B-960C-05F27E7E9CEB}"= UDP:c:\windows\Temp\~os9C01.tmp\ossproxy.exe:ossproxy.exe
"{2EC753DD-6AF5-475B-9613-10E869397AF0}"= UDP:c:\windows\Temp\~os27DC.tmp\ossproxy.exe:ossproxy.exe
"{9663B95E-6B57-4E65-8F18-1DEBF47858A6}"= UDP:c:\windows\Temp\~osAD7F.tmp\ossproxy.exe:ossproxy.exe
"{87E6A006-E940-4648-B4F9-9B9531D8245F}"= UDP:c:\windows\Temp\~os33FC.tmp\ossproxy.exe:ossproxy.exe
"{DB1E7BF1-09B0-44A7-9992-B990F29D6B57}"= UDP:c:\windows\Temp\~os45D7.tmp\ossproxy.exe:ossproxy.exe
"{076AC9BA-9FBA-4836-A9A4-04A3869E8619}"= UDP:c:\windows\Temp\~osCF60.tmp\ossproxy.exe:ossproxy.exe
"{F981BA21-8E65-481C-81F2-4AAFAB1D1A00}"= UDP:c:\windows\Temp\~os5938.tmp\ossproxy.exe:ossproxy.exe
"{5B30EB09-8874-4FAF-8775-DDECCB86C3B2}"= UDP:c:\windows\Temp\~osE466.tmp\ossproxy.exe:ossproxy.exe
"{33981B4B-F0F3-4CB1-97D5-789DF3960079}"= UDP:c:\windows\Temp\~os7050.tmp\ossproxy.exe:ossproxy.exe
"{6B074D2F-AD43-414E-A563-577631475F03}"= UDP:c:\windows\Temp\~osFA47.tmp\ossproxy.exe:ossproxy.exe
"{3DC8D359-2C2F-419F-8FAC-6A21D2D54C87}"= UDP:c:\windows\Temp\~os8344.tmp\ossproxy.exe:ossproxy.exe
"{F158436A-E3C7-4897-8A12-280432BF0044}"= UDP:c:\windows\Temp\~os964.tmp\ossproxy.exe:ossproxy.exe
"{B4404DD4-E81C-4FCF-A07E-00E82ADAB4D5}"= UDP:c:\windows\Temp\~os9666.tmp\ossproxy.exe:ossproxy.exe
"{EDA42005-798E-4F86-9533-17A9DF4CE980}"= UDP:c:\windows\Temp\~os259B.tmp\ossproxy.exe:ossproxy.exe
"{B21BFDC9-F732-4BCF-A494-3799B306E15C}"= UDP:c:\windows\Temp\~osE5ED.tmp\ossproxy.exe:ossproxy.exe
"{B860FB7A-3B98-4E8F-A9B6-CF6AEBEAC892}"= UDP:c:\windows\Temp\~os7234.tmp\ossproxy.exe:ossproxy.exe
"{ECAE0193-8C5C-47D3-824E-3E129E71ADC5}"= UDP:c:\windows\Temp\~os3840.tmp\ossproxy.exe:ossproxy.exe
"{D5905EEB-B08E-4506-94F2-81775A7BD4F8}"= UDP:c:\windows\Temp\~osC582.tmp\ossproxy.exe:ossproxy.exe
"{4E5F9487-060C-4D9D-9941-7B61EC7094D3}"= UDP:c:\windows\Temp\~os4E50.tmp\ossproxy.exe:ossproxy.exe
"{0D16F14D-1DC5-4C66-89BD-B3799CBE1BAD}"= UDP:c:\windows\Temp\~osD3B4.tmp\ossproxy.exe:ossproxy.exe
"{DC44D0F0-AB2C-44CE-8304-F985D2FEC41F}"= UDP:c:\windows\Temp\~os5CC1.tmp\ossproxy.exe:ossproxy.exe
"{EE1696E8-BEE4-40A8-9F6F-0F13DA863003}"= UDP:c:\windows\Temp\~osE689.tmp\ossproxy.exe:ossproxy.exe
"{9B1A2D57-D913-4E04-802E-3B486BD7ABFB}"= UDP:c:\windows\Temp\~os6E2F.tmp\ossproxy.exe:ossproxy.exe
"{AC904869-DBCB-4489-A8AC-76DB2992B08D}"= UDP:c:\windows\Temp\~osEC.tmp\ossproxy.exe:ossproxy.exe
"{D1F2D22B-5A08-46DF-8779-650B0ECEB39D}"= UDP:c:\windows\Temp\~os89BA.tmp\ossproxy.exe:ossproxy.exe
"{A71E96BB-D04F-4342-84A3-E8FD21584849}"= UDP:c:\windows\Temp\~osEE0.tmp\ossproxy.exe:ossproxy.exe
"{D0783B8B-89B2-4A63-BE71-B1AFEC40F58F}"= UDP:c:\windows\Temp\~osA037.tmp\ossproxy.exe:ossproxy.exe
"{B4F3A850-A756-4A59-954F-F0D30533971B}"= UDP:c:\windows\Temp\~os26E3.tmp\ossproxy.exe:ossproxy.exe
"{47CC9268-82E2-47BF-88B2-7124B5F852B8}"= UDP:c:\windows\Temp\~os4107.tmp\ossproxy.exe:ossproxy.exe
"{4E7D280B-800E-4CA6-921F-BA7732596B46}"= UDP:c:\windows\Temp\~osCA91.tmp\ossproxy.exe:ossproxy.exe
"{2802E7DB-040C-4986-927E-2ACBD7878310}"= UDP:c:\windows\Temp\~os56E8.tmp\ossproxy.exe:ossproxy.exe
"{26B59B79-1266-425C-8351-AFCD619B2158}"= UDP:c:\windows\Temp\~osE293.tmp\ossproxy.exe:ossproxy.exe
"{08287EA4-C688-498E-B911-7702EFDE0176}"= UDP:c:\windows\Temp\~os6EBB.tmp\ossproxy.exe:ossproxy.exe
"{1B1D9241-4A79-4395-9E81-87E71AAC9468}"= UDP:c:\windows\Temp\~osF7E7.tmp\ossproxy.exe:ossproxy.exe
"{C00BFAB8-94D7-4872-8687-2BBC0AEBD517}"= UDP:c:\windows\Temp\~os8104.tmp\ossproxy.exe:ossproxy.exe
"{59B78775-D7A7-458D-A219-EED2F08AAD73}"= UDP:c:\windows\Temp\~os15C3.tmp\ossproxy.exe:ossproxy.exe
"{193D0EA3-5BBB-4155-8410-292BDD6C94DC}"= UDP:c:\windows\Temp\~osA1EC.tmp\ossproxy.exe:ossproxy.exe
"{6026B35E-EE9E-42C0-B46B-73FE89AEBAD7}"= UDP:c:\windows\Temp\~os2CEC.tmp\ossproxy.exe:ossproxy.exe
"{A297FBF0-0627-477B-8797-9CF9EFE46D34}"= UDP:c:\windows\Temp\~osB981.tmp\ossproxy.exe:ossproxy.exe
"{EC26A3CB-239C-4F45-8AAE-72BEAA299EF3}"= UDP:c:\windows\Temp\~os5717.tmp\ossproxy.exe:ossproxy.exe
"{78F313B3-A455-4C61-8C78-1586A8195278}"= UDP:c:\windows\Temp\~os4B4.tmp\ossproxy.exe:ossproxy.exe
"{670A4702-934D-41F2-A8BE-E409497175B2}"= UDP:c:\windows\Temp\~os7FE.tmp\ossproxy.exe:ossproxy.exe
"{D86658E1-8C8D-4EDB-88DC-264D1F9434EF}"= UDP:c:\windows\Temp\~os9417.tmp\ossproxy.exe:ossproxy.exe
"{A1E1DA1B-B1DA-472A-8B71-BFE60F6CBBA5}"= UDP:c:\windows\Temp\~os1D90.tmp\ossproxy.exe:ossproxy.exe
"{A53955CF-3209-4EBB-BFAF-C73772FEFDDB}"= UDP:c:\windows\Temp\~osAAA3.tmp\ossproxy.exe:ossproxy.exe
"{4D47842E-F5C3-4310-BD13-DDE5D92FBE97}"= UDP:c:\windows\Temp\~os3D9E.tmp\ossproxy.exe:ossproxy.exe
"{F19107BB-8208-4DE7-9FC0-71A220276E7A}"= UDP:c:\windows\Temp\~osCFDE.tmp\ossproxy.exe:ossproxy.exe
"{E05BC5C0-391E-43C0-A4F2-EC34C8F79A28}"= UDP:c:\windows\Temp\~os589D.tmp\ossproxy.exe:ossproxy.exe
"{307C7464-B280-439C-855C-3C9F2E8B6DF0}"= UDP:c:\windows\Temp\~osE468.tmp\ossproxy.exe:ossproxy.exe
"{DA3E2223-116A-4428-B811-CB2B4FD30989}"= UDP:c:\windows\Temp\~os6FB6.tmp\ossproxy.exe:ossproxy.exe
"{D203DCF3-38AB-4581-BCAD-662FE37DB2FB}"= UDP:c:\windows\Temp\~osF6EE.tmp\ossproxy.exe:ossproxy.exe
"{30AF3383-B4C8-4510-80B4-214FC329DC7F}"= UDP:c:\windows\Temp\~os1B8.tmp\ossproxy.exe:ossproxy.exe
"{CD0899F9-B5A8-4217-A48D-4A24B07BFCAB}"= UDP:c:\windows\Temp\~osFDE1.tmp\ossproxy.exe:ossproxy.exe
"{8163E022-86F4-48FF-964C-DC2C02CC5BA4}"= UDP:c:\windows\Temp\~osFA0A.tmp\ossproxy.exe:ossproxy.exe
"{E9BE5AF9-01F5-442A-ADA5-9AA21E2F3426}"= UDP:c:\windows\Temp\~osEF8F.tmp\ossproxy.exe:ossproxy.exe
"{9E9F1EA9-DF0D-4DD1-B719-2BA1115F00B1}"= UDP:c:\windows\Temp\~osD674.tmp\ossproxy.exe:ossproxy.exe
"{8D145027-418C-459B-B015-A18D1EAC3AA9}"= UDP:c:\windows\Temp\~osBFD8.tmp\ossproxy.exe:ossproxy.exe
"{13DC02BD-6F69-48D5-97A7-93D6C61D13E3}"= UDP:c:\windows\Temp\~osB09C.tmp\ossproxy.exe:ossproxy.exe
"{0B10ED1F-E1A0-43B8-A7DF-21A584A32F8A}"= UDP:c:\windows\Temp\~os9D99.tmp\ossproxy.exe:ossproxy.exe
"{89B5F68E-3D89-49E0-81ED-233578CBC10D}"= UDP:c:\windows\Temp\~os61E1.tmp\ossproxy.exe:ossproxy.exe
"{E2DC5EA4-360F-4F8A-A07C-C1521C6BB51B}"= UDP:c:\windows\Temp\~osEC16.tmp\ossproxy.exe:ossproxy.exe
"{9BB46AA8-9D9E-4C93-A0B4-E5005502E431}"= UDP:c:\windows\Temp\~osD78D.tmp\ossproxy.exe:ossproxy.exe
"{87B34B45-BDF7-4315-BB4A-08BDE965D801}"= UDP:c:\windows\Temp\~os3AB.tmp\ossproxy.exe:ossproxy.exe
"{D61E4001-A197-41A8-8B4A-C8EDBDC8A3E6}"= UDP:c:\windows\Temp\~osDDD4.tmp\ossproxy.exe:ossproxy.exe
"{A3909EF3-972D-408C-8980-723A793ABDEF}"= UDP:c:\windows\Temp\~osC277.tmp\ossproxy.exe:ossproxy.exe
"{E79FF07E-8FFF-45B1-B149-5A66F33F007B}"= UDP:c:\windows\Temp\~osA805.tmp\ossproxy.exe:ossproxy.exe
"{0C5687B8-22C6-4B09-95AD-16D0D3A15CCE}"= UDP:c:\windows\Temp\~os92B1.tmp\ossproxy.exe:ossproxy.exe
"{54A5DAEE-5AE9-4A2D-BC12-0E2A2FA8A418}"= UDP:c:\windows\Temp\~os719A.tmp\ossproxy.exe:ossproxy.exe
"{C4C94B1B-85ED-42A2-A832-A2FD9120AA02}"= UDP:c:\windows\Temp\~os6673.tmp\ossproxy.exe:ossproxy.exe
"{91072AA5-9CE3-4266-96FD-728C156970CA}"= UDP:c:\windows\Temp\~os58CD.tmp\ossproxy.exe:ossproxy.exe
"{DCA3555B-711A-4C24-9959-380FB7467BCE}"= UDP:c:\windows\Temp\~os3565.tmp\ossproxy.exe:ossproxy.exe
"{7328CCFE-FFFC-492B-B3A1-1106FC2A2A94}"= UDP:c:\windows\Temp\~os371A.tmp\ossproxy.exe:ossproxy.exe
"{84704CC8-0D3D-4856-9EF9-7B981F9C3197}"= UDP:c:\windows\Temp\~os1613.tmp\ossproxy.exe:ossproxy.exe
"{DF32BE7B-A245-4CB1-95BB-08275280A9C3}"= UDP:c:\windows\Temp\~os3DA.tmp\ossproxy.exe:ossproxy.exe
"{F7A28B4F-A50C-441D-9D8C-B20BCF96056C}"= UDP:c:\windows\Temp\~osDF1C.tmp\ossproxy.exe:ossproxy.exe
"{048B8271-D311-4A0D-9351-F6C8FEFB006A}"= UDP:c:\windows\Temp\~osABBD.tmp\ossproxy.exe:ossproxy.exe
"{F0FD0085-2EE1-418F-AF3E-5464456DB41C}"= UDP:c:\windows\Temp\~osB168.tmp\ossproxy.exe:ossproxy.exe
"{E884332A-7ACB-4228-812E-8AADB7A25359}"= UDP:c:\windows\Temp\~os91A8.tmp\ossproxy.exe:ossproxy.exe
"{1D71E728-6866-49F4-8982-0335808F82CC}"= UDP:c:\windows\Temp\~os8EAC.tmp\ossproxy.exe:ossproxy.exe
"{4CA27AD1-192D-4D54-806F-41A62372544A}"= UDP:c:\windows\Temp\~os8A29.tmp\ossproxy.exe:ossproxy.exe
"{101EDBAE-8F34-4D5E-9663-E06E9D7669B7}"= UDP:c:\windows\Temp\~os9DF4.tmp\ossproxy.exe:ossproxy.exe
"{E943C365-0A4D-44E0-B973-98F06605EA17}"= UDP:c:\windows\Temp\~os2FC7.tmp\ossproxy.exe:ossproxy.exe
"{3FD679E8-BE8B-4B59-9516-38AB3DF8D60B}"= UDP:c:\windows\Temp\~osB895.tmp\ossproxy.exe:ossproxy.exe
"{401C7E8F-EE40-4B5A-B339-E57EEF0DBB22}"= UDP:c:\windows\Temp\~os4C7B.tmp\ossproxy.exe:ossproxy.exe
"{6DCA2AE4-0E6A-403B-8B2C-99A0645EFD08}"= UDP:c:\windows\Temp\~osF22B.tmp\ossproxy.exe:ossproxy.exe
"{323C77B8-0852-4402-9BEC-BA177A0B0B6E}"= UDP:c:\windows\Temp\~osD3E2.tmp\ossproxy.exe:ossproxy.exe
"{8CA04FD1-9974-4779-AA92-1598C504C0EE}"= UDP:c:\windows\Temp\~osA361.tmp\ossproxy.exe:ossproxy.exe
"{035443C1-007C-47D3-B800-6B780554CFD8}"= UDP:c:\windows\Temp\~os844D.tmp\ossproxy.exe:ossproxy.exe
"{68395E13-AC1E-46E9-A32B-2A16E7971C54}"= UDP:c:\windows\Temp\~os1AB2.tmp\ossproxy.exe:ossproxy.exe

aybsee
Intermediate
Intermediate

Posts Posts : 102
Joined Joined : 2008-12-19
OS OS : wnidows vista home premium
Points Points : 29512
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Trojan

Post by aybsee on 9th July 2009, 4:34 am

Part 5

"{60D95EB2-B65F-4894-BD1B-A591A3D28B72}"= UDP:c:\windows\Temp\~osB819.tmp\ossproxy.exe:ossproxy.exe
"{0726F895-EFD8-448E-A34F-B1A1A22E86D5}"= UDP:c:\windows\Temp\~os5F9D.tmp\ossproxy.exe:ossproxy.exe
"{420C3332-E545-4233-A02D-6E1516542636}"= UDP:c:\windows\Temp\~osEB0B.tmp\ossproxy.exe:ossproxy.exe
"{BC811F14-0EEC-430B-9CBA-8BD386AB8A22}"= UDP:c:\windows\Temp\~os5207.tmp\ossproxy.exe:ossproxy.exe
"{35246859-6B95-49BF-B63E-78463D1C92F9}"= UDP:c:\windows\Temp\~os73C9.tmp\ossproxy.exe:ossproxy.exe
"{3494B1E7-DB41-4FC0-9331-2B1E7D4DD296}"= UDP:c:\windows\Temp\~osA3E.tmp\ossproxy.exe:ossproxy.exe
"{F20A8329-BCDD-47F0-9AFF-67D23E1833E4}"= UDP:c:\windows\Temp\~os95CA.tmp\ossproxy.exe:ossproxy.exe
"{8E517BA1-07DA-4CF6-9875-B7C7F6E0AD17}"= UDP:c:\windows\Temp\~osBEBE.tmp\ossproxy.exe:ossproxy.exe
"{A9F8055C-0E96-4EA3-9270-31C0DB9BBF72}"= UDP:c:\windows\Temp\~osC37E.tmp\ossproxy.exe:ossproxy.exe
"{C48E0B15-3EE8-4147-8F04-E9AD5D8FE1D6}"= UDP:c:\windows\Temp\~osCC93.tmp\ossproxy.exe:ossproxy.exe
"{B9A16DB4-64D0-433D-94CF-BB62E24470A7}"= UDP:c:\windows\Temp\~osD52A.tmp\ossproxy.exe:ossproxy.exe
"{B75EAF5D-4FF8-4F06-AF29-A57EEAEF78AC}"= UDP:c:\windows\Temp\~os15B3.tmp\ossproxy.exe:ossproxy.exe
"{65D0C498-26E5-47CD-90DB-42EC1AC3F82A}"= UDP:c:\windows\Temp\~os7926.tmp\ossproxy.exe:ossproxy.exe
"{E65109DA-DBA3-47BF-9673-A9C7033AE0EA}"= UDP:c:\windows\Temp\~os9D0B.tmp\ossproxy.exe:ossproxy.exe
"{3B698975-A2AA-45EC-AC09-124B4A2F31E7}"= UDP:c:\windows\Temp\~osCE29.tmp\ossproxy.exe:ossproxy.exe
"{922598CB-E8AA-4DF4-B6E1-712ADFC4F208}"= UDP:c:\windows\Temp\~osBE60.tmp\ossproxy.exe:ossproxy.exe
"{23EC15AA-59EA-4D51-ADCE-3305F3500256}"= UDP:c:\windows\Temp\~osCAFE.tmp\ossproxy.exe:ossproxy.exe
"{0B0904A5-13DB-4D28-B193-88985FAC4669}"= UDP:c:\windows\Temp\~osDFA6.tmp\ossproxy.exe:ossproxy.exe
"{9D3EFE6F-37C1-4F7D-808B-D804659A8C48}"= UDP:c:\windows\Temp\~os4A3.tmp\ossproxy.exe:ossproxy.exe
"{CA5E823E-3F61-480B-9A98-5437836FB301}"= UDP:c:\windows\Temp\~os1C87.tmp\ossproxy.exe:ossproxy.exe
"{77B97120-3D75-40D8-903A-97B594792B47}"= UDP:c:\windows\Temp\~os9CDC.tmp\ossproxy.exe:ossproxy.exe
"{55A3E40F-F8D6-4556-9E79-A327BAF3691F}"= UDP:c:\windows\Temp\~osE6D7.tmp\ossproxy.exe:ossproxy.exe
"{41EDC04A-4721-40DD-9B3E-6F09F8319595}"= UDP:c:\windows\Temp\~osEF9E.tmp\ossproxy.exe:ossproxy.exe
"{64550A54-18A1-4485-A771-BF7B549D62DB}"= UDP:c:\windows\Temp\~os34F6.tmp\ossproxy.exe:ossproxy.exe
"{69B87AB9-D2CC-4FD5-8F3A-759ACDABFF66}"= UDP:c:\windows\Temp\~os8D24.tmp\ossproxy.exe:ossproxy.exe
"{508D2C00-E3A0-418F-ACA0-6B05EA7F755F}"= UDP:c:\windows\Temp\~os1D33.tmp\ossproxy.exe:ossproxy.exe
"{0081B9D1-9A96-48D9-A3BD-80CA1C1DEE84}"= UDP:c:\windows\Temp\~osA17E.tmp\ossproxy.exe:ossproxy.exe
"{51F36185-E075-4ECC-A6B6-03DCCEA2D9C4}"= UDP:c:\windows\Temp\~osE043.tmp\ossproxy.exe:ossproxy.exe
"{27FCC72F-F035-44F3-BAD8-AB6D66F8D6C0}"= UDP:c:\windows\Temp\~os7994.tmp\ossproxy.exe:ossproxy.exe
"{D25B0BB1-0287-4B7F-87E0-C7FAD3867F6A}"= UDP:c:\windows\Temp\~os95AC.tmp\ossproxy.exe:ossproxy.exe
"{842F18FC-4323-4123-B9EF-43382301E551}"= UDP:c:\windows\Temp\~osABC.tmp\ossproxy.exe:ossproxy.exe
"{73D01DEB-DB12-43EE-9D8B-C689813833E0}"= UDP:c:\windows\Temp\~osEF6F.tmp\ossproxy.exe:ossproxy.exe
"{9E2BB4C6-8BE3-48AE-BF6B-9164241AE3FE}"= UDP:c:\windows\Temp\~os17A7.tmp\ossproxy.exe:ossproxy.exe
"{EB8E6CAF-F680-4B1E-B402-134C37ACA5DD}"= UDP:c:\windows\Temp\~osAFC1.tmp\ossproxy.exe:ossproxy.exe
"{42BAC2FF-DC23-4AB1-9E05-2484CF9BA2A2}"= UDP:c:\windows\Temp\~os3F15.tmp\ossproxy.exe:ossproxy.exe
"{F2AC3B3C-753A-42E9-9F68-25D12B06C10B}"= UDP:c:\windows\Temp\~os35B2.tmp\ossproxy.exe:ossproxy.exe
"{D890841C-25C5-45A0-A958-DFF900A9895A}"= UDP:c:\windows\Temp\~os31BC.tmp\ossproxy.exe:ossproxy.exe
"{9047D8FF-C094-48A8-BCE5-FD327B2BA432}"= UDP:c:\windows\Temp\~osB1F3.tmp\ossproxy.exe:ossproxy.exe
"{5EEB8541-7DFD-4EC6-A248-E908B696A836}"= UDP:c:\windows\Temp\~osB675.tmp\ossproxy.exe:ossproxy.exe
"{45704D37-12DB-4E2C-94FE-4EB9847FFCF4}"= UDP:c:\windows\Temp\~osD6C1.tmp\ossproxy.exe:ossproxy.exe
"{09FE1F4B-9017-41F3-BAB5-56E48605B759}"= UDP:c:\windows\Temp\~os6E30.tmp\ossproxy.exe:ossproxy.exe
"{4C43326B-C440-4DCE-B452-C30D043E7BE3}"= UDP:c:\windows\Temp\~os8087.tmp\ossproxy.exe:ossproxy.exe
"{9CA549F0-794A-4081-9403-43BBD4A5514A}"= UDP:c:\windows\Temp\~os2BE3.tmp\ossproxy.exe:ossproxy.exe
"{0747129E-2E5A-4AAC-A4B6-240B52FA7893}"= UDP:c:\windows\Temp\~os9F5D.tmp\ossproxy.exe:ossproxy.exe
"{8C57FC4D-3C24-4CD7-914F-FD86107576E7}"= UDP:c:\windows\Temp\~os7DBA.tmp\ossproxy.exe:ossproxy.exe
"{656B5A26-23D4-4F6D-ACA7-623EB8AECF7E}"= UDP:c:\windows\Temp\~os6319.tmp\ossproxy.exe:ossproxy.exe
"{02D1F3EE-A0DB-4059-9D5D-D023A865D60F}"= UDP:c:\windows\Temp\~os740A.tmp\ossproxy.exe:ossproxy.exe
"{E6A5B73A-805F-4805-A731-4F076EB04726}"= UDP:c:\windows\Temp\~osD9A.tmp\ossproxy.exe:ossproxy.exe
"{DA7BDA63-D04B-4DE5-8330-5BE73B7231D7}"= UDP:c:\windows\Temp\~osF366.tmp\ossproxy.exe:ossproxy.exe
"{992372C2-EDD4-4B98-B832-F242885C6CC3}"= UDP:c:\windows\Temp\~osB51F.tmp\ossproxy.exe:ossproxy.exe
"{F36909ED-8C37-4F36-8C52-5EDD2EFA5B7A}"= UDP:c:\windows\Temp\~os37A6.tmp\ossproxy.exe:ossproxy.exe
"{7426A13E-FDFC-45CB-8292-68D2D23484E6}"= UDP:c:\windows\Temp\~osA759.tmp\ossproxy.exe:ossproxy.exe
"{4C6ACC03-1148-4882-A116-14AAE84BB1BF}"= UDP:c:\windows\Temp\~os8365.tmp\ossproxy.exe:ossproxy.exe
"{47B77C18-5B4F-4F61-974C-3E7B9BD0BC57}"= UDP:c:\windows\Temp\~os2713.tmp\ossproxy.exe:ossproxy.exe
"{5277EC45-A026-469B-9E03-83C2903CAB0E}"= UDP:c:\windows\Temp\~osB129.tmp\ossproxy.exe:ossproxy.exe
"{FC675E0D-8434-4767-814E-B13C6E883434}"= UDP:c:\windows\Temp\~os453D.tmp\ossproxy.exe:ossproxy.exe
"{452EEF78-928A-459D-A57E-16BFC8559265}"= UDP:c:\windows\Temp\~os31BD.tmp\ossproxy.exe:ossproxy.exe
"{B472FF7A-90E1-433F-AEE0-163149FA0424}"= UDP:c:\windows\Temp\~os234C.tmp\ossproxy.exe:ossproxy.exe
"{5A7B75C1-7745-497D-BB39-7C06E7CD1362}"= UDP:c:\windows\Temp\~osEAEE.tmp\ossproxy.exe:ossproxy.exe
"{306B8AA1-A478-4ACD-8B72-C3BB2C8975B6}"= UDP:c:\windows\Temp\~osB55E.tmp\ossproxy.exe:ossproxy.exe
"{D9EA82E4-F49E-4F1A-B2C0-4A711651C2FD}"= UDP:c:\windows\Temp\~os83E.tmp\ossproxy.exe:ossproxy.exe
"{577DEDE7-689C-4958-B800-5684D3B3647E}"= UDP:c:\windows\Temp\~os2B38.tmp\ossproxy.exe:ossproxy.exe
"{13721303-0BE8-430B-B2C6-2E8128FBF119}"= UDP:c:\windows\Temp\~osB713.tmp\ossproxy.exe:ossproxy.exe
"{56491276-B5EC-443E-AC87-6AF6D8C5FA50}"= UDP:c:\windows\Temp\~osAD34.tmp\ossproxy.exe:ossproxy.exe
"{F818A205-153C-4841-A3E4-C0875D51DC24}"= UDP:c:\windows\Temp\~os1AC5.tmp\ossproxy.exe:ossproxy.exe
"{E742FE54-BECF-4A46-98FB-8740A5090755}"= UDP:c:\windows\Temp\~osF8A5.tmp\ossproxy.exe:ossproxy.exe
"{AF0088BA-3159-483D-BA67-0A1DA736EE4D}"= UDP:c:\windows\Temp\~os16FE.tmp\ossproxy.exe:ossproxy.exe
"{3166E630-A00B-43DD-8844-5CFBAF184064}"= UDP:c:\windows\Temp\~os56DB.tmp\ossproxy.exe:ossproxy.exe
"{6653B539-1317-416B-96B7-0CF476587509}"= UDP:c:\windows\Temp\~osD260.tmp\ossproxy.exe:ossproxy.exe
"{09D243D3-354D-4485-A25C-71A2FC5E3C8B}"= UDP:c:\windows\Temp\~osFDD.tmp\ossproxy.exe:ossproxy.exe
"{C8087D8C-3760-4010-962C-06EF3DEBED7E}"= UDP:c:\windows\Temp\~osDDA6.tmp\ossproxy.exe:ossproxy.exe
"{8C8F2988-3FC8-4467-B010-D7E61863CD60}"= UDP:c:\windows\Temp\~os5486.tmp\ossproxy.exe:ossproxy.exe
"{2DA751B4-148C-4BAF-92F3-5819D273C916}"= UDP:c:\windows\Temp\~osE743.tmp\ossproxy.exe:ossproxy.exe
"{3FD784B2-3FA5-49FE-ACE9-3B8BD7A0C6E0}"= UDP:c:\windows\Temp\~os6D34.tmp\ossproxy.exe:ossproxy.exe
"{EED082AC-D375-47B0-88F2-EE8C7931AEF5}"= UDP:c:\windows\Temp\~os1DAE.tmp\ossproxy.exe:ossproxy.exe
"{2964F577-3178-41B3-8A96-2B771A37D13A}"= UDP:c:\windows\Temp\~os6FC3.tmp\ossproxy.exe:ossproxy.exe
"{884D2066-787A-42A9-A4E1-FDABC2943230}"= UDP:c:\windows\Temp\~osFD43.tmp\ossproxy.exe:ossproxy.exe
"{307D5A7D-E312-44C1-B61D-5D1313234B8F}"= UDP:c:\windows\Temp\~os4D75.tmp\ossproxy.exe:ossproxy.exe
"{C167F8D0-ADCB-4543-B3C3-09F82615E0B7}"= UDP:c:\windows\Temp\~os5966.tmp\ossproxy.exe:ossproxy.exe
"{6C08737E-9225-417F-B331-54049C8A619E}"= UDP:c:\windows\Temp\~osDDE1.tmp\ossproxy.exe:ossproxy.exe
"{126BFD33-3394-4D77-BC73-559EA700884A}"= UDP:c:\windows\Temp\~os6BFC.tmp\ossproxy.exe:ossproxy.exe
"{420324AF-241D-4FB8-AF3C-95465F7C4167}"= UDP:c:\windows\Temp\~os8FC2.tmp\ossproxy.exe:ossproxy.exe
"{C1EC25C5-B40F-46FB-80B2-9AC860484E86}"= UDP:c:\windows\Temp\~osF45D.tmp\ossproxy.exe:ossproxy.exe
"{ECC422A8-240C-48D4-8641-028F12CD38B8}"= UDP:c:\windows\Temp\~os6EDA.tmp\ossproxy.exe:ossproxy.exe
"{A5C24578-71D8-48C9-9AF1-776B52AF97B8}"= UDP:c:\windows\Temp\~os5725.tmp\ossproxy.exe:ossproxy.exe
"{F6CCE7DD-83FA-451F-A5AD-82427827E6AC}"= UDP:c:\windows\Temp\~os867F.tmp\ossproxy.exe:ossproxy.exe
"{8CD7E450-4346-43D5-BBBE-D870AA072153}"= UDP:c:\windows\Temp\~os5310.tmp\ossproxy.exe:ossproxy.exe
"{1C38F552-3E99-421C-94A9-A30602C51D44}"= UDP:c:\windows\Temp\~osB7FA.tmp\ossproxy.exe:ossproxy.exe
"{7A1ADA62-DA22-4CBF-8A8F-E50384857849}"= UDP:c:\windows\Temp\~os291.tmp\ossproxy.exe:ossproxy.exe
"{2112D0AE-A260-48ED-A5D0-ADEA75D68FB0}"= UDP:c:\windows\Temp\~os8566.tmp\ossproxy.exe:ossproxy.exe
"{92E22C3F-6892-4698-8652-BC0E8F087EA4}"= UDP:c:\windows\Temp\~osBE32.tmp\ossproxy.exe:ossproxy.exe
"{CB619D4C-A492-4DA9-BAC0-27648E9660C9}"= UDP:c:\windows\Temp\~os6B33.tmp\ossproxy.exe:ossproxy.exe
"{839BF5F3-BC5F-45E9-973D-13B68663278D}"= UDP:c:\windows\Temp\~os2878.tmp\ossproxy.exe:ossproxy.exe
"{4B0C6544-72FC-4EC1-9DE7-E06772E77674}"= UDP:c:\windows\Temp\~os1C1A.tmp\ossproxy.exe:ossproxy.exe
"{2F47F995-E12B-4E10-B913-3C019BEB3DFA}"= UDP:c:\windows\Temp\~os5BD.tmp\ossproxy.exe:ossproxy.exe
"{A0AAA45B-BB5E-4D39-A9CC-38DDB8B01CFA}"= UDP:c:\windows\Temp\~os2251.tmp\ossproxy.exe:ossproxy.exe
"{02C2BEEB-80E9-4A13-8D91-0F507AEEBBDE}"= UDP:c:\windows\Temp\~os23B8.tmp\ossproxy.exe:ossproxy.exe
"{898CED84-835F-40AC-86E1-3236F0645C3B}"= UDP:c:\windows\Temp\~osF00B.tmp\ossproxy.exe:ossproxy.exe
"{E8DEEDD0-E489-47DB-B457-68A6F1C63526}"= UDP:c:\windows\Temp\~osF5F4.tmp\ossproxy.exe:ossproxy.exe
"{E1829728-E656-4569-A2E1-DC5662F7084A}"= UDP:c:\windows\Temp\~osB637.tmp\ossproxy.exe:ossproxy.exe
"{669C6F8D-2340-4185-833E-0141C7310841}"= UDP:c:\windows\Temp\~osBEBF.tmp\ossproxy.exe:ossproxy.exe
"{08DE96DD-8289-4BF7-B635-69AF2EC734ED}"= UDP:c:\windows\Temp\~os959D.tmp\ossproxy.exe:ossproxy.exe
"{B4F9B31F-4D93-455B-BE17-9C7D1858BBE8}"= UDP:c:\windows\Temp\~osA19E.tmp\ossproxy.exe:ossproxy.exe
"{A71D247E-8D54-445B-9A24-2E83FEDCD52C}"= UDP:c:\windows\Temp\~os478D.tmp\ossproxy.exe:ossproxy.exe
"{88050007-ADC4-4AFF-BB9E-24642FAE48C3}"= UDP:c:\windows\Temp\~os4175.tmp\ossproxy.exe:ossproxy.exe
"{4CB39319-756A-4245-BCF9-77970BB0B7F7}"= UDP:c:\windows\Temp\~os25FA.tmp\ossproxy.exe:ossproxy.exe
"{51ED806B-B6AA-4989-B072-F287DE4F0473}"= UDP:c:\windows\Temp\~osF78A.tmp\ossproxy.exe:ossproxy.exe
"{0F137B29-E311-4789-B290-1A1E200EC840}"= UDP:c:\windows\Temp\~osC0F1.tmp\ossproxy.exe:ossproxy.exe
"{6C4C240E-29D2-46E7-A767-EBDEBA1BCB72}"= UDP:c:\windows\Temp\~os402E.tmp\ossproxy.exe:ossproxy.exe
"{AE1FD305-7BCD-4176-B5D6-DBECC4A8C4AF}"= UDP:c:\windows\Temp\~osB0DA.tmp\ossproxy.exe:ossproxy.exe
"{6344EB68-2B35-42BF-B60A-AA5CAE77ABFA}"= UDP:c:\windows\Temp\~osD377.tmp\ossproxy.exe:ossproxy.exe
"{A76E917E-93C5-4FF7-856D-2E8B017BB1CD}"= UDP:c:\windows\Temp\~osEA3.tmp\ossproxy.exe:ossproxy.exe
"{908BC758-5AAC-43EB-9815-12BC874C4EEA}"= UDP:c:\windows\Temp\~os18C1.tmp\ossproxy.exe:ossproxy.exe
"{2DB3E1A9-C46D-4B60-989B-FA22A078B191}"= UDP:c:\windows\Temp\~os7773.tmp\ossproxy.exe:ossproxy.exe
"{5A36827D-9F70-47F6-B1A5-FD63DE489C15}"= UDP:c:\windows\Temp\~os1CB7.tmp\ossproxy.exe:ossproxy.exe
"{55D5B61B-DB2A-4D14-ABEC-E061891CD2C5}"= UDP:c:\windows\Temp\~osDB54.tmp\ossproxy.exe:ossproxy.exe
"{A4BF4077-568C-469A-A72F-406FB6E7A317}"= UDP:c:\windows\Temp\~osA40.tmp\ossproxy.exe:ossproxy.exe
"{E4A6D94D-11E8-4C99-B05D-C54F0952638C}"= UDP:c:\windows\Temp\~os984C.tmp\ossproxy.exe:ossproxy.exe
"{FD55A902-99F8-4299-9E79-544409A293B2}"= UDP:c:\windows\Temp\~os2D89.tmp\ossproxy.exe:ossproxy.exe
"{094E14E7-F3CF-4ECF-AB8D-F72638BAD553}"= UDP:c:\windows\Temp\~os6654.tmp\ossproxy.exe:ossproxy.exe
"{F6F371FF-E427-4D1B-8E8A-4697115A06FE}"= UDP:c:\windows\Temp\~os1CE6.tmp\ossproxy.exe:ossproxy.exe
"{82924649-91BA-4E5C-B9EB-B069C04D3FC4}"= UDP:c:\windows\Temp\~os4C8E.tmp\ossproxy.exe:ossproxy.exe
"{8E58FBE7-25FF-4A26-820C-EC4CF76FC782}"= UDP:c:\windows\Temp\~osF98E.tmp\ossproxy.exe:ossproxy.exe
"{0BAAB3D0-237A-494C-8522-41FFC619B37A}"= UDP:c:\windows\Temp\~osEB0E.tmp\ossproxy.exe:ossproxy.exe
"{56F0397C-65E1-48BA-B88F-2BA178EE4A4C}"= UDP:c:\windows\Temp\~osEB0F.tmp\ossproxy.exe:ossproxy.exe
"{9CFDFD9E-505A-439E-812E-8E5C37F3F528}"= UDP:c:\windows\Temp\~os51CB.tmp\ossproxy.exe:ossproxy.exe
"{1DB71EA8-A0F6-4845-BFAE-CC5391E0BF78}"= UDP:c:\windows\Temp\~osD4D.tmp\ossproxy.exe:ossproxy.exe
"{D4D0CA1A-0525-404D-8589-8F8D5A782EC7}"= UDP:c:\windows\Temp\~osBC03.tmp\ossproxy.exe:ossproxy.exe
"{CF801035-40E2-472B-8394-B1BBF3108FB7}"= UDP:c:\windows\Temp\~osDFD7.tmp\ossproxy.exe:ossproxy.exe
"{D60509E3-F217-4194-B4E8-C628917AB153}"= UDP:c:\windows\Temp\~os8144.tmp\ossproxy.exe:ossproxy.exe
"{36CF60CC-A64E-4530-859F-11490F5387E0}"= UDP:c:\windows\Temp\~os94D4.tmp\ossproxy.exe:ossproxy.exe
"{95D20816-3962-496C-9590-62ED6F24AA8C}"= UDP:c:\windows\Temp\~os7F41.tmp\ossproxy.exe:ossproxy.exe
"{A04E8BD0-A496-4F17-B287-5FD57CBEFEE4}"= UDP:c:\windows\Temp\~os7C55.tmp\ossproxy.exe:ossproxy.exe
"{ED8E5D96-2511-4D9A-80B7-5C7D40B3F44F}"= UDP:c:\windows\Temp\~osB446.tmp\ossproxy.exe:ossproxy.exe
"{C1A5A85D-BF8E-4E8A-B9DF-88F327E4B5DA}"= UDP:c:\windows\Temp\~os8200.tmp\ossproxy.exe:ossproxy.exe
"{97776926-A77A-4F1D-BA67-61492DE364C2}"= UDP:c:\windows\Temp\~osD32B.tmp\ossproxy.exe:ossproxy.exe

aybsee
Intermediate
Intermediate

Posts Posts : 102
Joined Joined : 2008-12-19
OS OS : wnidows vista home premium
Points Points : 29512
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Trojan

Post by aybsee on 9th July 2009, 4:35 am

part 6


"{A3DF22F7-0439-4A32-98DE-7850D78702FF}"= UDP:c:\windows\Temp\~osB040.tmp\ossproxy.exe:ossproxy.exe
"{36E2141C-D4EA-4C8F-8297-BA1CE3689EDE}"= UDP:c:\windows\Temp\~osCEC8.tmp\ossproxy.exe:ossproxy.exe
"{BE88DF66-CC71-43FD-ACBD-211724210085}"= UDP:c:\windows\Temp\~os32F7.tmp\ossproxy.exe:ossproxy.exe
"{F89CBC00-A9B0-416B-8565-B3B970EA4A61}"= UDP:c:\windows\Temp\~os1A58.tmp\ossproxy.exe:ossproxy.exe
"{71D2CCBA-87C8-4592-AC94-AE374B21BAD8}"= UDP:c:\windows\Temp\~os9207.tmp\ossproxy.exe:ossproxy.exe
"{5B73A61B-9578-43C0-AA4F-A29EF112ED8B}"= UDP:c:\windows\Temp\~osCF45.tmp\ossproxy.exe:ossproxy.exe
"{75892A0B-DDBC-49EA-A41A-DCD96AB1EE41}"= UDP:c:\windows\Temp\~osDDB.tmp\ossproxy.exe:ossproxy.exe
"{56A9FF59-17A4-41B9-BE61-172274F0FF8C}"= UDP:c:\windows\Temp\~osF0E9.tmp\ossproxy.exe:ossproxy.exe
"{A55FB235-1F87-447D-8C19-DA351D31802A}"= UDP:c:\windows\Temp\~os4205.tmp\ossproxy.exe:ossproxy.exe
"{57662297-68AC-4E29-9A5B-272D27E29927}"= UDP:c:\windows\Temp\~os4B0A.tmp\ossproxy.exe:ossproxy.exe
"{E095514E-1B90-4549-897E-86FF8BD96535}"= UDP:c:\windows\Temp\~osE130.tmp\ossproxy.exe:ossproxy.exe
"{37F67DED-CE81-4403-BCCB-28E35DD8FA06}"= UDP:c:\windows\Temp\~os3CB8.tmp\ossproxy.exe:ossproxy.exe
"{0BB921FB-CF7B-4B83-BE38-F689F1A534C5}"= UDP:c:\windows\Temp\~os4DB8.tmp\ossproxy.exe:ossproxy.exe
"{3D68734F-EFCE-4281-8152-EF5240751D08}"= UDP:c:\windows\Temp\~osE768.tmp\ossproxy.exe:ossproxy.exe
"{0177A3B0-AF0E-435A-9185-3DCB0952416D}"= UDP:c:\windows\Temp\~os8E7F.tmp\ossproxy.exe:ossproxy.exe
"{12EC2A8B-158A-4687-B270-E208288EA0EC}"= UDP:c:\windows\Temp\~osC114.tmp\ossproxy.exe:ossproxy.exe
"{E9261B6F-E2A9-4F5B-9C31-142B5FBC663F}"= UDP:c:\windows\Temp\~os6C9E.tmp\ossproxy.exe:ossproxy.exe
"{06B6AF0C-461E-4845-AA05-25E10F8F794E}"= UDP:c:\windows\Temp\~os6510.tmp\ossproxy.exe:ossproxy.exe
"{7B91DB2F-F474-40B6-822F-9EE52AFE4B62}"= UDP:c:\windows\Temp\~os6AB.tmp\ossproxy.exe:ossproxy.exe
"{10DCA93E-3957-4D35-A0B3-61759810ECB9}"= UDP:c:\windows\Temp\~os2ED4.tmp\ossproxy.exe:ossproxy.exe
"{DC481989-EB48-4886-8113-16F17C37AD24}"= UDP:c:\windows\Temp\~os3385.tmp\ossproxy.exe:ossproxy.exe
"{87549C93-C475-487D-B2EB-444FFBC6F976}"= UDP:c:\windows\Temp\~os5CE6.tmp\ossproxy.exe:ossproxy.exe
"{6A79FECE-A049-44B5-9879-38AD3AEE20A2}"= UDP:c:\windows\Temp\~osDADB.tmp\ossproxy.exe:ossproxy.exe
"{239712EB-9FE8-4630-9AC4-D83837E9EB1F}"= UDP:c:\windows\Temp\~os7343.tmp\ossproxy.exe:ossproxy.exe
"{27E0F50C-5DF5-49A6-A772-AF2D09172A36}"= UDP:c:\windows\Temp\~osB783.tmp\ossproxy.exe:ossproxy.exe
"{389E0F49-D593-436B-870E-A9020EA6D905}"= UDP:c:\windows\Temp\~osF020.tmp\ossproxy.exe:ossproxy.exe
"{2CC792E1-D19A-473E-AFA4-F224F3CAC823}"= UDP:c:\windows\Temp\~osF4B2.tmp\ossproxy.exe:ossproxy.exe
"{D8A0D66A-A924-468B-B65C-97AA6BD0F032}"= UDP:c:\windows\Temp\~osBCB.tmp\ossproxy.exe:ossproxy.exe
"{F75781CC-AE33-47EA-B29C-81596693148A}"= UDP:c:\windows\Temp\~os659D.tmp\ossproxy.exe:ossproxy.exe
"{BA7D9B7F-10EB-4219-A83D-1B15E8B430EF}"= UDP:c:\windows\Temp\~os6723.tmp\ossproxy.exe:ossproxy.exe
"{16D2419C-EC26-4466-A922-CE36B35C3D5F}"= UDP:c:\windows\Temp\~os3CE9.tmp\ossproxy.exe:ossproxy.exe
"{A63276DB-A1CF-4AE4-AB70-544D1A36EAB9}"= UDP:c:\windows\Temp\~osDFFA.tmp\ossproxy.exe:ossproxy.exe
"{ACA56A89-D959-4C35-A9AD-55F1CB7E71EE}"= UDP:c:\windows\Temp\~os3589.tmp\ossproxy.exe:ossproxy.exe
"{59879299-8A7F-446D-AA69-FD3ED83BDB9E}"= UDP:c:\windows\Temp\~os4C54.tmp\ossproxy.exe:ossproxy.exe
"{8BF78C11-036F-4887-956D-3D3894775636}"= UDP:c:\windows\Temp\~osFB57.tmp\ossproxy.exe:ossproxy.exe
"{E3829EF6-70AD-4183-A689-2160B0956BC7}"= UDP:c:\windows\Temp\~os3461.tmp\ossproxy.exe:ossproxy.exe
"{93AA656D-884F-490D-92E8-0FAA5EBD5C37}"= UDP:c:\windows\Temp\~os9880.tmp\ossproxy.exe:ossproxy.exe
"{E9EE447B-FDFB-4C30-9F18-50CBAB273612}"= UDP:c:\windows\Temp\~os5826.tmp\ossproxy.exe:ossproxy.exe
"{E7B6F2AA-4EDE-4797-BA83-ABED97306DB3}"= UDP:c:\windows\Temp\~os54FB.tmp\ossproxy.exe:ossproxy.exe
"{230E0561-1F59-496A-BEDD-2DAA6F4C5E2F}"= UDP:c:\windows\Temp\~os70C5.tmp\ossproxy.exe:ossproxy.exe
"{6DA4576C-2C9C-4D17-BFA7-C891B5C720E2}"= UDP:c:\windows\Temp\~os8963.tmp\ossproxy.exe:ossproxy.exe
"{FAC405C4-3F16-4FD8-8187-75BA5E472C61}"= UDP:c:\windows\Temp\~osE384.tmp\ossproxy.exe:ossproxy.exe
"{58AAB537-55E9-49A2-A335-0E354D17F197}"= UDP:c:\windows\Temp\~os5C6B.tmp\ossproxy.exe:ossproxy.exe
"{BD5D2BD7-36FC-4EDA-AF4A-EDAD6E53BDD5}"= UDP:c:\windows\Temp\~os29A8.tmp\ossproxy.exe:ossproxy.exe
"{FC6AF717-C55D-44BD-AB1B-70E0904CA025}"= UDP:c:\windows\Temp\~osBBB9.tmp\ossproxy.exe:ossproxy.exe
"{063E1F49-A051-437E-98E4-DE56581E44C4}"= UDP:c:\windows\Temp\~os97D5.tmp\ossproxy.exe:ossproxy.exe
"{6C28CCAE-3C50-4B53-8E4D-AFD708B3DF05}"= UDP:c:\windows\Temp\~osC5C7.tmp\ossproxy.exe:ossproxy.exe
"{0207F839-F15E-49BA-A745-269D99E3FD9D}"= UDP:c:\windows\Temp\~osF678.tmp\ossproxy.exe:ossproxy.exe
"{3CF31FCF-A722-45E8-BA7C-4E03FD9BEA26}"= UDP:c:\windows\Temp\~os2C57.tmp\ossproxy.exe:ossproxy.exe
"{073BA65B-998C-4A74-AAEA-2EF9CA73797E}"= UDP:c:\windows\Temp\~os96AD.tmp\ossproxy.exe:ossproxy.exe
"{06BC247D-7A40-44E1-A65C-A7FB4D6E4528}"= UDP:c:\windows\Temp\~osA647.tmp\ossproxy.exe:ossproxy.exe
"{4D6DC4AB-18A0-4B9C-94F8-097D055DEF49}"= UDP:c:\windows\Temp\~os2A06.tmp\ossproxy.exe:ossproxy.exe
"{835564AA-3E8E-4895-B14F-BA84D511940F}"= UDP:c:\windows\Temp\~osD458.tmp\ossproxy.exe:ossproxy.exe
"{467A9AA0-E5D9-4249-8E59-7805EBD9DC95}"= UDP:c:\windows\Temp\~osB6F9.tmp\ossproxy.exe:ossproxy.exe
"{5063CCDC-F9D3-4771-8F48-FB6B1BD4F339}"= UDP:c:\windows\Temp\~os4FBF.tmp\ossproxy.exe:ossproxy.exe
"{04DC6C95-EC92-4793-B010-17A9A921B550}"= UDP:c:\windows\Temp\~os3617.tmp\ossproxy.exe:ossproxy.exe
"{00609DE0-C6CE-47A5-B754-43D198BE4253}"= UDP:c:\windows\Temp\~os3675.tmp\ossproxy.exe:ossproxy.exe
"{4621046D-8B38-48C5-8A04-CDAE1DAD4547}"= UDP:c:\windows\Temp\~osAF0D.tmp\ossproxy.exe:ossproxy.exe
"{76DB5C78-1B68-409C-AF53-F92C642AA244}"= UDP:c:\windows\Temp\~osE06A.tmp\ossproxy.exe:ossproxy.exe
"{04A20BE6-5DA4-4159-96C9-A7D31C659227}"= UDP:c:\windows\Temp\~osA648.tmp\ossproxy.exe:ossproxy.exe
"{ADEF4B4B-8AB1-4D1C-9028-47D98F4C555A}"= UDP:c:\windows\Temp\~osE1A2.tmp\ossproxy.exe:ossproxy.exe
"{B51FDEF7-6049-4F78-A510-BE069AAB66F6}"= UDP:c:\windows\Temp\~os5BA1.tmp\ossproxy.exe:ossproxy.exe
"{9D2FD1B7-A0B0-4310-B9A2-4FF6EDFF07AE}"= UDP:c:\windows\Temp\~osF8E9.tmp\ossproxy.exe:ossproxy.exe
"{B8766ECE-C698-4FFA-8BAD-FBCEDC0E3F93}"= UDP:c:\windows\Temp\~os33A8.tmp\ossproxy.exe:ossproxy.exe
"{B84EB26A-A43A-40C7-A6C2-A9966765B378}"= UDP:c:\windows\Temp\~osE2E9.tmp\ossproxy.exe:ossproxy.exe
"{B4351088-40B7-4690-96F1-CD6C53CC1119}"= UDP:c:\windows\Temp\~os1C70.tmp\ossproxy.exe:ossproxy.exe
"{CA346105-09EB-475C-90AE-51B335DA0062}"= UDP:c:\windows\Temp\~os946D.tmp\ossproxy.exe:ossproxy.exe
"{0D19CEED-0A0D-4016-8A84-017FCADC3654}"= UDP:c:\windows\Temp\~osBCD4.tmp\ossproxy.exe:ossproxy.exe
"{70DB9D67-C90C-41EA-B576-4BCF832B8F4C}"= UDP:c:\windows\Temp\~os50C9.tmp\ossproxy.exe:ossproxy.exe
"{4FD246E1-9179-41E3-8B41-20C25B85239A}"= UDP:c:\windows\Temp\~os10CD.tmp\ossproxy.exe:ossproxy.exe
"{9B38F557-F1A4-46DD-95D2-CC039515CD8E}"= UDP:c:\windows\Temp\~os5DA5.tmp\ossproxy.exe:ossproxy.exe
"{81609419-920A-465C-8127-C82ECCBF8F57}"= UDP:c:\windows\Temp\~os4757.tmp\ossproxy.exe:ossproxy.exe
"{19458C3F-5070-4624-99F9-31E046E5BCD6}"= UDP:c:\windows\Temp\~osAB95.tmp\ossproxy.exe:ossproxy.exe
"{CE846100-8112-4D25-8FCA-21B10854BE13}"= UDP:c:\windows\Temp\~os7347.tmp\ossproxy.exe:ossproxy.exe
"{037DF12E-273C-436C-AC95-800E14432E9C}"= UDP:c:\windows\Temp\~os24C.tmp\ossproxy.exe:ossproxy.exe
"{26DEC2B8-8E13-41DF-A2A2-6F7B9C486A1D}"= UDP:c:\windows\Temp\~osA761.tmp\ossproxy.exe:ossproxy.exe
"{A53BE948-BD41-45D6-8F64-9568CFE8DA48}"= UDP:c:\windows\Temp\~os3934.tmp\ossproxy.exe:ossproxy.exe
"{33CEC665-00BB-4537-9E1D-5BD75D9527FD}"= UDP:c:\windows\Temp\~osFEB4.tmp\ossproxy.exe:ossproxy.exe
"{5433864C-71BB-4356-8FF0-F9CB4DA1A6A5}"= UDP:c:\windows\Temp\~os26DD.tmp\ossproxy.exe:ossproxy.exe
"{D2FA3537-CFB7-4673-9893-3BFD10E5BF83}"= UDP:c:\windows\Temp\~os9661.tmp\ossproxy.exe:ossproxy.exe
"{C93D186F-8BC7-42E4-B656-C84E9470647F}"= UDP:c:\windows\Temp\~os9F95.tmp\ossproxy.exe:ossproxy.exe

aybsee
Intermediate
Intermediate

Posts Posts : 102
Joined Joined : 2008-12-19
OS OS : wnidows vista home premium
Points Points : 29512
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Trojan

Post by aybsee on 9th July 2009, 4:36 am

part 7

"{EEEB01FA-E731-4AC4-9172-0BA0CB73B0DD}"= UDP:c:\windows\Temp\~os2EAA.tmp\ossproxy.exe:ossproxy.exe
"{FED8C95B-53B7-4D9E-BF2A-816132FEB09B}"= UDP:c:\windows\Temp\~osD851.tmp\ossproxy.exe:ossproxy.exe
"{1210BD21-9041-4ABB-AD04-0C0D57AB47E0}"= UDP:c:\windows\Temp\~osCCBD.tmp\ossproxy.exe:ossproxy.exe
"{43FD7E20-7DAA-410E-8351-F2FFA582CCAF}"= UDP:c:\windows\Temp\~osC483.tmp\ossproxy.exe:ossproxy.exe
"{1384CC84-533A-47C3-B9F7-1EFB0A06F814}"= UDP:c:\windows\Temp\~osD4B9.tmp\ossproxy.exe:ossproxy.exe
"{97E9BE9C-F67A-42D3-BFAF-41D7EBB0BCC1}"= UDP:c:\windows\Temp\~osA0B.tmp\ossproxy.exe:ossproxy.exe
"{77AAABD7-0FE3-412F-9649-51B031178978}"= UDP:c:\windows\Temp\~os85EE.tmp\ossproxy.exe:ossproxy.exe
"{FED1617A-5A94-4E8C-BDB2-F9ADAE7F0997}"= UDP:c:\windows\Temp\~os9652.tmp\ossproxy.exe:ossproxy.exe
"{7091ADB3-5FA2-4CC6-8199-87870CF13032}"= UDP:c:\windows\Temp\~os87A3.tmp\ossproxy.exe:ossproxy.exe
"{3D436790-06F8-427A-AB71-7CAEF8B4159F}"= UDP:c:\windows\Temp\~os5DD5.tmp\ossproxy.exe:ossproxy.exe
"{AB1DEC45-F2CF-40A3-827F-CFE0ABBF1F4C}"= UDP:c:\windows\Temp\~os4D61.tmp\ossproxy.exe:ossproxy.exe
"{C07FFC10-98CC-432F-A39B-65106A2D95EC}"= UDP:c:\windows\Temp\~osB345.tmp\ossproxy.exe:ossproxy.exe
"{42905F08-55F1-4144-A495-C66926B39D53}"= UDP:c:\windows\Temp\~os688F.tmp\ossproxy.exe:ossproxy.exe
"{5DC70590-CF23-4F6E-8A33-A3D7078D1B59}"= UDP:c:\windows\Temp\~os4509.tmp\ossproxy.exe:ossproxy.exe
"{DEDC1C39-56B4-4B80-B528-C9AB1B36CE9F}"= UDP:c:\windows\Temp\~osF257.tmp\ossproxy.exe:ossproxy.exe
"{2AD45EE9-0A79-4B16-BF5C-68BDA8D767BB}"= UDP:c:\windows\Temp\~os954A.tmp\ossproxy.exe:ossproxy.exe
"{E900CE55-8376-4809-8408-620912D78882}"= UDP:c:\windows\Temp\~os75D8.tmp\ossproxy.exe:ossproxy.exe
"{4E1361A4-27F8-4238-AA79-CAD0E23B66C7}"= UDP:c:\windows\Temp\~osEAE.tmp\ossproxy.exe:ossproxy.exe
"{EAF5E2B7-1FF6-4546-8BB8-E3C39CA9FB19}"= UDP:c:\windows\Temp\~osCAFA.tmp\ossproxy.exe:ossproxy.exe
"{1F691976-D8E3-43C0-B5CB-604AD66DFFBD}"= UDP:c:\windows\Temp\~os8B9A.tmp\ossproxy.exe:ossproxy.exe
"{ACD106F4-C172-4BCB-8D7A-3E200720B4B7}"= UDP:c:\windows\Temp\~os5A4E.tmp\ossproxy.exe:ossproxy.exe
"{BA563A66-3FAA-48A3-AA48-CB0B4F6109ED}"= UDP:c:\windows\Temp\~osE7EC.tmp\ossproxy.exe:ossproxy.exe
"{36EBA2F3-4D3B-40C1-9AFA-ABC044999BC9}"= UDP:c:\windows\Temp\~os89F5.tmp\ossproxy.exe:ossproxy.exe
"{4BE33B9B-842A-4704-B675-80B6D750DCEF}"= UDP:c:\windows\Temp\~osA976.tmp\ossproxy.exe:ossproxy.exe
"{2904D478-3479-41E6-A12B-71F6C6DE50B3}"= UDP:c:\windows\Temp\~osA4E4.tmp\ossproxy.exe:ossproxy.exe
"{BEC3D56A-A0A3-4463-9640-2F2A8F656A24}"= UDP:c:\windows\Temp\~osFF75.tmp\ossproxy.exe:ossproxy.exe
"{1ED8E913-CADD-4D31-AAB0-D900A73C7F3E}"= UDP:c:\windows\Temp\~os87B4.tmp\ossproxy.exe:ossproxy.exe
"{FA9E9E42-2A8A-4534-9AA1-0B1B42BC4CDD}"= UDP:c:\windows\Temp\~osC80E.tmp\ossproxy.exe:ossproxy.exe
"{93B3B9CB-0610-497C-8352-8C95D17ADF08}"= UDP:c:\windows\Temp\~osDC59.tmp\ossproxy.exe:ossproxy.exe
"{294A5439-5EF0-4547-97AC-83A983CDA3AB}"= UDP:c:\windows\Temp\~os47E7.tmp\ossproxy.exe:ossproxy.exe
"{EAB877F6-E234-46A7-B820-C518BBF14F8E}"= UDP:c:\windows\Temp\~osF7E4.tmp\ossproxy.exe:ossproxy.exe
"{98AD70B3-6A4F-42A4-B479-EEC8BCA7C63E}"= UDP:c:\windows\Temp\~os7DB6.tmp\ossproxy.exe:ossproxy.exe
"{CFD2B8FE-FE35-4185-9250-3F331E1547C7}"= UDP:c:\windows\Temp\~osB36.tmp\ossproxy.exe:ossproxy.exe
"{7541650E-9C26-4F1D-902A-2981890C8E59}"= UDP:c:\windows\Temp\~os951D.tmp\ossproxy.exe:ossproxy.exe
"{B904F4A3-C6C7-4984-887B-5343E55923F4}"= UDP:c:\windows\Temp\~os1E68.tmp\ossproxy.exe:ossproxy.exe
"{F5181584-B4BC-4FB6-BAC6-6AE0D683F1C3}"= UDP:c:\windows\Temp\~osAD00.tmp\ossproxy.exe:ossproxy.exe
"{1B13AC0D-FF12-45FD-B551-D3078E631F42}"= UDP:c:\windows\Temp\~os37E1.tmp\ossproxy.exe:ossproxy.exe
"{FCB78CBD-F01B-4F3D-A615-83C6F1E990F3}"= UDP:c:\windows\Temp\~osBE2F.tmp\ossproxy.exe:ossproxy.exe
"{24241EA8-2D75-42DA-8C56-5C8B2DAB47A2}"= UDP:c:\windows\Temp\~os4384.tmp\ossproxy.exe:ossproxy.exe
"{D4928B8D-E232-4824-9A44-E52D68280670}"= UDP:c:\windows\Temp\~osD142.tmp\ossproxy.exe:ossproxy.exe
"{3A692FE4-FC8C-44EC-A66E-05BDA6EEBFEA}"= UDP:c:\windows\Temp\~os5984.tmp\ossproxy.exe:ossproxy.exe
"{E47E9DB5-00B2-4B1A-8C34-0DCB7EF43BC1}"= UDP:c:\windows\Temp\~osE34C.tmp\ossproxy.exe:ossproxy.exe
"{8B3C49A9-F6D6-4469-B678-F2A557F21AF4}"= UDP:c:\windows\Temp\~os72CE.tmp\ossproxy.exe:ossproxy.exe
"{7585990C-379F-4850-BA86-0CB6CE0B541F}"= UDP:c:\windows\Temp\~os1F.tmp\ossproxy.exe:ossproxy.exe
"{79783AE3-393F-4D7F-AE33-F73A03EDB8E0}"= UDP:c:\windows\Temp\~os8B3E.tmp\ossproxy.exe:ossproxy.exe
"{CAB0B911-C907-4208-BECE-A8D575879F12}"= UDP:c:\windows\Temp\~os143B.tmp\ossproxy.exe:ossproxy.exe
"{D97A6AEA-2FD9-4C38-AEE4-411561783FE7}"= UDP:c:\windows\Temp\~os9BF0.tmp\ossproxy.exe:ossproxy.exe
"{09220FF3-E99E-4600-90E9-4C6CF56AA4A1}"= UDP:c:\windows\Temp\~os26A2.tmp\ossproxy.exe:ossproxy.exe
"{4217335E-9C80-44F5-9B6D-4D100E72AC17}"= UDP:c:\windows\Temp\~osB05A.tmp\ossproxy.exe:ossproxy.exe
"{B6F6CD8B-6CBC-4C34-B0AF-DA8C4BDAE71E}"= UDP:c:\windows\Temp\~os3513.tmp\ossproxy.exe:ossproxy.exe
"{BB3274E9-0D4C-4699-B12A-24240BF0FA5D}"= UDP:c:\windows\Temp\~osBFB6.tmp\ossproxy.exe:ossproxy.exe
"{6599D59D-2F78-4EEC-BCFE-302DFCAFF204}"= UDP:c:\windows\Temp\~os4B61.tmp\ossproxy.exe:ossproxy.exe
"{A90073B0-AAFE-4343-99D5-29B758C6E456}"= UDP:c:\windows\Temp\~osD7A8.tmp\ossproxy.exe:ossproxy.exe
"{A3187ABE-0760-418A-BBF5-275572FA1C46}"= UDP:c:\windows\Temp\~os60C5.tmp\ossproxy.exe:ossproxy.exe
"{7FC93C87-04BF-4C71-94AC-9A99404BA69C}"= UDP:c:\windows\Temp\~osE8A9.tmp\ossproxy.exe:ossproxy.exe
"{152B3A98-03F3-4224-BE0B-F5340A8C4ECA}"= UDP:c:\windows\Temp\~os73F7.tmp\ossproxy.exe:ossproxy.exe
"{C917C10C-7C55-4F53-998D-97556F1CC79C}"= UDP:c:\windows\Temp\~osFAB3.tmp\ossproxy.exe:ossproxy.exe
"{9F91E039-C198-45F3-95BB-A2D860487221}"= UDP:c:\windows\Temp\~os260.tmp\ossproxy.exe:ossproxy.exe
"{30528671-FFEF-40F8-8A61-498FD1E5BE26}"= UDP:c:\windows\Temp\~os8DBE.tmp\ossproxy.exe:ossproxy.exe
"{89A54CBF-2EFA-43AD-A749-8696989D1DA0}"= UDP:c:\windows\Temp\~os1B9B.tmp\ossproxy.exe:ossproxy.exe
"{6421E053-4A66-42D5-A6D4-07272F3A87DC}"= UDP:c:\windows\Temp\~osA228.tmp\ossproxy.exe:ossproxy.exe
"{1DB11459-D7B1-49E3-B890-C8F560B32730}"= UDP:c:\windows\Temp\~os3523.tmp\ossproxy.exe:ossproxy.exe
"{F358E944-EDD4-438D-B959-CB054F095EA3}"= UDP:c:\windows\Temp\~osBF58.tmp\ossproxy.exe:ossproxy.exe
"{276D92D9-51EE-41E3-97F3-1E6EA1D77462}"= UDP:c:\windows\Temp\~os472D.tmp\ossproxy.exe:ossproxy.exe
"{D2E7051C-4B8C-4D9F-98FF-D3F172017332}"= UDP:c:\windows\Temp\~osD401.tmp\ossproxy.exe:ossproxy.exe
"{9E151374-84FB-4955-842B-433383233F0F}"= UDP:c:\windows\Temp\~os7FE9.tmp\ossproxy.exe:ossproxy.exe
"{484145DD-BFD2-4A01-B244-04C7FC93CD3E}"= UDP:c:\windows\Temp\~os139F.tmp\ossproxy.exe:ossproxy.exe
"{E7755309-97AA-46EB-9C5A-A77E38B3587C}"= UDP:c:\windows\Temp\~osA322.tmp\ossproxy.exe:ossproxy.exe
"{E751AACE-EA54-470E-8E9C-390A8A331F40}"= UDP:c:\windows\Temp\~os30D0.tmp\ossproxy.exe:ossproxy.exe
"{F36F218A-AD8E-4018-B556-A68B01B1F549}"= UDP:c:\windows\Temp\~osBFD5.tmp\ossproxy.exe:ossproxy.exe
"{FD1BC828-FDCE-4596-B419-55A1F676311A}"= UDP:c:\windows\Temp\~os477B.tmp\ossproxy.exe:ossproxy.exe
"{F7C2E2E5-CA37-4B7E-AD0A-73F7A50CB226}"= UDP:c:\windows\Temp\~osD1DF.tmp\ossproxy.exe:ossproxy.exe
"{2E8A5B63-C236-4C83-A37E-4E19595F1117}"= UDP:c:\windows\Temp\~os5F6E.tmp\ossproxy.exe:ossproxy.exe
"{847BDB9B-9F3C-431D-96D4-7CDE8CF4531C}"= UDP:c:\windows\Temp\~osEA9D.tmp\ossproxy.exe:ossproxy.exe
"{1EADFD78-47B4-4507-980F-5E354FBC7BA7}"= UDP:c:\windows\Temp\~os72DF.tmp\ossproxy.exe:ossproxy.exe
"{50884E0F-FC61-48A1-A193-F4A6F4E7C2CE}"= UDP:c:\windows\Temp\~osFCD5.tmp\ossproxy.exe:ossproxy.exe
"{DFDD394F-8BE4-4D9A-9C5F-F0126E44951E}"= UDP:c:\windows\Temp\~os863F.tmp\ossproxy.exe:ossproxy.exe
"{10529D39-A6C2-48CD-8126-15C84A60C592}"= UDP:c:\windows\Temp\~osFC9.tmp\ossproxy.exe:ossproxy.exe
"{94A727A4-0518-4A62-9576-6FFFE44D2557}"= UDP:c:\windows\Temp\~os9BA3.tmp\ossproxy.exe:ossproxy.exe
"{10D05A87-8342-48F8-BEA7-4A7902FB2DFB}"= UDP:c:\windows\Temp\~os26F1.tmp\ossproxy.exe:ossproxy.exe
"{5362FDA0-06FA-45B4-A976-948B6CE612F3}"= UDP:c:\windows\Temp\~osB0D8.tmp\ossproxy.exe:ossproxy.exe
"{D72B3F87-C32E-4435-8463-31EDA5099428}"= UDP:c:\windows\Temp\~os3BE8.tmp\ossproxy.exe:ossproxy.exe
"{EAAAE2E7-EBE6-4408-A8DE-E79881AC81FB}"= UDP:c:\windows\Temp\~osCA13.tmp\ossproxy.exe:ossproxy.exe
"{432FB4A5-CA1F-4DDB-9E40-06A19ABC5CBA}"= UDP:c:\windows\Temp\~os53BB.tmp\ossproxy.exe:ossproxy.exe
"{3711BBBD-D9E2-4D15-A9D9-957804574AAC}"= UDP:c:\windows\Temp\~osDAB5.tmp\ossproxy.exe:ossproxy.exe
"{7CF0BA7D-4929-459F-B0C8-54DD57ABD7A9}"= UDP:c:\windows\Temp\~os512C.tmp\ossproxy.exe:ossproxy.exe

aybsee
Intermediate
Intermediate

Posts Posts : 102
Joined Joined : 2008-12-19
OS OS : wnidows vista home premium
Points Points : 29512
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Trojan

Post by aybsee on 9th July 2009, 4:37 am

part 8

"{C99847C6-385D-49BA-8E06-ABAABE096F2B}"= UDP:c:\windows\Temp\~osEABC.tmp\ossproxy.exe:ossproxy.exe
"{732329A0-72EA-491B-8F35-CCDF14E02BFD}"= UDP:c:\windows\Temp\~os71E5.tmp\ossproxy.exe:ossproxy.exe
"{6CB87F65-BD53-4DE6-86DB-EDB1B9466AC6}"= UDP:c:\windows\Temp\~os37B3.tmp\ossproxy.exe:ossproxy.exe
"{F8C78FF5-34AF-4388-B68F-BE7D0E0C313C}"= UDP:c:\windows\Temp\~os5909.tmp\ossproxy.exe:ossproxy.exe
"{97F21183-EFA0-46D8-8F12-7A75A6A77D07}"= UDP:c:\windows\Temp\~os6FC4.tmp\ossproxy.exe:ossproxy.exe
"{EC3CD643-5C0B-4A8F-99E9-716B5D836535}"= UDP:c:\windows\Temp\~osF44E.tmp\ossproxy.exe:ossproxy.exe
"{712D764B-A438-44E6-85D3-4F4A12E778E4}"= UDP:c:\windows\Temp\~os79A3.tmp\ossproxy.exe:ossproxy.exe
"{09762F05-2162-4AE4-8445-30E0DFBA7CF5}"= UDP:c:\windows\Temp\~os47AB.tmp\ossproxy.exe:ossproxy.exe
"{FE61993F-6DCA-4780-82C7-6A57E79A0B61}"= UDP:c:\windows\Temp\~osB38.tmp\ossproxy.exe:ossproxy.exe
"{D8B1B31A-62A5-4BA9-84A1-5F1D42AF3DCA}"= UDP:c:\windows\Temp\~os9186.tmp\ossproxy.exe:ossproxy.exe
"{D82D53D1-BDE6-42A4-8CA2-E5F43A2E9133}"= UDP:c:\windows\Temp\~os8FA2.tmp\ossproxy.exe:ossproxy.exe
"{277EBDCF-FF23-4FFB-B512-9EC7FD91C2AB}"= UDP:c:\windows\Temp\~os1AA2.tmp\ossproxy.exe:ossproxy.exe
"{E46DF4ED-ACD0-436D-A90D-DDE917B169DD}"= UDP:c:\windows\Temp\~os7742.tmp\ossproxy.exe:ossproxy.exe
"{A24897F1-2B36-49E0-80A9-A394FC6D345D}"= UDP:c:\windows\Temp\~osE6F5.tmp\ossproxy.exe:ossproxy.exe
"{14F53CF7-08EA-4427-A998-165F9BF76B54}"= UDP:c:\windows\Temp\~os16EB.tmp\ossproxy.exe:ossproxy.exe
"{263EFAFA-F292-47A0-BA95-14C3BBC95696}"= UDP:c:\windows\Temp\~osD884.tmp\ossproxy.exe:ossproxy.exe
"{2A922212-BF5C-474F-BF76-30926F2E3262}"= UDP:c:\windows\Temp\~osA841.tmp\ossproxy.exe:ossproxy.exe
"{118AB1FE-5383-41E0-BFE6-9A7C624F6FEE}"= UDP:c:\windows\Temp\~os2B84.tmp\ossproxy.exe:ossproxy.exe
"{CCCE2CFB-A7C0-4710-956C-2272967C8075}"= UDP:c:\windows\Temp\~osB9DE.tmp\ossproxy.exe:ossproxy.exe
"{1A163021-B924-436B-B335-985C02CEED4C}"= UDP:c:\windows\Temp\~os255D.tmp\ossproxy.exe:ossproxy.exe
"{686E1514-7795-443C-9776-E4E4AC37B56B}"= UDP:c:\windows\Temp\~osF104.tmp\ossproxy.exe:ossproxy.exe
"{814D1020-6B4A-47B2-832D-D7E89698E554}"= UDP:c:\windows\Temp\~os78BA.tmp\ossproxy.exe:ossproxy.exe
"{A73BB6BD-2D85-4C2C-BE33-DDB70C638C97}"= UDP:c:\windows\Temp\~osF365.tmp\ossproxy.exe:ossproxy.exe
"{C619D10A-905B-4C8B-9FAD-BAC9CE221924}"= UDP:c:\windows\Temp\~osB260.tmp\ossproxy.exe:ossproxy.exe
"{D9BB532E-AB23-4210-85E0-CD238F7529A3}"= UDP:c:\windows\Temp\~osC9B7.tmp\ossproxy.exe:ossproxy.exe
"{13F3BB6E-1B02-4A97-9A45-6592F806E3E9}"= UDP:c:\windows\Temp\~os8652.tmp\ossproxy.exe:ossproxy.exe
"{7DB800EF-725E-4C44-AC79-9190BD6A712C}"= UDP:c:\windows\Temp\~os6C5C.tmp\ossproxy.exe:ossproxy.exe
"{832E5F7E-8795-4DD3-9061-72D298C7138C}"= UDP:c:\windows\Temp\~osF682.tmp\ossproxy.exe:ossproxy.exe
"{1047198A-C21B-442D-B15E-FAA7BE6FD6C9}"= UDP:c:\windows\Temp\~os3E99.tmp\ossproxy.exe:ossproxy.exe
"{BDF11DB6-7C54-4CE4-ACE6-E49CF007B421}"= UDP:c:\windows\Temp\~os5A91.tmp\ossproxy.exe:ossproxy.exe
"{183C2E9A-A589-49B2-9AB1-349D6EFDBFFF}"= UDP:c:\windows\Temp\~os7D5D.tmp\ossproxy.exe:ossproxy.exe
"{FF18FB16-BE62-4914-8041-CDBAB43FEDB6}"= UDP:c:\windows\Temp\~os3F25.tmp\ossproxy.exe:ossproxy.exe
"{7AAE278B-83D7-4464-8EEE-B4A04A858CF4}"= UDP:c:\windows\Temp\~os913B.tmp\ossproxy.exe:ossproxy.exe
"{611A3CB6-72B5-4DD8-87D0-85CED29E9066}"= UDP:c:\windows\Temp\~os77F1.tmp\ossproxy.exe:ossproxy.exe
"{16E2E293-32E6-4B15-B1B0-F750F95EF90C}"= UDP:c:\windows\Temp\~os23BA.tmp\ossproxy.exe:ossproxy.exe
"{34F66C45-5003-48A6-B5F4-C46DCE92B4B2}"= UDP:c:\windows\Temp\~os68D4.tmp\ossproxy.exe:ossproxy.exe
"{288A61B2-F7B0-44CF-9722-8CD944578BA5}"= UDP:c:\windows\Temp\~osA0D5.tmp\ossproxy.exe:ossproxy.exe
"{2AA16865-45E5-40E4-A0CA-F3FC772702E8}"= UDP:c:\windows\Temp\~os4F6C.tmp\ossproxy.exe:ossproxy.exe
"{ABC0CF59-4C60-4DF0-B718-B3C7F4E5BB39}"= UDP:c:\windows\Temp\~osCD51.tmp\ossproxy.exe:ossproxy.exe
"{8C1EF142-C2C6-46CC-91B3-988F63A3BA68}"= UDP:c:\windows\Temp\~os4E91.tmp\ossproxy.exe:ossproxy.exe
"{8AB2A505-346B-4F6E-963B-2BAE92C8B7B1}"= UDP:c:\windows\Temp\~os3BDC.tmp\ossproxy.exe:ossproxy.exe
"{66976D61-5DCE-4271-B4D2-9E6ED82EA7C0}"= UDP:c:\windows\Temp\~osE64E.tmp\ossproxy.exe:ossproxy.exe
"{17EEC122-8974-46E8-B8E4-62A63762801F}"= UDP:c:\windows\Temp\~os2D2D.tmp\ossproxy.exe:ossproxy.exe
"{608F9E4E-8448-4E70-88DE-7D561440ACCA}"= UDP:c:\windows\Temp\~os4030.tmp\ossproxy.exe:ossproxy.exe
"{078DB607-ED2A-47AA-AB0A-C13B9E717820}"= UDP:c:\windows\Temp\~os8D46.tmp\ossproxy.exe:ossproxy.exe
"{CF6118D4-77B3-4D56-9D07-438E1EA0D4A3}"= UDP:c:\windows\Temp\~os1EBC.tmp\ossproxy.exe:ossproxy.exe
"{47A803D7-4E14-4831-8024-97307F2ADEE1}"= UDP:c:\windows\Temp\~osAAE4.tmp\ossproxy.exe:ossproxy.exe
"{08EB4C0E-3B76-43D4-B70B-91D5211671B8}"= UDP:c:\windows\Temp\~os173D.tmp\ossproxy.exe:ossproxy.exe
"{3D8EFF34-E8EB-46F0-BDF4-6B1411142D98}"= UDP:c:\windows\Temp\~osA21E.tmp\ossproxy.exe:ossproxy.exe
"{B6A4D997-1088-4E32-A17B-B562E9D4E440}"= UDP:c:\windows\Temp\~os2D6C.tmp\ossproxy.exe:ossproxy.exe
"{345654FE-1B59-4522-8D1B-C9F3F730224B}"= UDP:c:\windows\Temp\~osEB1F.tmp\ossproxy.exe:ossproxy.exe
"{C69536B2-60D7-4F19-B688-998780CA08D1}"= UDP:c:\windows\Temp\~os7B7B.tmp\ossproxy.exe:ossproxy.exe
"{D7BAEFF2-C338-42EB-9FD3-DE6A9E649D4A}"= UDP:c:\windows\Temp\~os6BA.tmp\ossproxy.exe:ossproxy.exe
"{DCE42577-C783-49AF-A534-0A21C88C69AE}"= UDP:c:\windows\Temp\~os8ECD.tmp\ossproxy.exe:ossproxy.exe
"{81772B70-8273-483E-92E4-D87AA5A0555B}"= UDP:c:\windows\Temp\~os1AA7.tmp\ossproxy.exe:ossproxy.exe
"{959D02B5-FECA-4211-A38E-A3D78364948A}"= UDP:c:\windows\Temp\~os38E1.tmp\ossproxy.exe:ossproxy.exe
"{014B014D-4EFE-4E48-80F5-56F6FD00B287}"= UDP:c:\windows\Temp\~osADC2.tmp\ossproxy.exe:ossproxy.exe
"{9AAA26A3-79D3-4716-A7DD-3EFC3B4464CD}"= UDP:c:\windows\Temp\~os9321.tmp\ossproxy.exe:ossproxy.exe
"{DE9361C3-B2CA-4303-AC60-2D768F743E7B}"= UDP:c:\windows\Temp\~osE3FE.tmp\ossproxy.exe:ossproxy.exe
"{2D863CD6-4B59-40E7-9243-EF252595F5E5}"= UDP:c:\windows\Temp\~os376B.tmp\ossproxy.exe:ossproxy.exe
"{2F33C946-ED91-4071-8E1A-5EDCF1D4EC91}"= UDP:c:\windows\Temp\~os63C7.tmp\ossproxy.exe:ossproxy.exe
"{2103999C-3082-44DD-A996-DF891806EDB5}"= UDP:c:\windows\Temp\~os48B9.tmp\ossproxy.exe:ossproxy.exe
"{F8CDE235-E9AA-47A2-B2FE-D7E7977182E1}"= UDP:c:\windows\Temp\~osFB93.tmp\ossproxy.exe:ossproxy.exe
"{183E2CCC-4D41-407B-A3E2-78AEBD72F957}"= UDP:c:\windows\Temp\~osF914.tmp\ossproxy.exe:ossproxy.exe
"{B512B591-014A-4DD3-9A04-13BA30182315}"= UDP:c:\windows\Temp\~osC92E.tmp\ossproxy.exe:ossproxy.exe
"{5E79192C-EBCA-4EB2-876E-AD630FCD08CB}"= UDP:c:\windows\Temp\~osA75C.tmp\ossproxy.exe:ossproxy.exe
"{8D7C3BA5-5F9E-4367-9286-6EB39F3F589D}"= UDP:c:\windows\Temp\~os3D25.tmp\ossproxy.exe:ossproxy.exe
"{EBFD449C-36BF-4FE7-A9D1-ECA245E8F507}"= UDP:c:\windows\Temp\~osCA37.tmp\ossproxy.exe:ossproxy.exe
"{277B82A7-73A1-458D-8722-2B8845C75D91}"= UDP:c:\windows\Temp\~os6E05.tmp\ossproxy.exe:ossproxy.exe
"{A005B0CB-3EB5-48A3-AB82-6D1059C79C42}"= UDP:c:\windows\Temp\~osB11C.tmp\ossproxy.exe:ossproxy.exe
"{0A5E3299-9EA6-4FBC-86E1-01218C4C6623}"= UDP:c:\windows\Temp\~os4E55.tmp\ossproxy.exe:ossproxy.exe
"{6286DE1A-3B3B-4995-9998-FBF189C3E43B}"= UDP:c:\windows\Temp\~osED03.tmp\ossproxy.exe:ossproxy.exe
"{49B76A2D-B696-4CA6-A6F9-04985486C55A}"= UDP:c:\windows\Temp\~os8185.tmp\ossproxy.exe:ossproxy.exe
"{079AA9F2-9DF5-438D-B3AC-8D2CA8A0665C}"= UDP:c:\windows\Temp\~os9256.tmp\ossproxy.exe:ossproxy.exe
"{2AF7CE49-2D85-495B-A9EF-B6083DE3636F}"= UDP:c:\windows\Temp\~os9A33.tmp\ossproxy.exe:ossproxy.exe
"{90A125B8-5E9A-44F6-B57E-ACD787CCAF9D}"= UDP:c:\windows\Temp\~osF35A.tmp\ossproxy.exe:ossproxy.exe
"{25381E0B-72B2-40A8-82FA-1A8516132770}"= UDP:c:\windows\Temp\~osB909.tmp\ossproxy.exe:ossproxy.exe
"{09BFF4EA-0E5D-4542-BF54-07FA065EAC9B}"= UDP:c:\windows\Temp\~osD0DC.tmp\ossproxy.exe:ossproxy.exe
"{F39DA626-60E7-497D-A5D3-DABB90F9B104}"= UDP:c:\windows\Temp\~os3AA6.tmp\ossproxy.exe:ossproxy.exe
"{6717C3FA-82C4-4A78-90BD-81D1E8F0FBF8}"= UDP:c:\windows\Temp\~os804D.tmp\ossproxy.exe:ossproxy.exe
"{7112B3B9-B00C-4FA5-8116-EC484BFD4105}"= UDP:c:\windows\Temp\~osAA1.tmp\ossproxy.exe:ossproxy.exe
"{5A05564B-09D3-49B2-A9C2-E8DDD32BC2C9}"= UDP:c:\windows\Temp\~osE814.tmp\ossproxy.exe:ossproxy.exe
"{B0A18CE5-06E3-421E-8B60-0F3EA0DE0B13}"= UDP:c:\windows\Temp\~osA52B.tmp\ossproxy.exe:ossproxy.exe
"{ADE31496-5140-49F5-AACB-6D912F40AC71}"= UDP:c:\windows\Temp\~os3634.tmp\ossproxy.exe:ossproxy.exe
"{C829E137-A9FF-4660-8477-0506B6F25A8F}"= UDP:c:\windows\Temp\~osDCCE.tmp\ossproxy.exe:ossproxy.exe
"{C86F8AC5-22A2-4143-B669-887740A65866}"= UDP:c:\windows\Temp\~os9525.tmp\ossproxy.exe:ossproxy.exe
"{485F4A69-2537-4A7D-9B42-A107A2BA6E41}"= UDP:c:\windows\Temp\~os3F0A.tmp\ossproxy.exe:ossproxy.exe
"{3EAB7FCA-C8A2-41E2-84FA-8E3B291CF396}"= UDP:c:\windows\Temp\~osF6B4.tmp\ossproxy.exe:ossproxy.exe
"{430DAEEF-538D-4AB1-A5B0-670ED7CD7EA0}"= UDP:c:\windows\Temp\~os9850.tmp\ossproxy.exe:ossproxy.exe
"{000139D1-1BAF-469B-ACF8-852E9640D05E}"= UDP:c:\windows\Temp\~os4ABD.tmp\ossproxy.exe:ossproxy.exe
"{8A12359D-3BA8-495D-8B16-B8405F8D2CD2}"= UDP:c:\windows\Temp\~osE3FF.tmp\ossproxy.exe:ossproxy.exe
"{CFD2F320-086F-4112-A62B-EA866DF3285C}"= UDP:c:\windows\Temp\~os8618.tmp\ossproxy.exe:ossproxy.exe
"{4991404F-404A-40F8-AEF6-B3D70DE785E7}"= UDP:c:\windows\Temp\~os173F.tmp\ossproxy.exe:ossproxy.exe
"{8F91F2BF-2076-49CF-B3C2-89DDA4D4E3DC}"= UDP:c:\windows\Temp\~osBF6F.tmp\ossproxy.exe:ossproxy.exe
"{B9BD0051-7A9D-4B16-95AC-B4726E090C8D}"= UDP:c:\windows\Temp\~os4AFC.tmp\ossproxy.exe:ossproxy.exe
"{2DB7F5D4-E591-4570-AD8E-2EBBC4E7B90B}"= UDP:c:\windows\Temp\~osD669.tmp\ossproxy.exe:ossproxy.exe
"{4B8E7251-B273-4251-96DB-E080A05CB6C7}"= UDP:c:\windows\Temp\~os632D.tmp\ossproxy.exe:ossproxy.exe
"{7095101A-59AE-46EF-B79A-67DE19743DE3}"= UDP:c:\windows\Temp\~osF139.tmp\ossproxy.exe:ossproxy.exe
"{5B57034A-68CB-47E7-9EB1-77F374CC71EB}"= UDP:c:\windows\Temp\~os7BAC.tmp\ossproxy.exe:ossproxy.exe
"{941EB019-31F8-4B3E-9D1F-D1938B88069C}"= UDP:c:\windows\Temp\~os3FE.tmp\ossproxy.exe:ossproxy.exe
"{2E8B0A2B-02A0-4F03-BDBA-8393E3E3D144}"= UDP:c:\windows\Temp\~os8E33.tmp\ossproxy.exe:ossproxy.exe
"{4B2499F1-F928-4617-869A-755F73F92663}"= UDP:c:\windows\Temp\~os2A81.tmp\ossproxy.exe:ossproxy.exe
"{2897465A-CBA3-43DD-9E37-693214832CA2}"= UDP:c:\windows\Temp\~osB9A6.tmp\ossproxy.exe:ossproxy.exe
"{B3F4AC98-10D2-496A-9E18-F46E7E433674}"= UDP:c:\windows\Temp\~os4235.tmp\ossproxy.exe:ossproxy.exe
"{72406547-081F-44B8-BB93-9A1435536F70}"= UDP:c:\windows\Temp\~osCD93.tmp\ossproxy.exe:ossproxy.exe
"{7A31F7C6-A4C2-4C58-96C9-F9319D639C92}"= UDP:c:\windows\Temp\~os56ED.tmp\ossproxy.exe:ossproxy.exe
"{86735232-5CB8-485F-8D4D-FF141A472499}"= UDP:c:\windows\Temp\~osDF6E.tmp\ossproxy.exe:ossproxy.exe
"{FE11F119-34D3-48C2-85BA-CABD78B3E257}"= UDP:c:\windows\Temp\~os6540.tmp\ossproxy.exe:ossproxy.exe
"{8D779C2F-07B0-4156-92FC-F06464C901B7}"= UDP:c:\windows\Temp\~osEF27.tmp\ossproxy.exe:ossproxy.exe
"{B9A5CD56-EC38-4601-9EBF-251A4AF9E23F}"= UDP:c:\windows\Temp\~os7B4F.tmp\ossproxy.exe:ossproxy.exe
"{01F3671A-1482-4044-9810-6A743C228F44}"= UDP:c:\windows\Temp\~os748.tmp\ossproxy.exe:ossproxy.exe
"{605505F0-C051-4DB6-8543-215907CB72B0}"= UDP:c:\windows\Temp\~os9110.tmp\ossproxy.exe:ossproxy.exe
"{18B38392-61B5-44E6-B589-96B20B29BD27}"= UDP:c:\windows\Temp\~os1BC2.tmp\ossproxy.exe:ossproxy.exe
"{B6936FEB-25EF-4319-81E2-2217F7D43D98}"= UDP:c:\windows\Temp\~osA819.tmp\ossproxy.exe:ossproxy.exe
"{91E4D2F9-609B-4607-9946-20C32597D7BA}"= UDP:c:\windows\Temp\~os355A.tmp\ossproxy.exe:ossproxy.exe
"{CF77E700-9F57-472A-828F-0A6425E2C70F}"= UDP:c:\windows\Temp\~osBEF3.tmp\ossproxy.exe:ossproxy.exe
"{66107E58-4F9F-43AB-AF2B-074D98F88297}"= UDP:c:\windows\Temp\~os6649.tmp\ossproxy.exe:ossproxy.exe
"{C35817B8-8739-4448-8E6C-B3AEF718ECA5}"= UDP:c:\windows\Temp\~os2AC0.tmp\ossproxy.exe:ossproxy.exe
"{EB05EA6E-B202-4622-8ED3-D728823652C7}"= UDP:c:\windows\Temp\~osB39E.tmp\ossproxy.exe:ossproxy.exe
"{4CF2C6FE-7846-4B42-8826-01A598FBBBD3}"= UDP:c:\windows\Temp\~osEEAA.tmp\ossproxy.exe:ossproxy.exe
"{74266A38-2E25-4A75-97D9-3085C83DE718}"= UDP:c:\windows\Temp\~osC183.tmp\ossproxy.exe:ossproxy.exe
"{2DF6ED13-A24E-4A47-BC87-2CDFCA3CD4A3}"= UDP:c:\program files\RelevantKnowledge\rlvknlg.exe:rlvknlg.exe
"{A2429599-DB47-44C5-9F2C-98636AEFBCA3}"= TCP:c:\program files\RelevantKnowledge\rlvknlg.exe:rlvknlg.exe

aybsee
Intermediate
Intermediate

Posts Posts : 102
Joined Joined : 2008-12-19
OS OS : wnidows vista home premium
Points Points : 29512
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Trojan

Post by aybsee on 9th July 2009, 4:38 am

part 9

"{FD19F16A-C449-4CED-BCE2-BD316569FA59}"= UDP:c:\windows\Temp\~os4A2.tmp\ossproxy.exe:ossproxy.exe
"{C874F727-6589-4B2E-82B0-119F207695EF}"= UDP:c:\windows\Temp\~os9482.tmp\ossproxy.exe:ossproxy.exe
"{B4D0580F-B22B-4B45-AD57-A2A6FDFBD3C2}"= UDP:c:\windows\Temp\~os1C57.tmp\ossproxy.exe:ossproxy.exe
"{C8015F1D-A62B-4203-965D-B79298D693AF}"= UDP:c:\windows\Temp\~osA7A5.tmp\ossproxy.exe:ossproxy.exe
"{48D65C0D-FEFC-4804-9904-17E0665809FB}"= UDP:c:\windows\Temp\~os32F2.tmp\ossproxy.exe:ossproxy.exe
"{997091DA-F76E-4187-AC0D-AE2FCFA4BB9F}"= UDP:c:\windows\Temp\~osB7DA.tmp\ossproxy.exe:ossproxy.exe
"{BFB89BC0-742F-4806-8388-9D787A23B720}"= UDP:c:\windows\Temp\~os4099.tmp\ossproxy.exe:ossproxy.exe
"{961A20CF-98D9-457C-85E8-28B1D83A1072}"= UDP:c:\windows\Temp\~osDDC2.tmp\ossproxy.exe:ossproxy.exe
"{2A7D37C6-3F6F-4577-9A1F-A4C2B12CE5B9}"= UDP:c:\windows\Temp\~os707F.tmp\ossproxy.exe:ossproxy.exe
"{CB49604F-5529-4216-B970-0D1D54CBC986}"= UDP:c:\windows\Temp\~osFCF5.tmp\ossproxy.exe:ossproxy.exe
"{9807453F-1B86-44F2-BDE7-A869492D7D31}"= UDP:c:\windows\Temp\~os865F.tmp\ossproxy.exe:ossproxy.exe
"{4FDCCC31-65E8-4A2F-B0DA-43C7F9F40955}"= UDP:c:\windows\Temp\~osBF3.tmp\ossproxy.exe:ossproxy.exe
"{C17BB9C8-5070-48F0-8232-8BF62ADCB551}"= UDP:c:\windows\Temp\~os98C6.tmp\ossproxy.exe:ossproxy.exe
"{267DCD0A-2CC5-46A6-A487-9935645D39F3}"= UDP:c:\windows\Temp\~os232A.tmp\ossproxy.exe:ossproxy.exe
"{19E3D6A4-67E7-4BF6-9A5C-51F334699473}"= UDP:c:\windows\Temp\~osAD8E.tmp\ossproxy.exe:ossproxy.exe
"{A46B24D9-AC3B-4479-A5E7-A26F92796256}"= UDP:c:\windows\Temp\~os3727.tmp\ossproxy.exe:ossproxy.exe
"{A0A80D3A-E768-4E91-A0BF-F4A5FDD61F91}"= UDP:c:\windows\Temp\~osC82F.tmp\ossproxy.exe:ossproxy.exe
"{798907F0-9607-423B-AC93-5D5CFDC6657D}"= UDP:c:\windows\Temp\~os5D8B.tmp\ossproxy.exe:ossproxy.exe
"{B6223D02-6897-4610-AB4A-141769B2D29A}"= UDP:c:\windows\Temp\~osE89B.tmp\ossproxy.exe:ossproxy.exe
"{A5E8FCAA-1F8A-4A4E-818E-629DF3860F72}"= UDP:c:\windows\Temp\~os8F93.tmp\ossproxy.exe:ossproxy.exe
"{62800DB1-F884-4B4F-B0B4-3D90C14A6DD2}"= UDP:c:\windows\Temp\~os190D.tmp\ossproxy.exe:ossproxy.exe
"{9C3F1296-1E8C-46BD-873B-F64E9C086E27}"= UDP:c:\windows\Temp\~osA351.tmp\ossproxy.exe:ossproxy.exe
"{10468471-B735-43FD-B194-6509994B2FE9}"= UDP:c:\windows\Temp\~os2E13.tmp\ossproxy.exe:ossproxy.exe
"{27F0F801-6F1B-4566-8299-13288823553D}"= UDP:c:\windows\Temp\~osB9CE.tmp\ossproxy.exe:ossproxy.exe
"{29E9DB26-3FDF-4088-BE59-F3EA88A33010}"= UDP:c:\windows\Temp\~os6BAF.tmp\ossproxy.exe:ossproxy.exe
"{337F422F-9901-4ED7-BED1-0D7A9DC03B09}"= UDP:c:\windows\Temp\~os8B8.tmp\ossproxy.exe:ossproxy.exe
"{B01B5D8F-E9CA-4EBF-A76E-9B222CCF2692}"= UDP:c:\windows\Temp\~os9251.tmp\ossproxy.exe:ossproxy.exe
"{CF05D86C-384C-47A0-A1E1-9C8FD1B13093}"= UDP:c:\windows\Temp\~os1E99.tmp\ossproxy.exe:ossproxy.exe
"{50E064C6-C6BD-4568-8902-51D355A00F09}"= UDP:c:\windows\Temp\~osA6BB.tmp\ossproxy.exe:ossproxy.exe
"{A1CA11B2-FC5F-48BC-8CF8-5CA7E7D40644}"= UDP:c:\windows\Temp\~os3026.tmp\ossproxy.exe:ossproxy.exe
"{2FC62C4E-28CE-491A-9591-5851D93E8674}"= UDP:c:\windows\Temp\~osBA5B.tmp\ossproxy.exe:ossproxy.exe
"{6AC590FF-13FA-472A-A83F-C78BE9085B67}"= UDP:c:\windows\Temp\~os4847.tmp\ossproxy.exe:ossproxy.exe
"{FA52A181-4505-4C47-8461-BC22B181FEE3}"= UDP:c:\windows\Temp\~osD615.tmp\ossproxy.exe:ossproxy.exe
"{AC563D44-4CB6-4093-AC30-C56D5C311604}"= UDP:c:\windows\Temp\~os677B.tmp\ossproxy.exe:ossproxy.exe
"{5685FBF0-379A-4BCB-884E-B4BCA6F186BC}"= UDP:c:\windows\Temp\~osF114.tmp\ossproxy.exe:ossproxy.exe
"{3EB7D9CF-488E-4BD6-A801-63BDA760EB4A}"= UDP:c:\windows\Temp\~os86EC.tmp\ossproxy.exe:ossproxy.exe
"{53DD5A3E-D6C4-4B14-82D0-12A5233035A1}"= UDP:c:\windows\Temp\~os1BDB.tmp\ossproxy.exe:ossproxy.exe
"{BED84C43-0BFF-434A-9C89-CE630DE1C08F}"= UDP:c:\windows\Temp\~osCE38.tmp\ossproxy.exe:ossproxy.exe
"{E62D0287-F445-4C9F-904B-F3661B207276}"= UDP:c:\windows\Temp\~os60F6.tmp\ossproxy.exe:ossproxy.exe
"{AC6A2176-C349-4DE3-A929-0ED7066B2995}"= UDP:c:\windows\Temp\~osEDD9.tmp\ossproxy.exe:ossproxy.exe
"{0D50590F-0A71-41D0-A1C6-6A83465F71F6}"= UDP:c:\windows\Temp\~os7E93.tmp\ossproxy.exe:ossproxy.exe
"{F84DBC03-CE76-43AE-8B25-EE37AFC54FA3}"= UDP:c:\windows\Temp\~os25AB.tmp\ossproxy.exe:ossproxy.exe
"{5604CD20-CD3F-42FA-9FA6-F6BB93629370}"= UDP:c:\windows\Temp\~osC092.tmp\ossproxy.exe:ossproxy.exe
"{7F4C0ACC-0DE3-44ED-B510-9A4BE9494246}"= UDP:c:\windows\Temp\~os6124.tmp\ossproxy.exe:ossproxy.exe
"{1632A7B0-5BEE-4E10-8EC9-2418CBAAC4EA}"= UDP:c:\windows\Temp\~os21A5.tmp\ossproxy.exe:ossproxy.exe
"{A04AAA4A-DD32-485D-91A8-CD64D0CE0180}"= UDP:c:\windows\Temp\~osD210.tmp\ossproxy.exe:ossproxy.exe
"{E9E53B3A-0B0B-4CB9-9541-A25E8E707816}"= UDP:c:\windows\Temp\~os5C25.tmp\ossproxy.exe:ossproxy.exe
"{4C893DDC-2D66-4602-A18F-49E9D69BD346}"= UDP:c:\windows\Temp\~osE59F.tmp\ossproxy.exe:ossproxy.exe
"{3BA5EC83-71A5-4FDC-97DF-7924EBDFF14E}"= UDP:c:\windows\Temp\~os709F.tmp\ossproxy.exe:ossproxy.exe
"{0BB146D0-9038-4830-AE9D-C690511AE28A}"= UDP:c:\windows\Temp\~osFBCE.tmp\ossproxy.exe:ossproxy.exe
"{23D815F9-7F0B-480B-883C-C62D716E9756}"= UDP:c:\windows\Temp\~osB720.tmp\ossproxy.exe:ossproxy.exe
"{BA04FD01-EDFF-4A40-8540-14DDE4F25BD5}"= UDP:c:\windows\Temp\~os3E49.tmp\ossproxy.exe:ossproxy.exe
"{D0FF0B26-3FDB-4A88-AF48-916883F851C9}"= UDP:c:\windows\Temp\~osC7B4.tmp\ossproxy.exe:ossproxy.exe
"{12BDBA24-66CF-43FD-9A79-06EC29CB7281}"= UDP:c:\windows\Temp\~os8519.tmp\ossproxy.exe:ossproxy.exe
"{2B9E5B7E-3109-4EEA-B793-939408B34475}"= UDP:c:\windows\Temp\~os4A99.tmp\ossproxy.exe:ossproxy.exe
"{EC3AF7F4-C2A7-4566-9840-7F620E44E924}"= UDP:c:\windows\Temp\~osD6A.tmp\ossproxy.exe:ossproxy.exe
"{E10F95D1-B00E-40B3-BC58-561A75C337B9}"= UDP:c:\windows\Temp\~os8EF8.tmp\ossproxy.exe:ossproxy.exe
"{E643975D-2604-45C3-AFEF-DE2549395DDB}"= UDP:c:\windows\Temp\~os733.tmp\ossproxy.exe:ossproxy.exe
"{3C74447D-99A9-459B-AF8A-020A86C82480}"= UDP:c:\windows\Temp\~os870C.tmp\ossproxy.exe:ossproxy.exe
"{8D59F8B7-7974-4F76-9636-CF61D57F93AD}"= UDP:c:\windows\Temp\~os9A10.tmp\ossproxy.exe:ossproxy.exe
"{7B806DB5-81C3-4EF5-B01D-2FF68CC8EFB8}"= UDP:c:\windows\Temp\~osFBB.tmp\ossproxy.exe:ossproxy.exe
"{6531423E-0D6E-4E22-9860-031B58908EFF}"= UDP:c:\windows\Temp\~os8D92.tmp\ossproxy.exe:ossproxy.exe
"{092EE09C-5569-46C9-A12B-59756387C600}"= UDP:c:\windows\Temp\~os16EC.tmp\ossproxy.exe:ossproxy.exe
"{FF521378-F51B-4DE4-962A-B660A7D6DFF6}"= UDP:c:\windows\Temp\~os7A1.tmp\ossproxy.exe:ossproxy.exe
"{4AF3801D-66B6-4D46-B453-E66AFF4CA5B0}"= UDP:c:\windows\Temp\~os3278.tmp\ossproxy.exe:ossproxy.exe
"{C8C5D20C-D58F-42FC-AD78-7609138A405F}"= UDP:c:\windows\Temp\~osC535.tmp\ossproxy.exe:ossproxy.exe
"{CF9233F4-7863-4EA5-89F9-6CAA82A044CB}"= UDP:c:\windows\Temp\~osCFA0.tmp\ossproxy.exe:ossproxy.exe
"{EAC72EB4-A4D9-44B6-BFC0-BADFA5B7650D}"= UDP:c:\windows\Temp\~osCA72.tmp\ossproxy.exe:ossproxy.exe
"{2967516E-C64D-456C-B5B6-455C917D7EBF}"= UDP:c:\windows\Temp\~os406C.tmp\ossproxy.exe:ossproxy.exe
"{DB425BE4-967A-4C9D-8FAE-68290BD5F5E4}"= UDP:c:\windows\Temp\~os5469.tmp\ossproxy.exe:ossproxy.exe
"{ABA9CABB-911B-43F0-B043-D84BC15C75F4}"= UDP:c:\windows\Temp\~os4FF6.tmp\ossproxy.exe:ossproxy.exe
"{BABB12AA-7590-4540-A9D6-59D2A9FC7A98}"= UDP:c:\windows\Temp\~os3AF0.tmp\ossproxy.exe:ossproxy.exe
"{260D9CE1-FEB3-4636-97F6-16C25FF1538C}"= UDP:c:\windows\Temp\~os2E05.tmp\ossproxy.exe:ossproxy.exe
"{BBC9CCBC-9DD6-43F8-8D14-D73A6E1A037C}"= UDP:c:\windows\Temp\~osFEAC.tmp\ossproxy.exe:ossproxy.exe
"{4DF37596-EED2-40F5-8A17-CDED95A58A44}"= UDP:c:\windows\Temp\~os1B02.tmp\ossproxy.exe:ossproxy.exe
"{CE5005D1-2BEC-4124-ACA0-48BB0DCEF440}"= UDP:c:\windows\Temp\~os716B.tmp\ossproxy.exe:ossproxy.exe
"{3A527CAD-594F-4747-ADCB-E6D4213F55AF}"= UDP:c:\windows\Temp\~osA382.tmp\ossproxy.exe:ossproxy.exe
"{6C481CB6-DA0B-4205-B30D-32D42DF7F225}"= UDP:c:\windows\Temp\~os1A28.tmp\ossproxy.exe:ossproxy.exe
"{FE806085-1CB6-436F-A491-C263494DEF1B}"= UDP:c:\windows\Temp\~os39C.tmp\ossproxy.exe:ossproxy.exe
"{A1A3008B-0B56-4390-8AC7-E36F4E6B3DFC}"= UDP:c:\windows\Temp\~osB01F.tmp\ossproxy.exe:ossproxy.exe
"{5C0CFD04-C7A1-4F38-9CFE-19FC335076E4}"= UDP:c:\windows\Temp\~osA7D6.tmp\ossproxy.exe:ossproxy.exe
"{E4D61410-EFEA-4DF9-A146-CF55E507B066}"= UDP:c:\windows\Temp\~os9D6A.tmp\ossproxy.exe:ossproxy.exe
"{35D3455C-5F1B-4C7F-8DF0-A5DC9961889F}"= UDP:c:\windows\Temp\~os9446.tmp\ossproxy.exe:ossproxy.exe
"{E6F05A97-100D-445A-88F4-4BC54A523C1A}"= UDP:c:\windows\Temp\~os7294.tmp\ossproxy.exe:ossproxy.exe
"{FB045D2B-49DB-48F3-95B1-C70F81521346}"= UDP:c:\windows\Temp\~os71B9.tmp\ossproxy.exe:ossproxy.exe
"{C2AD2A2C-5C36-4C51-BF64-8835E48625EE}"= UDP:c:\windows\Temp\~osC15F.tmp\ossproxy.exe:ossproxy.exe
"{2DEEA913-B7B5-46E1-94D6-7199DE82C29C}"= UDP:c:\windows\Temp\~osFC2D.tmp\ossproxy.exe:ossproxy.exe
"{FE7701F2-825A-473C-BDC0-0B5543E57982}"= UDP:c:\windows\Temp\~osFA78.tmp\ossproxy.exe:ossproxy.exe
"{6430648A-58AC-47AE-B8CC-D1A565B65478}"= UDP:c:\windows\Temp\~osF1A2.tmp\ossproxy.exe:ossproxy.exe
"{1EAA374F-31BF-4C8F-9CCC-366F7A7DD1D6}"= UDP:c:\windows\Temp\~os4AB9.tmp\ossproxy.exe:ossproxy.exe
"{5FC96BD8-48EC-443A-9579-7BC9E3852357}"= UDP:c:\windows\Temp\~os8FA5.tmp\ossproxy.exe:ossproxy.exe
"{A501A22C-F2C2-4374-B740-6AA956228EBA}"= UDP:c:\windows\Temp\~osF7D9.tmp\ossproxy.exe:ossproxy.exe
"{983D3EA7-43F3-45A9-9603-5D419FD80214}"= UDP:c:\windows\Temp\~os323A.tmp\ossproxy.exe:ossproxy.exe
"{19F1A638-555A-4034-A091-04913696C1EE}"= UDP:c:\windows\Temp\~os397B.tmp\ossproxy.exe:ossproxy.exe
"{81404CD6-C875-4C88-A1C6-4B71D2E41BD9}"= UDP:c:\windows\Temp\~os8F09.tmp\ossproxy.exe:ossproxy.exe
"{AC4FB705-C435-4A50-83CE-1253488C73BB}"= UDP:c:\windows\Temp\~os1FC4.tmp\ossproxy.exe:ossproxy.exe
"{50043C2F-3B64-4A84-ABF3-7659FB33744D}"= UDP:c:\windows\Temp\~os784F.tmp\ossproxy.exe:ossproxy.exe
"{3005539E-8314-4342-AAA0-3D73E235C55C}"= UDP:c:\windows\Temp\~os75A0.tmp\ossproxy.exe:ossproxy.exe
"{FAB27F10-F9AD-4A6A-8438-EB1687CB7C17}"= UDP:c:\windows\Temp\~osDBE1.tmp\ossproxy.exe:ossproxy.exe
"{7A7BAABE-04AF-4FB7-B4E2-F6ED99C2DF29}"= UDP:c:\windows\Temp\~os743A.tmp\ossproxy.exe:ossproxy.exe
"{16EA51E5-8FEF-4F9A-89A0-037C5101BD97}"= UDP:c:\windows\Temp\~os4D97.tmp\ossproxy.exe:ossproxy.exe
"{A68F153A-531E-4C2E-842F-D2CDEA0D17ED}"= UDP:c:\windows\Temp\~os1133.tmp\ossproxy.exe:ossproxy.exe
"{3FE9EC78-C77C-4ADC-9183-772EA3BF255E}"= UDP:c:\windows\Temp\~osD991.tmp\ossproxy.exe:ossproxy.exe
"{415B7A78-3878-4E9F-BBBC-6562E596C4A5}"= UDP:c:\windows\Temp\~os7707.tmp\ossproxy.exe:ossproxy.exe
"{AECA93DF-9624-4F97-B470-404E39EA163B}"= UDP:c:\windows\Temp\~osDBD2.tmp\ossproxy.exe:ossproxy.exe
"{3522A303-65BC-43F4-A60C-F17FF4A19B2F}"= UDP:c:\windows\Temp\~os58FD.tmp\ossproxy.exe:ossproxy.exe
"{4BC795A6-EE9F-4AA5-9BA3-01986FB446F3}"= UDP:c:\windows\Temp\~osB3B.tmp\ossproxy.exe:ossproxy.exe
"{87BAEB8E-536D-4798-9C70-049431FF5A2B}"= UDP:c:\windows\Temp\~os8FD5.tmp\ossproxy.exe:ossproxy.exe
"{D54C3CBD-E77F-4A86-8117-BC809E45ED40}"= UDP:c:\windows\Temp\~osD58B.tmp\ossproxy.exe:ossproxy.exe
"{4F9F8264-B25D-40CD-9F8B-862ABE585902}"= UDP:c:\windows\Temp\~os3C97.tmp\ossproxy.exe:ossproxy.exe
"{B32D40B5-AE82-416A-9768-B452547FDAB2}"= UDP:c:\windows\Temp\~os58FE.tmp\ossproxy.exe:ossproxy.exe
"{BBE8D3AD-0E5A-4D9F-91A2-DCC50E03402B}"= UDP:c:\windows\Temp\~os8DD2.tmp\ossproxy.exe:ossproxy.exe
"{2395A92A-226C-4062-97E1-2A61171A2BD8}"= UDP:c:\windows\Temp\~osF30A.tmp\ossproxy.exe:ossproxy.exe
"{0AE0CD5D-0A8A-4073-85CE-9C40272010EB}"= UDP:c:\windows\Temp\~os5AC1.tmp\ossproxy.exe:ossproxy.exe
"{4E63C51B-6BAD-44BB-9FF2-96E726B2E73B}"= UDP:c:\windows\Temp\~os480C.tmp\ossproxy.exe:ossproxy.exe
"{AA8ED3FF-6349-4482-825F-4FD78274B578}"= UDP:c:\windows\Temp\~os581.tmp\ossproxy.exe:ossproxy.exe
"{AF127942-E0CD-4E4D-9E18-592AD611CBE6}"= UDP:c:\windows\Temp\~os7CF1.tmp\ossproxy.exe:ossproxy.exe
"{E8A4A621-E0BE-4499-80A0-CCFAE4DB060A}"= UDP:c:\windows\Temp\~osF7CB.tmp\ossproxy.exe:ossproxy.exe
"{5786AB8C-1E9D-4645-B5AA-B9FB85EBE878}"= UDP:c:\windows\Temp\~os458D.tmp\ossproxy.exe:ossproxy.exe
"{7699D458-EE29-475E-B461-DCE27F123676}"= UDP:c:\windows\Temp\~os487A.tmp\ossproxy.exe:ossproxy.exe
"{E7B0AA64-8BD1-41AE-8A99-106E5466D920}"= UDP:c:\windows\Temp\~osC306.tmp\ossproxy.exe:ossproxy.exe
"{C7FC1610-A928-4DB5-9DFB-AE14E9A743DB}"= UDP:c:\windows\Temp\~osD1F.tmp\ossproxy.exe:ossproxy.exe
"{AA93AD84-18BD-4527-BAF8-08C506D4E4BF}"= UDP:c:\windows\Temp\~osAF38.tmp\ossproxy.exe:ossproxy.exe
"{41773D65-75C4-44A2-AAEB-014CC6B5B829}"= UDP:c:\windows\Temp\~os6E90.tmp\ossproxy.exe:ossproxy.exe
"{C1AFAC23-29B4-4C9C-9FE6-A87D9760EBC7}"= UDP:c:\windows\Temp\~osB984.tmp\ossproxy.exe:ossproxy.exe
"{F61FBC46-B51C-4022-97AD-004BA7423855}"= UDP:c:\windows\Temp\~osD52F.tmp\ossproxy.exe:ossproxy.exe
"{43EDF3FA-0ED7-40DA-BC6F-9E54FEAE4E5C}"= UDP:c:\windows\Temp\~os27F0.tmp\ossproxy.exe:ossproxy.exe
"{A2A43144-BB56-4CBB-ADFE-D2526931129C}"= UDP:c:\windows\Temp\~osB15A.tmp\ossproxy.exe:ossproxy.exe
"{B093EF5F-3C17-4B9D-B130-A17A225E2B7C}"= UDP:c:\windows\Temp\~os4ADB.tmp\ossproxy.exe:ossproxy.exe
"{65B3EC72-50D4-4D3B-A2FE-A1CD1ECFC48E}"= UDP:c:\windows\Temp\~os1F68.tmp\ossproxy.exe:ossproxy.exe
"{CCBD8F37-AF4E-41B0-A7FF-B4BB60BFC87F}"= UDP:c:\windows\Temp\~os3E0F.tmp\ossproxy.exe:ossproxy.exe
"{595833D9-1F79-4755-94CC-C2BA91BA3DBA}"= UDP:c:\windows\Temp\~os2DC9.tmp\ossproxy.exe:ossproxy.exe
"{0A6ECD9A-215E-42D8-B03D-DEC4259A60D5}"= UDP:c:\windows\Temp\~osB57F.tmp\ossproxy.exe:ossproxy.exe
"{79EE790F-2869-4D92-A1D9-B70016599BEB}"= UDP:c:\windows\Temp\~osC2D7.tmp\ossproxy.exe:ossproxy.exe
"{DD18987F-A8DB-4B55-BEB9-E466D30A4FA1}"= UDP:c:\windows\Temp\~osAA0A.tmp\ossproxy.exe:ossproxy.exe
"{6B728E7A-B740-4D3D-9707-22D2DA40F9CE}"= UDP:c:\windows\Temp\~os2BA8.tmp\ossproxy.exe:ossproxy.exe
"{B714086D-6FDA-4ED3-8CF3-3F9FC4921F59}"= UDP:c:\windows\Temp\~os30B6.tmp\ossproxy.exe:ossproxy.exe
"{F0AC08F9-F9CF-466F-8301-79593D06708D}"= UDP:c:\windows\Temp\~os1F69.tmp\ossproxy.exe:ossproxy.exe

aybsee
Intermediate
Intermediate

Posts Posts : 102
Joined Joined : 2008-12-19
OS OS : wnidows vista home premium
Points Points : 29512
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Trojan

Post by aybsee on 9th July 2009, 4:39 am

part 10

"{D84EACBE-284D-4EE5-B814-6E9054F8C50E}"= UDP:c:\windows\Temp\~os16E0.tmp\ossproxy.exe:ossproxy.exe
"{787A3B17-D0A8-4AB1-9F52-397C92605599}"= UDP:c:\windows\Temp\~os42B.tmp\ossproxy.exe:ossproxy.exe
"{A930331E-8C17-4F37-A264-A12CD33CD83F}"= UDP:c:\windows\Temp\~os8932.tmp\ossproxy.exe:ossproxy.exe
"{D3EEF15A-030D-438B-A51B-17AF29AFD050}"= UDP:c:\windows\Temp\~os75F0.tmp\ossproxy.exe:ossproxy.exe
"{573A9EA9-3BB3-4CF9-A342-B0A890124D07}"= UDP:c:\windows\Temp\~osA02B.tmp\ossproxy.exe:ossproxy.exe
"{33D71D87-977D-44BC-BF30-FD166C34C1F0}"= UDP:c:\windows\Temp\~os8674.tmp\ossproxy.exe:ossproxy.exe
"{0DB4137C-DAB5-4143-8B53-C6CCEA6A9031}"= UDP:c:\windows\Temp\~os68B7.tmp\ossproxy.exe:ossproxy.exe
"{83EAE823-D086-47D4-9AFC-9B24E06900AD}"= UDP:c:\windows\Temp\~os5547.tmp\ossproxy.exe:ossproxy.exe
"{EAEA3549-3B7D-4D1E-88E2-9658BC85108E}"= UDP:c:\windows\Temp\~osCD63.tmp\ossproxy.exe:ossproxy.exe
"{FCCECCBE-42D7-4C53-929A-F4FB1F48A93C}"= UDP:c:\windows\Temp\~os4234.tmp\ossproxy.exe:ossproxy.exe
"{EA0A5BFA-1D15-445E-9954-D05C8A817059}"= UDP:c:\windows\Temp\~os3633.tmp\ossproxy.exe:ossproxy.exe
"{C8160A36-7274-44A6-9E94-5D9AF507BD66}"= UDP:c:\windows\Temp\~os5C1.tmp\ossproxy.exe:ossproxy.exe
"{C5AF69BD-230C-4053-AF99-3D5E1F8E82DE}"= UDP:c:\windows\Temp\~osE749.tmp\ossproxy.exe:ossproxy.exe
"{C025CD74-6643-46AA-BD23-0C6AA495954B}"= UDP:c:\windows\Temp\~osDA7D.tmp\ossproxy.exe:ossproxy.exe
"{CB97F5E7-E647-47AB-BE8C-85E675A3B052}"= UDP:c:\windows\Temp\~osD13A.tmp\ossproxy.exe:ossproxy.exe
"{8C4E8EAC-AF90-4C89-AB1A-D0DA58008C82}"= UDP:c:\windows\Temp\~osB8DA.tmp\ossproxy.exe:ossproxy.exe
"{A7C916BE-1F15-48E6-987F-1B39B814E2E5}"= UDP:c:\windows\Temp\~osA24E.tmp\ossproxy.exe:ossproxy.exe
"{75F60B91-9FE9-49CE-86F2-09DB3FE22AD2}"= UDP:c:\windows\Temp\~os9AEE.tmp\ossproxy.exe:ossproxy.exe
"{47D01167-CFBC-446F-83C8-3FB0540B8F9B}"= UDP:c:\windows\Temp\~osA71E.tmp\ossproxy.exe:ossproxy.exe
"{86CBF856-C1BD-4F53-A4A4-E277C54B7178}"= UDP:c:\windows\Temp\~os7AF0.tmp\ossproxy.exe:ossproxy.exe
"{CA3CC44C-DB14-4C98-9309-81D55A77742C}"= UDP:c:\windows\Temp\~os64D1.tmp\ossproxy.exe:ossproxy.exe
"{A0A72274-3421-4311-8C4E-BBFEB5601208}"= UDP:c:\windows\Temp\~os5E2D.tmp\ossproxy.exe:ossproxy.exe
"{144E774E-249D-4EF8-966C-DC8EF4067844}"= UDP:c:\windows\Temp\~os416A.tmp\ossproxy.exe:ossproxy.exe
"{DC6A8E2D-4EDE-4D48-9375-BA2638835937}"= UDP:c:\windows\Temp\~osCBAE.tmp\ossproxy.exe:ossproxy.exe
"{000FCF60-0EFE-4200-B447-62D58C47BAAB}"= UDP:c:\windows\Temp\~os9CD2.tmp\ossproxy.exe:ossproxy.exe
"{EE6DC9F3-473C-4B34-AB2D-993F880C7E08}"= UDP:c:\windows\Temp\~os91BB.tmp\ossproxy.exe:ossproxy.exe
"{94B3010F-1F26-45C5-9605-EE270777B720}"= UDP:c:\windows\Temp\~os1616.tmp\ossproxy.exe:ossproxy.exe
"{B2CADE3E-F060-4373-BD16-2857BB203227}"= UDP:c:\windows\Temp\~osF76F.tmp\ossproxy.exe:ossproxy.exe
"{B4780B9E-01FC-4537-8E0C-FF1FDE8DDACC}"= UDP:c:\windows\Temp\~osE24A.tmp\ossproxy.exe:ossproxy.exe
"{F947CFB1-320B-48AF-B2C9-A22E19A0B4C7}"= UDP:c:\windows\Temp\~osCE0F.tmp\ossproxy.exe:ossproxy.exe
"{2C6FFFEA-8173-4A0A-911C-17737C0F2157}"= UDP:c:\windows\Temp\~osDE06.tmp\ossproxy.exe:ossproxy.exe
"{A33EF79D-1AAE-49CB-AB4B-139E6BB67825}"= UDP:c:\windows\Temp\~os5355.tmp\ossproxy.exe:ossproxy.exe
"{45088AC7-1D77-4CC1-8223-417F2A57C758}"= UDP:c:\windows\Temp\~osC6FE.tmp\ossproxy.exe:ossproxy.exe
"{E2F2F3F5-6273-44E0-A5C5-EF9FFBF0D8E8}"= UDP:c:\windows\Temp\~os3BA0.tmp\ossproxy.exe:ossproxy.exe
"{8DC50B81-C625-4CDB-90D1-B8172F41012B}"= UDP:c:\windows\Temp\~osAE8E.tmp\ossproxy.exe:ossproxy.exe
"{989A23C9-536E-4E16-90E9-E879F59384A0}"= UDP:c:\windows\Temp\~os29E5.tmp\ossproxy.exe:ossproxy.exe
"{6720D98B-49D6-4E2D-9CB4-9C8364C0047D}"= UDP:c:\windows\Temp\~osAF2A.tmp\ossproxy.exe:ossproxy.exe
"{ADF78AB0-0665-406C-B360-176D63E20D32}"= UDP:c:\windows\Temp\~os30D7.tmp\ossproxy.exe:ossproxy.exe
"{C7E90165-240A-4D58-AA52-07E05545B623}"= UDP:c:\windows\Temp\~osA49F.tmp\ossproxy.exe:ossproxy.exe
"{AFB3D61F-DEF5-4622-99FB-BC9FC14E20F9}"= UDP:c:\windows\Temp\~os155C.tmp\ossproxy.exe:ossproxy.exe
"{C509C1EA-DF16-4DE0-834A-13020027F4D4}"= UDP:c:\windows\Temp\~os9313.tmp\ossproxy.exe:ossproxy.exe
"{3B179555-AB1B-421D-AB01-0424560D5AD9}"= UDP:c:\windows\Temp\~osCD4.tmp\ossproxy.exe:ossproxy.exe
"{ACAE1007-F6B1-470A-BA55-1DA7DC971ED6}"= UDP:c:\windows\Temp\~os8222.tmp\ossproxy.exe:ossproxy.exe
"{95410F3F-3325-44EA-B613-BBA2B818C972}"= UDP:c:\windows\Temp\~os352.tmp\ossproxy.exe:ossproxy.exe
"{4651ABC1-9CB3-4400-B2B7-8B191DCCEB73}"= UDP:c:\windows\Temp\~os744D.tmp\ossproxy.exe:ossproxy.exe
"{09D6DB65-CB65-4AA4-B957-C1CD50557733}"= UDP:c:\windows\Temp\~osE7F6.tmp\ossproxy.exe:ossproxy.exe
"{741F0758-81A8-4F04-B0AB-3C50D48C9C27}"= UDP:c:\windows\Temp\~os66D5.tmp\ossproxy.exe:ossproxy.exe
"{76767396-9930-46DA-8519-E046CA825040}"= UDP:c:\windows\Temp\~osE289.tmp\ossproxy.exe:ossproxy.exe
"{DDEDD32C-1B3A-4003-81C4-017512B450C9}"= UDP:c:\windows\Temp\~os5F66.tmp\ossproxy.exe:ossproxy.exe
"{39E0406E-3217-43EE-8D9B-19295ED74923}"= UDP:c:\windows\Temp\~osD6C6.tmp\ossproxy.exe:ossproxy.exe
"{DB8805E5-4EBB-4EF4-8D25-2C1E701CC4DC}"= UDP:c:\windows\Temp\~os4BD6.tmp\ossproxy.exe:ossproxy.exe
"{5A1186CC-5647-441D-A05C-63703B7C33FA}"= UDP:c:\windows\Temp\~osBF70.tmp\ossproxy.exe:ossproxy.exe
"{31529B0F-0597-4076-AABB-F2539961C297}"= UDP:c:\windows\Temp\~os41E8.tmp\ossproxy.exe:ossproxy.exe
"{50B529E9-FDDB-462D-8D37-580ACD422951}"= UDP:c:\windows\Temp\~osB2F2.tmp\ossproxy.exe:ossproxy.exe
"{394EC12F-77B9-4751-AB3C-4FADDE298CA4}"= UDP:c:\windows\Temp\~os2572.tmp\ossproxy.exe:ossproxy.exe
"{C4CC1A3A-DC95-41FE-A290-E3F07990BAC6}"= UDP:c:\windows\Temp\~os11C4.tmp\ossproxy.exe:ossproxy.exe
"{539E3826-4F24-4C16-83D3-63B2F41C3674}"= UDP:c:\windows\Temp\~osF9F0.tmp\ossproxy.exe:ossproxy.exe
"{16B57759-F55A-4E1B-AF2A-AF378DC70317}"= UDP:c:\windows\Temp\~osD570.tmp\ossproxy.exe:ossproxy.exe
"{DEFA989F-1C9F-4F53-AB9C-A481FC541D53}"= UDP:c:\windows\Temp\~osA2BC.tmp\ossproxy.exe:ossproxy.exe
"{4B8DC1A0-355F-42F9-811D-7A5E205056E2}"= UDP:c:\windows\Temp\~os80BB.tmp\ossproxy.exe:ossproxy.exe
"{512F125B-F5B2-40EC-B2B2-9FE613EEA5B7}"= UDP:c:\windows\Temp\~os5DFF.tmp\ossproxy.exe:ossproxy.exe
"{0990A098-629D-44DB-AC42-333333833762}"= UDP:c:\windows\Temp\~os3AB7.tmp\ossproxy.exe:ossproxy.exe
"{364D94F5-E265-4D59-9EA9-555263BECDAB}"= UDP:c:\windows\Temp\~os102E.tmp\ossproxy.exe:ossproxy.exe
"{0F1113CE-893E-41BE-B3CC-60C04632C57E}"= UDP:c:\windows\Temp\~osE142.tmp\ossproxy.exe:ossproxy.exe
"{FC44284D-3669-43F2-8F4D-F26482E791A2}"= UDP:c:\windows\Temp\~osC347.tmp\ossproxy.exe:ossproxy.exe
"{3218CD06-8A65-4DC0-B070-AADA2AFC6D97}"= UDP:c:\windows\Temp\~osA839.tmp\ossproxy.exe:ossproxy.exe
"{34915768-B0FE-42C1-9A60-E7F828B271D5}"= UDP:c:\windows\Temp\~os85DA.tmp\ossproxy.exe:ossproxy.exe
"{9B554992-7BD8-4CB9-B77F-02C1787E71AA}"= UDP:c:\windows\Temp\~os6E45.tmp\ossproxy.exe:ossproxy.exe
"{1481B428-0C43-4B26-8CF7-F89D3D318278}"= UDP:c:\windows\Temp\~os6408.tmp\ossproxy.exe:ossproxy.exe
"{AC0709D5-B381-4793-9723-9BC1A00083B4}"= UDP:c:\windows\Temp\~os50C7.tmp\ossproxy.exe:ossproxy.exe
"{3627D69B-8E0D-4545-91BA-574EA5F2A64A}"= UDP:c:\windows\Temp\~os3A89.tmp\ossproxy.exe:ossproxy.exe
"{1BDBCC9F-61BD-4638-9B8B-3D4D1C2C04B0}"= UDP:c:\windows\Temp\~os17CD.tmp\ossproxy.exe:ossproxy.exe
"{D9A32A58-5D5D-4911-A7AE-E3166954EE71}"= UDP:c:\windows\Temp\~os10EA.tmp\ossproxy.exe:ossproxy.exe
"{3DA51F3E-EF4D-4630-B732-15DED3373FD3}"= UDP:c:\windows\Temp\~osF83C.tmp\ossproxy.exe:ossproxy.exe
"{00BA000C-EA9A-4FDE-BF19-8CA0E17DCF6F}"= UDP:c:\windows\Temp\~osDE37.tmp\ossproxy.exe:ossproxy.exe
"{5EB093A6-7089-481A-A623-267DA82FF4F0}"= UDP:c:\windows\Temp\~os7C3A.tmp\ossproxy.exe:ossproxy.exe
"{60567BBF-17F4-40D5-A534-AB0CB58106CF}"= UDP:c:\windows\Temp\~os5EDA.tmp\ossproxy.exe:ossproxy.exe
"{6855F626-5FE0-457F-8761-364FBC168741}"= UDP:c:\windows\Temp\~os38D4.tmp\ossproxy.exe:ossproxy.exe
"{36B579F7-2F0B-4E4B-AC64-7D982218D0CB}"= UDP:c:\windows\Temp\~os3452.tmp\ossproxy.exe:ossproxy.exe
"{E6B5443F-B5B2-4635-85B8-07EDF9FB732D}"= UDP:c:\windows\Temp\~os30AA.tmp\ossproxy.exe:ossproxy.exe
"{F3ECAE35-E653-4745-8C92-5E8951FC8F19}"= UDP:c:\windows\Temp\~os26EA.tmp\ossproxy.exe:ossproxy.exe
"{A060F313-3AAC-4804-8EDD-39EB683232D3}"= UDP:c:\windows\Temp\~osF45.tmp\ossproxy.exe:ossproxy.exe
"{03EC07AB-E494-47CE-BBA6-A7AB5A1A353A}"= UDP:c:\windows\Temp\~osF9C2.tmp\ossproxy.exe:ossproxy.exe
"{97369811-2BEA-42B8-9B23-511FD758BB9F}"= UDP:c:\windows\Temp\~osE26B.tmp\ossproxy.exe:ossproxy.exe
"{CA67C188-51C3-49DF-A752-FB67FF0722D5}"= UDP:c:\windows\Temp\~osA9FE.tmp\ossproxy.exe:ossproxy.exe
"{1F689D03-412D-40CA-ABDD-FC6AB6E1665A}"= UDP:c:\windows\Temp\~os9D51.tmp\ossproxy.exe:ossproxy.exe
"{07E30568-88D6-4E58-9EB8-4DA5DB0F4E1C}"= UDP:c:\windows\Temp\~os8B38.tmp\ossproxy.exe:ossproxy.exe
"{18E7A709-45DE-4F1B-81D9-A74A47CF27DC}"= UDP:c:\windows\Temp\~os7F65.tmp\ossproxy.exe:ossproxy.exe
"{BC4CC459-C2EB-4C11-986D-1774B6433E46}"= UDP:c:\windows\Temp\~os6D0E.tmp\ossproxy.exe:ossproxy.exe
"{E69A975B-DBEC-4E2B-A3C8-134249F08537}"= UDP:c:\windows\Temp\~osA46.tmp\ossproxy.exe:ossproxy.exe
"{3A3373A1-C425-4FCA-8E17-BC8AD975C817}"= UDP:c:\windows\Temp\~osF3E9.tmp\ossproxy.exe:ossproxy.exe
"{5ED403CD-1712-48D1-BB4F-ADE5F7156B56}"= UDP:c:\windows\Temp\~osDA51.tmp\ossproxy.exe:ossproxy.exe
"{CF1C371C-2162-4AB6-90FA-548C7A06C77F}"= UDP:c:\windows\Temp\~osC04C.tmp\ossproxy.exe:ossproxy.exe
"{425BA370-A838-40E7-AB8F-BFA8727DAD60}"= UDP:c:\windows\Temp\~osA646.tmp\ossproxy.exe:ossproxy.exe
"{59898E6A-3015-44C8-8A90-0A413A1A709F}"= UDP:c:\windows\Temp\~os86D5.tmp\ossproxy.exe:ossproxy.exe

aybsee
Intermediate
Intermediate

Posts Posts : 102
Joined Joined : 2008-12-19
OS OS : wnidows vista home premium
Points Points : 29512
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Trojan

Post by aybsee on 9th July 2009, 4:39 am

part 11

"{26FE21AA-5D3E-46C7-BDEF-2CF3A7B6A546}"= UDP:c:\windows\Temp\~os6E46.tmp\ossproxy.exe:ossproxy.exe
"{67835089-EA09-49D7-B7A6-39C9A0D7BA3F}"= UDP:c:\windows\Temp\~os463D.tmp\ossproxy.exe:ossproxy.exe
"{249334C5-C2D5-401B-B02D-480A5063219A}"= UDP:c:\windows\Temp\~os29E7.tmp\ossproxy.exe:ossproxy.exe
"{7DB96C48-3DF4-4181-8238-577CA80E31B1}"= UDP:c:\windows\Temp\~os17ED.tmp\ossproxy.exe:ossproxy.exe
"{CC6FC8E4-3A39-4E95-8FB3-7D85EC01A023}"= UDP:c:\windows\Temp\~os11A6.tmp\ossproxy.exe:ossproxy.exe
"{63EAA5F2-ADEE-490E-9728-D746A04F759A}"= UDP:c:\windows\Temp\~osD67A.tmp\ossproxy.exe:ossproxy.exe
"{566D5F0C-38D0-42C1-84C8-50823CEE9CCD}"= UDP:c:\windows\Temp\~osC184.tmp\ossproxy.exe:ossproxy.exe
"{36531F4F-474D-4CB1-9CFB-C576CF342B6B}"= UDP:c:\windows\Temp\~osB860.tmp\ossproxy.exe:ossproxy.exe
"{0D2BAAA9-5C53-4851-9A0B-4A4AA459569C}"= UDP:c:\windows\Temp\~osAA5C.tmp\ossproxy.exe:ossproxy.exe
"{6657BF98-B03C-4646-BAC1-64DD0C4B42F5}"= UDP:c:\windows\Temp\~os9131.tmp\ossproxy.exe:ossproxy.exe
"{2B737DCE-BE8A-4F1E-A63D-843725A9E7E4}"= UDP:c:\windows\Temp\~os87A0.tmp\ossproxy.exe:ossproxy.exe
"{10375B47-6B76-4393-8251-8CB83F7CEA20}"= UDP:c:\windows\Temp\~os7CB8.tmp\ossproxy.exe:ossproxy.exe
"{26EBB0C4-A54D-4467-BB09-73E01C8375EB}"= UDP:c:\windows\Temp\~os635E.tmp\ossproxy.exe:ossproxy.exe
"{2C4C5585-4C45-4677-A762-006F1D90B679}"= UDP:c:\windows\Temp\~os506A.tmp\ossproxy.exe:ossproxy.exe
"{8FFC2B8D-B38B-4B75-87C3-9ECFACB7E24F}"= UDP:c:\windows\Temp\~os2F73.tmp\ossproxy.exe:ossproxy.exe
"{E959C989-97BA-4FE5-95C5-D3B0D70800B8}"= UDP:c:\windows\Temp\~os1906.tmp\ossproxy.exe:ossproxy.exe
"{4B3770D5-44A8-4642-B341-600D8E37B22C}"= UDP:c:\windows\Temp\~osFA30.tmp\ossproxy.exe:ossproxy.exe
"{0A4D5600-4778-4010-937B-3504BF28395B}"= UDP:c:\windows\Temp\~os70E5.tmp\ossproxy.exe:ossproxy.exe
"{3AF80C06-6FB6-49E1-A3C1-E82BD83A675E}"= UDP:c:\windows\Temp\~os84C3.tmp\ossproxy.exe:ossproxy.exe
"{50042993-E088-4BB3-86CD-914C004F0E0D}"= UDP:c:\windows\Temp\~os1E34.tmp\ossproxy.exe:ossproxy.exe
"{BD363D97-6582-4644-BDF9-A76CFDB18376}"= UDP:c:\windows\Temp\~os8DD8.tmp\ossproxy.exe:ossproxy.exe
"{26949D66-EC64-40B8-8484-4D1EEF8DFCC1}"= UDP:c:\windows\Temp\~osFF11.tmp\ossproxy.exe:ossproxy.exe
"{7098C8F1-AB8F-4BD7-979A-3744DB053EA3}"= UDP:c:\windows\Temp\~os7327.tmp\ossproxy.exe:ossproxy.exe
"{44CE85ED-E057-4AD5-96D3-600CA915F706}"= UDP:c:\windows\Temp\~os43CE.tmp\ossproxy.exe:ossproxy.exe
"{B74F6745-09B0-4497-B653-8CCA361A5060}"= UDP:c:\windows\Temp\~osB5E1.tmp\ossproxy.exe:ossproxy.exe
"{84CB61D6-E4DD-4BB3-A26F-C4E83D8FABCD}"= UDP:c:\windows\Temp\~os8BB6.tmp\ossproxy.exe:ossproxy.exe
"{9F6C4F4E-992E-4EAF-8727-C7564E063BEA}"= UDP:c:\windows\Temp\~os5D66.tmp\ossproxy.exe:ossproxy.exe
"{15F27315-4A62-4299-B6F6-F9F8FA11D65B}"= UDP:c:\windows\Temp\~os330C.tmp\ossproxy.exe:ossproxy.exe
"{68EB9E56-4259-43C2-BAA3-842AA102172B}"= UDP:c:\windows\Temp\~os99C.tmp\ossproxy.exe:ossproxy.exe
"{C4D33848-32D1-4EAC-BCD6-D7B90B1E4FF1}"= UDP:c:\windows\Temp\~osD801.tmp\ossproxy.exe:ossproxy.exe
"{B11875C0-DF2E-43A0-9CE9-55D7E1FA7041}"= UDP:c:\windows\Temp\~os7E6D.tmp\ossproxy.exe:ossproxy.exe
"{611B9AF7-34B2-4C95-9D70-33517287A041}"= UDP:c:\windows\Temp\~os51A3.tmp\ossproxy.exe:ossproxy.exe
"{B1712322-3354-439E-B00D-8AEBFC795A28}"= UDP:c:\windows\Temp\~os2288.tmp\ossproxy.exe:ossproxy.exe
"{7F5D2537-6097-4BEB-A105-0D4CA2A4AEB3}"= UDP:c:\windows\Temp\~osF429.tmp\ossproxy.exe:ossproxy.exe
"{E07DE95D-4BE4-444B-9485-52E07F9FAA85}"= UDP:c:\windows\Temp\~osCCAC.tmp\ossproxy.exe:ossproxy.exe
"{AE2330E1-956C-41EE-ADB8-09AEF2BA265D}"= UDP:c:\windows\Temp\~os9BAD.tmp\ossproxy.exe:ossproxy.exe
"{50111B48-D357-411F-B008-6DE065036411}"= UDP:c:\windows\Temp\~os2D42.tmp\ossproxy.exe:ossproxy.exe
"{8DF7AB34-F26F-4061-832C-7484BFF0BA6B}"= UDP:c:\windows\Temp\~os4C08.tmp\ossproxy.exe:ossproxy.exe
"{163C4813-5CC5-44B1-BE57-AC9DDD7F2C81}"= UDP:c:\windows\Temp\~os830F.tmp\ossproxy.exe:ossproxy.exe
"{92144CDB-6CD2-471E-8FBD-39FFA3A2B431}"= UDP:c:\windows\Temp\~osB20B.tmp\ossproxy.exe:ossproxy.exe
"{7DD120FC-E553-49D0-BC15-0D3F508E71B1}"= UDP:c:\windows\Temp\~osECF8.tmp\ossproxy.exe:ossproxy.exe
"{758089A5-5BA7-47EE-BF36-3DF5DE7323C5}"= UDP:c:\windows\Temp\~os76B.tmp\ossproxy.exe:ossproxy.exe
"{65E657E7-C0EB-4061-BA80-14C5976661D3}"= UDP:c:\windows\Temp\~os5397.tmp\ossproxy.exe:ossproxy.exe
"{2156B463-0C79-461C-99EA-461ED0D1C520}"= UDP:c:\windows\Temp\~os7894.tmp\ossproxy.exe:ossproxy.exe
"{849C5D0E-265D-442D-AE13-231678E83B3E}"= UDP:c:\windows\Temp\~osA57D.tmp\ossproxy.exe:ossproxy.exe
"{43BC5DB9-13D3-4F92-AAB3-C66C32BD58D5}"= UDP:c:\windows\Temp\~osC694.tmp\ossproxy.exe:ossproxy.exe
"{1D32B1AF-D2D9-4473-B222-39CCC9BE4FE2}"= UDP:c:\windows\Temp\~osED66.tmp\ossproxy.exe:ossproxy.exe
"{4DA81AD1-A8ED-4AF5-B17F-3E2CF71A90A6}"= UDP:c:\windows\Temp\~osFBF6.tmp\ossproxy.exe:ossproxy.exe
"{DC00FF5C-3C8C-4947-A6F3-2EFF1134F5EF}"= UDP:c:\windows\Temp\~os2BFB.tmp\ossproxy.exe:ossproxy.exe
"{097AD027-F033-40FA-8342-A0A390B23551}"= UDP:c:\windows\Temp\~os578D.tmp\ossproxy.exe:ossproxy.exe
"{43FC053E-72E7-4953-AF05-761D533EF7C1}"= UDP:c:\windows\Temp\~os86B8.tmp\ossproxy.exe:ossproxy.exe
"{7F3DBE1D-A62F-4A5C-B435-9B16F61AC173}"= UDP:c:\windows\Temp\~os5443.tmp\ossproxy.exe:ossproxy.exe
"{4FDCCE42-6768-49C1-BB17-FD082ABB0121}"= UDP:c:\windows\Temp\~osD43B.tmp\ossproxy.exe:ossproxy.exe
"{0814A154-6B8E-4C12-B880-BB8FCD4216A1}"= UDP:c:\windows\Temp\~osADF6.tmp\ossproxy.exe:ossproxy.exe
"{E676759A-2AFD-41C1-947C-0720B2A2F4E6}"= UDP:c:\windows\Temp\~os77AA.tmp\ossproxy.exe:ossproxy.exe
"{A4725BFE-52CC-4EFC-8486-658E75A09E84}"= UDP:c:\windows\Temp\~os444C.tmp\ossproxy.exe:ossproxy.exe
"{35912793-727B-4558-B40D-490D880056E5}"= UDP:c:\windows\Temp\~os13AB.tmp\ossproxy.exe:ossproxy.exe
"{530F5F4D-041F-4534-B4F0-12622AA5F43C}"= UDP:c:\windows\Temp\~osE368.tmp\ossproxy.exe:ossproxy.exe
"{1F96741D-D62C-4D53-8CF2-BCBA1C5399A3}"= UDP:c:\windows\Temp\~os887C.tmp\ossproxy.exe:ossproxy.exe
"{4C2C49C9-5074-48C3-8498-7AF7E3391104}"= UDP:c:\windows\Temp\~os5AC8.tmp\ossproxy.exe:ossproxy.exe
"{D9680FA6-71B2-4319-BB5E-052DFBB7BEAB}"= UDP:c:\windows\Temp\~os296C.tmp\ossproxy.exe:ossproxy.exe
"{BEF0C3C0-92B0-46AC-A3D1-ECC29C32AF19}"= UDP:c:\windows\Temp\~osF5EE.tmp\ossproxy.exe:ossproxy.exe
"{C41A7306-9561-4B39-9674-1317F45CA76D}"= UDP:c:\windows\Temp\~os8014.tmp\ossproxy.exe:ossproxy.exe
"{C7C01308-9A2D-4F44-83EE-409500D167C8}"= UDP:c:\windows\Temp\~os224B.tmp\ossproxy.exe:ossproxy.exe
"{46E8F84D-E92A-483E-994A-5425B07256AC}"= UDP:c:\windows\Temp\~osF082.tmp\ossproxy.exe:ossproxy.exe
"{39EB3224-D412-4C89-89A4-10844D32DDD2}"= UDP:c:\windows\Temp\~osCD1A.tmp\ossproxy.exe:ossproxy.exe
"{982C2F34-2371-4D5F-BD35-C607E27F7B2A}"= UDP:c:\windows\Temp\~osA8D8.tmp\ossproxy.exe:ossproxy.exe
"{AFCA793E-FBE0-4E17-82CB-7145D9676B36}"= UDP:c:\windows\Temp\~os71A3.tmp\ossproxy.exe:ossproxy.exe
"{591F960D-2951-4888-AB36-7A8CE033A314}"= UDP:c:\windows\Temp\~os2393.tmp\ossproxy.exe:ossproxy.exe
"{DC2D4B35-A467-42F2-BFDB-01D5BB2ACBFF}"= UDP:c:\windows\Temp\~osF996.tmp\ossproxy.exe:ossproxy.exe
"{2E6773CF-CA25-4030-A471-FD7528795F88}"= UDP:c:\windows\Temp\~osC37A.tmp\ossproxy.exe:ossproxy.exe
"{97723D1E-DF93-4DA3-BE0A-D038C1E93F4C}"= UDP:c:\windows\Temp\~os977A.tmp\ossproxy.exe:ossproxy.exe
"{47325492-214E-4005-9186-0F1FBBE0F3D6}"= UDP:c:\windows\Temp\~os6E2A.tmp\ossproxy.exe:ossproxy.exe
"{6F25F5C1-ACD5-4C14-AE0E-5E660358FDE2}"= UDP:c:\windows\Temp\~os3E34.tmp\ossproxy.exe:ossproxy.exe
"{2FE89099-FA40-4154-B43B-9C2B083C4A5C}"= UDP:c:\windows\Temp\~osAA7.tmp\ossproxy.exe:ossproxy.exe
"{E81E4395-3FA4-44E6-BC60-E77DEBB230C7}"= UDP:c:\windows\Temp\~osE26F.tmp\ossproxy.exe:ossproxy.exe
"{002E5C14-2B3E-46F3-B8B7-10264F576806}"= UDP:c:\windows\Temp\~osB8EF.tmp\ossproxy.exe:ossproxy.exe
"{2CEBF3A1-C764-412E-ABE5-0E588DFB5F50}"= UDP:c:\windows\Temp\~os605.tmp\ossproxy.exe:ossproxy.exe
"{B885308A-FAD7-4674-B2D7-183F776D761C}"= UDP:c:\windows\Temp\~os3ED1.tmp\ossproxy.exe:ossproxy.exe
"{A3A01DDA-C8CA-46D4-9636-0192B4DF8115}"= UDP:c:\windows\Temp\~os52DD.tmp\ossproxy.exe:ossproxy.exe
"{773E78E2-4AE7-4129-B222-57E60FD8524C}"= UDP:c:\windows\Temp\~osA225.tmp\ossproxy.exe:ossproxy.exe
"{E8370D1A-2A5D-47D0-BFBA-8C64766B370C}"= UDP:c:\windows\Temp\~osDE88.tmp\ossproxy.exe:ossproxy.exe
"{9F46C59F-620D-42C1-A457-3172D30D9DC1}"= UDP:c:\windows\Temp\~osFC5.tmp\ossproxy.exe:ossproxy.exe
"{B0F60CA3-2E35-453E-8150-D0A3B5E47413}"= UDP:c:\windows\Temp\~os32D0.tmp\ossproxy.exe:ossproxy.exe
"{9C537B69-B310-4BE5-AA17-E8DCE426DC12}"= UDP:c:\windows\Temp\~os6F81.tmp\ossproxy.exe:ossproxy.exe
"{C65F7D33-0993-4A21-A6C5-051C0643471C}"= UDP:c:\windows\Temp\~os3E35.tmp\ossproxy.exe:ossproxy.exe
"{44CA24E3-67AF-45FA-8DA8-B731AB114890}"= UDP:c:\windows\Temp\~os11B9.tmp\ossproxy.exe:ossproxy.exe
"{095D035F-2961-4AEF-A3C0-5BE001E46EC4}"= UDP:c:\windows\Temp\~osDBFA.tmp\ossproxy.exe:ossproxy.exe
"{4AF51370-F2EE-4378-A425-AFCE5DDA5E22}"= UDP:c:\windows\Temp\~osB91E.tmp\ossproxy.exe:ossproxy.exe
"{B8A9A4F6-A8B1-4913-B05E-A22CECCC3D57}"= UDP:c:\windows\Temp\~os94EC.tmp\ossproxy.exe:ossproxy.exe
"{903A3F65-F0D7-43CF-8FB6-EBB2E20CCC54}"= UDP:c:\windows\Temp\~osC0E.tmp\ossproxy.exe:ossproxy.exe
"{82E4BEF2-B535-4151-8D79-65428E12B932}"= UDP:c:\windows\Temp\~osE434.tmp\ossproxy.exe:ossproxy.exe
"{AE3BD503-C83A-4B9C-84FF-57D54EFD8416}"= UDP:c:\windows\Temp\~osC629.tmp\ossproxy.exe:ossproxy.exe
"{5EDB645A-F80C-4838-B1D6-56C50B7F6E19}"= UDP:c:\windows\Temp\~osA199.tmp\ossproxy.exe:ossproxy.exe
"{3B53EB9A-384A-4133-9099-AFC29A4DCA86}"= UDP:c:\windows\Temp\~os81CA.tmp\ossproxy.exe:ossproxy.exe
"{0B284D8B-2969-43C8-882F-02443233A6EB}"= UDP:c:\windows\Temp\~os5FE8.tmp\ossproxy.exe:ossproxy.exe

aybsee
Intermediate
Intermediate

Posts Posts : 102
Joined Joined : 2008-12-19
OS OS : wnidows vista home premium
Points Points : 29512
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Trojan

Post by aybsee on 9th July 2009, 4:40 am

part 12

"{5466F8E6-B1C0-41F4-8477-12F38BE50646}"= UDP:c:\windows\Temp\~os44CA.tmp\ossproxy.exe:ossproxy.exe
"{4BCF8851-6BD0-4E78-A9A5-96B1437BBDB8}"= UDP:c:\windows\Temp\~os2D92.tmp\ossproxy.exe:ossproxy.exe
"{4B1E7445-31ED-451B-A175-CFE737677360}"= UDP:c:\windows\Temp\~os6F0.tmp\ossproxy.exe:ossproxy.exe
"{F3F674E0-5E63-4CC0-8DD3-4280C8660265}"= UDP:c:\windows\Temp\~osE972.tmp\ossproxy.exe:ossproxy.exe
"{ABF09E6D-5996-457B-BC11-65647E8CDA98}"= UDP:c:\windows\Temp\~osCC12.tmp\ossproxy.exe:ossproxy.exe
"{31333A6D-D1B6-4E73-8631-F39D4226DC7A}"= UDP:c:\windows\Temp\~osADF8.tmp\ossproxy.exe:ossproxy.exe
"{8C804817-F6CB-4A33-A2CE-60506B0ADCE1}"= UDP:c:\windows\Temp\~os8582.tmp\ossproxy.exe:ossproxy.exe
"{D2552448-1B6B-42BB-857F-1A41F6084F67}"= UDP:c:\windows\Temp\~osFD8E.tmp\ossproxy.exe:ossproxy.exe
"{1D588AE3-2A76-4084-A897-E2B6CD7DE454}"= UDP:c:\windows\Temp\~osD6CC.tmp\ossproxy.exe:ossproxy.exe
"{37E24F22-0109-4A31-8FBC-5044478E50F8}"= UDP:c:\windows\Temp\~os85EF.tmp\ossproxy.exe:ossproxy.exe
"{D95D2C02-7C00-4342-95A9-281CF74CEE64}"= UDP:c:\windows\Temp\~os5A2E.tmp\ossproxy.exe:ossproxy.exe
"{F8F6BC84-8E95-49FE-B6EF-C1537F91ABDB}"= UDP:c:\windows\Temp\~os2E8C.tmp\ossproxy.exe:ossproxy.exe
"{7FFD1F7B-1F5A-4A0B-A088-7E6836DC0564}"= UDP:c:\windows\Temp\~osBC79.tmp\ossproxy.exe:ossproxy.exe
"{F93BE74A-A8EA-4C96-8C69-4BFEE797FDD3}"= UDP:c:\windows\Temp\~os8A23.tmp\ossproxy.exe:ossproxy.exe
"{FF196A79-2C90-42D3-B872-9C5F35F7DFA1}"= UDP:c:\windows\Temp\~osFFEE.tmp\ossproxy.exe:ossproxy.exe
"{135E4FAA-A342-44C9-A619-CE61480EAEA2}"= UDP:c:\windows\Temp\~os73F5.tmp\ossproxy.exe:ossproxy.exe
"{3A611C45-891D-4F32-B34A-7AC7581EDD77}"= UDP:c:\windows\Temp\~osE9C0.tmp\ossproxy.exe:ossproxy.exe
"{9D3984A0-3F1D-48F8-A64C-218D67A5403A}"= UDP:c:\windows\Temp\~os5C12.tmp\ossproxy.exe:ossproxy.exe
"{1B811000-14C8-4AB0-BD20-5758AB22E7E1}"= UDP:c:\windows\Temp\~osCF7C.tmp\ossproxy.exe:ossproxy.exe
"{6DE09A65-B6A7-458A-AA1C-5F24379593CD}"= UDP:c:\windows\Temp\~os447D.tmp\ossproxy.exe:ossproxy.exe
"{55B842EE-3A31-4642-9612-F4A6CE398A0B}"= UDP:c:\windows\Temp\~osB4BC.tmp\ossproxy.exe:ossproxy.exe
"{C265E6CC-BB4B-40FC-B577-E6310A713C3A}"= UDP:c:\windows\Temp\~os22DA.tmp\ossproxy.exe:ossproxy.exe
"{AC33A77E-54C9-4944-8F2F-B5D450E072D8}"= UDP:c:\windows\Temp\~osC437.tmp\ossproxy.exe:ossproxy.exe
"{5B767AEC-AB19-4074-900C-7D801836DC20}"= UDP:c:\windows\Temp\~os5DB7.tmp\ossproxy.exe:ossproxy.exe
"{8DF1B88E-1BCF-459F-A2C4-797B6F229C85}"= UDP:c:\windows\Temp\~osE05E.tmp\ossproxy.exe:ossproxy.exe
"{E5A4AF93-CAB8-442D-AE9B-03A4677997D5}"= UDP:c:\windows\Temp\~os5C9.tmp\ossproxy.exe:ossproxy.exe
"{2FFA0E23-4785-4970-97D3-C2501E135236}"= UDP:c:\windows\Temp\~osCCCF.tmp\ossproxy.exe:ossproxy.exe
"{7FF8B007-ACB2-49FB-A9FF-93E5D2769569}"= UDP:c:\windows\Temp\~osC2B1.tmp\ossproxy.exe:ossproxy.exe
"{625322EB-CFAE-4832-9399-B9E788CBBAD9}"= UDP:c:\windows\Temp\~os4BED.tmp\ossproxy.exe:ossproxy.exe
"{B6E64364-87BD-4C09-9943-AB887EB6043F}"= UDP:c:\windows\Temp\~os845A.tmp\ossproxy.exe:ossproxy.exe
"{54EDE007-6F2B-4DC1-BE8B-729278B53D22}"= UDP:c:\windows\Temp\~os2C8B.tmp\ossproxy.exe:ossproxy.exe
"{4E07A367-E1EB-4DBE-A97F-E0424D5033A8}"= UDP:c:\windows\Temp\~osCBD5.tmp\ossproxy.exe:ossproxy.exe
"{E190F9FE-6E9B-4AE4-ADA1-9ACB854356BD}"= UDP:c:\windows\Temp\~osDD05.tmp\ossproxy.exe:ossproxy.exe
"{7DCF55D7-9942-4992-99B5-32296E23EA7C}"= UDP:c:\windows\Temp\~osBD74.tmp\ossproxy.exe:ossproxy.exe
"{18C69A65-3295-4E35-A4B2-CF00D0A04714}"= UDP:c:\windows\Temp\~os3091.tmp\ossproxy.exe:ossproxy.exe
"{50A56E5C-1A87-4483-9273-9DF13D7F2D04}"= UDP:c:\windows\Temp\~osBEAC.tmp\ossproxy.exe:ossproxy.exe
"{BA8D9DD7-BE21-4663-904B-64D3B8DB9918}"= UDP:c:\windows\Temp\~os473C.tmp\ossproxy.exe:ossproxy.exe
"{CCFA5433-C09D-4BD5-9AB0-EA90248E09DB}"= UDP:c:\windows\Temp\~osED98.tmp\ossproxy.exe:ossproxy.exe
"{C5F5B84A-9426-430B-880E-22D0BED42DDC}"= UDP:c:\windows\Temp\~osB8F2.tmp\ossproxy.exe:ossproxy.exe
"{D38987D5-439E-4A52-93D9-FB2756D6F8A5}"= UDP:c:\windows\Temp\~os861F.tmp\ossproxy.exe:ossproxy.exe
"{6D4156E2-C78A-40B7-AC7E-6FC43562A62B}"= UDP:c:\windows\Temp\~os5F8D.tmp\ossproxy.exe:ossproxy.exe
"{C39E5CBF-0007-41D2-BA7E-69992EC5A88A}"= UDP:c:\windows\Temp\~os849.tmp\ossproxy.exe:ossproxy.exe
"{50AE42EE-CA64-4441-9D99-E6C3BB4BC9D0}"= UDP:c:\windows\Temp\~osB04B.tmp\ossproxy.exe:ossproxy.exe
"{9693DE7D-CEBC-470A-AA2B-9075C16528F5}"= UDP:c:\windows\Temp\~os586B.tmp\ossproxy.exe:ossproxy.exe
"{A2FE789B-D749-43F2-A2F0-B69AB4E37841}"= UDP:c:\windows\Temp\~osFFE1.tmp\ossproxy.exe:ossproxy.exe
"{BBF10833-1C69-409A-8F06-EB75C1483949}"= UDP:c:\windows\Temp\~osB2EA.tmp\ossproxy.exe:ossproxy.exe
"{23403A7B-CAD3-4D5B-9FFD-45AAE70E194D}"= UDP:c:\windows\Temp\~os4BCE.tmp\ossproxy.exe:ossproxy.exe
"{989832F3-6F1B-433C-9EAE-D0DD45442A8B}"= UDP:c:\windows\Temp\~osDA19.tmp\ossproxy.exe:ossproxy.exe
"{B1480765-E017-4185-9139-D2C7CAAF0769}"= UDP:c:\windows\Temp\~osFDDE.tmp\ossproxy.exe:ossproxy.exe
"{E8C1C4C2-E20C-4D2B-B694-25CEA60702CD}"= UDP:c:\windows\Temp\~os8B7.tmp\ossproxy.exe:ossproxy.exe
"{30F6E38D-3544-4622-A1E6-E7D7B01E98CA}"= UDP:c:\windows\Temp\~osE5AD.tmp\ossproxy.exe:ossproxy.exe
"{35AA1665-7066-44CD-92CE-B3DC1C9272F7}"= UDP:c:\windows\Temp\~os1A73.tmp\ossproxy.exe:ossproxy.exe
"{F617D1BC-242C-402D-BEFF-3DB0F314422F}"= UDP:c:\windows\Temp\~osD4BC.tmp\ossproxy.exe:ossproxy.exe
"{5D100628-685A-4EE6-8078-31D0549EFC52}"= UDP:c:\windows\Temp\~osA553.tmp\ossproxy.exe:ossproxy.exe
"{F881BBB1-9C95-4C5B-BC9A-882E99796ACE}"= UDP:c:\windows\Temp\~os1CB4.tmp\ossproxy.exe:ossproxy.exe
"{C08B000B-D459-4025-832E-955A77ADAAC5}"= UDP:c:\windows\Temp\~os7F8B.tmp\ossproxy.exe:ossproxy.exe
"{2BB3D88F-4F88-462D-BE56-D71671E9F3BD}"= UDP:c:\windows\Temp\~os8A64.tmp\ossproxy.exe:ossproxy.exe
"{FEDD4BD9-E754-41CC-99B6-9C39A8168511}"= UDP:c:\windows\Temp\~os75BC.tmp\ossproxy.exe:ossproxy.exe
"{00E9AB05-8820-4B27-A328-F489D6DF9DCF}"= UDP:c:\windows\Temp\~osCB.tmp\ossproxy.exe:ossproxy.exe
"{CD462157-606B-40AE-9442-2F9E5AC33E07}"= UDP:c:\windows\Temp\~os6E9B.tmp\ossproxy.exe:ossproxy.exe
"{F4525B04-AB0B-4D2B-B7DE-36A32878F4A5}"= UDP:c:\windows\Temp\~osC1E8.tmp\ossproxy.exe:ossproxy.exe
"{76407A3C-F447-4EA8-AF02-C9C172FCE335}"= UDP:c:\windows\Temp\~os8FE1.tmp\ossproxy.exe:ossproxy.exe
"{3923FD7D-E8CD-4988-B485-E6709FD75231}"= UDP:c:\windows\Temp\~os90EA.tmp\ossproxy.exe:ossproxy.exe
"{513EC698-5FF9-4EE9-A12A-17672DBCC118}"= UDP:c:\windows\Temp\~os2DC5.tmp\ossproxy.exe:ossproxy.exe
"{7AAF0652-4943-45BD-8039-B0AB1A27842F}"= UDP:c:\windows\Temp\~osDE8C.tmp\ossproxy.exe:ossproxy.exe
"{364B70FC-F3DF-485F-912B-6ED7434A6445}"= UDP:c:\windows\Temp\~osB1A3.tmp\ossproxy.exe:ossproxy.exe
"{C6E78F7C-9AB7-4098-848E-0848315E2AD5}"= UDP:c:\windows\Temp\~os6BED.tmp\ossproxy.exe:ossproxy.exe
"{66771942-B874-4201-86E9-81B6A91ACC26}"= UDP:c:\windows\Temp\~osBAD7.tmp\ossproxy.exe:ossproxy.exe
"{84806129-C049-4D31-8F27-216302796C28}"= UDP:c:\windows\Temp\~os5E37.tmp\ossproxy.exe:ossproxy.exe
"{0F3479C5-6157-4807-9E25-F57E809AE373}"= UDP:c:\windows\Temp\~osE33E.tmp\ossproxy.exe:ossproxy.exe
"{5336375A-6B0C-45D5-B2BD-1C0E762B4DCE}"= UDP:c:\windows\Temp\~osA47A.tmp\ossproxy.exe:ossproxy.exe
"{B9068653-F3BA-4043-976E-6D73E5584CAB}"= UDP:c:\windows\Temp\~os646E.tmp\ossproxy.exe:ossproxy.exe
"{58B0318E-6965-4F17-B773-520349A32164}"= UDP:c:\windows\Temp\~os11BD.tmp\ossproxy.exe:ossproxy.exe
"{7BBC6A8D-F9AA-4666-8689-08B1DA0A96CA}"= UDP:c:\windows\Temp\~osA728.tmp\ossproxy.exe:ossproxy.exe
"{BE5D0656-37E4-4685-B622-36D01862A05B}"= UDP:c:\windows\Temp\~os3DFB.tmp\ossproxy.exe:ossproxy.exe
"{0CF9CF95-781B-4EC2-BAD1-FD4330EB6CF0}"= UDP:c:\windows\Temp\~osE32E.tmp\ossproxy.exe:ossproxy.exe
"{EBDF5CEB-98BC-46FA-8843-C9F5B48D0268}"= UDP:c:\windows\Temp\~os784C.tmp\ossproxy.exe:ossproxy.exe
"{0BAE8555-D655-4C01-871E-A5109C914A0A}"= UDP:c:\windows\Temp\~os1DED.tmp\ossproxy.exe:ossproxy.exe
"{E5D9CC32-7464-46F8-8B99-483E589DDBCA}"= UDP:c:\windows\Temp\~osB7DB.tmp\ossproxy.exe:ossproxy.exe
"{19FE9CD7-CDD9-439B-8E8F-E348A5A961AE}"= UDP:c:\windows\Temp\~os4C4D.tmp\ossproxy.exe:ossproxy.exe
"{AE3C1806-43CE-45B6-BCA5-2E88DEFE6D99}"= UDP:c:\windows\Temp\~osE09F.tmp\ossproxy.exe:ossproxy.exe
"{DB3F80AE-6708-4020-A354-62C4AD4041AA}"= UDP:c:\windows\Temp\~os7E64.tmp\ossproxy.exe:ossproxy.exe
"{9D9E6B09-F069-4046-9004-EFDFF952A220}"= UDP:c:\windows\Temp\~os1DCE.tmp\ossproxy.exe:ossproxy.exe
"{5133E68C-241A-4644-B6AF-227C55739B44}"= UDP:c:\windows\Temp\~osB80A.tmp\ossproxy.exe:ossproxy.exe
"{B0330FAD-7FC4-48B0-9B1D-8DDF9BEC8F45}"= UDP:c:\windows\Temp\~os5265.tmp\ossproxy.exe:ossproxy.exe
"{2BAB0F05-0970-4AA8-B52B-F4BDECCE3E0A}"= UDP:c:\windows\Temp\~os2F3C.tmp\ossproxy.exe:ossproxy.exe
"{84D9B3FE-F3E4-481B-B098-A5F06AF8D995}"= UDP:c:\windows\Temp\~os1601.tmp\ossproxy.exe:ossproxy.exe
"{C9E042E5-473A-48AA-9C65-28BD3B698AC1}"= UDP:c:\windows\Temp\~osDEBC.tmp\ossproxy.exe:ossproxy.exe
"{DF64922A-C5B2-467C-A51D-A8FE4DF4D60C}"= UDP:c:\windows\Temp\~os712B.tmp\ossproxy.exe:ossproxy.exe
"{AB6CA4F9-B538-4824-A35F-97DA34F821C0}"= UDP:c:\windows\Temp\~osEA7F.tmp\ossproxy.exe:ossproxy.exe
"{2145CEDD-58E0-44C9-8AFE-AD46095AF491}"= UDP:c:\windows\Temp\~osD579.tmp\ossproxy.exe:ossproxy.exe
"{76AEFDD2-8F8D-4357-BD0F-41834151B254}"= UDP:c:\windows\Temp\~osA748.tmp\ossproxy.exe:ossproxy.exe
"{90221F34-29B7-4948-A030-D0F4A02417BD}"= UDP:c:\windows\Temp\~os7447.tmp\ossproxy.exe:ossproxy.exe
"{5B55A6F6-E4B2-4A73-888E-651CBFF4D69C}"= UDP:c:\windows\Temp\~os2ABA.tmp\ossproxy.exe:ossproxy.exe
"{41D787DA-088F-4FA5-9FC5-377127AE5151}"= UDP:c:\windows\Temp\~osE580.tmp\ossproxy.exe:ossproxy.exe
"{8796ACF5-40EE-472B-821D-C9F21D8F5966}"= UDP:c:\windows\Temp\~os6D93.tmp\ossproxy.exe:ossproxy.exe
"{3471D8AA-7C80-4C25-A1AC-AD46C2E86B41}"= UDP:c:\windows\Temp\~os18B0.tmp\ossproxy.exe:ossproxy.exe
"{7F5A24A7-DE5D-4899-817A-0381ACF75FB2}"= UDP:c:\windows\Temp\~osAD8F.tmp\ossproxy.exe:ossproxy.exe
"{9F9D4342-3074-4E3F-9759-6BFACFF50E72}"= UDP:c:\windows\Temp\~os3851.tmp\ossproxy.exe:ossproxy.exe
"{25355443-E185-4060-9C6E-D21EC56D04C9}"= UDP:c:\windows\Temp\~osF826.tmp\ossproxy.exe:ossproxy.exe
"{9E99D3BC-D390-4539-9837-5428EF3799C8}"= UDP:c:\windows\Temp\~osB202.tmp\ossproxy.exe:ossproxy.exe
"{8504DD63-981A-4FD4-9E99-43E8075B4DDD}"= UDP:c:\windows\Temp\~os2FAA.tmp\ossproxy.exe:ossproxy.exe
"{B585ED1F-4604-45CA-8074-C5C39A6E4226}"= UDP:c:\windows\Temp\~osDDA4.tmp\ossproxy.exe:ossproxy.exe
"{79707010-CDA4-4DFC-8D76-AC549C99AB2F}"= UDP:c:\windows\Temp\~osBA9A.tmp\ossproxy.exe:ossproxy.exe
"{B39B453B-38C8-42AF-9613-CB1E37A3CCE3}"= UDP:c:\windows\Temp\~os78DA.tmp\ossproxy.exe:ossproxy.exe
"{C1F37B0F-1156-4A24-97E2-A2980A925F5A}"= UDP:c:\windows\Temp\~os433A.tmp\ossproxy.exe:ossproxy.exe
"{43F373AD-9B20-4BA6-BE91-65E7FE98E468}"= UDP:c:\windows\Temp\~osB00F.tmp\ossproxy.exe:ossproxy.exe
"{EEF2ED4A-3E93-41E2-9EE3-AC1A6D19D0FA}"= UDP:c:\windows\Temp\~osE63C.tmp\ossproxy.exe:ossproxy.exe
"{B743485C-E3DD-4479-B8C5-C57ECC38EEDE}"= UDP:c:\windows\Temp\~os7B88.tmp\ossproxy.exe:ossproxy.exe
"{060AF0AF-7F9D-4D94-9C9A-2666378D6848}"= UDP:c:\windows\Temp\~osE14D.tmp\ossproxy.exe:ossproxy.exe
"{E16A9E68-B7BB-4EC8-BCA5-7ADF3F47E24F}"= UDP:c:\windows\Temp\~osE8AC.tmp\ossproxy.exe:ossproxy.exe
"{1B236A63-08D7-45BE-80B4-246B3D85F4F3}"= UDP:c:\windows\Temp\~osB3F6.tmp\ossproxy.exe:ossproxy.exe
"{DCF3B59C-9BFB-4747-B926-E302B1BBD9F8}"= UDP:c:\windows\Temp\~os7C82.tmp\ossproxy.exe:ossproxy.exe
"{49F3E2EB-4199-4763-81FE-EC0C4B9B3762}"= UDP:c:\windows\Temp\~os1E5C.tmp\ossproxy.exe:ossproxy.exe
"{EB9E4E5D-C7C9-4CA5-A184-970A0E154B7D}"= UDP:c:\windows\Temp\~os79B5.tmp\ossproxy.exe:ossproxy.exe
"{1B6580AC-6615-4B79-820A-48E0FAC7B43C}"= UDP:c:\windows\Temp\~osAC39.tmp\ossproxy.exe:ossproxy.exe
"{D4A7D232-32F1-4185-BC51-6768D9F397A0}"= UDP:c:\windows\Temp\~os8C7A.tmp\ossproxy.exe:ossproxy.exe
"{141644EC-F0DD-4D67-AD98-258E2D52AB06}"= UDP:c:\windows\Temp\~os81C0.tmp\ossproxy.exe:ossproxy.exe
"{6B0C8FFF-B84F-45C5-A8D4-43476036BD7A}"= UDP:c:\windows\Temp\~osCA64.tmp\ossproxy.exe:ossproxy.exe
"{B6D9D3DF-FD2E-408B-A5A4-8BE4391B633B}"= UDP:c:\windows\Temp\~os9CB0.tmp\ossproxy.exe:ossproxy.exe

aybsee
Intermediate
Intermediate

Posts Posts : 102
Joined Joined : 2008-12-19
OS OS : wnidows vista home premium
Points Points : 29512
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Trojan

Post by aybsee on 9th July 2009, 4:40 am

part 12

"{5466F8E6-B1C0-41F4-8477-12F38BE50646}"= UDP:c:\windows\Temp\~os44CA.tmp\ossproxy.exe:ossproxy.exe
"{4BCF8851-6BD0-4E78-A9A5-96B1437BBDB8}"= UDP:c:\windows\Temp\~os2D92.tmp\ossproxy.exe:ossproxy.exe
"{4B1E7445-31ED-451B-A175-CFE737677360}"= UDP:c:\windows\Temp\~os6F0.tmp\ossproxy.exe:ossproxy.exe
"{F3F674E0-5E63-4CC0-8DD3-4280C8660265}"= UDP:c:\windows\Temp\~osE972.tmp\ossproxy.exe:ossproxy.exe
"{ABF09E6D-5996-457B-BC11-65647E8CDA98}"= UDP:c:\windows\Temp\~osCC12.tmp\ossproxy.exe:ossproxy.exe
"{31333A6D-D1B6-4E73-8631-F39D4226DC7A}"= UDP:c:\windows\Temp\~osADF8.tmp\ossproxy.exe:ossproxy.exe
"{8C804817-F6CB-4A33-A2CE-60506B0ADCE1}"= UDP:c:\windows\Temp\~os8582.tmp\ossproxy.exe:ossproxy.exe
"{D2552448-1B6B-42BB-857F-1A41F6084F67}"= UDP:c:\windows\Temp\~osFD8E.tmp\ossproxy.exe:ossproxy.exe
"{1D588AE3-2A76-4084-A897-E2B6CD7DE454}"= UDP:c:\windows\Temp\~osD6CC.tmp\ossproxy.exe:ossproxy.exe
"{37E24F22-0109-4A31-8FBC-5044478E50F8}"= UDP:c:\windows\Temp\~os85EF.tmp\ossproxy.exe:ossproxy.exe
"{D95D2C02-7C00-4342-95A9-281CF74CEE64}"= UDP:c:\windows\Temp\~os5A2E.tmp\ossproxy.exe:ossproxy.exe
"{F8F6BC84-8E95-49FE-B6EF-C1537F91ABDB}"= UDP:c:\windows\Temp\~os2E8C.tmp\ossproxy.exe:ossproxy.exe
"{7FFD1F7B-1F5A-4A0B-A088-7E6836DC0564}"= UDP:c:\windows\Temp\~osBC79.tmp\ossproxy.exe:ossproxy.exe
"{F93BE74A-A8EA-4C96-8C69-4BFEE797FDD3}"= UDP:c:\windows\Temp\~os8A23.tmp\ossproxy.exe:ossproxy.exe
"{FF196A79-2C90-42D3-B872-9C5F35F7DFA1}"= UDP:c:\windows\Temp\~osFFEE.tmp\ossproxy.exe:ossproxy.exe
"{135E4FAA-A342-44C9-A619-CE61480EAEA2}"= UDP:c:\windows\Temp\~os73F5.tmp\ossproxy.exe:ossproxy.exe
"{3A611C45-891D-4F32-B34A-7AC7581EDD77}"= UDP:c:\windows\Temp\~osE9C0.tmp\ossproxy.exe:ossproxy.exe
"{9D3984A0-3F1D-48F8-A64C-218D67A5403A}"= UDP:c:\windows\Temp\~os5C12.tmp\ossproxy.exe:ossproxy.exe
"{1B811000-14C8-4AB0-BD20-5758AB22E7E1}"= UDP:c:\windows\Temp\~osCF7C.tmp\ossproxy.exe:ossproxy.exe
"{6DE09A65-B6A7-458A-AA1C-5F24379593CD}"= UDP:c:\windows\Temp\~os447D.tmp\ossproxy.exe:ossproxy.exe
"{55B842EE-3A31-4642-9612-F4A6CE398A0B}"= UDP:c:\windows\Temp\~osB4BC.tmp\ossproxy.exe:ossproxy.exe
"{C265E6CC-BB4B-40FC-B577-E6310A713C3A}"= UDP:c:\windows\Temp\~os22DA.tmp\ossproxy.exe:ossproxy.exe
"{AC33A77E-54C9-4944-8F2F-B5D450E072D8}"= UDP:c:\windows\Temp\~osC437.tmp\ossproxy.exe:ossproxy.exe
"{5B767AEC-AB19-4074-900C-7D801836DC20}"= UDP:c:\windows\Temp\~os5DB7.tmp\ossproxy.exe:ossproxy.exe
"{8DF1B88E-1BCF-459F-A2C4-797B6F229C85}"= UDP:c:\windows\Temp\~osE05E.tmp\ossproxy.exe:ossproxy.exe
"{E5A4AF93-CAB8-442D-AE9B-03A4677997D5}"= UDP:c:\windows\Temp\~os5C9.tmp\ossproxy.exe:ossproxy.exe
"{2FFA0E23-4785-4970-97D3-C2501E135236}"= UDP:c:\windows\Temp\~osCCCF.tmp\ossproxy.exe:ossproxy.exe
"{7FF8B007-ACB2-49FB-A9FF-93E5D2769569}"= UDP:c:\windows\Temp\~osC2B1.tmp\ossproxy.exe:ossproxy.exe
"{625322EB-CFAE-4832-9399-B9E788CBBAD9}"= UDP:c:\windows\Temp\~os4BED.tmp\ossproxy.exe:ossproxy.exe
"{B6E64364-87BD-4C09-9943-AB887EB6043F}"= UDP:c:\windows\Temp\~os845A.tmp\ossproxy.exe:ossproxy.exe
"{54EDE007-6F2B-4DC1-BE8B-729278B53D22}"= UDP:c:\windows\Temp\~os2C8B.tmp\ossproxy.exe:ossproxy.exe
"{4E07A367-E1EB-4DBE-A97F-E0424D5033A8}"= UDP:c:\windows\Temp\~osCBD5.tmp\ossproxy.exe:ossproxy.exe
"{E190F9FE-6E9B-4AE4-ADA1-9ACB854356BD}"= UDP:c:\windows\Temp\~osDD05.tmp\ossproxy.exe:ossproxy.exe
"{7DCF55D7-9942-4992-99B5-32296E23EA7C}"= UDP:c:\windows\Temp\~osBD74.tmp\ossproxy.exe:ossproxy.exe
"{18C69A65-3295-4E35-A4B2-CF00D0A04714}"= UDP:c:\windows\Temp\~os3091.tmp\ossproxy.exe:ossproxy.exe
"{50A56E5C-1A87-4483-9273-9DF13D7F2D04}"= UDP:c:\windows\Temp\~osBEAC.tmp\ossproxy.exe:ossproxy.exe
"{BA8D9DD7-BE21-4663-904B-64D3B8DB9918}"= UDP:c:\windows\Temp\~os473C.tmp\ossproxy.exe:ossproxy.exe
"{CCFA5433-C09D-4BD5-9AB0-EA90248E09DB}"= UDP:c:\windows\Temp\~osED98.tmp\ossproxy.exe:ossproxy.exe
"{C5F5B84A-9426-430B-880E-22D0BED42DDC}"= UDP:c:\windows\Temp\~osB8F2.tmp\ossproxy.exe:ossproxy.exe
"{D38987D5-439E-4A52-93D9-FB2756D6F8A5}"= UDP:c:\windows\Temp\~os861F.tmp\ossproxy.exe:ossproxy.exe
"{6D4156E2-C78A-40B7-AC7E-6FC43562A62B}"= UDP:c:\windows\Temp\~os5F8D.tmp\ossproxy.exe:ossproxy.exe
"{C39E5CBF-0007-41D2-BA7E-69992EC5A88A}"= UDP:c:\windows\Temp\~os849.tmp\ossproxy.exe:ossproxy.exe
"{50AE42EE-CA64-4441-9D99-E6C3BB4BC9D0}"= UDP:c:\windows\Temp\~osB04B.tmp\ossproxy.exe:ossproxy.exe
"{9693DE7D-CEBC-470A-AA2B-9075C16528F5}"= UDP:c:\windows\Temp\~os586B.tmp\ossproxy.exe:ossproxy.exe
"{A2FE789B-D749-43F2-A2F0-B69AB4E37841}"= UDP:c:\windows\Temp\~osFFE1.tmp\ossproxy.exe:ossproxy.exe
"{BBF10833-1C69-409A-8F06-EB75C1483949}"= UDP:c:\windows\Temp\~osB2EA.tmp\ossproxy.exe:ossproxy.exe
"{23403A7B-CAD3-4D5B-9FFD-45AAE70E194D}"= UDP:c:\windows\Temp\~os4BCE.tmp\ossproxy.exe:ossproxy.exe
"{989832F3-6F1B-433C-9EAE-D0DD45442A8B}"= UDP:c:\windows\Temp\~osDA19.tmp\ossproxy.exe:ossproxy.exe
"{B1480765-E017-4185-9139-D2C7CAAF0769}"= UDP:c:\windows\Temp\~osFDDE.tmp\ossproxy.exe:ossproxy.exe
"{E8C1C4C2-E20C-4D2B-B694-25CEA60702CD}"= UDP:c:\windows\Temp\~os8B7.tmp\ossproxy.exe:ossproxy.exe
"{30F6E38D-3544-4622-A1E6-E7D7B01E98CA}"= UDP:c:\windows\Temp\~osE5AD.tmp\ossproxy.exe:ossproxy.exe
"{35AA1665-7066-44CD-92CE-B3DC1C9272F7}"= UDP:c:\windows\Temp\~os1A73.tmp\ossproxy.exe:ossproxy.exe
"{F617D1BC-242C-402D-BEFF-3DB0F314422F}"= UDP:c:\windows\Temp\~osD4BC.tmp\ossproxy.exe:ossproxy.exe
"{5D100628-685A-4EE6-8078-31D0549EFC52}"= UDP:c:\windows\Temp\~osA553.tmp\ossproxy.exe:ossproxy.exe
"{F881BBB1-9C95-4C5B-BC9A-882E99796ACE}"= UDP:c:\windows\Temp\~os1CB4.tmp\ossproxy.exe:ossproxy.exe
"{C08B000B-D459-4025-832E-955A77ADAAC5}"= UDP:c:\windows\Temp\~os7F8B.tmp\ossproxy.exe:ossproxy.exe
"{2BB3D88F-4F88-462D-BE56-D71671E9F3BD}"= UDP:c:\windows\Temp\~os8A64.tmp\ossproxy.exe:ossproxy.exe
"{FEDD4BD9-E754-41CC-99B6-9C39A8168511}"= UDP:c:\windows\Temp\~os75BC.tmp\ossproxy.exe:ossproxy.exe
"{00E9AB05-8820-4B27-A328-F489D6DF9DCF}"= UDP:c:\windows\Temp\~osCB.tmp\ossproxy.exe:ossproxy.exe
"{CD462157-606B-40AE-9442-2F9E5AC33E07}"= UDP:c:\windows\Temp\~os6E9B.tmp\ossproxy.exe:ossproxy.exe
"{F4525B04-AB0B-4D2B-B7DE-36A32878F4A5}"= UDP:c:\windows\Temp\~osC1E8.tmp\ossproxy.exe:ossproxy.exe
"{76407A3C-F447-4EA8-AF02-C9C172FCE335}"= UDP:c:\windows\Temp\~os8FE1.tmp\ossproxy.exe:ossproxy.exe
"{3923FD7D-E8CD-4988-B485-E6709FD75231}"= UDP:c:\windows\Temp\~os90EA.tmp\ossproxy.exe:ossproxy.exe
"{513EC698-5FF9-4EE9-A12A-17672DBCC118}"= UDP:c:\windows\Temp\~os2DC5.tmp\ossproxy.exe:ossproxy.exe
"{7AAF0652-4943-45BD-8039-B0AB1A27842F}"= UDP:c:\windows\Temp\~osDE8C.tmp\ossproxy.exe:ossproxy.exe
"{364B70FC-F3DF-485F-912B-6ED7434A6445}"= UDP:c:\windows\Temp\~osB1A3.tmp\ossproxy.exe:ossproxy.exe
"{C6E78F7C-9AB7-4098-848E-0848315E2AD5}"= UDP:c:\windows\Temp\~os6BED.tmp\ossproxy.exe:ossproxy.exe
"{66771942-B874-4201-86E9-81B6A91ACC26}"= UDP:c:\windows\Temp\~osBAD7.tmp\ossproxy.exe:ossproxy.exe
"{84806129-C049-4D31-8F27-216302796C28}"= UDP:c:\windows\Temp\~os5E37.tmp\ossproxy.exe:ossproxy.exe
"{0F3479C5-6157-4807-9E25-F57E809AE373}"= UDP:c:\windows\Temp\~osE33E.tmp\ossproxy.exe:ossproxy.exe
"{5336375A-6B0C-45D5-B2BD-1C0E762B4DCE}"= UDP:c:\windows\Temp\~osA47A.tmp\ossproxy.exe:ossproxy.exe
"{B9068653-F3BA-4043-976E-6D73E5584CAB}"= UDP:c:\windows\Temp\~os646E.tmp\ossproxy.exe:ossproxy.exe
"{58B0318E-6965-4F17-B773-520349A32164}"= UDP:c:\windows\Temp\~os11BD.tmp\ossproxy.exe:ossproxy.exe
"{7BBC6A8D-F9AA-4666-8689-08B1DA0A96CA}"= UDP:c:\windows\Temp\~osA728.tmp\ossproxy.exe:ossproxy.exe
"{BE5D0656-37E4-4685-B622-36D01862A05B}"= UDP:c:\windows\Temp\~os3DFB.tmp\ossproxy.exe:ossproxy.exe
"{0CF9CF95-781B-4EC2-BAD1-FD4330EB6CF0}"= UDP:c:\windows\Temp\~osE32E.tmp\ossproxy.exe:ossproxy.exe
"{EBDF5CEB-98BC-46FA-8843-C9F5B48D0268}"= UDP:c:\windows\Temp\~os784C.tmp\ossproxy.exe:ossproxy.exe
"{0BAE8555-D655-4C01-871E-A5109C914A0A}"= UDP:c:\windows\Temp\~os1DED.tmp\ossproxy.exe:ossproxy.exe
"{E5D9CC32-7464-46F8-8B99-483E589DDBCA}"= UDP:c:\windows\Temp\~osB7DB.tmp\ossproxy.exe:ossproxy.exe
"{19FE9CD7-CDD9-439B-8E8F-E348A5A961AE}"= UDP:c:\windows\Temp\~os4C4D.tmp\ossproxy.exe:ossproxy.exe
"{AE3C1806-43CE-45B6-BCA5-2E88DEFE6D99}"= UDP:c:\windows\Temp\~osE09F.tmp\ossproxy.exe:ossproxy.exe
"{DB3F80AE-6708-4020-A354-62C4AD4041AA}"= UDP:c:\windows\Temp\~os7E64.tmp\ossproxy.exe:ossproxy.exe
"{9D9E6B09-F069-4046-9004-EFDFF952A220}"= UDP:c:\windows\Temp\~os1DCE.tmp\ossproxy.exe:ossproxy.exe
"{5133E68C-241A-4644-B6AF-227C55739B44}"= UDP:c:\windows\Temp\~osB80A.tmp\ossproxy.exe:ossproxy.exe
"{B0330FAD-7FC4-48B0-9B1D-8DDF9BEC8F45}"= UDP:c:\windows\Temp\~os5265.tmp\ossproxy.exe:ossproxy.exe
"{2BAB0F05-0970-4AA8-B52B-F4BDECCE3E0A}"= UDP:c:\windows\Temp\~os2F3C.tmp\ossproxy.exe:ossproxy.exe
"{84D9B3FE-F3E4-481B-B098-A5F06AF8D995}"= UDP:c:\windows\Temp\~os1601.tmp\ossproxy.exe:ossproxy.exe
"{C9E042E5-473A-48AA-9C65-28BD3B698AC1}"= UDP:c:\windows\Temp\~osDEBC.tmp\ossproxy.exe:ossproxy.exe
"{DF64922A-C5B2-467C-A51D-A8FE4DF4D60C}"= UDP:c:\windows\Temp\~os712B.tmp\ossproxy.exe:ossproxy.exe
"{AB6CA4F9-B538-4824-A35F-97DA34F821C0}"= UDP:c:\windows\Temp\~osEA7F.tmp\ossproxy.exe:ossproxy.exe
"{2145CEDD-58E0-44C9-8AFE-AD46095AF491}"= UDP:c:\windows\Temp\~osD579.tmp\ossproxy.exe:ossproxy.exe
"{76AEFDD2-8F8D-4357-BD0F-41834151B254}"= UDP:c:\windows\Temp\~osA748.tmp\ossproxy.exe:ossproxy.exe
"{90221F34-29B7-4948-A030-D0F4A02417BD}"= UDP:c:\windows\Temp\~os7447.tmp\ossproxy.exe:ossproxy.exe
"{5B55A6F6-E4B2-4A73-888E-651CBFF4D69C}"= UDP:c:\windows\Temp\~os2ABA.tmp\ossproxy.exe:ossproxy.exe
"{41D787DA-088F-4FA5-9FC5-377127AE5151}"= UDP:c:\windows\Temp\~osE580.tmp\ossproxy.exe:ossproxy.exe
"{8796ACF5-40EE-472B-821D-C9F21D8F5966}"= UDP:c:\windows\Temp\~os6D93.tmp\ossproxy.exe:ossproxy.exe
"{3471D8AA-7C80-4C25-A1AC-AD46C2E86B41}"= UDP:c:\windows\Temp\~os18B0.tmp\ossproxy.exe:ossproxy.exe
"{7F5A24A7-DE5D-4899-817A-0381ACF75FB2}"= UDP:c:\windows\Temp\~osAD8F.tmp\ossproxy.exe:ossproxy.exe
"{9F9D4342-3074-4E3F-9759-6BFACFF50E72}"= UDP:c:\windows\Temp\~os3851.tmp\ossproxy.exe:ossproxy.exe
"{25355443-E185-4060-9C6E-D21EC56D04C9}"= UDP:c:\windows\Temp\~osF826.tmp\ossproxy.exe:ossproxy.exe
"{9E99D3BC-D390-4539-9837-5428EF3799C8}"= UDP:c:\windows\Temp\~osB202.tmp\ossproxy.exe:ossproxy.exe
"{8504DD63-981A-4FD4-9E99-43E8075B4DDD}"= UDP:c:\windows\Temp\~os2FAA.tmp\ossproxy.exe:ossproxy.exe
"{B585ED1F-4604-45CA-8074-C5C39A6E4226}"= UDP:c:\windows\Temp\~osDDA4.tmp\ossproxy.exe:ossproxy.exe
"{79707010-CDA4-4DFC-8D76-AC549C99AB2F}"= UDP:c:\windows\Temp\~osBA9A.tmp\ossproxy.exe:ossproxy.exe
"{B39B453B-38C8-42AF-9613-CB1E37A3CCE3}"= UDP:c:\windows\Temp\~os78DA.tmp\ossproxy.exe:ossproxy.exe
"{C1F37B0F-1156-4A24-97E2-A2980A925F5A}"= UDP:c:\windows\Temp\~os433A.tmp\ossproxy.exe:ossproxy.exe
"{43F373AD-9B20-4BA6-BE91-65E7FE98E468}"= UDP:c:\windows\Temp\~osB00F.tmp\ossproxy.exe:ossproxy.exe
"{EEF2ED4A-3E93-41E2-9EE3-AC1A6D19D0FA}"= UDP:c:\windows\Temp\~osE63C.tmp\ossproxy.exe:ossproxy.exe
"{B743485C-E3DD-4479-B8C5-C57ECC38EEDE}"= UDP:c:\windows\Temp\~os7B88.tmp\ossproxy.exe:ossproxy.exe
"{060AF0AF-7F9D-4D94-9C9A-2666378D6848}"= UDP:c:\windows\Temp\~osE14D.tmp\ossproxy.exe:ossproxy.exe
"{E16A9E68-B7BB-4EC8-BCA5-7ADF3F47E24F}"= UDP:c:\windows\Temp\~osE8AC.tmp\ossproxy.exe:ossproxy.exe
"{1B236A63-08D7-45BE-80B4-246B3D85F4F3}"= UDP:c:\windows\Temp\~osB3F6.tmp\ossproxy.exe:ossproxy.exe
"{DCF3B59C-9BFB-4747-B926-E302B1BBD9F8}"= UDP:c:\windows\Temp\~os7C82.tmp\ossproxy.exe:ossproxy.exe
"{49F3E2EB-4199-4763-81FE-EC0C4B9B3762}"= UDP:c:\windows\Temp\~os1E5C.tmp\ossproxy.exe:ossproxy.exe
"{EB9E4E5D-C7C9-4CA5-A184-970A0E154B7D}"= UDP:c:\windows\Temp\~os79B5.tmp\ossproxy.exe:ossproxy.exe
"{1B6580AC-6615-4B79-820A-48E0FAC7B43C}"= UDP:c:\windows\Temp\~osAC39.tmp\ossproxy.exe:ossproxy.exe
"{D4A7D232-32F1-4185-BC51-6768D9F397A0}"= UDP:c:\windows\Temp\~os8C7A.tmp\ossproxy.exe:ossproxy.exe
"{141644EC-F0DD-4D67-AD98-258E2D52AB06}"= UDP:c:\windows\Temp\~os81C0.tmp\ossproxy.exe:ossproxy.exe
"{6B0C8FFF-B84F-45C5-A8D4-43476036BD7A}"= UDP:c:\windows\Temp\~osCA64.tmp\ossproxy.exe:ossproxy.exe
"{B6D9D3DF-FD2E-408B-A5A4-8BE4391B633B}"= UDP:c:\windows\Temp\~os9CB0.tmp\ossproxy.exe:ossproxy.exe

aybsee
Intermediate
Intermediate

Posts Posts : 102
Joined Joined : 2008-12-19
OS OS : wnidows vista home premium
Points Points : 29512
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Trojan

Post by aybsee on 9th July 2009, 4:45 am

part 13

"{45F722DF-ABF2-4790-8968-5AEF6A480EB2}"= UDP:c:\windows\Temp\~osADEE.tmp\ossproxy.exe:ossproxy.exe
"{C0087236-A45F-40CA-AA02-459F5E265E66}"= UDP:c:\windows\Temp\~osE746.tmp\ossproxy.exe:ossproxy.exe
"{9311E674-F806-41DE-AE1E-E99F4597645A}"= UDP:c:\windows\Temp\~osF01C.tmp\ossproxy.exe:ossproxy.exe
"{01650D9F-B0DF-4AD0-9A0C-26C9AD4EA731}"= UDP:c:\windows\Temp\~os3B5E.tmp\ossproxy.exe:ossproxy.exe
"{42C62800-FE4D-40B4-8693-EFC4E70A0F60}"= UDP:c:\windows\Temp\~os2272.tmp\ossproxy.exe:ossproxy.exe
"{79AB1955-A4F0-44D1-9EFD-E53E55DFCE47}"= UDP:c:\windows\Temp\~osEE2.tmp\ossproxy.exe:ossproxy.exe
"{B4326A45-AC92-4F87-B7E9-93DF4594E866}"= UDP:c:\windows\Temp\~os70FF.tmp\ossproxy.exe:ossproxy.exe
"{460A1BFF-261F-4158-AEB1-94BA2B692FAA}"= UDP:c:\windows\Temp\~os53DE.tmp\ossproxy.exe:ossproxy.exe
"{015D9DD2-86F0-4324-AD71-24A4A2E93673}"= UDP:c:\windows\Temp\~osEE49.tmp\ossproxy.exe:ossproxy.exe
"{ADF8606D-899A-4C30-94EE-CD62A3BB20B0}"= UDP:c:\windows\Temp\~osA586.tmp\ossproxy.exe:ossproxy.exe
"{373C49D0-6BAA-40A3-8F24-07779255A81E}"= UDP:c:\windows\Temp\~os9216.tmp\ossproxy.exe:ossproxy.exe
"{63B07F6F-6D5D-4909-8461-277600268947}"= UDP:c:\windows\Temp\~os349B.tmp\ossproxy.exe:ossproxy.exe
"{EC943B9C-D866-4263-BA2E-BECC0171793F}"= UDP:c:\windows\Temp\~os3057.tmp\ossproxy.exe:ossproxy.exe
"{27880F65-8FFC-4634-953E-150902CF15B4}"= UDP:c:\windows\Temp\~os1D35.tmp\ossproxy.exe:ossproxy.exe
"{1CC60896-AF9D-4451-8803-B74AF79C0618}"= UDP:c:\windows\Temp\~osB10B.tmp\ossproxy.exe:ossproxy.exe
"{A63EC836-C019-4697-A1E4-D45641C07271}"= UDP:c:\windows\Temp\~osF348.tmp\ossproxy.exe:ossproxy.exe
"{FCC658D0-E6D5-4470-B6CB-81E78A0342E7}"= UDP:c:\windows\Temp\~os35F.tmp\ossproxy.exe:ossproxy.exe
"{544CC0E4-FA12-49FB-9146-1395DA7B5B28}"= UDP:c:\windows\Temp\~os85E.tmp\ossproxy.exe:ossproxy.exe
"{2C8BEB49-8898-496D-BE35-94A587807B76}"= UDP:c:\windows\Temp\~os41A.tmp\ossproxy.exe:ossproxy.exe
"{EA68DDF6-12EB-40F1-BC02-830840D9D6C3}"= UDP:c:\windows\Temp\~os9033.tmp\ossproxy.exe:ossproxy.exe
"{6FFC11F1-CE84-420F-924B-A9CCD70827C6}"= UDP:c:\windows\Temp\~osCCC5.tmp\ossproxy.exe:ossproxy.exe
"{B3476452-D45D-430A-8AF2-0D88F1CFFC96}"= UDP:c:\windows\Temp\~osFF3A.tmp\ossproxy.exe:ossproxy.exe
"{138EA18C-40B4-4445-BDDC-0525EBF62D33}"= UDP:c:\windows\Temp\~osBB58.tmp\ossproxy.exe:ossproxy.exe
"{19CAC95F-0E1D-4079-8DAF-AC8511350CCB}"= UDP:c:\windows\Temp\~osA910.tmp\ossproxy.exe:ossproxy.exe
"{6316C486-2B2A-471C-8929-9D36D711802B}"= UDP:c:\windows\Temp\~osCBCC.tmp\ossproxy.exe:ossproxy.exe
"{880BA282-BAF1-4B88-983F-B1695E5289BF}"= UDP:c:\windows\Temp\~osD7D.tmp\ossproxy.exe:ossproxy.exe
"{3B1C158A-446D-42CF-9EF5-DF1A816A6077}"= UDP:c:\windows\Temp\~os960C.tmp\ossproxy.exe:ossproxy.exe
"{3F34FC45-E937-45DD-9BE5-EE32AA03B13E}"= UDP:c:\windows\Temp\~os5E98.tmp\ossproxy.exe:ossproxy.exe
"{BBD4F162-742A-4B8B-91F6-6AAEAD66020B}"= UDP:c:\windows\Temp\~os1F29.tmp\ossproxy.exe:ossproxy.exe
"{C09A3D29-D599-4B97-BE31-F7F37E1BB799}"= UDP:c:\windows\Temp\~osAA86.tmp\ossproxy.exe:ossproxy.exe
"{7759E633-FDD3-4B66-9B80-071D8CC03225}"= UDP:c:\windows\Temp\~os3B31.tmp\ossproxy.exe:ossproxy.exe
"{D5DF04D5-AB2E-4D9E-AF2E-BA18AED5C98B}"= UDP:c:\windows\Temp\~osD686.tmp\ossproxy.exe:ossproxy.exe
"{E6B1042E-C14D-4FA1-88B9-FFCF33160638}"= UDP:c:\windows\Temp\~os7AFE.tmp\ossproxy.exe:ossproxy.exe
"{93523B90-D5E1-45F5-B0EF-C0836943A7D0}"= UDP:c:\windows\Temp\~os7D2.tmp\ossproxy.exe:ossproxy.exe
"{D47A8027-2350-4284-BE9D-AB2D2470F1BF}"= UDP:c:\windows\Temp\~os9C15.tmp\ossproxy.exe:ossproxy.exe
"{009E8D84-0D35-49EA-9FC8-2CAF19A50C99}"= UDP:c:\windows\Temp\~os2D8B.tmp\ossproxy.exe:ossproxy.exe
"{3188FEE9-BCF8-4B55-8A26-70D516A9F64D}"= UDP:c:\windows\Temp\~osBC42.tmp\ossproxy.exe:ossproxy.exe
"{DEE5F07C-101F-42C2-B27A-5F098C5DFDF9}"= UDP:c:\windows\Temp\~osA4BD.tmp\ossproxy.exe:ossproxy.exe
"{F7052362-51F5-4390-ABFD-6A50AE34B3F8}"= UDP:c:\windows\Temp\~os3690.tmp\ossproxy.exe:ossproxy.exe
"{B61A5DD2-FC8A-4357-A9C4-08B33F2B6501}"= UDP:c:\windows\Temp\~osD81B.tmp\ossproxy.exe:ossproxy.exe
"{1A2A40B7-0D6B-45FD-BDD9-B4027C4C0E8B}"= UDP:c:\windows\Temp\~osACF7.tmp\ossproxy.exe:ossproxy.exe
"{3833A8B7-4E93-48F8-9A9A-5142F5B699EB}"= UDP:c:\windows\Temp\~osE0D2.tmp\ossproxy.exe:ossproxy.exe
"{91BD6650-4FB2-4804-B265-CDE314FF9B40}"= UDP:c:\windows\Temp\~os89FC.tmp\ossproxy.exe:ossproxy.exe
"{ADA8E357-9A1C-466C-926C-28358CC924EF}"= UDP:c:\windows\Temp\~os199E.tmp\ossproxy.exe:ossproxy.exe
"{1AC3055B-359A-45A7-9D67-DDEC37C888C2}"= UDP:c:\windows\Temp\~osA366.tmp\ossproxy.exe:ossproxy.exe
"{DD4ACDEB-CD09-499B-9B03-49864D3BFB0F}"= UDP:c:\windows\Temp\~os2DE9.tmp\ossproxy.exe:ossproxy.exe
"{99C5B08F-6E09-4465-8E10-25C200DBF768}"= UDP:c:\windows\Temp\~osBC33.tmp\ossproxy.exe:ossproxy.exe
"{E70818C1-3424-414F-A318-B999B8DB05D7}"= UDP:c:\windows\Temp\~os4761.tmp\ossproxy.exe:ossproxy.exe
"{0F03624D-B5F5-43CC-B7DA-AD4667FE500A}"= UDP:c:\windows\Temp\~osD5BB.tmp\ossproxy.exe:ossproxy.exe
"{CD312AA4-BA7E-4622-BDF0-866FA61EAE4A}"= UDP:c:\windows\Temp\~os683A.tmp\ossproxy.exe:ossproxy.exe
"{92021B77-52E6-47D7-8461-111808524475}"= UDP:c:\windows\Temp\~osF79D.tmp\ossproxy.exe:ossproxy.exe
"{A4510F29-5345-40C5-9BCD-C7E5C3F47DA7}"= UDP:c:\windows\Temp\~os8616.tmp\ossproxy.exe:ossproxy.exe
"{24CCFF5B-9243-49BC-A675-397CF0E5DB5A}"= UDP:c:\windows\Temp\~os33C2.tmp\ossproxy.exe:ossproxy.exe
"{4D83ACEA-28CE-44FC-A562-9D6E74F93C7E}"= UDP:c:\windows\Temp\~osC316.tmp\ossproxy.exe:ossproxy.exe
"{D8214420-3E00-4CA3-B560-594604DF1E78}"= UDP:c:\windows\Temp\~os525A.tmp\ossproxy.exe:ossproxy.exe
"{83C1E374-B23C-4401-8044-3E12AA76ACF1}"= UDP:c:\windows\Temp\~osDCAE.tmp\ossproxy.exe:ossproxy.exe
"{AFB74F9D-FF10-4987-874D-3520EA9F79A3}"= UDP:c:\windows\Temp\~os68F5.tmp\ossproxy.exe:ossproxy.exe
"{B51C3B46-6A1C-463A-927E-B6D1D682B9F7}"= UDP:c:\windows\Temp\~osFC9C.tmp\ossproxy.exe:ossproxy.exe
"{7BDE5514-8F13-4398-B1B8-612C1481BBAB}"= UDP:c:\windows\Temp\~os8877.tmp\ossproxy.exe:ossproxy.exe
"{D601243F-1A83-41AD-9B21-78DEF6AC8F30}"= UDP:c:\windows\Temp\~os149F.tmp\ossproxy.exe:ossproxy.exe
"{5BBAF329-2FA6-4BE8-BDF9-38981DC7BDE9}"= UDP:c:\windows\Temp\~os9DFA.tmp\ossproxy.exe:ossproxy.exe
"{D00F80D4-F381-400D-BB2D-4FA1DDAF91B4}"= UDP:c:\windows\Temp\~os2A31.tmp\ossproxy.exe:ossproxy.exe
"{AF2E56A2-AA79-447A-BF25-1D96DB7DF746}"= UDP:c:\windows\Temp\~osB2C1.tmp\ossproxy.exe:ossproxy.exe
"{4FDE3BE3-DCF7-4F10-9C94-833698D94595}"= UDP:c:\windows\Temp\~os4215.tmp\ossproxy.exe:ossproxy.exe
"{FEC6D8E9-341A-41BA-AEB9-7F883682E12F}"= UDP:c:\windows\Temp\~osCB6F.tmp\ossproxy.exe:ossproxy.exe
"{8E46BD7C-98B7-41CE-8D13-C033BFCDE170}"= UDP:c:\windows\Temp\~os525B.tmp\ossproxy.exe:ossproxy.exe
"{31435741-476B-4443-98F2-0B0E961C007B}"= UDP:c:\windows\Temp\~osDBE4.tmp\ossproxy.exe:ossproxy.exe
"{85AE196E-5D65-4DD0-AF06-AE225759693D}"= UDP:c:\windows\Temp\~os61C5.tmp\ossproxy.exe:ossproxy.exe
"{585771CD-9292-4F1C-B610-E0C4A5D6E420}"= UDP:c:\windows\Temp\~osEC19.tmp\ossproxy.exe:ossproxy.exe
"{A33030EF-D1E0-404B-B23D-172512C5CC06}"= UDP:c:\windows\Temp\~os7381.tmp\ossproxy.exe:ossproxy.exe
"{31067C5C-7A85-464E-9CC8-124C4B98B5BD}"= UDP:c:\windows\Temp\~osFE80.tmp\ossproxy.exe:ossproxy.exe
"{DCF73821-2199-4378-A9BF-5035247A6EA0}"= UDP:c:\windows\Temp\~os8868.tmp\ossproxy.exe:ossproxy.exe
"{7A663F48-6D5F-4A20-822A-8242B2821E47}"= UDP:c:\windows\Temp\~osFFE.tmp\ossproxy.exe:ossproxy.exe
"{FF5C2362-0219-44BB-BA34-89FA78A82627}"= UDP:c:\windows\Temp\~os9AA0.tmp\ossproxy.exe:ossproxy.exe
"{66884E3F-E2A7-4F07-ADF3-83D850A56D40}"= UDP:c:\windows\Temp\~os213D.tmp\ossproxy.exe:ossproxy.exe
"{CDB80266-5A92-4803-93A0-178777108A32}"= UDP:c:\windows\Temp\~osAA69.tmp\ossproxy.exe:ossproxy.exe
"{21E2A3D0-E04D-4F32-A744-5617A392C9B7}"= UDP:c:\windows\Temp\~os3826.tmp\ossproxy.exe:ossproxy.exe
"{8B0F5EC1-C563-496E-A120-0B1F4EC9D687}"= UDP:c:\windows\Temp\~osC7F7.tmp\ossproxy.exe:ossproxy.exe
"{0AB113E9-35F7-4078-A488-AA12D6660F6E}"= UDP:c:\windows\Temp\~os54CA.tmp\ossproxy.exe:ossproxy.exe
"{680EE277-FBF5-4345-A58A-821C2FCBBA66}"= UDP:c:\windows\Temp\~osE269.tmp\ossproxy.exe:ossproxy.exe
"{E5CBD08F-8ACF-444F-B7E3-900014EB491E}"= UDP:c:\windows\Temp\~os6EEF.tmp\ossproxy.exe:ossproxy.exe
"{01F86D5B-E4F7-417E-AB24-F49288736E85}"= UDP:c:\windows\Temp\~osFB27.tmp\ossproxy.exe:ossproxy.exe
"{009CF3CE-F51F-4610-90E0-F75B65710A61}"= UDP:c:\windows\Temp\~os9727.tmp\ossproxy.exe:ossproxy.exe
"{40F13007-2C43-4A27-936F-7C4816F47390}"= UDP:c:\windows\Temp\~os26E8.tmp\ossproxy.exe:ossproxy.exe
"{FADF876B-C8FD-4488-B6D9-53BAD945E513}"= UDP:c:\windows\Temp\~osB081.tmp\ossproxy.exe:ossproxy.exe
"{5B9F2F6E-33B2-44F1-9616-5002CCA8FA1C}"= UDP:c:\windows\Temp\~os458F.tmp\ossproxy.exe:ossproxy.exe
"{2E01E50D-6660-4F10-8D5B-A4FB7483B46A}"= UDP:c:\windows\Temp\~osCBDD.tmp\ossproxy.exe:ossproxy.exe
"{27CCFD05-4897-4406-8346-B7EFFE307736}"= UDP:c:\windows\Temp\~os54FA.tmp\ossproxy.exe:ossproxy.exe
"{6E811611-34DB-4009-A15C-68026E198EAD}"= UDP:c:\windows\Temp\~osE21B.tmp\ossproxy.exe:ossproxy.exe
"{64343FDA-AD1B-43A7-B179-74C474910785}"= UDP:c:\windows\Temp\~os6AF9.tmp\ossproxy.exe:ossproxy.exe
"{667CAF3B-1DF8-4853-B352-6324367BA6C0}"= UDP:c:\windows\Temp\~osF7BE.tmp\ossproxy.exe:ossproxy.exe
"{CD568C8E-0C69-46D5-A83B-8031F0DE5B19}"= UDP:c:\windows\Temp\~os8453.tmp\ossproxy.exe:ossproxy.exe
"{B5B5C1A7-6C12-468E-A737-218E4BFDD3F7}"= UDP:c:\windows\Temp\~osFC0.tmp\ossproxy.exe:ossproxy.exe
"{AC43384B-0F15-43EA-BEB6-7401B6D74F9E}"= UDP:c:\windows\Temp\~os9A24.tmp\ossproxy.exe:ossproxy.exe
"{852A3290-21BF-4604-9422-C7306D93E3C9}"= UDP:c:\windows\Temp\~os1F79.tmp\ossproxy.exe:ossproxy.exe
"{F5163F06-A2D5-412E-A2DF-BC219D60CE23}"= UDP:c:\windows\Temp\~osAA2B.tmp\ossproxy.exe:ossproxy.exe
"{E5C6574C-AD7B-4BEF-B44F-D57182DFD537}"= UDP:c:\windows\Temp\~os32E9.tmp\ossproxy.exe:ossproxy.exe
"{DF3E64C6-605C-4261-A899-E9005F1F8F09}"= UDP:c:\windows\Temp\~os719E.tmp\ossproxy.exe:ossproxy.exe
"{F0A6A1DF-FBA4-4FF0-85FD-82D34A71388F}"= UDP:c:\windows\Temp\~osF9B1.tmp\ossproxy.exe:ossproxy.exe
"{2256C2CC-0649-46AE-B874-475BD237DF9D}"= UDP:c:\windows\Temp\~os857C.tmp\ossproxy.exe:ossproxy.exe
"{8E31A829-A44B-4298-9DEB-9D1411012DCC}"= UDP:c:\windows\Temp\~os21F9.tmp\ossproxy.exe:ossproxy.exe
"{5FA540A0-A5E7-4FCA-A888-7123199DA1C4}"= UDP:c:\windows\Temp\~osB255.tmp\ossproxy.exe:ossproxy.exe
"{6D6C92B6-85B8-47CB-95F6-98D0AAE30B47}"= UDP:c:\windows\Temp\~os3930.tmp\ossproxy.exe:ossproxy.exe
"{90A224D9-59BA-4FAC-B9CF-E8FA8B6841A8}"= UDP:c:\windows\Temp\~os6CCE.tmp\ossproxy.exe:ossproxy.exe
"{71DE7FE2-B625-4D20-91FA-2D9C6551ECC4}"= UDP:c:\windows\Temp\~osFA1E.tmp\ossproxy.exe:ossproxy.exe
"{2BF97EBB-0375-4343-BD83-3AD67BEC1BAA}"= UDP:c:\windows\Temp\~os8637.tmp\ossproxy.exe:ossproxy.exe
"{BB79E1F4-8180-466C-BF58-A75E9D202ADA}"= UDP:c:\windows\Temp\~os127E.tmp\ossproxy.exe:ossproxy.exe
"{BC2FF663-1D12-40D2-AA45-617FBAD30AC0}"= UDP:c:\windows\Temp\~os9F43.tmp\ossproxy.exe:ossproxy.exe
"{92E55C46-F2CF-416F-8C91-EDC6A00FD83D}"= UDP:c:\windows\Temp\~os3386.tmp\ossproxy.exe:ossproxy.exe
"{02EE0566-B457-457B-B063-5277C1C2480A}"= UDP:c:\windows\Temp\~osBB2C.tmp\ossproxy.exe:ossproxy.exe
"{E48734FF-964B-4962-9D16-D2F5A156EC3E}"= UDP:c:\windows\Temp\~os4679.tmp\ossproxy.exe:ossproxy.exe
"{3243003B-5411-43F8-9C25-93EF3A814AA6}"= UDP:c:\windows\Temp\~osD16A.tmp\ossproxy.exe:ossproxy.exe
"{9D53F6A8-F44C-4C5F-B658-73643C721E80}"= UDP:c:\windows\Temp\~os5E2E.tmp\ossproxy.exe:ossproxy.exe
"{D5DA6408-EBF8-4ECC-9FAC-2283063D9BC7}"= UDP:c:\windows\Temp\~osEC49.tmp\ossproxy.exe:ossproxy.exe
"{2490C78B-41CE-4994-A832-C20C5593A167}"= UDP:c:\windows\Temp\~os77B6.tmp\ossproxy.exe:ossproxy.exe
"{1A858278-B2A6-48D1-821E-B9E8CE182373}"= UDP:c:\windows\Temp\~os6CC.tmp\ossproxy.exe:ossproxy.exe
"{77906F9B-0D77-4011-B47C-AE1173FDDE0D}"= UDP:c:\windows\Temp\~os964E.tmp\ossproxy.exe:ossproxy.exe
"{21B318C3-8612-49F5-B294-B534BC6FF3C9}"= UDP:c:\windows\Temp\~os306A.tmp\ossproxy.exe:ossproxy.exe
"{5EB982E4-8867-4E61-BC09-55EC9B3E3C75}"= UDP:c:\windows\Temp\~osC03B.tmp\ossproxy.exe:ossproxy.exe
"{73126C2D-A012-4596-BF64-8823749F040C}"= UDP:c:\windows\Temp\~os502A.tmp\ossproxy.exe:ossproxy.exe

aybsee
Intermediate
Intermediate

Posts Posts : 102
Joined Joined : 2008-12-19
OS OS : wnidows vista home premium
Points Points : 29512
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Trojan

Post by aybsee on 9th July 2009, 4:47 am

part 14

"{F91E5FE6-625E-45E9-8157-15FCD99CACCA}"= UDP:c:\windows\Temp\~osD927.tmp\ossproxy.exe:ossproxy.exe
"{5652D20F-85FA-4A52-97A5-BA3386274C59}"= UDP:c:\windows\Temp\~os6446.tmp\ossproxy.exe:ossproxy.exe
"{E391D1F6-5641-4110-8984-D0709AF9BDB8}"= UDP:c:\windows\Temp\~osEA37.tmp\ossproxy.exe:ossproxy.exe
"{40ECD021-6F0F-408D-A9A3-2DAEF94A5D93}"= UDP:c:\windows\Temp\~os74DA.tmp\ossproxy.exe:ossproxy.exe
"{EFC64BC6-114D-4E0E-9822-E6DA429E2B36}"= UDP:c:\windows\Temp\~osE79.tmp\ossproxy.exe:ossproxy.exe
"{C2313C87-F24B-4EBE-AB79-8883D3667698}"= UDP:c:\windows\Temp\~os9EE6.tmp\ossproxy.exe:ossproxy.exe
"{F8C46F98-A4AF-4250-9AC8-6DA2132034C7}"= UDP:c:\windows\Temp\~os2E39.tmp\ossproxy.exe:ossproxy.exe
"{9CDADF7B-0D52-441A-BCC4-986270CE1BDA}"= UDP:c:\windows\Temp\~osB811.tmp\ossproxy.exe:ossproxy.exe
"{C26CD5E6-E224-49EA-98A3-9FCF5FD77556}"= UDP:c:\windows\Temp\~os4580.tmp\ossproxy.exe:ossproxy.exe
"{2D249733-31DA-4908-A0D2-6484E62C2BE5}"= UDP:c:\windows\Temp\~osD273.tmp\ossproxy.exe:ossproxy.exe
"{D3AE7AA4-B658-4750-B713-DD086DDE542C}"= UDP:c:\windows\Temp\~os66A7.tmp\ossproxy.exe:ossproxy.exe
"{D58225A8-AD4E-47FF-AE16-94A0FBEB6F11}"= UDP:c:\windows\Temp\~osF252.tmp\ossproxy.exe:ossproxy.exe
"{8BCECCC9-3277-47E8-BD99-7B46BF4B1F21}"= UDP:c:\windows\Temp\~os7C78.tmp\ossproxy.exe:ossproxy.exe
"{51AF989C-56D8-4A15-9D90-E0870A3B5A61}"= UDP:c:\windows\Temp\~os278.tmp\ossproxy.exe:ossproxy.exe
"{BD54F804-7A28-483F-AE8F-F601662F47ED}"= UDP:c:\windows\Temp\~os968D.tmp\ossproxy.exe:ossproxy.exe
"{04135927-3A54-4AD6-932B-9299ADADA83F}"= UDP:c:\windows\Temp\~os28EC.tmp\ossproxy.exe:ossproxy.exe
"{01E15C52-ACBB-4994-8F93-F7147D00EF76}"= UDP:c:\windows\Temp\~osB7E2.tmp\ossproxy.exe:ossproxy.exe
"{1C2EB4E9-89D8-4980-B2F1-18B0837031F6}"= UDP:c:\windows\Temp\~os6705.tmp\ossproxy.exe:ossproxy.exe
"{960A223F-1116-4342-849C-9AE741F6AA74}"= UDP:c:\windows\Temp\~os24A.tmp\ossproxy.exe:ossproxy.exe
"{E419AA1A-EBC2-4367-8C55-6FDFB2DC8909}"= UDP:c:\windows\Temp\~osAC3F.tmp\ossproxy.exe:ossproxy.exe
"{6DA93B2A-BB03-43CC-9009-629DD851CC99}"= UDP:c:\windows\Temp\~os437E.tmp\ossproxy.exe:ossproxy.exe
"{EBD28433-5993-4E3F-9AB2-372352EAB8D5}"= UDP:c:\windows\Temp\~osD033.tmp\ossproxy.exe:ossproxy.exe
"{CA4ED723-8153-4DDE-A885-CE7FA5EA1714}"= UDP:c:\windows\Temp\~os5E4E.tmp\ossproxy.exe:ossproxy.exe
"{D7C9728C-BF25-4489-B52E-7626FF83CDAF}"= UDP:c:\windows\Temp\~osF282.tmp\ossproxy.exe:ossproxy.exe
"{F03A41C9-5493-4DB6-9BF6-CC2795301378}"= UDP:c:\windows\Temp\~os8667.tmp\ossproxy.exe:ossproxy.exe
"{440348E9-4B6A-42DF-816F-6AD9121C07F3}"= UDP:c:\windows\Temp\~os16C4.tmp\ossproxy.exe:ossproxy.exe
"{F44737B7-C868-4705-86DA-F1F26FD01020}"= UDP:c:\windows\Temp\~osA720.tmp\ossproxy.exe:ossproxy.exe
"{2F22F361-8C95-4503-BEED-DDE9870B85EB}"= UDP:c:\windows\Temp\~os3349.tmp\ossproxy.exe:ossproxy.exe
"{DFDC3153-107C-439F-A01B-A1A5336665E7}"= UDP:c:\windows\Temp\~osBD8D.tmp\ossproxy.exe:ossproxy.exe
"{9115EBAA-AD4F-4475-96F7-0D5EDD042017}"= UDP:c:\windows\Temp\~os4C16.tmp\ossproxy.exe:ossproxy.exe
"{D0EDCAA1-5844-4628-8060-D298BCC6EF08}"= UDP:c:\windows\Temp\~osD793.tmp\ossproxy.exe:ossproxy.exe
"{02BF5B29-B9C7-4481-9877-FA0118ECDDFB}"= UDP:c:\windows\Temp\~os62C1.tmp\ossproxy.exe:ossproxy.exe
"{42EAD662-F7E9-426F-A3DF-1B13242114CC}"= UDP:c:\windows\Temp\~osEF37.tmp\ossproxy.exe:ossproxy.exe
"{022C44C9-140D-43C6-98D0-C98D9FBBEE8C}"= UDP:c:\windows\Temp\~os7B9E.tmp\ossproxy.exe:ossproxy.exe
"{DAC9AC9E-90AA-467A-9AE0-0EA13BEEE708}"= UDP:c:\windows\Temp\~os1888.tmp\ossproxy.exe:ossproxy.exe
"{D045FC1E-7185-4890-855A-C7656904EF50}"= UDP:c:\windows\Temp\~osAA4C.tmp\ossproxy.exe:ossproxy.exe
"{E5CEB0B5-9D83-48A2-912C-7C080583593F}"= UDP:c:\windows\Temp\~os37AC.tmp\ossproxy.exe:ossproxy.exe
"{A53B565B-518D-4649-AAC9-BF283BEE960A}"= UDP:c:\windows\Temp\~osE71D.tmp\ossproxy.exe:ossproxy.exe
"{B53F090A-37FF-4F6E-9D74-C2313C9B49E8}"= UDP:c:\windows\Temp\~os7C4A.tmp\ossproxy.exe:ossproxy.exe
"{3E125747-7968-438E-9AB2-EB74A19F998E}"= UDP:c:\windows\Temp\~os1A4D.tmp\ossproxy.exe:ossproxy.exe
"{EEA7D93B-0689-48A9-9DEF-1233C0E7FB6D}"= UDP:c:\windows\Temp\~osB351.tmp\ossproxy.exe:ossproxy.exe
"{EBF71CC4-B055-4A3F-93D9-AC54F596FA5F}"= UDP:c:\windows\Temp\~os45DF.tmp\ossproxy.exe:ossproxy.exe
"{9E3F7D94-DFC8-415F-AAD7-C45B0F9F2AAE}"= UDP:c:\windows\Temp\~osD275.tmp\ossproxy.exe:ossproxy.exe
"{95AAE111-98E6-4118-857F-5952C820F132}"= UDP:c:\windows\Temp\~os8DB8.tmp\ossproxy.exe:ossproxy.exe
"{8ACE64BC-A07E-4515-9F91-504F958495AE}"= UDP:c:\windows\Temp\~os2008.tmp\ossproxy.exe:ossproxy.exe
"{120F98AA-07BB-4189-90A6-5DAA0F6102D3}"= UDP:c:\windows\Temp\~osA78E.tmp\ossproxy.exe:ossproxy.exe
"{C2398168-FF93-4B0D-8CCF-B24C06428700}"= UDP:c:\windows\Temp\~os66E6.tmp\ossproxy.exe:ossproxy.exe
"{F4A5F0CE-F0A6-4349-B14A-504BB5AB7F1E}"= UDP:c:\windows\Temp\~osF2B1.tmp\ossproxy.exe:ossproxy.exe
"{FF1B17DF-7F4F-4012-8AAF-B574ADF345B3}"= UDP:c:\windows\Temp\~os7EBA.tmp\ossproxy.exe:ossproxy.exe
"{A2202788-4CD4-4AFE-B6ED-A2F2F13219ED}"= UDP:c:\windows\Temp\~os22B6.tmp\ossproxy.exe:ossproxy.exe
"{ED029A01-0C5A-4D54-A459-8B42A7B776A7}"= UDP:c:\windows\Temp\~osF956.tmp\ossproxy.exe:ossproxy.exe
"{20A913F7-0025-40ED-9E2F-33682485D6D5}"= UDP:c:\windows\Temp\~os8446.tmp\ossproxy.exe:ossproxy.exe
"{95BB37B2-2C88-4F56-AF6D-244C6539F3DD}"= UDP:c:\windows\Temp\~os9814.tmp\ossproxy.exe:ossproxy.exe
"{D57DC3C3-9891-4DC4-B645-B4DED5238DCA}"= UDP:c:\windows\Temp\~os4370.tmp\ossproxy.exe:ossproxy.exe
"{17C4CB05-0118-4483-9E6F-3F0F2DAAD21B}"= UDP:c:\windows\Temp\~os1F9B.tmp\ossproxy.exe:ossproxy.exe
"{BA8066AD-D81A-4F71-A0C3-19C7B4684641}"= UDP:c:\windows\Temp\~osE3B4.tmp\ossproxy.exe:ossproxy.exe
"{87768BA5-08DE-4C19-B12D-CB0D9EFD0844}"= UDP:c:\windows\Temp\~osC942.tmp\ossproxy.exe:ossproxy.exe
"{25236B06-90D1-4CAC-ADBD-46DF33EE6B39}"= UDP:c:\windows\Temp\~os23A1.tmp\ossproxy.exe:ossproxy.exe
"{34563C64-7D56-4693-B507-3C612A0129C8}"= UDP:c:\windows\Temp\~osC0D9.tmp\ossproxy.exe:ossproxy.exe
"{C4DEC881-1B15-481E-8AB1-F62A0FB536DB}"= UDP:c:\windows\Temp\~os4ADF.tmp\ossproxy.exe:ossproxy.exe
"{475894E0-68EC-4149-9F4F-D5658B12D538}"= UDP:c:\windows\Temp\~osD4D6.tmp\ossproxy.exe:ossproxy.exe
"{E8375CE2-1A40-4008-9FC0-FB6C923CF65F}"= UDP:c:\windows\Temp\~os5EDC.tmp\ossproxy.exe:ossproxy.exe
"{D98E2CF9-8348-4029-8BD2-6149DA448DF6}"= UDP:c:\windows\Temp\~osF409.tmp\ossproxy.exe:ossproxy.exe
"{6923825B-1F1A-408D-AA92-CC88BAE4FB67}"= UDP:c:\windows\Temp\~os7E5D.tmp\ossproxy.exe:ossproxy.exe
"{594BA7EF-9FD8-4347-B2AC-8430378AED45}"= UDP:c:\windows\Temp\~os50A.tmp\ossproxy.exe:ossproxy.exe
"{C739C063-227E-4E42-8215-FD952D5B20E7}"= UDP:c:\windows\Temp\~osB3FE.tmp\ossproxy.exe:ossproxy.exe
"{7BDEEC43-69AC-44BC-A52D-1DC6C33C3876}"= UDP:c:\windows\Temp\~os3D49.tmp\ossproxy.exe:ossproxy.exe
"{4B32F9CA-7DEA-4296-BA31-60ADA48B2699}"= UDP:c:\windows\Temp\~os18D8.tmp\ossproxy.exe:ossproxy.exe
"{BEA664E8-D857-4765-9906-6EC822844E14}"= UDP:c:\windows\Temp\~osA619.tmp\ossproxy.exe:ossproxy.exe
"{37A12228-5F06-4926-9A58-1ED576544EB1}"= UDP:c:\windows\Temp\~os4D11.tmp\ossproxy.exe:ossproxy.exe
"{F7E1E7E8-C41C-4E9C-96AF-13CB217449AA}"= UDP:c:\windows\Temp\~osC231.tmp\ossproxy.exe:ossproxy.exe
"{D1587316-1CE8-48C6-A817-5AE63535F67C}"= UDP:c:\windows\Temp\~osE23E.tmp\ossproxy.exe:ossproxy.exe
"{12BA9C7B-264B-407D-8670-284801247F28}"= UDP:c:\windows\Temp\~os817B.tmp\ossproxy.exe:ossproxy.exe
"{D89F1A90-116B-4D3B-87BC-CFE6BDEAEABD}"= UDP:c:\windows\Temp\~os1C90.tmp\ossproxy.exe:ossproxy.exe
"{D0ED9122-8794-4A18-8A00-8AA2D5B43201}"= UDP:c:\windows\Temp\~os9AB4.tmp\ossproxy.exe:ossproxy.exe
"{6F17729C-FD26-4A87-971F-0BD45AC513D2}"= UDP:c:\windows\Temp\~os47F4.tmp\ossproxy.exe:ossproxy.exe
"{B2F36797-64A7-44FD-BDA7-37EE1221D598}"= UDP:c:\windows\Temp\~osF8FA.tmp\ossproxy.exe:ossproxy.exe
"{BE4D9087-1A6A-47E6-A1A3-0F8E12D2824D}"= UDP:c:\windows\Temp\~os9A67.tmp\ossproxy.exe:ossproxy.exe
"{674D7ECC-5C4B-4C0C-85BB-FE73A864FC48}"= UDP:c:\windows\Temp\~osF12D.tmp\ossproxy.exe:ossproxy.exe
"{72DFC8FD-A6CC-41F3-88BC-BE0E62E4C648}"= UDP:c:\windows\Temp\~osA89A.tmp\ossproxy.exe:ossproxy.exe
"{95C82130-1F0A-49B0-89EA-CF25BBC426B0}"= UDP:c:\windows\Temp\~osEE50.tmp\ossproxy.exe:ossproxy.exe
"{90E3A402-CA6A-46D3-9234-31925910E33B}"= UDP:c:\windows\Temp\~os7E40.tmp\ossproxy.exe:ossproxy.exe
"{471471B4-E38F-4EAE-B717-D467BDE1337F}"= UDP:c:\windows\Temp\~osB537.tmp\ossproxy.exe:ossproxy.exe
"{5878A70D-9B5D-4C45-8405-6FBD89CC8008}"= UDP:c:\windows\Temp\~os5424.tmp\ossproxy.exe:ossproxy.exe
"{CBC2069B-7F10-4115-BE9E-37B75D783682}"= UDP:c:\windows\Temp\~os13EB.tmp\ossproxy.exe:ossproxy.exe
"{EF8A5A25-2D8F-459D-AB05-61E4906EB0B3}"= UDP:c:\windows\Temp\~osA226.tmp\ossproxy.exe:ossproxy.exe
"{702CA08A-9961-4FA7-9A14-0CC167C300B9}"= UDP:c:\windows\Temp\~os2F28.tmp\ossproxy.exe:ossproxy.exe
"{2ECF63AE-9005-486E-AA92-4A876E7D499D}"= UDP:c:\windows\Temp\~osC2A0.tmp\ossproxy.exe:ossproxy.exe
"{8B341CC7-3133-4636-9243-25E54987596B}"= UDP:c:\windows\Temp\~os4F06.tmp\ossproxy.exe:ossproxy.exe
"{AEC7B608-0F4A-4435-8670-0BBA9C0C9555}"= UDP:c:\windows\Temp\~osDCA5.tmp\ossproxy.exe:ossproxy.exe
"{6E48B4C9-56C7-43E8-9C38-C20F16339CA9}"= UDP:c:\windows\Temp\~os6AE0.tmp\ossproxy.exe:ossproxy.exe
"{1BD677A9-C1B4-4489-BE72-BDE2A3808243}"= UDP:c:\windows\Temp\~os3697.tmp\ossproxy.exe:ossproxy.exe
"{58609292-B46C-4FA7-B4E6-4B73D338516D}"= UDP:c:\windows\Temp\~osC426.tmp\ossproxy.exe:ossproxy.exe
"{ABD40018-9983-4E4A-B1CC-A20B8935D134}"= UDP:c:\windows\Temp\~os5483.tmp\ossproxy.exe:ossproxy.exe
"{015B45A4-1AA5-4627-9EFA-87E45D694D1F}"= UDP:c:\windows\Temp\~osDEF6.tmp\ossproxy.exe:ossproxy.exe
"{310E2AC1-4E47-4F35-BB8A-737AD8298A8E}"= UDP:c:\windows\Temp\~os885E.tmp\ossproxy.exe:ossproxy.exe
"{5489E740-D286-4145-BBDD-94BE7B91FA30}"= UDP:c:\windows\Temp\~os16B8.tmp\ossproxy.exe:ossproxy.exe
"{B2CC88A3-6900-44E2-A22C-8E532CC5074B}"= UDP:c:\windows\Temp\~osA2F0.tmp\ossproxy.exe:ossproxy.exe
"{6E9EC30F-0DCC-4C3E-A423-4B3FBEA75729}"= UDP:c:\windows\Temp\~os2E3E.tmp\ossproxy.exe:ossproxy.exe
"{33913FE6-12C8-4746-BA7D-A43A84D44CA7}"= UDP:c:\windows\Temp\~osB641.tmp\ossproxy.exe:ossproxy.exe
"{3923C17F-C8B3-493A-8B5B-CB57FD24D655}"= UDP:c:\windows\Temp\~os4141.tmp\ossproxy.exe:ossproxy.exe
"{348091A8-EFF8-4006-BE80-B8BA258A68E6}"= UDP:c:\windows\Temp\~osFE1A.tmp\ossproxy.exe:ossproxy.exe
"{34FCF2F7-6EC7-4451-9848-E62107EDE6F7}"= UDP:c:\windows\Temp\~osC780.tmp\ossproxy.exe:ossproxy.exe
"{D4F5A244-1F71-4DD4-AACC-FF44E172D707}"= UDP:c:\windows\Temp\~os5CDC.tmp\ossproxy.exe:ossproxy.exe
"{DC530FF2-8945-4A9F-BA44-9F7017864560}"= UDP:c:\windows\Temp\~osEB55.tmp\ossproxy.exe:ossproxy.exe
"{F95622D2-86A0-4C1B-AC43-C26D693F1D47}"= UDP:c:\windows\Temp\~osBA38.tmp\ossproxy.exe:ossproxy.exe
"{7EEC7951-49CA-4A64-9D14-B845FFF35FB7}"= UDP:c:\windows\Temp\~osC86B.tmp\ossproxy.exe:ossproxy.exe
"{8E6F025A-84AB-49C3-8897-8C0916513442}"= UDP:c:\windows\Temp\~os34D3.tmp\ossproxy.exe:ossproxy.exe
"{9E651AD7-19F0-4AFB-A241-A4246E082984}"= UDP:c:\windows\Temp\~os863D.tmp\ossproxy.exe:ossproxy.exe
"{AE206669-9071-4B66-A60B-C78DF4379440}"= UDP:c:\windows\Temp\~os941.tmp\ossproxy.exe:ossproxy.exe
"{4DB1EFF9-2E0B-438B-A38C-D2FEB721ACB9}"= UDP:c:\windows\Temp\~os4586.tmp\ossproxy.exe:ossproxy.exe
"{5DB9FD88-9907-4841-BEDF-A8D25BACE66C}"= UDP:c:\windows\Temp\~osE0BB.tmp\ossproxy.exe:ossproxy.exe
"{62231811-3803-4890-A79C-3C4BD7202D25}"= UDP:c:\windows\Temp\~os12E2.tmp\ossproxy.exe:ossproxy.exe
"{0827C734-5455-47A1-A2A4-2A6E82E32FCA}"= UDP:c:\windows\Temp\~osCC61.tmp\ossproxy.exe:ossproxy.exe
"{11CBF6D7-6770-4772-943F-C776D94F5395}"= UDP:c:\windows\Temp\~os11D9.tmp\ossproxy.exe:ossproxy.exe
"{8878785D-00DC-4E34-B3E8-168DE9F7DB5D}"= UDP:c:\windows\Temp\~os441F.tmp\ossproxy.exe:ossproxy.exe
"{E9ED4D24-0097-49A0-A66F-87CC89EB0864}"= UDP:c:\windows\Temp\~os9B72.tmp\ossproxy.exe:ossproxy.exe
"{263B7C5C-3BDF-4D81-B4A7-3D7ADBD9AD58}"= UDP:c:\windows\Temp\~os894A.tmp\ossproxy.exe:ossproxy.exe
"{7144D5C0-685B-43B8-9838-69CC42863730}"= UDP:c:\windows\Temp\~os65A4.tmp\ossproxy.exe:ossproxy.exe
"{55EADCBD-4AB3-4635-8CFF-8A2F47E43CB3}"= UDP:c:\windows\Temp\~os8F14.tmp\ossproxy.exe:ossproxy.exe
"{0A7725E2-93AB-474F-8E88-352228392EB0}"= UDP:c:\windows\Temp\~os22BB.tmp\ossproxy.exe:ossproxy.exe
"{1FE1ED79-6727-4B33-960F-5A123E4C9083}"= UDP:c:\windows\Temp\~osC975.tmp\ossproxy.exe:ossproxy.exe
"{658EA6ED-8262-4986-8432-C3D06D026051}"= UDP:c:\windows\Temp\~os932.tmp\ossproxy.exe:ossproxy.exe
"{22FC4DD6-0FE9-4129-957A-4D23FF6C2A68}"= UDP:c:\windows\Temp\~os2DC.tmp\ossproxy.exe:ossproxy.exe
"{AC754CF5-27A4-4762-B018-107629D71C20}"= UDP:c:\windows\Temp\~os9654.tmp\ossproxy.exe:ossproxy.exe
"{01AD2B0A-B90E-4D0C-B163-C85D0138EC77}"= UDP:c:\windows\Temp\~os97BB.tmp\ossproxy.exe:ossproxy.exe
"{BAC27179-F973-4175-9268-342DE73ABAE2}"= UDP:c:\windows\Temp\~os7434.tmp\ossproxy.exe:ossproxy.exe
"{5E7EB6ED-B05B-434C-B51B-A4A4443F6053}"= UDP:c:\windows\Temp\~os33CB.tmp\ossproxy.exe:ossproxy.exe
"{90A6F6AB-2259-4BB4-A20B-6DFF7E900274}"= UDP:c:\windows\Temp\~osEAAB.tmp\ossproxy.exe:ossproxy.exe

aybsee
Intermediate
Intermediate

Posts Posts : 102
Joined Joined : 2008-12-19
OS OS : wnidows vista home premium
Points Points : 29512
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Trojan

Post by aybsee on 9th July 2009, 4:48 am

part 15

"{5B4A2441-7850-4D9D-828D-23E6A8E813A6}"= UDP:c:\windows\Temp\~osC33E.tmp\ossproxy.exe:ossproxy.exe
"{70755D9E-7AA7-4C5E-AF06-A88445A8204E}"= UDP:c:\windows\Temp\~os588A.tmp\ossproxy.exe:ossproxy.exe
"{0DCDC20B-AF2E-4B55-97A9-CC80E2060526}"= UDP:c:\windows\Temp\~osEDC7.tmp\ossproxy.exe:ossproxy.exe
"{A0097217-2B34-4A3B-AC88-4B6736C7730F}"= UDP:c:\windows\Temp\~osC61B.tmp\ossproxy.exe:ossproxy.exe
"{BDBFC39E-16B5-4197-8C5C-4A5898F21B03}"= UDP:c:\windows\Temp\~os957A.tmp\ossproxy.exe:ossproxy.exe
"{85639711-CEC9-43CB-A162-7EF439E3FD79}"= UDP:c:\windows\Temp\~os7609.tmp\ossproxy.exe:ossproxy.exe
"{6827BAF9-5A1B-4275-847E-C8DCEFD796E9}"= UDP:c:\windows\Temp\~os70DB.tmp\ossproxy.exe:ossproxy.exe
"{28440382-A360-406E-91F9-D637AE452ABD}"= UDP:c:\windows\Temp\~os1D11.tmp\ossproxy.exe:ossproxy.exe
"{EA2D094F-A330-41F1-819E-29841B384AC4}"= UDP:c:\windows\Temp\~os9700.tmp\ossproxy.exe:ossproxy.exe
"{E1514E53-66A1-4CCC-BD85-166C02079E08}"= UDP:c:\windows\Temp\~os78E6.tmp\ossproxy.exe:ossproxy.exe
"{A162B845-9B81-4EC1-BA84-E4F8D12AF6EB}"= UDP:c:\windows\Temp\~os640F.tmp\ossproxy.exe:ossproxy.exe
"{91139E1D-D869-417A-9514-F42E13F77556}"= UDP:c:\windows\Temp\~os538B.tmp\ossproxy.exe:ossproxy.exe
"{9D866317-C478-4F91-B147-0F4CF71EC078}"= UDP:c:\windows\Temp\~osFB8D.tmp\ossproxy.exe:ossproxy.exe
"{9844A56C-BDB2-4265-A301-CD374C57C8EE}"= UDP:c:\windows\Temp\~osF038.tmp\ossproxy.exe:ossproxy.exe
"{42F1E9ED-6E8D-475A-A12C-C735183192DB}"= UDP:c:\windows\Temp\~osCD1E.tmp\ossproxy.exe:ossproxy.exe
"{48B5C3C5-659E-4C18-ADF4-0DB9F54920D9}"= UDP:c:\windows\Temp\~os73E8.tmp\ossproxy.exe:ossproxy.exe
"{3ADEF8AA-E8A6-4A0B-9C25-2EC3464864E6}"= UDP:c:\windows\Temp\~osFFC2.tmp\ossproxy.exe:ossproxy.exe
"{A8D62727-F3C3-464D-B15A-BAD57BE49EFA}"= UDP:c:\windows\Temp\~osF47C.tmp\ossproxy.exe:ossproxy.exe
"{677A03C5-75CE-4E4E-BE45-9B871B9DB13A}"= UDP:c:\windows\Temp\~os1BBB.tmp\ossproxy.exe:ossproxy.exe
"{148B955D-6D0E-4D96-8963-A78CA62D7F3B}"= UDP:c:\windows\Temp\~os1989.tmp\ossproxy.exe:ossproxy.exe
"{E48F26F0-4909-4F69-BAE6-04E80AE060EB}"= UDP:c:\windows\Temp\~osA1FA.tmp\ossproxy.exe:ossproxy.exe
"{35D69F18-F915-4F58-B2D2-A80F6803A973}"= UDP:c:\windows\Temp\~os2923.tmp\ossproxy.exe:ossproxy.exe
"{66150493-B7EE-4035-AD95-AB0079E3A2A9}"= UDP:c:\windows\Temp\~osE82.tmp\ossproxy.exe:ossproxy.exe
"{49E3C3EA-4367-468A-883C-DD3CB5FD6565}"= UDP:c:\windows\Temp\~os2AE8.tmp\ossproxy.exe:ossproxy.exe
"{CB80925E-B994-4FE9-AD90-41A39E853A7A}"= UDP:c:\windows\Temp\~osC2B4.tmp\ossproxy.exe:ossproxy.exe
"{1F2281C2-0DE2-46A0-91EC-09848A86A24D}"= UDP:c:\windows\Temp\~os5CA2.tmp\ossproxy.exe:ossproxy.exe
"{73627A4A-03CC-4193-9E63-E2DEAAC76141}"= UDP:c:\windows\Temp\~os7F2F.tmp\ossproxy.exe:ossproxy.exe
"{08E74E58-EA01-40BE-A0F7-0FDBCE0C888F}"= UDP:c:\windows\Temp\~os57D1.tmp\ossproxy.exe:ossproxy.exe
"{D857FE8D-17D2-4869-BD2C-5655822D9FCE}"= UDP:c:\windows\Temp\~osC3CD.tmp\ossproxy.exe:ossproxy.exe
"{B210E902-9C8A-4A82-A6C6-57D45EE398F0}"= UDP:c:\windows\Temp\~os710C.tmp\ossproxy.exe:ossproxy.exe
"{BB638FCA-66D4-4BA0-AEEC-55A87DFFA4D2}"= UDP:c:\windows\Temp\~os2BA4.tmp\ossproxy.exe:ossproxy.exe
"{FB44BA9E-E16E-45C5-8CEC-8390E8935234}"= UDP:c:\windows\Temp\~osC469.tmp\ossproxy.exe:ossproxy.exe
"{0B2554B2-E7FA-4FE9-9B29-347A36FC4E77}"= UDP:c:\windows\Temp\~os8A37.tmp\ossproxy.exe:ossproxy.exe
"{3413358A-53BB-4CAC-90A5-5DEF4478C63A}"= UDP:c:\windows\Temp\~os8509.tmp\ossproxy.exe:ossproxy.exe
"{51A89959-6666-429B-8FDA-655700C62D60}"= UDP:c:\windows\Temp\~osE4B5.tmp\ossproxy.exe:ossproxy.exe
"{8584963F-682D-41A7-93F3-145BD5FC30C8}"= UDP:c:\windows\Temp\~os1344.tmp\ossproxy.exe:ossproxy.exe
"{817915C9-7433-45C5-A54B-2172BE242977}"= UDP:c:\windows\Temp\~osE80F.tmp\ossproxy.exe:ossproxy.exe
"{CB7A20CD-AC1B-4192-BBFA-F5BFC7792ED4}"= UDP:c:\windows\Temp\~os476E.tmp\ossproxy.exe:ossproxy.exe
"{50C54347-0336-4A3E-B66F-C1CA651031A4}"= UDP:c:\windows\Temp\~os6AD5.tmp\ossproxy.exe:ossproxy.exe
"{BE473337-CC19-469B-95D6-FCF1AE9DF182}"= UDP:c:\windows\Temp\~os93D8.tmp\ossproxy.exe:ossproxy.exe
"{F5ADE05F-ED5E-4299-87C3-CD018A9AA509}"= UDP:c:\windows\Temp\~osD692.tmp\ossproxy.exe:ossproxy.exe
"{E58D10BB-3EE8-4680-88EB-06CCF9B656D9}"= UDP:c:\windows\Temp\~os2F0E.tmp\ossproxy.exe:ossproxy.exe
"{059A6128-80D7-4ECF-84AC-009FDBEA8B0E}"= UDP:c:\windows\Temp\~osCDEB.tmp\ossproxy.exe:ossproxy.exe
"{E66C966A-EA38-4EF7-A265-4FD31EE671A0}"= UDP:c:\windows\Temp\~osEB4B.tmp\ossproxy.exe:ossproxy.exe
"{F05C408F-A938-4D91-9D14-748AFAD6447B}"= UDP:c:\windows\Temp\~osCFEE.tmp\ossproxy.exe:ossproxy.exe
"{DE399378-081E-41C5-AF0B-9ABAC17DD496}"= UDP:c:\windows\Temp\~osFF19.tmp\ossproxy.exe:ossproxy.exe
"{4CD6DBF4-3EBB-44BD-9CC2-28559F10E3C3}"= UDP:c:\windows\Temp\~osB991.tmp\ossproxy.exe:ossproxy.exe
"{B183CB6D-99DD-4BE8-97A5-B71250B16105}"= UDP:c:\windows\Temp\~os5EF4.tmp\ossproxy.exe:ossproxy.exe
"{DEA134A6-9A26-4640-B815-0DE4E8F0DDCF}"= UDP:c:\windows\Temp\~osC71.tmp\ossproxy.exe:ossproxy.exe
"{E89A1B12-B23C-4F75-BFCC-F7722933036E}"= UDP:c:\windows\Temp\~os3D41.tmp\ossproxy.exe:ossproxy.exe
"{76CB96C0-5ADC-44AE-A95A-45493F6ED74F}"= UDP:c:\windows\Temp\~osCE88.tmp\ossproxy.exe:ossproxy.exe
"{67A02FC2-DE81-418D-B04F-129B6A8C5125}"= UDP:c:\windows\Temp\~os5766.tmp\ossproxy.exe:ossproxy.exe
"{4C3BD205-EA81-4D76-B754-E21EDCC22520}"= UDP:c:\windows\Temp\~os5C37.tmp\ossproxy.exe:ossproxy.exe
"{020F4AC1-1A0C-4F60-B14A-516AB0108C5A}"= UDP:c:\windows\Temp\~osF450.tmp\ossproxy.exe:ossproxy.exe
"{104C63CE-22A5-4490-BF54-4CB667A7D819}"= UDP:c:\windows\Temp\~os6C7.tmp\ossproxy.exe:ossproxy.exe
"{CDAE1A91-3A4E-42E1-843A-419040479D7E}"= UDP:c:\windows\Temp\~os83C3.tmp\ossproxy.exe:ossproxy.exe
"{90842451-CF70-4F3E-ADE5-2847B4C1E9E8}"= UDP:c:\windows\Temp\~os7237.tmp\ossproxy.exe:ossproxy.exe
"{2D557145-DAE2-447F-8609-D1011E4B5F51}"= UDP:c:\windows\Temp\~os7A80.tmp\ossproxy.exe:ossproxy.exe
"{330C6420-4BE0-448E-84EA-5353424BD030}"= UDP:c:\windows\Temp\~os5390.tmp\ossproxy.exe:ossproxy.exe
"{D45BFB8E-ED8C-495C-A16A-82BDE5FF2433}"= UDP:c:\windows\Temp\~osCB9C.tmp\ossproxy.exe:ossproxy.exe
"{7BEBED2B-7886-47DA-B9E4-CD3F14DD9A74}"= UDP:c:\windows\Temp\~os3BAD.tmp\ossproxy.exe:ossproxy.exe
"{7FC9D966-DFAF-43E2-994E-0D9E68C9EF9C}"= UDP:c:\windows\Temp\~os126C.tmp\ossproxy.exe:ossproxy.exe
"{077877E4-C85E-499B-91BB-C4333B4B131B}"= UDP:c:\windows\Temp\~os2206.tmp\ossproxy.exe:ossproxy.exe
"{660BD080-3BA9-41B2-BC63-BBD8D1812533}"= UDP:c:\windows\Temp\~os8AE6.tmp\ossproxy.exe:ossproxy.exe
"{EBC50047-BAE1-4BBC-8E27-405CB2B46E86}"= UDP:c:\windows\Temp\~osF79C.tmp\ossproxy.exe:ossproxy.exe
"{835A921E-129C-45CF-B2C4-4DC684CB780E}"= UDP:c:\windows\Temp\~os9BD7.tmp\ossproxy.exe:ossproxy.exe
"{C73A9DFC-C5CE-4E1C-A49F-77C82742F303}"= UDP:c:\windows\Temp\~os4D5A.tmp\ossproxy.exe:ossproxy.exe
"{B5B49DBF-9938-43AA-A638-A69FC48A192C}"= UDP:c:\windows\Temp\~os3F75.tmp\ossproxy.exe:ossproxy.exe
"{A62AC6A3-F619-4DE9-8256-E84472933043}"= UDP:c:\windows\Temp\~os6962.tmp\ossproxy.exe:ossproxy.exe
"{69C9D58D-E8DF-4DD8-A2D3-AEA36CD7FDD2}"= UDP:c:\windows\Temp\~osC113.tmp\ossproxy.exe:ossproxy.exe
"{1C74F82F-16D7-457C-A62A-A663E7BA8FC8}"= UDP:c:\windows\Temp\~os15C7.tmp\ossproxy.exe:ossproxy.exe
"{F0762ECC-9E8F-4C25-BEFB-3D9D08960DFD}"= UDP:c:\windows\Temp\~osB080.tmp\ossproxy.exe:ossproxy.exe
"{2D87E46F-5285-4831-88A8-58BFE713FF78}"= UDP:c:\windows\Temp\~os30F5.tmp\ossproxy.exe:ossproxy.exe
"{5D13DA50-2FD8-4695-B533-87516935F0E7}"= UDP:c:\windows\Temp\~os4752.tmp\ossproxy.exe:ossproxy.exe
"{AFF66CC9-61AD-46BB-9E7C-B672583AF2CE}"= UDP:c:\windows\Temp\~osF9CF.tmp\ossproxy.exe:ossproxy.exe
"{7C4D4968-5C64-4637-8305-AB10F5D1EA86}"= UDP:c:\windows\Temp\~os9D4E.tmp\ossproxy.exe:ossproxy.exe
"{8FFDC8E5-9785-45BC-8F96-28C53D441390}"= UDP:c:\windows\Temp\~osDBF3.tmp\ossproxy.exe:ossproxy.exe
"{81CD216C-21AE-4CF1-8843-6FF22CD264F6}"= UDP:c:\windows\Temp\~os79A8.tmp\ossproxy.exe:ossproxy.exe
"{C3F4C54A-63F9-40CB-B3D0-71AF2E32CA7D}"= UDP:c:\windows\Temp\~os574A.tmp\ossproxy.exe:ossproxy.exe
"{29350759-92FF-47FF-915D-2405DBA6AEE2}"= UDP:c:\windows\Temp\~os62BF.tmp\ossproxy.exe:ossproxy.exe
"{7B99636B-5133-4286-9DFA-50C5ECA701A5}"= UDP:c:\windows\Temp\~osA4AE.tmp\ossproxy.exe:ossproxy.exe
"{98414F2D-4C39-4CBC-B84A-85DB0C2D8E14}"= UDP:c:\windows\Temp\~osFECF.tmp\ossproxy.exe:ossproxy.exe
"{C2E4A3A1-58D6-4C66-B491-FC47630C66A7}"= UDP:c:\windows\Temp\~osD7EE.tmp\ossproxy.exe:ossproxy.exe
"{7744B233-DE9A-4DED-861C-503ACFD82612}"= UDP:c:\windows\Temp\~osB8C.tmp\ossproxy.exe:ossproxy.exe
"{0BA171DB-E705-48EC-ABF2-D90BF3CD85FA}"= UDP:c:\windows\Temp\~osFBA4.tmp\ossproxy.exe:ossproxy.exe
"{FB76D38D-CE7C-4CC4-9DC1-EFBF968F89E3}"= UDP:c:\windows\Temp\~os5844.tmp\ossproxy.exe:ossproxy.exe
"{1CFD4D1E-8EF4-45AC-B763-4E937DBBBCEB}"= UDP:c:\windows\Temp\~os3BF.tmp\ossproxy.exe:ossproxy.exe
"{26FE6776-6C35-4B04-A9D4-80F451FC52A0}"= UDP:c:\windows\Temp\~os5C79.tmp\ossproxy.exe:ossproxy.exe
"{C1658D71-A7DB-4CF7-ABD5-9250A1001388}"= UDP:c:\windows\Temp\~osA8C4.tmp\ossproxy.exe:ossproxy.exe
"{2FA19DCB-5CDC-4B7E-A8E9-841487A2B7AB}"= UDP:c:\windows\Temp\~osA3C5.tmp\ossproxy.exe:ossproxy.exe
"{12DB69E3-7C07-468C-B5F9-8B6C675FDB68}"= UDP:c:\windows\Temp\~os9F62.tmp\ossproxy.exe:ossproxy.exe
"{19370DF9-08C8-437B-9E17-E4803847ADE2}"= UDP:c:\windows\Temp\~osBC83.tmp\ossproxy.exe:ossproxy.exe
"{B8C660F5-69F1-47E9-B915-9DBF1ED0E67D}"= UDP:c:\windows\Temp\~os771A.tmp\ossproxy.exe:ossproxy.exe
"{27095C49-357D-4E20-BF12-79758AFC83FF}"= UDP:c:\windows\Temp\~osA73E.tmp\ossproxy.exe:ossproxy.exe
"{9A5528B0-53DF-4446-AF6A-1746126CC12C}"= UDP:c:\windows\Temp\~os7038.tmp\ossproxy.exe:ossproxy.exe
"{B4A8446A-262F-4123-A8B0-08B705E0BE2A}"= UDP:c:\windows\Temp\~os598C.tmp\ossproxy.exe:ossproxy.exe
"{A70B9B08-C256-41A1-8DF4-F444358610E3}"= UDP:c:\windows\Temp\~os4CD0.tmp\ossproxy.exe:ossproxy.exe
"{8128927E-CD9A-4E52-9EF6-C2D3A2A0FDDB}"= UDP:c:\windows\Temp\~osB2F.tmp\ossproxy.exe:ossproxy.exe
"{A80BCF5A-DE4E-4199-A1DF-7B38964BEBC5}"= UDP:c:\windows\Temp\~os61C7.tmp\ossproxy.exe:ossproxy.exe
"{068D6C24-8707-4F7B-B00C-A53A59A8A71F}"= UDP:c:\windows\Temp\~os940D.tmp\ossproxy.exe:ossproxy.exe
"{CABB6EAB-0B0F-421E-939D-FFEFEAC51D9B}"= UDP:c:\windows\Temp\~os7834.tmp\ossproxy.exe:ossproxy.exe
"{708DCD97-AF46-476A-BD9A-C29FBCF909B9}"= UDP:c:\windows\Temp\~osC29B.tmp\ossproxy.exe:ossproxy.exe
"{D7A22F5C-CFE2-488E-B9D9-885C3E62ACB0}"= UDP:c:\windows\Temp\~os1E32.tmp\ossproxy.exe:ossproxy.exe
"{633D7870-7D63-4DB7-A307-A4E79AFFAFE4}"= UDP:c:\windows\Temp\~os655F.tmp\ossproxy.exe:ossproxy.exe
"{70D40A41-CAC2-4F1C-80BE-9556DADA0817}"= UDP:c:\windows\Temp\~os1DC5.tmp\ossproxy.exe:ossproxy.exe
"{165B4AF0-8E70-45C2-91A3-B13C6F45552B}"= UDP:c:\windows\Temp\~os9AA.tmp\ossproxy.exe:ossproxy.exe
"{DD77D93A-C197-4F0B-B6E5-31C5DA129983}"= UDP:c:\windows\Temp\~os6791.tmp\ossproxy.exe:ossproxy.exe
"{BE84EB32-0A05-437A-A349-4CBAEA000125}"= UDP:c:\windows\Temp\~os99D8.tmp\ossproxy.exe:ossproxy.exe
"{6D5222F7-C00D-4E2C-B0B6-25B1BC497A63}"= UDP:c:\windows\Temp\~osB62E.tmp\ossproxy.exe:ossproxy.exe
"{139A5347-8841-4997-BA3E-E07148D0CE0D}"= UDP:c:\windows\Temp\~os47F1.tmp\ossproxy.exe:ossproxy.exe
"{1C4FF723-20F0-4B72-ADC5-F61A3B27097D}"= UDP:c:\windows\Temp\~os9C9.tmp\ossproxy.exe:ossproxy.exe
"{441AB241-14A3-49DC-B695-F7D880C1F5B3}"= UDP:c:\windows\Temp\~osA7CC.tmp\ossproxy.exe:ossproxy.exe
"{DC72BF83-1328-4118-BBF8-0A8C2A0AC953}"= UDP:c:\windows\Temp\~osE3A4.tmp\ossproxy.exe:ossproxy.exe
"{4E49C23C-D2C2-4895-B3B6-995383BF6206}"= UDP:c:\windows\Temp\~os6D9B.tmp\ossproxy.exe:ossproxy.exe
"{586DBD37-6CA9-4D01-B7D5-7D27B5E4899D}"= UDP:c:\windows\Temp\~os1DE.tmp\ossproxy.exe:ossproxy.exe
"{BFC05FFB-6011-4340-9AC0-20652B845CDB}"= UDP:c:\windows\Temp\~os945C.tmp\ossproxy.exe:ossproxy.exe
"{0D918A6E-E13D-4602-A3BA-D6761F33CEE3}"= UDP:c:\windows\Temp\~os9A46.tmp\ossproxy.exe:ossproxy.exe
"{FC28FDDC-E172-4435-AE3A-8C8BE9F08F1A}"= UDP:c:\windows\Temp\~osEC0D.tmp\ossproxy.exe:ossproxy.exe
"{C0555B80-0B2A-4BFE-9750-0400AC5EDA7A}"= UDP:c:\windows\Temp\~os6B6A.tmp\ossproxy.exe:ossproxy.exe
"{B35523D3-BA6C-4373-94CD-9F3887D2A273}"= UDP:c:\windows\Temp\~osFFFB.tmp\ossproxy.exe:ossproxy.exe
"{4A984630-ED10-4BE5-9F63-79E566FB8F78}"= UDP:c:\windows\Temp\~os3F7A.tmp\ossproxy.exe:ossproxy.exe
"{2E82AF0E-EC2D-452F-9EDD-1AF18754E16C}"= UDP:c:\windows\Temp\~os41FA.tmp\ossproxy.exe:ossproxy.exe
"{4A73450A-0FEA-4540-B35A-FE6E77DCC373}"= UDP:c:\windows\Temp\~os54EE.tmp\ossproxy.exe:ossproxy.exe

aybsee
Intermediate
Intermediate

Posts Posts : 102
Joined Joined : 2008-12-19
OS OS : wnidows vista home premium
Points Points : 29512
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Trojan

Post by aybsee on 9th July 2009, 4:48 am

part 16

"{5020D84B-C8DC-4D78-9413-6D68A230ED2B}"= UDP:c:\windows\Temp\~osDC26.tmp\ossproxy.exe:ossproxy.exe
"{A749608E-A7D6-4DC1-8686-83E36A5C5C6E}"= UDP:c:\windows\Temp\~os1ADB.tmp\ossproxy.exe:ossproxy.exe
"{4120D44B-EE3B-40BB-9D44-0AA3E330CADC}"= UDP:c:\windows\Temp\~osC8E5.tmp\ossproxy.exe:ossproxy.exe
"{111B58D2-F0EF-4DCA-AAD5-1EC29EF317B8}"= UDP:c:\windows\Temp\~os9806.tmp\ossproxy.exe:ossproxy.exe
"{66E81002-5735-46EA-B15C-2C25DC052F25}"= UDP:c:\windows\Temp\~osE432.tmp\ossproxy.exe:ossproxy.exe
"{01453FF4-C9D1-465A-9D3E-FD6BFB5C83C5}"= UDP:c:\windows\Temp\~os3A5D.tmp\ossproxy.exe:ossproxy.exe
"{21A79392-02B0-4BAB-A7E3-1FDD8DEDEB00}"= UDP:c:\windows\Temp\~os47E4.tmp\ossproxy.exe:ossproxy.exe
"{57A8C9DF-6352-4BC4-8863-01D64244DA89}"= UDP:c:\windows\Temp\~os68DC.tmp\ossproxy.exe:ossproxy.exe
"{28070303-FC32-4592-A28E-F89DA517CB75}"= UDP:c:\windows\Temp\~os3C02.tmp\ossproxy.exe:ossproxy.exe
"{B3290F6F-1DDA-46A5-A13E-835CDE67D067}"= UDP:c:\windows\Temp\~osC6B.tmp\ossproxy.exe:ossproxy.exe
"{53535F27-A926-4AEF-8504-8B58F374B51D}"= UDP:c:\windows\Temp\~osD15E.tmp\ossproxy.exe:ossproxy.exe
"{730776CB-D881-433F-83D0-FBF418838339}"= UDP:c:\windows\Temp\~os582A.tmp\ossproxy.exe:ossproxy.exe
"{F4BBC850-7FB2-44E5-A5BA-F0FB4569D913}"= UDP:c:\windows\Temp\~os8B0C.tmp\ossproxy.exe:ossproxy.exe
"{78709026-D8C8-4776-801B-3C677A95FC43}"= UDP:c:\windows\Temp\~os2892.tmp\ossproxy.exe:ossproxy.exe
"{A38B7FF0-0941-4BD2-BFF5-BB2901D8DE2B}"= UDP:c:\windows\Temp\~osD6DA.tmp\ossproxy.exe:ossproxy.exe
"{21931F11-A50B-449E-A329-3A2AC7E9773E}"= UDP:c:\windows\Temp\~os8071.tmp\ossproxy.exe:ossproxy.exe
"{5420F209-3695-40BF-ABE7-6EE30C14FF88}"= UDP:c:\windows\Temp\~os31D5.tmp\ossproxy.exe:ossproxy.exe
"{D80DFBA5-A0E3-40AC-915A-6C230369635F}"= UDP:c:\windows\Temp\~osD9D7.tmp\ossproxy.exe:ossproxy.exe
"{2D2EECC6-1CB6-4604-A5BD-A2526EA5FE89}"= UDP:c:\windows\Temp\~os7B15.tmp\ossproxy.exe:ossproxy.exe
"{A2EB2BBC-A9D3-4D3D-BD64-449744EF7825}"= UDP:c:\windows\Temp\~os4F44.tmp\ossproxy.exe:ossproxy.exe
"{C9A8D32E-398D-4DEC-BBFF-F082FE69E132}"= UDP:c:\windows\Temp\~os97E.tmp\ossproxy.exe:ossproxy.exe
"{AC040A32-663A-45ED-AC40-0E24309EA0BB}"= UDP:c:\windows\Temp\~os9E4E.tmp\ossproxy.exe:ossproxy.exe
"{CF60ADDD-1E0B-47B0-BF56-CC263AB85905}"= UDP:c:\windows\Temp\~os4278.tmp\ossproxy.exe:ossproxy.exe
"{0E4C1EA1-E459-4FD6-8FCB-6A2E4B58C7BA}"= UDP:c:\windows\Temp\~osE8A6.tmp\ossproxy.exe:ossproxy.exe
"{5B96D703-C44B-4B1D-A9C7-8C9E67B9B7D0}"= UDP:c:\windows\Temp\~os9A77.tmp\ossproxy.exe:ossproxy.exe
"{52E3208D-26B2-4C84-B649-FF6B2499FEA1}"= UDP:c:\windows\Temp\~os98E.tmp\ossproxy.exe:ossproxy.exe
"{E8496FAE-4821-4652-B801-B7320A57BDBA}"= UDP:c:\windows\Temp\~os98A3.tmp\ossproxy.exe:ossproxy.exe
"{225E73D8-F51F-402F-9FB4-8C48F2E2E7DC}"= UDP:c:\windows\Temp\~os361A.tmp\ossproxy.exe:ossproxy.exe
"{BAEF2594-EA42-4F2D-A35D-A0FCBCCF711D}"= UDP:c:\windows\Temp\~osE25F.tmp\ossproxy.exe:ossproxy.exe
"{B83DD499-36E5-4272-9B21-F87C580CD91F}"= UDP:c:\windows\Temp\~os6EC6.tmp\ossproxy.exe:ossproxy.exe
"{CE7094CA-B05B-416A-9606-13C77F96E9FC}"= UDP:c:\windows\Temp\~os16D7.tmp\ossproxy.exe:ossproxy.exe
"{CCA1AD4E-E122-4717-96CC-4254FDC3AAEB}"= UDP:c:\windows\Temp\~osDE89.tmp\ossproxy.exe:ossproxy.exe
"{BB0D95C9-BAC4-4362-B7CF-38D9E0C952EC}"= UDP:c:\windows\Temp\~os8ED4.tmp\ossproxy.exe:ossproxy.exe
"{23223648-05BA-439C-AD71-4192FC56970E}"= UDP:c:\program files\RelevantKnowledge\rlvknlg.exe:rlvknlg.exe
"{EEE023E0-DBB0-4D97-BEF6-D1C75F07E3FC}"= TCP:c:\program files\RelevantKnowledge\rlvknlg.exe:rlvknlg.exe
"{C1D65DBA-0963-47DB-9600-30B8F703AF24}"= UDP:c:\windows\Temp\~os1F0.tmp\ossproxy.exe:ossproxy.exe
"{76186108-7B96-4D94-80C1-74E2EFFC438E}"= UDP:c:\windows\Temp\~osB400.tmp\ossproxy.exe:ossproxy.exe
"{81BD28F1-89DA-4F01-B0B4-9C62D44FD80B}"= UDP:c:\windows\Temp\~os665D.tmp\ossproxy.exe:ossproxy.exe
"{FA860A17-A224-431E-BF05-C1D39A6FA866}"= UDP:c:\windows\Temp\~os1081.tmp\ossproxy.exe:ossproxy.exe
"{7347EED4-BCD3-4098-A0CD-2F6886BA98EF}"= UDP:c:\windows\Temp\~osBE9A.tmp\ossproxy.exe:ossproxy.exe
"{6710E581-AEC9-492E-8332-AE54FE0EE052}"= UDP:c:\windows\Temp\~os7339.tmp\ossproxy.exe:ossproxy.exe
"{5D223F17-8088-4F91-8C0E-FDF9B12338E3}"= UDP:c:\windows\Temp\~os1EB4.tmp\ossproxy.exe:ossproxy.exe
"{51D82A97-B208-42E5-AF0D-68AF0F89B263}"= UDP:c:\windows\Temp\~osCE44.tmp\ossproxy.exe:ossproxy.exe
"{71E79399-94FC-4D15-A2C4-21538F57DBD3}"= UDP:c:\windows\Temp\~os7F3B.tmp\ossproxy.exe:ossproxy.exe
"{372AFFCE-8433-4514-BC22-48BAD8F43511}"= UDP:c:\windows\Temp\~os2E00.tmp\ossproxy.exe:ossproxy.exe
"{D51C370B-F0BB-4272-AE51-E069CAEE1964}"= UDP:c:\windows\Temp\~osDE6A.tmp\ossproxy.exe:ossproxy.exe
"{F874F090-8EE5-4144-B872-31915D689B28}"= UDP:c:\windows\Temp\~os8F80.tmp\ossproxy.exe:ossproxy.exe
"{A505E8A8-F7C8-400F-99CC-911AB47271DE}"= UDP:c:\windows\Temp\~os4151.tmp\ossproxy.exe:ossproxy.exe
"{DAB093D3-1A19-4982-A973-E43803CB91A0}"= UDP:c:\windows\Temp\~osF11F.tmp\ossproxy.exe:ossproxy.exe
"{C245E22C-CE30-439C-A557-CBD16E280378}"= UDP:c:\windows\Temp\~osA457.tmp\ossproxy.exe:ossproxy.exe
"{0BBFBA28-1E97-463A-9AD3-949DCA89AC26}"= UDP:c:\windows\Temp\~os3753.tmp\ossproxy.exe:ossproxy.exe
"{8C7A45AF-64B3-415A-86B7-37D0A5DE6ABE}"= UDP:c:\windows\Temp\~osBD72.tmp\ossproxy.exe:ossproxy.exe
"{64341023-04C4-4BA1-B011-3ACDB1CECFE3}"= UDP:c:\windows\Temp\~os4E2D.tmp\ossproxy.exe:ossproxy.exe
"{AC06586B-DE95-4058-9312-17EDC7C1A72B}"= UDP:c:\windows\Temp\~osE3E6.tmp\ossproxy.exe:ossproxy.exe
"{C78C8266-E390-493C-B3DF-1D17618B64B8}"= UDP:c:\windows\Temp\~os70CA.tmp\ossproxy.exe:ossproxy.exe
"{E2F300D3-9340-4325-9E3D-0FC0854410B8}"= UDP:c:\windows\Temp\~osD112.tmp\ossproxy.exe:ossproxy.exe
"{6ED09A52-240C-41F2-84FA-5822D3CA7949}"= UDP:c:\windows\Temp\~os7F79.tmp\ossproxy.exe:ossproxy.exe
"{F69E6226-7627-4BA4-9AA0-5D9B28C9C519}"= UDP:c:\windows\Temp\~os3C.tmp\ossproxy.exe:ossproxy.exe
"{542EB338-A06D-419D-8980-4A889EE57623}"= UDP:c:\windows\Temp\~osCF4E.tmp\ossproxy.exe:ossproxy.exe
"{3D42AEB9-B3AB-41ED-A82D-D2123BA86FD3}"= UDP:c:\windows\Temp\~os925E.tmp\ossproxy.exe:ossproxy.exe
"{D127E982-0C66-4553-9E4A-40545BE4465E}"= UDP:c:\windows\Temp\~os40A6.tmp\ossproxy.exe:ossproxy.exe
"{EA84F67F-EA3D-4257-B7B6-015B9E3D851B}"= UDP:c:\windows\Temp\~osC272.tmp\ossproxy.exe:ossproxy.exe
"{0762F247-C363-43BD-B434-6C1BB49149EE}"= UDP:c:\windows\Temp\~osBA2.tmp\ossproxy.exe:ossproxy.exe
"{9160C581-902B-46BF-818C-5F02E349BCCE}"= UDP:c:\windows\Temp\~os3C72.tmp\ossproxy.exe:ossproxy.exe
"{E16F616D-6CB6-4D1E-AC15-FE5AA3FD6746}"= UDP:c:\windows\Temp\~osFAA2.tmp\ossproxy.exe:ossproxy.exe
"{D3342352-182F-4348-B216-07DA539E27A6}"= UDP:c:\windows\Temp\~os9C3D.tmp\ossproxy.exe:ossproxy.exe
"{6A82CCAA-5255-433D-B5E8-536D134FDEF8}"= UDP:c:\windows\Temp\~os386C.tmp\ossproxy.exe:ossproxy.exe
"{38B03779-0AE4-433B-80AA-02E8FE11078F}"= UDP:c:\windows\Temp\~osD382.tmp\ossproxy.exe:ossproxy.exe
"{C84E00A4-CAA9-4B0D-A70C-304476211671}"= UDP:c:\windows\Temp\~os75D9.tmp\ossproxy.exe:ossproxy.exe
"{0284C675-6559-4C08-86E6-6231F0D37468}"= UDP:c:\windows\Temp\~os2865.tmp\ossproxy.exe:ossproxy.exe
"{61C151AC-59B7-4CDD-8F33-3CB3213E7D12}"= UDP:c:\windows\Temp\~osE0BC.tmp\ossproxy.exe:ossproxy.exe
"{3572D7FD-D49E-4AB7-A81B-78739240F7DE}"= UDP:c:\windows\Temp\~os1A4.tmp\ossproxy.exe:ossproxy.exe
"{12BBE1A6-5B0C-4931-8D11-0C32EC1443BA}"= UDP:c:\windows\Temp\~os7BE2.tmp\ossproxy.exe:ossproxy.exe
"{03489C39-2625-4EAE-813E-4450D170F9B4}"= UDP:c:\windows\Temp\~os2309.tmp\ossproxy.exe:ossproxy.exe
"{A8DBA4C4-E096-4782-AC57-507D2E614437}"= UDP:c:\windows\Temp\~os7888.tmp\ossproxy.exe:ossproxy.exe
"{2D5D6135-329A-46C3-A630-0F7F0B4DF011}"= UDP:c:\windows\Temp\~osED78.tmp\ossproxy.exe:ossproxy.exe
"{9BFF0766-7E54-4793-AA5A-79E85077C9C7}"= UDP:c:\windows\Temp\~os6047.tmp\ossproxy.exe:ossproxy.exe
"{CF4501D6-DF30-4654-B282-D92A64E8BFCF}"= UDP:c:\windows\Temp\~os1582.tmp\ossproxy.exe:ossproxy.exe
"{D641728C-AB29-4A75-96B0-DEF5A0061ADE}"= UDP:c:\windows\Temp\~osBEAD.tmp\ossproxy.exe:ossproxy.exe
"{91397CA7-D719-491E-9FF8-FD23B0FAF10B}"= UDP:c:\windows\Temp\~os2885.tmp\ossproxy.exe:ossproxy.exe
"{E8889BD3-FC35-4498-8372-9E18DCA084F1}"= UDP:c:\windows\Temp\~os3052.tmp\ossproxy.exe:ossproxy.exe
"{3B61319E-AEAD-49B7-8576-777E901DD42D}"= UDP:c:\windows\Temp\~os3D0E.tmp\ossproxy.exe:ossproxy.exe
"{DC3C1E42-AC1C-49C4-8D9C-AF93B829F812}"= UDP:c:\windows\Temp\~osF565.tmp\ossproxy.exe:ossproxy.exe
"{95D71EA6-5216-4833-9056-EF3FA8A4DD8C}"= UDP:c:\windows\Temp\~os9E12.tmp\ossproxy.exe:ossproxy.exe
"{AA457E1E-1BA9-4BA6-A695-4DC66D1FEA0C}"= UDP:c:\windows\Temp\~os5530.tmp\ossproxy.exe:ossproxy.exe
"{C1A44183-9136-456E-8C60-7D379CEA0938}"= UDP:c:\windows\Temp\~osEFAA.tmp\ossproxy.exe:ossproxy.exe
"{4B80FF22-F53D-4553-A6F6-D9322EF96223}"= UDP:c:\windows\Temp\~osC17A.tmp\ossproxy.exe:ossproxy.exe
"{988D0872-920E-4549-A34D-EAE6EF176A21}"= UDP:c:\windows\Temp\~os7C7E.tmp\ossproxy.exe:ossproxy.exe
"{6F218E14-0CB3-4F51-B0C8-E0190DBD6CD6}"= UDP:c:\windows\Temp\~osD3B2.tmp\ossproxy.exe:ossproxy.exe
"{A97DBA67-51D7-48CC-8743-E4D83D169BC5}"= UDP:c:\windows\Temp\~os908B.tmp\ossproxy.exe:ossproxy.exe
"{87471731-D8FE-4391-B8BD-557E785F5F44}"= UDP:c:\windows\Temp\~os5215.tmp\ossproxy.exe:ossproxy.exe
"{4F005561-0E31-406B-A003-C3418A575041}"= UDP:c:\windows\Temp\~os14B8.tmp\ossproxy.exe:ossproxy.exe
"{5DFEE02E-30C3-488F-B521-F1769A2A5D40}"= UDP:c:\windows\Temp\~osC937.tmp\ossproxy.exe:ossproxy.exe
"{721870BB-E0E1-412B-B7F5-6BF4025B934C}"= UDP:c:\windows\Temp\~os8999.tmp\ossproxy.exe:ossproxy.exe
"{18C58CEA-BDD9-48C9-9B17-CB8519A8108D}"= UDP:c:\windows\Temp\~os3DF9.tmp\ossproxy.exe:ossproxy.exe
"{1AEB6BC9-1BC2-49D6-B44C-99F56A62D3D8}"= UDP:c:\windows\Temp\~osED1C.tmp\ossproxy.exe:ossproxy.exe
"{AFF5981C-5D70-4927-A1F4-B936A28AC4CD}"= UDP:c:\windows\Temp\~osA746.tmp\ossproxy.exe:ossproxy.exe
"{AC0794EF-7442-42BB-B3CE-B8E5E81D8834}"= UDP:c:\windows\Temp\~os43C3.tmp\ossproxy.exe:ossproxy.exe
"{301D78B4-F8AF-461D-899A-BE58534314FC}"= UDP:c:\windows\Temp\~osED3B.tmp\ossproxy.exe:ossproxy.exe
"{0FDE596A-6C2E-4E71-AE5B-2BA286F968CD}"= UDP:c:\windows\Temp\~os708D.tmp\ossproxy.exe:ossproxy.exe
"{14D8C207-B817-4FCF-A131-D3E842AD1B20}"= UDP:c:\windows\Temp\~os1785.tmp\ossproxy.exe:ossproxy.exe
"{23A093A0-1A54-4722-A2E6-D05045478C99}"= UDP:c:\windows\Temp\~osB01C.tmp\ossproxy.exe:ossproxy.exe
"{96028C26-04F5-443D-BDC1-F5141A71E438}"= UDP:c:\windows\Temp\~os6E8A.tmp\ossproxy.exe:ossproxy.exe
"{75B0A8A5-5F18-4386-9781-23E90EB33180}"= UDP:c:\windows\Temp\~osF843.tmp\ossproxy.exe:ossproxy.exe
"{98DF8F6E-03E6-49CE-9451-927580C6258C}"= UDP:c:\windows\Temp\~os8249.tmp\ossproxy.exe:ossproxy.exe
"{90DBED5D-78C8-4D13-ADCB-F2C222304C4C}"= UDP:c:\windows\Temp\~os3062.tmp\ossproxy.exe:ossproxy.exe
"{ACAA1E11-0693-44DA-926E-DB535738D80A}"= UDP:c:\windows\Temp\~osEEF0.tmp\ossproxy.exe:ossproxy.exe
"{9BD2306A-A4EA-422C-B2DA-F3F8AF9BA9B9}"= UDP:c:\windows\Temp\~osA737.tmp\ossproxy.exe:ossproxy.exe
"{2C9BB42C-BC39-4C1A-9067-FA1240E3BDED}"= UDP:c:\windows\Temp\~os4F19.tmp\ossproxy.exe:ossproxy.exe
"{85FF3663-6B0B-4529-9B0E-763950363689}"= UDP:c:\windows\Temp\~osDA38.tmp\ossproxy.exe:ossproxy.exe
"{05B95A59-B443-4476-8363-ED4DE7BBA9CC}"= UDP:c:\windows\Temp\~os6595.tmp\ossproxy.exe:ossproxy.exe
"{133064F5-ECE1-459C-B6AD-B0B03D0205D0}"= UDP:c:\windows\Temp\~osF1FC.tmp\ossproxy.exe:ossproxy.exe
"{C447A643-81DD-45B5-8C93-8C8446374B23}"= UDP:c:\windows\Temp\~osA0E0.tmp\ossproxy.exe:ossproxy.exe
"{8AA87E9A-80CA-4811-92A0-1ACC6108EA2E}"= UDP:c:\windows\Temp\~os5908.tmp\ossproxy.exe:ossproxy.exe
"{A2B2CD2C-F34C-47DF-8640-211120ED81E4}"= UDP:c:\windows\Temp\~osC9D.tmp\ossproxy.exe:ossproxy.exe
"{C2439636-1CCB-478E-8DED-BBEDE4751C13}"= UDP:c:\windows\Temp\~osEF9C.tmp\ossproxy.exe:ossproxy.exe
"{291D7BAA-7EA2-4A04-967D-CB1DCB25B695}"= UDP:c:\windows\Temp\~osA257.tmp\ossproxy.exe:ossproxy.exe

aybsee
Intermediate
Intermediate

Posts Posts : 102
Joined Joined : 2008-12-19
OS OS : wnidows vista home premium
Points Points : 29512
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Trojan

Post by aybsee on 9th July 2009, 4:49 am

part 17

"{64EAEBC3-0F9D-4B50-BC1A-8D0BF2D74282}"= UDP:c:\windows\Temp\~os3B4B.tmp\ossproxy.exe:ossproxy.exe
"{0E96177E-0C06-42D6-A66B-51958FF8C4B2}"= UDP:c:\windows\Temp\~osCC44.tmp\ossproxy.exe:ossproxy.exe
"{F527B4AF-8D0E-4E10-AA76-D8D309CD1770}"= UDP:c:\windows\Temp\~os6DFF.tmp\ossproxy.exe:ossproxy.exe
"{3D76E027-18B9-452C-8E05-7A29CBF52C53}"= UDP:c:\windows\Temp\~os1F4.tmp\ossproxy.exe:ossproxy.exe
"{DED9FC10-40E0-4433-92F9-B0F6530CA2F9}"= UDP:c:\windows\Temp\~os91F3.tmp\ossproxy.exe:ossproxy.exe
"{26477E0E-ACA9-4ADD-904A-EE2CDE0D5A9C}"= UDP:c:\windows\Temp\~os55CD.tmp\ossproxy.exe:ossproxy.exe
"{BE929F45-1811-4C31-AE7F-156C6BAF492C}"= UDP:c:\windows\Temp\~osF039.tmp\ossproxy.exe:ossproxy.exe
"{D0DF2780-13CB-4E70-A1A0-6C29D0F13AF1}"= UDP:c:\windows\Temp\~os9A7B.tmp\ossproxy.exe:ossproxy.exe
"{3D1EEFC2-6A67-42F3-8667-E49D71539961}"= UDP:c:\windows\Temp\~os46E0.tmp\ossproxy.exe:ossproxy.exe
"{1057D0CB-7664-4329-8CA8-8FEF3C536139}"= UDP:c:\windows\Temp\~osE08F.tmp\ossproxy.exe:ossproxy.exe
"{A3EAFE98-0F0A-48BF-AF3C-973C85E71CC2}"= UDP:c:\windows\Temp\~os758D.tmp\ossproxy.exe:ossproxy.exe
"{E0F9F60C-B836-4876-A938-4AB2CFAB5257}"= UDP:c:\windows\Temp\~os9F0.tmp\ossproxy.exe:ossproxy.exe
"{7E27897E-0983-43D0-BB06-6A1FF3C479DE}"= UDP:c:\windows\Temp\~osACE2.tmp\ossproxy.exe:ossproxy.exe
"{DEDD6FA8-3A37-4259-8D92-2436BD77FE3B}"= UDP:c:\windows\Temp\~os4C9A.tmp\ossproxy.exe:ossproxy.exe
"{03ACF52C-0A37-4EC7-8716-EE3EE07BAEA4}"= UDP:c:\windows\Temp\~os198A.tmp\ossproxy.exe:ossproxy.exe
"{129E0C0E-744B-4EDB-8618-7BA07797EC25}"= UDP:c:\windows\Temp\~osACA4.tmp\ossproxy.exe:ossproxy.exe
"{562BF30F-1FD3-42FD-B723-761DA882142B}"= UDP:c:\windows\Temp\~os48A4.tmp\ossproxy.exe:ossproxy.exe
"{A79A0013-24A1-4629-B33C-06DC401AE5A0}"= UDP:c:\windows\Temp\~os1268.tmp\ossproxy.exe:ossproxy.exe
"{ABB89AA5-0EA1-47A7-A360-4806D9ADDD3C}"= UDP:c:\windows\Temp\~osE14B.tmp\ossproxy.exe:ossproxy.exe
"{DF5C42BC-A002-4C6F-88D2-241A66AE6F55}"= UDP:c:\windows\Temp\~os89C9.tmp\ossproxy.exe:ossproxy.exe
"{65D860FB-846D-4B98-9119-43BFD4416A0F}"= UDP:c:\windows\Temp\~os3A14.tmp\ossproxy.exe:ossproxy.exe
"{8B752BE3-B22A-4892-8874-BB64CB854924}"= UDP:c:\windows\Temp\~os75AD.tmp\ossproxy.exe:ossproxy.exe
"{1B73161D-0B18-4111-A78F-A7CDC88C3500}"= UDP:c:\windows\Temp\~osB24F.tmp\ossproxy.exe:ossproxy.exe
"{8A4D9108-ED31-4428-82FE-00F48524DBDB}"= UDP:c:\windows\Temp\~osF7C7.tmp\ossproxy.exe:ossproxy.exe
"{239194A3-769D-47EB-B670-B81D65A6A5F8}"= UDP:c:\windows\Temp\~os2C8D.tmp\ossproxy.exe:ossproxy.exe
"{49C80D3C-7B46-41C9-A775-936DA7CE0AF3}"= UDP:c:\windows\Temp\~os6F57.tmp\ossproxy.exe:ossproxy.exe
"{A68E575E-A36F-4117-A415-2ABE0613D181}"= UDP:c:\windows\Temp\~osB9BE.tmp\ossproxy.exe:ossproxy.exe
"{073537BB-F59E-48EB-BF32-1A25930089BA}"= UDP:c:\windows\Temp\~osAD6F.tmp\ossproxy.exe:ossproxy.exe
"{6F9FDBBC-D644-4CD3-B2A4-B24E2437906F}"= UDP:c:\windows\Temp\~osE071.tmp\ossproxy.exe:ossproxy.exe
"{4F148733-94E5-4B23-A98F-FB49007307DC}"= UDP:c:\windows\Temp\~os823B.tmp\ossproxy.exe:ossproxy.exe
"{FA99805A-3821-4BCF-864C-67CE8BFE0E70}"= UDP:c:\windows\Temp\~osBBE1.tmp\ossproxy.exe:ossproxy.exe
"{B9E07EEE-F2D3-4093-922D-672F5FEEDFF2}"= UDP:c:\windows\Temp\~os2B0.tmp\ossproxy.exe:ossproxy.exe
"{B38A35AF-B896-418B-9C0E-D44407C19DD7}"= UDP:c:\windows\Temp\~osB674.tmp\ossproxy.exe:ossproxy.exe
"{CDDB139D-2BF3-4DA5-8E83-E661FAE6AB2E}"= UDP:c:\windows\Temp\~os4FF5.tmp\ossproxy.exe:ossproxy.exe
"{95B6DD96-0DF9-495E-8219-B6EB7265A70F}"= UDP:c:\windows\Temp\~osF4FA.tmp\ossproxy.exe:ossproxy.exe
"{7966AAA9-94D6-4A8B-AB11-C9E511ADEE6F}"= UDP:c:\windows\Temp\~os90FA.tmp\ossproxy.exe:ossproxy.exe
"{47C9605F-37F3-4ED3-8BF0-B65D72B9AD2D}"= UDP:c:\windows\Temp\~os2A1D.tmp\ossproxy.exe:ossproxy.exe
"{9875BD8D-18F4-4FDE-B4EF-DF25EBEB6012}"= UDP:c:\windows\Temp\~osED0E.tmp\ossproxy.exe:ossproxy.exe
"{EA0F313B-E56A-4650-9D3B-2B47946A618F}"= UDP:c:\windows\Temp\~os9770.tmp\ossproxy.exe:ossproxy.exe
"{E2A1D229-C515-4415-9A8E-667CD1040EDD}"= UDP:c:\windows\Temp\~os197.tmp\ossproxy.exe:ossproxy.exe
"{E72FCE0B-A6EB-4C21-928E-421D3C07D678}"= UDP:c:\windows\Temp\~os6385.tmp\ossproxy.exe:ossproxy.exe
"{884884F3-CEDD-4BFF-931F-FED8A1390108}"= UDP:c:\windows\Temp\~osFE3E.tmp\ossproxy.exe:ossproxy.exe
"{9D0679BC-8197-4D31-85A0-9ED1024B2207}"= UDP:c:\windows\Temp\~os7DD8.tmp\ossproxy.exe:ossproxy.exe
"{F37848E6-3428-45F7-A066-0BC217C48F9D}"= UDP:c:\windows\Temp\~os27EC.tmp\ossproxy.exe:ossproxy.exe
"{9EF45305-23B9-477F-8875-594129E125E7}"= UDP:c:\windows\Temp\~osBDB5.tmp\ossproxy.exe:ossproxy.exe
"{0DD7853A-EC2C-4ED7-B6B2-18105888927B}"= UDP:c:\windows\Temp\~os6DE1.tmp\ossproxy.exe:ossproxy.exe
"{EC053DEC-42E4-45D9-A1A9-714313384A03}"= UDP:c:\windows\Temp\~os926.tmp\ossproxy.exe:ossproxy.exe
"{1A819C9B-AE94-4153-A347-8D92FAB1117B}"= UDP:c:\windows\Temp\~osA2D6.tmp\ossproxy.exe:ossproxy.exe
"{EA64E449-7346-46F8-BCF1-98E50F554578}"= UDP:c:\windows\Temp\~os39E6.tmp\ossproxy.exe:ossproxy.exe
"{6B977981-8BF2-440F-9CDE-1B0A9FCC6DC2}"= UDP:c:\windows\Temp\~osD480.tmp\ossproxy.exe:ossproxy.exe
"{8D86CF1D-70D7-4647-8B6B-BBDDE36319F4}"= UDP:c:\windows\Temp\~os7F4F.tmp\ossproxy.exe:ossproxy.exe
"{78C4580F-1659-4401-A519-D44BC98A043D}"= UDP:c:\windows\Temp\~os27CD.tmp\ossproxy.exe:ossproxy.exe
"{8E3627E3-63F0-4347-8EA1-E89CE32B9312}"= UDP:c:\windows\Temp\~os15C4.tmp\ossproxy.exe:ossproxy.exe
"{2029B51B-353B-4DF5-A7CB-2DB63A67A1D7}"= UDP:c:\windows\Temp\~os9C22.tmp\ossproxy.exe:ossproxy.exe
"{C2E438CC-9722-47E5-B71E-15F2980B3EA7}"= UDP:c:\windows\Temp\~os7947.tmp\ossproxy.exe:ossproxy.exe
"{6C6EBE39-1CA8-403E-90CD-E183F28E80FF}"= UDP:c:\windows\Temp\~os44DF.tmp\ossproxy.exe:ossproxy.exe
"{C55190AE-6073-4744-AE66-C703DA930933}"= UDP:c:\windows\Temp\~osFCD7.tmp\ossproxy.exe:ossproxy.exe
"{03C4652C-A51A-4686-B958-D051C86589D2}"= UDP:c:\windows\Temp\~osBFC8.tmp\ossproxy.exe:ossproxy.exe
"{073E16CF-EEC9-4BA8-8B69-9B4C6437F311}"= UDP:c:\windows\Temp\~os7EF2.tmp\ossproxy.exe:ossproxy.exe
"{DC23695B-A60A-47FF-BCB8-91AC7F9C25F4}"= UDP:c:\windows\Temp\~os2E14.tmp\ossproxy.exe:ossproxy.exe
"{E8602CC9-65F5-4D4C-912D-0476B5BE22CF}"= UDP:c:\windows\Temp\~osDE5F.tmp\ossproxy.exe:ossproxy.exe
"{022AF1F8-C714-45F6-BF07-ECB6847F8BA9}"= UDP:c:\windows\Temp\~osB270.tmp\ossproxy.exe:ossproxy.exe
"{F07C2E57-5760-4699-BD86-70C1BD4B0856}"= UDP:c:\windows\Temp\~os141F.tmp\ossproxy.exe:ossproxy.exe
"{325565A0-6F81-4F68-8899-6720369942AE}"= UDP:c:\windows\Temp\~os8384.tmp\ossproxy.exe:ossproxy.exe
"{9281E3F7-C02A-4907-97BF-0980D43FE24C}"= UDP:c:\windows\Temp\~os8326.tmp\ossproxy.exe:ossproxy.exe
"{BCF15D78-495E-4A77-93E8-F5BD263B1ED2}"= UDP:c:\windows\Temp\~osB914.tmp\ossproxy.exe:ossproxy.exe
"{64236BB1-FA97-434F-A6D6-BF0154AE0FAC}"= UDP:c:\windows\Temp\~osF9FA.tmp\ossproxy.exe:ossproxy.exe
"{51C11673-E379-4A79-BD20-E26A05D207F8}"= UDP:c:\windows\Temp\~os142F.tmp\ossproxy.exe:ossproxy.exe
"{640E82D0-B422-4930-A25C-84C611756C60}"= UDP:c:\windows\Temp\~osB389.tmp\ossproxy.exe:ossproxy.exe
"{CDEB9961-B57B-40BF-AB32-7F8609AF4104}"= UDP:c:\windows\Temp\~os65E6.tmp\ossproxy.exe:ossproxy.exe
"{46350432-E9AF-434A-9B72-AF9A3C06B659}"= UDP:c:\windows\Temp\~osF375.tmp\ossproxy.exe:ossproxy.exe
"{86E3D268-E8AC-46A7-8129-65F8D0EDD697}"= UDP:c:\windows\Temp\~os7DE9.tmp\ossproxy.exe:ossproxy.exe
"{17926E50-AC10-472F-A438-6F90C8A12C86}"= UDP:c:\windows\Temp\~os975.tmp\ossproxy.exe:ossproxy.exe
"{6A7B769A-37A8-49B4-88BD-C13E23229F1F}"= UDP:c:\windows\Temp\~os97EE.tmp\ossproxy.exe:ossproxy.exe
"{2DFF50C4-3E2C-407A-9941-8213A03711B6}"= UDP:c:\windows\Temp\~os25BC.tmp\ossproxy.exe:ossproxy.exe
"{A650E03A-9CA5-41EF-A416-86F0D048F991}"= UDP:c:\windows\Temp\~osB657.tmp\ossproxy.exe:ossproxy.exe
"{B913BB8E-D6C4-41D5-A0F0-7AAC105063C9}"= UDP:c:\windows\Temp\~os74A6.tmp\ossproxy.exe:ossproxy.exe
"{CEBA6ADA-0A0E-4F02-8A64-B930758E5F59}"= UDP:c:\windows\Temp\~osFDC2.tmp\ossproxy.exe:ossproxy.exe
"{F4600FE6-554C-4485-8AFC-5891297026F2}"= UDP:c:\windows\Temp\~os4359.tmp\ossproxy.exe:ossproxy.exe
"{559047D3-D93F-499D-AE8B-DC87A07CF3F9}"= UDP:c:\windows\Temp\~os54E6.tmp\ossproxy.exe:ossproxy.exe
"{76058B1F-7131-4DF0-B527-D568C25A1B33}"= UDP:c:\windows\Temp\~os83E2.tmp\ossproxy.exe:ossproxy.exe
"{396121E6-732F-4BD2-B6A4-ECC552D6040C}"= UDP:c:\windows\Temp\~osF460.tmp\ossproxy.exe:ossproxy.exe
"{6CA957E7-7AC0-4516-B83B-6297B13260BA}"= UDP:c:\windows\Temp\~osC757.tmp\ossproxy.exe:ossproxy.exe
"{6C3715AC-1EEE-4EB6-A03B-8E1AAF5DA29C}"= UDP:c:\windows\Temp\~osC729.tmp\ossproxy.exe:ossproxy.exe
"{B1608A07-4C18-4491-B043-B27B39DE6155}"= UDP:c:\windows\Temp\~os7909.tmp\ossproxy.exe:ossproxy.exe
"{7710195C-C1A4-4216-8A15-995CB17BC45D}"= UDP:c:\windows\Temp\~osC8AF.tmp\ossproxy.exe:ossproxy.exe
"{91A6D0D7-92D1-478D-861F-816F15F41104}"= UDP:c:\windows\Temp\~os5DCC.tmp\ossproxy.exe:ossproxy.exe
"{0D5C9925-F23D-4E8E-B6E6-5F83F017E9C8}"= UDP:c:\windows\Temp\~osECE1.tmp\ossproxy.exe:ossproxy.exe
"{EA7A6DDC-9137-48BF-A000-44E9B5D61561}"= UDP:c:\windows\Temp\~os7C16.tmp\ossproxy.exe:ossproxy.exe
"{843F6FF0-A278-4C6D-BF8C-8FE5FDD902D3}"= UDP:c:\windows\Temp\~os7F0.tmp\ossproxy.exe:ossproxy.exe
"{02FF9D9D-8D80-449E-81CD-1BEBE0780193}"= UDP:c:\windows\Temp\~os959E.tmp\ossproxy.exe:ossproxy.exe
"{3F34CCCF-E351-4AFC-BFDA-F30914ED7F30}"= UDP:c:\windows\Temp\~os2CDD.tmp\ossproxy.exe:ossproxy.exe
"{20A3B919-C833-4148-BB8D-D3BB36190F21}"= UDP:c:\windows\Temp\~os6B8.tmp\ossproxy.exe:ossproxy.exe
"{52D6A930-2730-4EE6-835A-A0F0320E1BAE}"= UDP:c:\windows\Temp\~os5055.tmp\ossproxy.exe:ossproxy.exe
"{A3F98D57-68D6-4877-A8AA-AEFE2BA38164}"= UDP:c:\windows\Temp\~osFA1B.tmp\ossproxy.exe:ossproxy.exe
"{A2A33A61-0514-4479-978A-5A359429DA04}"= UDP:c:\windows\Temp\~os657A.tmp\ossproxy.exe:ossproxy.exe
"{1E5A37EF-7D91-4484-87B1-140BEE229C36}"= UDP:c:\windows\Temp\~os678D.tmp\ossproxy.exe:ossproxy.exe
"{6E422379-47CF-4E50-BDE4-21F4C0573E79}"= UDP:c:\windows\Temp\~os1F57.tmp\ossproxy.exe:ossproxy.exe
"{E8C8B2BF-1A8B-408B-8DBA-22BFAEE8455F}"= UDP:c:\windows\Temp\~os432B.tmp\ossproxy.exe:ossproxy.exe
"{BF652845-DFB0-41B1-BE2D-D455E5A04337}"= UDP:c:\windows\Temp\~os674E.tmp\ossproxy.exe:ossproxy.exe
"{A816A5C4-7BA0-4F3D-87E6-0EA36E7D5EFB}"= UDP:c:\windows\Temp\~os6B25.tmp\ossproxy.exe:ossproxy.exe
"{8DBE3CF5-4A53-4678-8FE7-421F6E32E1EF}"= UDP:c:\windows\Temp\~os63F4.tmp\ossproxy.exe:ossproxy.exe
"{48D8BFA8-A000-4279-971E-410289D3D783}"= UDP:c:\windows\Temp\~osFA59.tmp\ossproxy.exe:ossproxy.exe
"{06CE16CD-A43C-4F1C-B2BA-3C7FA381543E}"= UDP:c:\windows\Temp\~os674F.tmp\ossproxy.exe:ossproxy.exe
"{476324A6-2C29-45F0-85D3-C357AA4543BD}"= UDP:c:\windows\Temp\~os1E2E.tmp\ossproxy.exe:ossproxy.exe
"{6C924B1C-FAA4-4ADE-B977-71EA064A380D}"= UDP:c:\windows\Temp\~os680A.tmp\ossproxy.exe:ossproxy.exe
"{EA75D8DA-FB20-4850-90A2-32F4F1BD565B}"= UDP:c:\windows\Temp\~osA0C6.tmp\ossproxy.exe:ossproxy.exe
"{0CEAC607-7314-4012-AA35-BF91B8538CE0}"= UDP:c:\windows\Temp\~os100B.tmp\ossproxy.exe:ossproxy.exe
"{7C92EFBA-279F-48B5-AD17-82540CEFB081}"= UDP:c:\windows\Temp\~os1E6D.tmp\ossproxy.exe:ossproxy.exe
"{387E228F-7142-4479-A286-01F3CAE91A94}"= UDP:c:\windows\Temp\~os399B.tmp\ossproxy.exe:ossproxy.exe
"{77193810-1F0D-4ACC-A624-5E7ADF998A30}"= UDP:c:\windows\Temp\~osB899.tmp\ossproxy.exe:ossproxy.exe
"{7A9DBB79-1D32-4840-9E9F-08E8A65C1BC5}"= UDP:c:\windows\Temp\~osC97B.tmp\ossproxy.exe:ossproxy.exe
"{AE7C6BAE-B329-42C7-90A6-C990DB1FFE10}"= UDP:c:\windows\Temp\~osD79E.tmp\ossproxy.exe:ossproxy.exe
"{6E47D2DF-4419-408C-B1C7-D635B7CC598C}"= UDP:c:\windows\Temp\~os8309.tmp\ossproxy.exe:ossproxy.exe
"{929185D3-4E13-45C1-930F-8750A7DE9027}"= UDP:c:\windows\Temp\~osAD82.tmp\ossproxy.exe:ossproxy.exe
"{A48C70D9-369D-4AD1-98B1-29DF61728DE5}"= UDP:c:\windows\Temp\~osE554.tmp\ossproxy.exe:ossproxy.exe
"{23966C2B-26EA-4288-BC96-6EBB31B5F573}"= UDP:c:\windows\Temp\~osE831.tmp\ossproxy.exe:ossproxy.exe
"{9B1F453C-4DDB-476C-9846-71A54D1742DA}"= UDP:c:\windows\Temp\~osA143.tmp\ossproxy.exe:ossproxy.exe
"{693B07AD-0F7D-416D-BAD3-9EE1CA3BA763}"= UDP:c:\windows\Temp\~os7D30.tmp\ossproxy.exe:ossproxy.exe
"{8996C84F-61BB-43C5-9AFA-32A9AD4DE243}"= UDP:c:\windows\Temp\~os12AB.tmp\ossproxy.exe:ossproxy.exe
"{84ED8C16-1331-4AD3-B194-6C9828F18A61}"= UDP:c:\windows\Temp\~osA5D5.tmp\ossproxy.exe:ossproxy.exe
"{F4F61746-D9B1-432B-8C47-634FB9A16260}"= UDP:c:\windows\Temp\~osB781.tmp\ossproxy.exe:ossproxy.exe
"{82D0FB41-0B7C-4592-8AC2-20DBBFAA2811}"= UDP:c:\windows\Temp\~os7C75.tmp\ossproxy.exe:ossproxy.exe
"{6882C13B-4EBB-4E40-93B8-78C6A24E4213}"= UDP:c:\windows\Temp\~os345E.tmp\ossproxy.exe:ossproxy.exe
"{A6445BA6-7510-4A54-95C8-7D5FD447791B}"= UDP:c:\windows\Temp\~os7D4F.tmp\ossproxy.exe:ossproxy.exe
"{59318C1A-69AE-47BF-A5F2-9161BB737C20}"= UDP:c:\windows\Temp\~os8CC9.tmp\ossproxy.exe:ossproxy.exe
"{B0229091-382A-4DE9-BD45-741E64C199C6}"= UDP:c:\windows\Temp\~os2042.tmp\ossproxy.exe:ossproxy.exe
"{F5444E0E-B983-4FC9-A37B-2890949F8D33}"= UDP:c:\windows\Temp\~osD51F.tmp\ossproxy.exe:ossproxy.exe
"{BF73DCBA-EF68-475C-99D1-9C6809942C18}"= UDP:c:\windows\Temp\~osCDEE.tmp\ossproxy.exe:ossproxy.exe
"{FEE02A44-E5B7-4F21-9B6F-D60B2B00C410}"= UDP:c:\windows\Temp\~os9217.tmp\ossproxy.exe:ossproxy.exe
"{8C6A9F57-4559-4617-A4C6-4164A028853B}"= UDP:c:\windows\Temp\~osCA17.tmp\ossproxy.exe:ossproxy.exe
"{2FBE327C-9469-460F-8FF0-CC5F9BB067D5}"= UDP:c:\windows\Temp\~os6202.tmp\ossproxy.exe:ossproxy.exe
"{69DC45A7-595E-4CED-9375-BA5527045176}"= UDP:c:\windows\Temp\~osDC21.tmp\ossproxy.exe:ossproxy.exe
"{E95CBBA2-C5A6-4210-AD27-2AABC0DA8F1E}"= UDP:c:\windows\Temp\~os8EAD.tmp\ossproxy.exe:ossproxy.exe
"{5CEB8E7B-BD36-40D3-BF38-B37887FCEA8B}"= UDP:c:\windows\Temp\~os21D8.tmp\ossproxy.exe:ossproxy.exe
"{2EEEFE36-5ECD-466B-967E-3EB8B185CC4C}"= UDP:c:\windows\Temp\~os602F.tmp\ossproxy.exe:ossproxy.exe
"{8C9C2EDB-6566-4F18-9191-13668771AABA}"= UDP:c:\windows\Temp\~os10F7.tmp\ossproxy.exe:ossproxy.exe

aybsee
Intermediate
Intermediate

Posts Posts : 102
Joined Joined : 2008-12-19
OS OS : wnidows vista home premium
Points Points : 29512
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Trojan

Post by aybsee on 9th July 2009, 4:49 am

part 18

"{E21A7697-00F6-492A-85AB-D72E29966F9D}"= UDP:c:\windows\Temp\~os1847.tmp\ossproxy.exe:ossproxy.exe
"{9F5B6046-A86B-49AC-9535-8EEDE30E6111}"= UDP:c:\windows\Temp\~os436B.tmp\ossproxy.exe:ossproxy.exe
"{7FACB81A-9DCA-4C16-B47C-0E4BF7B5F420}"= UDP:c:\windows\Temp\~osC1.tmp\ossproxy.exe:ossproxy.exe
"{C27B7FF5-F69E-44B8-9F16-4EDA10CE0D03}"= UDP:c:\windows\Temp\~os85C8.tmp\ossproxy.exe:ossproxy.exe
"{0A2064EF-4AF0-476E-A90B-FBCDC38B5205}"= UDP:c:\windows\Temp\~os27E0.tmp\ossproxy.exe:ossproxy.exe
"{68D5AC6E-3EE9-469C-89A1-86F17759F720}"= UDP:c:\windows\Temp\~os52C7.tmp\ossproxy.exe:ossproxy.exe
"{A9814A42-5A84-449B-B550-C1D1155190C4}"= UDP:c:\windows\Temp\~osB956.tmp\ossproxy.exe:ossproxy.exe
"{0F81B3AE-3EB3-4BB3-933B-8DC239CC3EEF}"= UDP:c:\windows\Temp\~osB5BE.tmp\ossproxy.exe:ossproxy.exe
"{AC798B7F-96A3-4179-9CCB-B4401F70C079}"= UDP:c:\windows\Temp\~os1357.tmp\ossproxy.exe:ossproxy.exe
"{383CE6F8-A396-48FA-AFA0-FEFA49C09132}"= UDP:c:\windows\Temp\~os9EA5.tmp\ossproxy.exe:ossproxy.exe
"{7A5F30DD-8148-42DA-9685-A2A0B1B01CBF}"= UDP:c:\windows\Temp\~os2F11.tmp\ossproxy.exe:ossproxy.exe
"{0F998A8A-BE60-4464-AA66-AF35D8FF2435}"= UDP:c:\windows\Temp\~osB65A.tmp\ossproxy.exe:ossproxy.exe
"{16703036-647B-4787-B1C6-1E831FC2C880}"= UDP:c:\windows\Temp\~osD001.tmp\ossproxy.exe:ossproxy.exe
"{5437CFC5-E25C-4B56-8A02-FBBB24C15ACD}"= UDP:c:\windows\Temp\~osF859.tmp\ossproxy.exe:ossproxy.exe
"{D69A8D0E-489A-463C-9677-C36108787824}"= UDP:c:\windows\Temp\~os9B6B.tmp\ossproxy.exe:ossproxy.exe
"{F880AEFE-CF07-4DD2-9E05-BA81A8304DF4}"= UDP:c:\windows\Temp\~os3DC1.tmp\ossproxy.exe:ossproxy.exe
"{6FC17ED4-9897-4978-AD81-A16E9355C744}"= UDP:c:\windows\Temp\~osC613.tmp\ossproxy.exe:ossproxy.exe
"{0C74EBF3-FE26-4996-8E18-98EFAABD7F6F}"= UDP:c:\windows\Temp\~osEF83.tmp\ossproxy.exe:ossproxy.exe
"{A814BBE5-1A9C-433C-A01E-A2F30318DE73}"= UDP:c:\windows\Temp\~os3643.tmp\ossproxy.exe:ossproxy.exe
"{69D46364-B7B8-42E2-AE35-34C80D85A3DB}"= UDP:c:\windows\Temp\~os2919.tmp\ossproxy.exe:ossproxy.exe
"{98AD4891-D4CE-4186-B75A-AE6371F6B62A}"= UDP:c:\windows\Temp\~osBE27.tmp\ossproxy.exe:ossproxy.exe
"{808D5217-615F-4938-A61C-6D06E35A0A90}"= UDP:c:\windows\Temp\~osAB33.tmp\ossproxy.exe:ossproxy.exe
"{32502B19-1092-4568-9E46-5E44343D4AEB}"= UDP:c:\windows\Temp\~os347E.tmp\ossproxy.exe:ossproxy.exe
"{53F868E3-F938-4B65-BA58-EF9735AC82F2}"= UDP:c:\windows\Temp\~osAB91.tmp\ossproxy.exe:ossproxy.exe
"{AAD9074F-54C2-4643-AB75-9A97285EA417}"= UDP:c:\windows\Temp\~osA96F.tmp\ossproxy.exe:ossproxy.exe
"{4A54519D-FC59-4A6E-83B9-757B8DC786AB}"= UDP:c:\windows\Temp\~os1C7C.tmp\ossproxy.exe:ossproxy.exe
"{7E9D9C90-EAF6-421B-94CF-2F58B96031E1}"= UDP:c:\windows\Temp\~osA6E0.tmp\ossproxy.exe:ossproxy.exe
"{1D8A5433-CCE8-4F4D-94FB-12AAD63771ED}"= UDP:c:\windows\Temp\~os5345.tmp\ossproxy.exe:ossproxy.exe
"{FE27F735-AA75-46D2-B804-C6440CE8B614}"= UDP:c:\windows\Temp\~osF3A8.tmp\ossproxy.exe:ossproxy.exe
"{431AC4E2-56C9-4FCD-B511-F2F112B306A1}"= UDP:c:\windows\Temp\~os7FA2.tmp\ossproxy.exe:ossproxy.exe
"{301F68D2-C783-4A9B-934E-71ACD36F077C}"= UDP:c:\windows\Temp\~os1146.tmp\ossproxy.exe:ossproxy.exe
"{A207949F-9850-4075-BC9B-34C9953321DD}"= UDP:c:\windows\Temp\~os37C9.tmp\ossproxy.exe:ossproxy.exe
"{447061CD-4913-4FDA-AF25-527D81DCEE4A}"= UDP:c:\windows\Temp\~os16B2.tmp\ossproxy.exe:ossproxy.exe
"{B63D4FC5-6B33-4CCD-B9FE-F9C11857FB8B}"= UDP:c:\windows\Temp\~osDDB8.tmp\ossproxy.exe:ossproxy.exe
"{C922D659-72EF-49A1-B324-F10B38EC4A23}"= UDP:c:\windows\Temp\~os90B2.tmp\ossproxy.exe:ossproxy.exe
"{F565B081-ACB9-47F9-8E27-A7177B87E7C4}"= UDP:c:\windows\Temp\~os465A.tmp\ossproxy.exe:ossproxy.exe
"{1B4DF378-9E38-455E-932C-3C963D4A20B0}"= UDP:c:\windows\Temp\~os88F.tmp\ossproxy.exe:ossproxy.exe
"{7D2C8DFF-9942-4D5A-BA78-3172D89876AF}"= UDP:c:\windows\Temp\~osC23D.tmp\ossproxy.exe:ossproxy.exe
"{8698B579-0038-4706-AEEC-9C07F1E033F6}"= UDP:c:\windows\Temp\~os6761.tmp\ossproxy.exe:ossproxy.exe
"{FA801CC3-A9B1-40FF-96C9-6C1D2C2219F6}"= UDP:c:\windows\Temp\~osF43.tmp\ossproxy.exe:ossproxy.exe
"{0CD49DBB-84A9-4FE9-A9D6-F904C207A5BD}"= UDP:c:\windows\Temp\~osA164.tmp\ossproxy.exe:ossproxy.exe
"{70A87E3C-08FD-4C9C-92B9-E04FB21DEB38}"= UDP:c:\windows\Temp\~os6926.tmp\ossproxy.exe:ossproxy.exe
"{04B3A850-7457-405D-B2DE-12758A393625}"= UDP:c:\windows\Temp\~os1452.tmp\ossproxy.exe:ossproxy.exe
"{5622480E-3BA8-45BC-A628-9C2E7CB641EF}"= UDP:c:\windows\Temp\~osABE0.tmp\ossproxy.exe:ossproxy.exe
"{F9E1DF24-7ACC-4DC4-B32A-8331C228B951}"= UDP:c:\windows\Temp\~osC308.tmp\ossproxy.exe:ossproxy.exe
"{CA983A36-0D08-4BF2-9735-DA0E6792D23A}"= UDP:c:\windows\Temp\~os5ED9.tmp\ossproxy.exe:ossproxy.exe
"{3D4BF986-407F-4522-9488-764481AFC076}"= UDP:c:\windows\Temp\~osEA75.tmp\ossproxy.exe:ossproxy.exe
"{0F651767-66E9-4FC3-90AC-AD3D35FBD3F7}"= UDP:c:\windows\Temp\~os770B.tmp\ossproxy.exe:ossproxy.exe
"{AD264B7D-9945-4BE5-8CD0-6AAA604B7BEC}"= UDP:c:\windows\Temp\~os7C5.tmp\ossproxy.exe:ossproxy.exe
"{860A90B4-491F-4A13-A830-ACEE7DDAC6DD}"= UDP:c:\windows\Temp\~os93CE.tmp\ossproxy.exe:ossproxy.exe
"{110D41A9-17C6-4E71-8BD3-32728F80D24F}"= UDP:c:\windows\Temp\~os240B.tmp\ossproxy.exe:ossproxy.exe
"{BDD87849-A497-4A42-B4EE-10C4B6014F23}"= UDP:c:\windows\Temp\~osE603.tmp\ossproxy.exe:ossproxy.exe
"{C63925E9-4DB2-4669-9AF9-A93925144331}"= UDP:c:\windows\Temp\~os74AA.tmp\ossproxy.exe:ossproxy.exe
"{7749D31B-03F3-43E6-8F52-F13FD446F58E}"= UDP:c:\windows\Temp\~os159A.tmp\ossproxy.exe:ossproxy.exe
"{0C386351-444E-438C-9F1B-53B74E9858A4}"= UDP:c:\windows\Temp\~osBF51.tmp\ossproxy.exe:ossproxy.exe
"{5C242C0E-F303-4A14-8671-7927A3CB65A1}"= UDP:c:\windows\Temp\~os6C51.tmp\ossproxy.exe:ossproxy.exe
"{5AFA301F-2E21-4303-BAA7-DB73827C9BC1}"= UDP:c:\windows\Temp\~os20B.tmp\ossproxy.exe:ossproxy.exe
"{14390E98-B1A5-4220-8A46-159815D35760}"= UDP:c:\windows\Temp\~osD782.tmp\ossproxy.exe:ossproxy.exe
"{8D5C86CC-1542-4748-856C-8BF0620B843F}"= UDP:c:\windows\Temp\~osC99D.tmp\ossproxy.exe:ossproxy.exe
"{9E942FF8-6F43-4370-9AEA-61E4B5E9F76B}"= UDP:c:\windows\Temp\~os5E0F.tmp\ossproxy.exe:ossproxy.exe
"{CF31A011-0926-4C03-8995-531C7B7D870D}"= UDP:c:\windows\Temp\~osEFF2.tmp\ossproxy.exe:ossproxy.exe
"{B285DEAF-8056-4C73-9B4A-227795E398C5}"= UDP:c:\windows\Temp\~os8251.tmp\ossproxy.exe:ossproxy.exe
"{3CCF585D-783A-4CDB-9FE2-F520FCE1ABBF}"= UDP:c:\windows\Temp\~os31B2.tmp\ossproxy.exe:ossproxy.exe
"{5BB6BC0B-8443-49B6-9D65-38B3436966A7}"= UDP:c:\windows\Temp\~osC76C.tmp\ossproxy.exe:ossproxy.exe
"{62574DE9-E165-4D5E-AE6E-5BED527EBEAC}"= UDP:c:\windows\Temp\~os4E95.tmp\ossproxy.exe:ossproxy.exe
"{18A9DE17-0D4E-4EC6-8444-205698D93AED}"= UDP:c:\windows\Temp\~osE4BB.tmp\ossproxy.exe:ossproxy.exe
"{31C1909F-901A-48EC-96D8-E192B684A68D}"= UDP:c:\windows\Temp\~os7086.tmp\ossproxy.exe:ossproxy.exe
"{4592B457-2601-4C69-9D9E-5F584C17967B}"= UDP:c:\windows\Temp\~os1972.tmp\ossproxy.exe:ossproxy.exe
"{C71B2101-06C6-434D-89F6-7727DC2FCA68}"= UDP:c:\windows\Temp\~osA80A.tmp\ossproxy.exe:ossproxy.exe
"{B1142F2F-3B36-4B7A-B072-0710A79DDE98}"= UDP:c:\windows\Temp\~os377C.tmp\ossproxy.exe:ossproxy.exe
"{3104C894-5DD1-4B85-94EE-5ABC1B4240B8}"= UDP:c:\windows\Temp\~osD4A5.tmp\ossproxy.exe:ossproxy.exe
"{66178655-081E-493A-AD25-87C841733E9C}"= UDP:c:\windows\Temp\~os7D04.tmp\ossproxy.exe:ossproxy.exe
"{ED62A3C5-4260-450A-945A-C5D07309F50C}"= UDP:c:\windows\Temp\~os4C06.tmp\ossproxy.exe:ossproxy.exe
"{0681DC55-D48F-4E75-89C5-3CC71D808D5B}"= UDP:c:\windows\Temp\~os181B.tmp\ossproxy.exe:ossproxy.exe
"{E1FDD4E9-F853-4A5A-9F91-D202B00450C7}"= UDP:c:\windows\Temp\~osDF01.tmp\ossproxy.exe:ossproxy.exe
"{1354DA1A-3825-46B2-AA6B-01D1AA213EE5}"= UDP:c:\windows\Temp\~os8435.tmp\ossproxy.exe:ossproxy.exe
"{CBCEB703-C4C4-45DC-BB21-FA1F095CB840}"= UDP:c:\windows\Temp\~os1750.tmp\ossproxy.exe:ossproxy.exe
"{4C12CC1F-0479-4A06-A73F-BF2DA434F75F}"= UDP:c:\windows\Temp\~osA250.tmp\ossproxy.exe:ossproxy.exe
"{837A6AFB-1AF0-4268-8E4D-EF61A512AFEB}"= UDP:c:\windows\Temp\~os3210.tmp\ossproxy.exe:ossproxy.exe
"{64CE9424-DCAF-479A-A9FE-5DF4AF2B0326}"= UDP:c:\windows\Temp\~osE2B9.tmp\ossproxy.exe:ossproxy.exe
"{1D353339-EB06-4B77-8175-0961611CD4F8}"= UDP:c:\windows\Temp\~os7113.tmp\ossproxy.exe:ossproxy.exe
"{B05B28E7-B501-49F9-8D9F-DB0C0FAF9313}"= UDP:c:\windows\Temp\~osDDE.tmp\ossproxy.exe:ossproxy.exe
"{BB0F18EE-1597-42CB-96E9-802264A429D4}"= UDP:c:\windows\Temp\~os98CE.tmp\ossproxy.exe:ossproxy.exe
"{F60A95BD-00F8-413A-9FDA-8A8082E3DD89}"= UDP:c:\windows\Temp\~os2342.tmp\ossproxy.exe:ossproxy.exe
"{59A2BCBF-8E98-489D-8F65-603C70E8B4FF}"= UDP:c:\windows\Temp\~osAB55.tmp\ossproxy.exe:ossproxy.exe
"{82D457AB-E24B-4CC3-B97E-D64912A701F2}"= UDP:c:\windows\Temp\~os355B.tmp\ossproxy.exe:ossproxy.exe
"{E1623B80-B63B-4E0A-897E-96E31E6CA125}"= UDP:c:\windows\Temp\~osC099.tmp\ossproxy.exe:ossproxy.exe
"{A3051D11-DA1F-4FC5-A220-AE8AA140D186}"= UDP:c:\windows\Temp\~os4AFD.tmp\ossproxy.exe:ossproxy.exe
"{144919C9-EE73-4CC5-9689-BE810F071109}"= UDP:c:\windows\Temp\~osD976.tmp\ossproxy.exe:ossproxy.exe
"{231D2436-D02E-4E9B-8EF8-50B46A371FA2}"= UDP:c:\windows\Temp\~os5A4.tmp\ossproxy.exe:ossproxy.exe
"{640C6C81-9B32-4A22-A8CA-6B40D5F43F9A}"= UDP:c:\windows\Temp\~osB13E.tmp\ossproxy.exe:ossproxy.exe
"{25DE2315-3B41-43F1-B8DA-7DC54D8523E4}"= UDP:c:\windows\Temp\~os6531.tmp\ossproxy.exe:ossproxy.exe
"{E7AEF530-F685-4C4A-84A8-A83508F6144E}"= UDP:c:\windows\Temp\~os70B.tmp\ossproxy.exe:ossproxy.exe
"{3775D45E-61F0-4F39-9AD3-15814C3B96F7}"= UDP:c:\windows\Temp\~osC21F.tmp\ossproxy.exe:ossproxy.exe
"{B4DF119E-C815-4B30-843F-793D1F2359F4}"= UDP:c:\windows\Temp\~os8925.tmp\ossproxy.exe:ossproxy.exe
"{A3C0FC29-341C-4391-A284-DE85AA74EB45}"= UDP:c:\windows\Temp\~os4340.tmp\ossproxy.exe:ossproxy.exe
"{0276C97A-CB8A-4D5C-8347-0FD006B2C224}"= UDP:c:\windows\Temp\~osDB89.tmp\ossproxy.exe:ossproxy.exe
"{7AD30507-EF44-4A24-9B56-2B802D3E3ADE}"= UDP:c:\windows\Temp\~osD88C.tmp\ossproxy.exe:ossproxy.exe
"{D8708917-6161-4B39-A282-A9295AF512DB}"= UDP:c:\windows\Temp\~osCD66.tmp\ossproxy.exe:ossproxy.exe
"{E565C8F3-264D-4AD9-8A4C-0E16559B263D}"= UDP:c:\windows\Temp\~os242C.tmp\ossproxy.exe:ossproxy.exe
"{274A4373-76DB-456C-8A3C-14FFC0C73330}"= UDP:c:\windows\Temp\~osC922.tmp\ossproxy.exe:ossproxy.exe
"{30998F41-9E7D-498E-8EA1-C707C2E26BA8}"= UDP:c:\windows\Temp\~osB563.tmp\ossproxy.exe:ossproxy.exe
"{80CDFFB6-AC1D-4496-B019-A000ACC1ABA7}"= UDP:c:\windows\Temp\~osC06B.tmp\ossproxy.exe:ossproxy.exe
"{71872EB2-BAF0-48FB-A2B4-FAB8C982EC65}"= UDP:c:\windows\Temp\~os79DA.tmp\ossproxy.exe:ossproxy.exe
"{789A43F7-D9FC-4A19-9C8A-E9FF5AA7BED4}"= UDP:c:\windows\Temp\~osBDC.tmp\ossproxy.exe:ossproxy.exe
"{DC90DB34-0A6C-44B4-8D8E-580E839BA6F4}"= UDP:c:\windows\Temp\~os9881.tmp\ossproxy.exe:ossproxy.exe
"{FFDB64C8-F799-452E-8687-2ADEDD5D079D}"= UDP:c:\windows\Temp\~os6C43.tmp\ossproxy.exe:ossproxy.exe
"{B09E3E90-0B5C-4FD0-A93A-B4EC5B51CBD4}"= UDP:c:\windows\Temp\~os63EA.tmp\ossproxy.exe:ossproxy.exe
"{80BCC9F1-886E-40AB-B338-73CBD6B6293F}"= UDP:c:\windows\Temp\~osD0EF.tmp\ossproxy.exe:ossproxy.exe
"{AE662C6B-2AA1-4F5E-98A8-7C1887299D86}"= UDP:c:\windows\Temp\~osF1B8.tmp\ossproxy.exe:ossproxy.exe
"{4A754201-FA0E-48E9-A71C-37FD84EFA464}"= UDP:c:\windows\Temp\~os6EA4.tmp\ossproxy.exe:ossproxy.exe
"{831DD3DC-1CDA-45BC-AAB7-2D5A2998811B}"= UDP:c:\windows\Temp\~os1A4E.tmp\ossproxy.exe:ossproxy.exe
"{75EC2008-4F70-4C2D-B395-20BF9F5DB090}"= UDP:c:\windows\Temp\~os3472.tmp\ossproxy.exe:ossproxy.exe
"{6AAEE47E-CB46-45C9-BAFD-CA8C44F16671}"= UDP:c:\windows\Temp\~os9DDE.tmp\ossproxy.exe:ossproxy.exe
"{B31B1542-AD2F-4BBE-A604-C67338D43692}"= UDP:c:\windows\Temp\~os5413.tmp\ossproxy.exe:ossproxy.exe
"{8EE5804D-EDF2-45F6-AE62-6E3CDC8F13E8}"= UDP:c:\windows\Temp\~os5960.tmp\ossproxy.exe:ossproxy.exe
"{A1F8542A-B155-49E2-99C9-FF98C6A50E4D}"= UDP:c:\windows\Temp\~os52FA.tmp\ossproxy.exe:ossproxy.exe
"{3B86F7F0-2F56-49B3-AB82-3C63EC7AAA9A}"= UDP:c:\windows\Temp\~os528D.tmp\ossproxy.exe:ossproxy.exe
"{211CB915-F888-4B50-899B-F02113184F7B}"= UDP:c:\windows\Temp\~osBE0B.tmp\ossproxy.exe:ossproxy.exe
"{C487E4CC-183F-40BC-B6E8-61C8AAE6BF54}"= UDP:c:\windows\Temp\~os6948.tmp\ossproxy.exe:ossproxy.exe
"{21E37F3F-C63F-4546-A0BD-05195B50C0ED}"= UDP:c:\windows\Temp\~osA1C5.tmp\ossproxy.exe:ossproxy.exe
"{86C58EFF-9FEE-4FDB-83A5-B315B47524D1}"= UDP:c:\windows\Temp\~os104.tmp\ossproxy.exe:ossproxy.exe
"{30B08003-6C94-40D1-94A7-CD0792392AA6}"= UDP:c:\windows\Temp\~osEF77.tmp\ossproxy.exe:ossproxy.exe
"{DA68CBAD-1991-496F-AFD7-3409F6611D7B}"= UDP:c:\windows\Temp\~os2881.tmp\ossproxy.exe:ossproxy.exe
"{2DA9E720-9943-41E6-804A-043963B45692}"= UDP:c:\windows\Temp\~os4CE2.tmp\ossproxy.exe:ossproxy.exe
"{11034684-F19C-4AF3-9C3A-6185C0484D4C}"= UDP:c:\windows\Temp\~os2566.tmp\ossproxy.exe:ossproxy.exe
"{A7468D2D-1DAA-493F-B380-5F5C3BBF8C5A}"= UDP:c:\windows\Temp\~osDDDB.tmp\ossproxy.exe:ossproxy.exe
"{057E9400-95BB-4912-8322-8E75E31DEE59}"= UDP:c:\windows\Temp\~os136C.tmp\ossproxy.exe:ossproxy.exe
"{435DD18A-FDF2-4FBA-9208-F1AB4CEBB568}"= UDP:c:\windows\Temp\~os5127.tmp\ossproxy.exe:ossproxy.exe
"{1011E9C0-0617-4F9A-97CC-7C00194917AF}"= UDP:c:\windows\Temp\~os4C95.tmp\ossproxy.exe:ossproxy.exe
"{7C00F23C-FC32-44D8-83F3-D131B0C04727}"= UDP:c:\windows\Temp\~os705A.tmp\ossproxy.exe:ossproxy.exe
"{9A83E684-DF61-4B19-834B-0A0649538DAA}"= UDP:c:\windows\Temp\~os416E.tmp\ossproxy.exe:ossproxy.exe
"{EB6633D1-4CC0-4984-806D-C3696BDFFB38}"= UDP:c:\windows\Temp\~osF5A0.tmp\ossproxy.exe:ossproxy.exe
"{E7B679D6-F16C-4710-874B-14D2178BC497}"= UDP:c:\windows\Temp\~os89F2.tmp\ossproxy.exe:ossproxy.exe
"{50A40806-8FC4-4450-8249-1F88340DCD7E}"= UDP:c:\windows\Temp\~os527E.tmp\ossproxy.exe:ossproxy.exe
"{5A50D249-2006-417F-A47F-9083C68F3455}"= UDP:c:\windows\Temp\~os2C2A.tmp\ossproxy.exe:ossproxy.exe
"{93477EB5-30E4-4960-81A3-A2CBE6F160AA}"= UDP:c:\windows\Temp\~osD54.tmp\ossproxy.exe:ossproxy.exe
"{91F10716-00E8-47BD-9A44-690F619E855A}"= UDP:c:\windows\Temp\~os3E91.tmp\ossproxy.exe:ossproxy.exe
"{D49E6091-1F69-4EEE-9E66-00C5661A50DE}"= UDP:c:\windows\Temp\~os9F47.tmp\ossproxy.exe:ossproxy.exe
"{DC79B668-2EA7-4BFA-A148-1743AE1BCF3C}"= UDP:c:\windows\Temp\~os2660.tmp\ossproxy.exe:ossproxy.exe
"{24B6514B-0607-4E56-9051-DB8BCF32AA50}"= UDP:c:\windows\Temp\~osB047.tmp\ossproxy.exe:ossproxy.exe
"{7A7781BF-9A14-4703-9D81-C7B25494F7A5}"= UDP:c:\windows\Temp\~os9FF2.tmp\ossproxy.exe:ossproxy.exe
"{796BA846-E9D5-4226-898A-9410B861E2E9}"= UDP:c:\windows\Temp\~os8301.tmp\ossproxy.exe:ossproxy.exe

aybsee
Intermediate
Intermediate

Posts Posts : 102
Joined Joined : 2008-12-19
OS OS : wnidows vista home premium
Points Points : 29512
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Trojan

Post by aybsee on 9th July 2009, 4:50 am

part 19

"{E5FCA25F-C6E1-4FD5-B13A-BEA20C86DED7}"= UDP:c:\windows\Temp\~osB1CD.tmp\ossproxy.exe:ossproxy.exe
"{7B033D91-9DD6-4146-8EC0-650B44DFF757}"= UDP:c:\windows\Temp\~osE7D.tmp\ossproxy.exe:ossproxy.exe
"{F5C15B72-C439-4658-B90C-2144F1DA3DCD}"= UDP:c:\windows\Temp\~osAC71.tmp\ossproxy.exe:ossproxy.exe
"{4D870201-D35C-419C-B668-41F6364C1EA3}"= UDP:c:\windows\Temp\~os7C0E.tmp\ossproxy.exe:ossproxy.exe
"{49E582A3-04C4-43CA-B4EA-7F42264A4405}"= UDP:c:\windows\Temp\~os9568.tmp\ossproxy.exe:ossproxy.exe
"{68E164C3-D775-4EA1-9E2B-B6A757F13E9F}"= UDP:c:\windows\Temp\~os3D4A.tmp\ossproxy.exe:ossproxy.exe
"{B15E9DB8-F184-40E8-83A3-A5CBF9A5F58B}"= UDP:c:\windows\Temp\~os4362.tmp\ossproxy.exe:ossproxy.exe
"{5BEC0DCE-7EA0-4ED6-BE31-2215B25B8DB3}"= UDP:c:\windows\Temp\~osC86A.tmp\ossproxy.exe:ossproxy.exe
"{75BBC5F4-2BE5-4C8E-8B6E-9879121007CD}"= UDP:c:\windows\Temp\~os15DD.tmp\ossproxy.exe:ossproxy.exe
"{5BFA3E72-339F-4A48-8B01-76F2E3FD9780}"= UDP:c:\windows\Temp\~os471A.tmp\ossproxy.exe:ossproxy.exe
"{81212EF0-3EC3-4F82-81B0-55B47BC9B6FF}"= UDP:c:\windows\Temp\~os9B71.tmp\ossproxy.exe:ossproxy.exe
"{7A61F1F2-E3CE-451C-A544-6BA43189D8ED}"= UDP:c:\windows\Temp\~osFD2F.tmp\ossproxy.exe:ossproxy.exe
"{B6E0EC67-3BD3-455A-A55C-1BE9E55C501F}"= UDP:c:\windows\Temp\~os775E.tmp\ossproxy.exe:ossproxy.exe
"{2FF6447B-0969-465F-9B9E-378D43BF6E8D}"= UDP:c:\windows\Temp\~osD7C5.tmp\ossproxy.exe:ossproxy.exe
"{BDE1440D-4829-450E-B62E-C0E338033470}"= UDP:c:\windows\Temp\~osF025.tmp\ossproxy.exe:ossproxy.exe
"{C348D928-74BF-430E-8EEE-D7425D1250A9}"= UDP:c:\windows\Temp\~os6DDC.tmp\ossproxy.exe:ossproxy.exe
"{B60C47CA-7121-452A-B249-FBF56BB6E3D2}"= UDP:c:\windows\Temp\~os9163.tmp\ossproxy.exe:ossproxy.exe
"{B54DEB00-93A8-4BB7-BEA4-EB71E2D0631C}"= UDP:c:\windows\Temp\~os9DE1.tmp\ossproxy.exe:ossproxy.exe
"{7B7AFEE0-3E26-4E4C-A91B-C863062ECEDE}"= UDP:c:\windows\Temp\~osEF99.tmp\ossproxy.exe:ossproxy.exe
"{64F4C8FB-D7F0-4E71-B22D-07385665754B}"= UDP:c:\windows\Temp\~os6545.tmp\ossproxy.exe:ossproxy.exe
"{3887B944-8B97-4417-B643-86F82130C241}"= UDP:c:\windows\Temp\~osBD92.tmp\ossproxy.exe:ossproxy.exe
"{D4A54CC8-A8F9-4BC5-90E4-39E1D46D0F41}"= UDP:c:\windows\Temp\~os5148.tmp\ossproxy.exe:ossproxy.exe
"{3834EB8B-CFAD-4E2E-83D5-7AD090FD08D3}"= UDP:c:\windows\Temp\~os509D.tmp\ossproxy.exe:ossproxy.exe
"{692543A8-D27F-4A72-BF36-B8EE6D418BED}"= UDP:c:\windows\Temp\~os6C76.tmp\ossproxy.exe:ossproxy.exe
"{962D8284-9298-4CC9-817D-9C477FAC95F7}"= UDP:c:\windows\Temp\~os9931.tmp\ossproxy.exe:ossproxy.exe
"{D0C3FED9-7149-4EEC-8678-6C90DA7BDB13}"= UDP:c:\windows\Temp\~osB603.tmp\ossproxy.exe:ossproxy.exe
"{A3DEC01F-DA14-49B3-BDB8-D32ACA55F4FB}"= UDP:c:\windows\Temp\~osF1DB.tmp\ossproxy.exe:ossproxy.exe
"{2DD1B96E-DE1B-4C7C-9292-3079B3E88D81}"= UDP:c:\windows\Temp\~osC81D.tmp\ossproxy.exe:ossproxy.exe
"{E03399C5-9F04-4011-A4CA-D44F51D91AF6}"= UDP:c:\windows\Temp\~os3E26.tmp\ossproxy.exe:ossproxy.exe
"{6790EBD6-37AD-4A55-8FAE-1D89E6AE28BB}"= UDP:c:\windows\Temp\~os674.tmp\ossproxy.exe:ossproxy.exe
"{3CCE1306-2357-47B8-9D91-D37497978DF4}"= UDP:c:\windows\Temp\~os584B.tmp\ossproxy.exe:ossproxy.exe
"{943ED73B-2D9C-4F6B-9E85-387992D5B171}"= UDP:c:\windows\Temp\~osCABC.tmp\ossproxy.exe:ossproxy.exe
"{80E3E8CF-F695-47F2-BA48-7DC35F7C50FF}"= UDP:c:\windows\Temp\~os5983.tmp\ossproxy.exe:ossproxy.exe
"{AEA96DFC-2C62-45AD-85E7-E7485DB19280}"= UDP:c:\windows\Temp\~osEBE2.tmp\ossproxy.exe:ossproxy.exe
"{9FD57EE2-9CC9-4FB0-96D7-624DD1D264A8}"= UDP:c:\windows\Temp\~os472B.tmp\ossproxy.exe:ossproxy.exe
"{771B188D-8E9F-45AC-9440-F7AD066B79D1}"= UDP:c:\windows\Temp\~os8E4.tmp\ossproxy.exe:ossproxy.exe
"{467B2B91-965A-4EF7-AFE2-9756A7A5B400}"= UDP:c:\windows\Temp\~os664F.tmp\ossproxy.exe:ossproxy.exe
"{3145B622-D536-452C-AA7C-8E1F54BBDE49}"= UDP:c:\windows\Temp\~os115D.tmp\ossproxy.exe:ossproxy.exe
"{FDC41B4B-A160-4728-9867-4196B981CECA}"= UDP:c:\windows\Temp\~os2FB.tmp\ossproxy.exe:ossproxy.exe
"{2010F3BA-F4F3-459B-812A-1A2374C66FCE}"= UDP:c:\windows\Temp\~osF1AD.tmp\ossproxy.exe:ossproxy.exe
"{7A5AFC56-F999-4DF2-80A2-C54FBF030E42}"= UDP:c:\windows\Temp\~osAF7F.tmp\ossproxy.exe:ossproxy.exe
"{F28DF7DA-4D3C-46F7-A1FB-3B2597545D40}"= UDP:c:\windows\Temp\~os7E13.tmp\ossproxy.exe:ossproxy.exe
"{D4E42640-86B9-4CF8-8415-3B66613FBD7B}"= UDP:c:\windows\Temp\~os19C6.tmp\ossproxy.exe:ossproxy.exe
"{F15253EA-88ED-4122-B334-126287D8D0E9}"= UDP:c:\windows\Temp\~osB375.tmp\ossproxy.exe:ossproxy.exe
"{E3478B77-E96E-4BBE-8BD4-3A951C2B3048}"= UDP:c:\windows\Temp\~os7389.tmp\ossproxy.exe:ossproxy.exe
"{9FE13A88-80A6-4A59-A8CA-83CF24A8E663}"= UDP:c:\windows\Temp\~os4F75.tmp\ossproxy.exe:ossproxy.exe
"{E5C98536-F7D6-42A1-9881-E175E497BB46}"= UDP:c:\windows\Temp\~osCAC.tmp\ossproxy.exe:ossproxy.exe
"{32B27B37-66ED-49BD-A222-4C4B41FBAD89}"= UDP:c:\windows\Temp\~osD8A1.tmp\ossproxy.exe:ossproxy.exe
"{CC89F67F-30D4-4C87-8781-0890D4EB016C}"= UDP:c:\windows\Temp\~os35CE.tmp\ossproxy.exe:ossproxy.exe
"{553DD5B2-FF5B-4831-BDB2-10BEAA3AC3B0}"= UDP:c:\windows\Temp\~osD1ED.tmp\ossproxy.exe:ossproxy.exe
"{B5EAF177-EAC4-47D1-B467-C40E37D510C8}"= UDP:c:\windows\Temp\~os6E2C.tmp\ossproxy.exe:ossproxy.exe
"{DF0C0211-DF8B-4753-A35D-F70190F73F94}"= UDP:c:\windows\Temp\~os6E2.tmp\ossproxy.exe:ossproxy.exe
"{061C1ED4-963F-449B-8CF5-9BC3EC0160A9}"= UDP:c:\windows\Temp\~osBAB6.tmp\ossproxy.exe:ossproxy.exe
"{B4A33324-898E-445E-AC80-61872C9CF10B}"= UDP:c:\windows\Temp\~osC300.tmp\ossproxy.exe:ossproxy.exe
"{ECC771E5-13D0-4595-A087-EB20021B00F6}"= UDP:c:\windows\Temp\~osB569.tmp\ossproxy.exe:ossproxy.exe
"{F368CD29-2A6E-45CC-ACE8-F02AA2CE931A}"= UDP:c:\windows\Temp\~osCBC6.tmp\ossproxy.exe:ossproxy.exe
"{7EB57619-F8E2-4F82-AE55-898893C4076D}"= UDP:c:\windows\Temp\~os8007.tmp\ossproxy.exe:ossproxy.exe
"{C60FA75E-5C33-4CD5-8DFC-7C9D222BFA2F}"= UDP:c:\windows\Temp\~os6FC2.tmp\ossproxy.exe:ossproxy.exe
"{1BDF9757-8E85-41AB-A3E3-99A4324CA1C8}"= UDP:c:\windows\Temp\~os1831.tmp\ossproxy.exe:ossproxy.exe
"{67F8BCAD-9405-4DE9-914A-3D70A515453D}"= UDP:c:\windows\Temp\~osBE6E.tmp\ossproxy.exe:ossproxy.exe
"{7640CFAB-3D67-4ED3-8E3D-3F057B7F42BC}"= UDP:c:\windows\Temp\~os5502.tmp\ossproxy.exe:ossproxy.exe
"{849FA60D-54B5-4209-BECA-9F86D56B3DD9}"= UDP:c:\windows\Temp\~osDEE9.tmp\ossproxy.exe:ossproxy.exe
"{0E8996B1-485D-4E67-B8D7-AA9CC49D67AE}"= UDP:c:\windows\Temp\~os6FF1.tmp\ossproxy.exe:ossproxy.exe
"{80CFE939-4881-4E79-9DA5-CAEA837DDDA3}"= UDP:c:\windows\Temp\~osFD03.tmp\ossproxy.exe:ossproxy.exe
"{DA0D6A7B-5980-4778-A370-E6B248DE13CB}"= UDP:c:\windows\Temp\~os8526.tmp\ossproxy.exe:ossproxy.exe
"{750ED80C-7843-4AC3-8926-9AC40FEB6A99}"= UDP:c:\windows\Temp\~osC8D.tmp\ossproxy.exe:ossproxy.exe
"{B41F46D8-7C39-4059-A65B-E728C00A2099}"= UDP:c:\windows\Temp\~os99EE.tmp\ossproxy.exe:ossproxy.exe
"{DB537D9F-6305-4EEB-A493-67FFD6214896}"= UDP:c:\windows\Temp\~os24FD.tmp\ossproxy.exe:ossproxy.exe
"{9E300CA9-13F0-4628-8866-3C0A4F9E0F28}"= UDP:c:\windows\Temp\~osAFBE.tmp\ossproxy.exe:ossproxy.exe
"{C1C5B74E-D395-4DFD-80BD-73B260B4FF55}"= UDP:c:\windows\Temp\~os3ADD.tmp\ossproxy.exe:ossproxy.exe
"{1D0D7111-455B-4F4D-9860-2B3CB9047E01}"= UDP:c:\windows\Temp\~osC82E.tmp\ossproxy.exe:ossproxy.exe
"{FFD78247-7315-449F-871E-BD323D2038D4}"= UDP:c:\windows\Temp\~os533E.tmp\ossproxy.exe:ossproxy.exe
"{1B2DF5F9-E31D-4FD6-99BB-97F0F1A274BD}"= UDP:c:\windows\Temp\~osD9AB.tmp\ossproxy.exe:ossproxy.exe
"{A4767F5E-333D-4946-A106-98FF17E8317B}"= UDP:c:\windows\Temp\~os67E6.tmp\ossproxy.exe:ossproxy.exe
"{7AB836A6-024F-45A3-B064-326E809B67B0}"= UDP:c:\windows\Temp\~osF19E.tmp\ossproxy.exe:ossproxy.exe
"{0F5D5DA8-94A6-4D69-812B-D91B3A64C29F}"= UDP:c:\windows\Temp\~os85A3.tmp\ossproxy.exe:ossproxy.exe
"{BD69494F-B2EF-454D-8C7C-3250178C74FF}"= UDP:c:\windows\Temp\~os1D40.tmp\ossproxy.exe:ossproxy.exe
"{6DF5D825-73E8-4689-AF92-57543CC3C33D}"= UDP:c:\windows\Temp\~osBE4F.tmp\ossproxy.exe:ossproxy.exe
"{70037408-7BB3-4F4F-BC72-F09552FD6D8C}"= UDP:c:\windows\Temp\~os4901.tmp\ossproxy.exe:ossproxy.exe
"{773DB4E4-441B-4137-A3D8-94D566F7648D}"= UDP:c:\windows\Temp\~osE5EB.tmp\ossproxy.exe:ossproxy.exe
"{969DDECF-CC0B-4DE2-BE8E-C967DCBF6429}"= UDP:c:\windows\Temp\~os6E2D.tmp\ossproxy.exe:ossproxy.exe
"{B4ADAEF8-D141-4032-9218-F1A20044C226}"= UDP:c:\windows\Temp\~osF891.tmp\ossproxy.exe:ossproxy.exe
"{18C0E476-E4E3-4799-AD19-162DECC254DB}"= UDP:c:\windows\Temp\~os8324.tmp\ossproxy.exe:ossproxy.exe
"{2228B740-D33F-4314-B368-83880E4D544C}"= UDP:c:\windows\Temp\~os113F.tmp\ossproxy.exe:ossproxy.exe
"{D19FF1EC-9241-42A5-A8F1-0AFE94444DB4}"= UDP:c:\windows\Temp\~os9AB9.tmp\ossproxy.exe:ossproxy.exe
"{9BAA149E-5051-4AE6-865F-7AE946A15A3B}"= UDP:c:\windows\Temp\~os28B5.tmp\ossproxy.exe:ossproxy.exe
"{AD1F588F-8724-4776-9F92-085C5D64DE61}"= UDP:c:\windows\Temp\~osB05B.tmp\ossproxy.exe:ossproxy.exe
"{535DCC26-ABFD-4C85-B667-A82AAD54F2F6}"= UDP:c:\windows\Temp\~os3D3E.tmp\ossproxy.exe:ossproxy.exe
"{08B2A1C6-1A72-46EB-AA79-D2C84D8F2620}"= UDP:c:\windows\Temp\~osC590.tmp\ossproxy.exe:ossproxy.exe
"{E1972C0C-BF26-49AA-A2E4-CCD8BA633A62}"= UDP:c:\windows\Temp\~os4E2F.tmp\ossproxy.exe:ossproxy.exe
"{08C723FB-ACB6-438F-A9BF-B537567DFCF7}"= UDP:c:\windows\Temp\~osDB42.tmp\ossproxy.exe:ossproxy.exe
"{73111F92-CFEE-4793-8ECE-A5A6D05A5F69}"= UDP:c:\windows\Temp\~os63F1.tmp\ossproxy.exe:ossproxy.exe
"{6A898865-D00C-4951-A84D-83ED8EF5B963}"= UDP:c:\windows\Temp\~osE8C9.tmp\ossproxy.exe:ossproxy.exe
"{7D5AB94C-F666-4BC9-BA5A-00421CBF218E}"= UDP:c:\windows\Temp\~os705F.tmp\ossproxy.exe:ossproxy.exe
"{E45905C9-74CA-4BC0-876E-44E18B5EFCA7}"= UDP:c:\windows\Temp\~osFE4C.tmp\ossproxy.exe:ossproxy.exe
"{FAF80031-8B1A-4A3E-971F-89ED8C260EE6}"= UDP:c:\windows\Temp\~os8A84.tmp\ossproxy.exe:ossproxy.exe
"{17290CDF-8A67-4800-9BBD-A339757EE1E6}"= UDP:c:\windows\Temp\~os1390.tmp\ossproxy.exe:ossproxy.exe
"{33611589-A7C8-40DE-943A-D26E9F3162E5}"= UDP:c:\windows\Temp\~osA054.tmp\ossproxy.exe:ossproxy.exe
"{66C6F620-6C38-41D3-AA1C-3C1D6629C4CA}"= UDP:c:\windows\Temp\~os2E12.tmp\ossproxy.exe:ossproxy.exe
"{3C705C4E-9568-4046-9780-A1B7669E62B5}"= UDP:c:\windows\Temp\~osBC4D.tmp\ossproxy.exe:ossproxy.exe
"{F95423A1-809B-4707-A3ED-2C98F055CDDB}"= UDP:c:\windows\Temp\~os4B52.tmp\ossproxy.exe:ossproxy.exe
"{38001BA7-A70E-4F41-953D-85DD168F9551}"= UDP:c:\windows\Temp\~osD7B9.tmp\ossproxy.exe:ossproxy.exe
"{2D1D0C8D-6332-421D-8570-3FE2E77DD20B}"= UDP:c:\windows\Temp\~os626B.tmp\ossproxy.exe:ossproxy.exe
"{55900056-34A9-4C52-812E-B3E2EC07B4B5}"= UDP:c:\windows\Temp\~osED7A.tmp\ossproxy.exe:ossproxy.exe
"{F75F4DF5-E2B9-4355-B076-F2FAE2E4C43A}"= UDP:c:\windows\Temp\~os7945.tmp\ossproxy.exe:ossproxy.exe
"{2B28170A-2B91-4F28-A6A6-1571828C856D}"= UDP:c:\windows\Temp\~os7DD.tmp\ossproxy.exe:ossproxy.exe
"{D984B467-A35F-4D5C-8852-1177440E2EDC}"= UDP:c:\windows\Temp\~os906D.tmp\ossproxy.exe:ossproxy.exe
"{7C578418-1E7E-47B2-AF70-FDA542C90025}"= UDP:c:\windows\Temp\~os1E98.tmp\ossproxy.exe:ossproxy.exe

aybsee
Intermediate
Intermediate

Posts Posts : 102
Joined Joined : 2008-12-19
OS OS : wnidows vista home premium
Points Points : 29512
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Trojan

Post by aybsee on 9th July 2009, 4:50 am

part 20

"{EE07AF6C-7E43-4F7B-979F-A10EB67B5841}"= UDP:c:\windows\Temp\~osAA92.tmp\ossproxy.exe:ossproxy.exe
"{D2FD3CCC-0702-4F28-8924-3A2C64EFA37F}"= UDP:c:\windows\Temp\~os390B.tmp\ossproxy.exe:ossproxy.exe
"{B73F4F68-2FBB-452C-976F-B15CF8B69F10}"= UDP:c:\windows\Temp\~osBE41.tmp\ossproxy.exe:ossproxy.exe
"{A8C98C32-BAE8-4010-8A82-E837091B235C}"= UDP:c:\windows\Temp\~os49AE.tmp\ossproxy.exe:ossproxy.exe
"{70AACDAF-5535-482D-B509-BA3792A83290}"= UDP:c:\windows\Temp\~osD846.tmp\ossproxy.exe:ossproxy.exe
"{B3F992B6-A80B-4E55-9A5F-1F3F0CC248C2}"= UDP:c:\windows\Temp\~os6910.tmp\ossproxy.exe:ossproxy.exe
"{C92BCE8F-F9E6-4924-8350-17582685DA86}"= UDP:c:\windows\Temp\~osFA76.tmp\ossproxy.exe:ossproxy.exe
"{8E72C190-AB49-4410-A2FF-45FD4BA4BED6}"= UDP:c:\windows\Temp\~os8881.tmp\ossproxy.exe:ossproxy.exe
"{3D2C2171-F9CC-455E-998C-D3C7E04A8767}"= UDP:c:\windows\Temp\~os1526.tmp\ossproxy.exe:ossproxy.exe
"{7C0C3C63-6025-451A-B50C-6D25E2638F13}"= UDP:c:\windows\Temp\~osA007.tmp\ossproxy.exe:ossproxy.exe
"{D3C4D373-CCF8-405A-9F19-559469CBBACB}"= UDP:c:\windows\Temp\~os2C01.tmp\ossproxy.exe:ossproxy.exe
"{1D489EBA-FB3E-4FF1-B36F-16865A78B8F3}"= UDP:c:\windows\Temp\~osB4FE.tmp\ossproxy.exe:ossproxy.exe
"{A7A128F1-E078-4A2A-A1B0-554FF5359617}"= UDP:c:\windows\Temp\~os39B7.tmp\ossproxy.exe:ossproxy.exe
"{93A15F14-E6C0-47CB-943A-D9AC28C57950}"= UDP:c:\windows\Temp\~osC8BC.tmp\ossproxy.exe:ossproxy.exe
"{1F9890F4-2538-4EFF-BABF-5E82FAA17CD4}"= UDP:c:\windows\Temp\~os50A0.tmp\ossproxy.exe:ossproxy.exe
"{D8E1E51B-4CEA-425D-AA9D-08F016C9AB2E}"= UDP:c:\windows\Temp\~osEE75.tmp\ossproxy.exe:ossproxy.exe
"{48FE4CE0-9953-4349-96BD-77FBD8EE6AD2}"= UDP:c:\windows\Temp\~os847C.tmp\ossproxy.exe:ossproxy.exe
"{06164D7D-D310-4F79-9ADD-B949A79EDBFF}"= UDP:c:\windows\Temp\~os257C.tmp\ossproxy.exe:ossproxy.exe
"{3DA84DE1-1D08-4624-876A-D2940E6F8511}"= UDP:c:\windows\Temp\~osBD09.tmp\ossproxy.exe:ossproxy.exe
"{31DF807A-0DDA-481D-B9BB-96B70DFFD92E}"= UDP:c:\windows\Temp\~os4A98.tmp\ossproxy.exe:ossproxy.exe
"{A3626ED7-CC54-4086-9592-DB68440633A2}"= UDP:c:\windows\Temp\~osF1A0.tmp\ossproxy.exe:ossproxy.exe
"{39B94034-BC09-4588-B02E-AA94DA6F0D91}"= UDP:c:\windows\Temp\~osA18D.tmp\ossproxy.exe:ossproxy.exe
"{FE416AC2-053C-4E04-A83E-A3A8C21196C4}"= UDP:c:\windows\Temp\~os3DCC.tmp\ossproxy.exe:ossproxy.exe
"{94C92CD0-45C1-42EB-B5D5-533D39E6B350}"= UDP:c:\windows\Temp\~osDAE5.tmp\ossproxy.exe:ossproxy.exe
"{1E0B0316-F1E9-40A4-8088-12B3508CA5C5}"= UDP:c:\windows\Temp\~os692F.tmp\ossproxy.exe:ossproxy.exe
"{437A7A8D-13DD-4D35-804B-3A0FE885B7EF}"= UDP:c:\windows\Temp\~osF789.tmp\ossproxy.exe:ossproxy.exe
"{CC211B26-1E97-47CA-9A97-9076B4B43524}"= UDP:c:\windows\Temp\~os871B.tmp\ossproxy.exe:ossproxy.exe
"{54690D55-4392-4FB9-BC56-74FB7B8C0A9D}"= UDP:c:\windows\Temp\~os1391.tmp\ossproxy.exe:ossproxy.exe
"{51F0C4BB-55ED-4A16-9A42-77257E956EFB}"= UDP:c:\windows\Temp\~os9E72.tmp\ossproxy.exe:ossproxy.exe
"{0408FCD0-DB0D-4984-9212-C5331371E40A}"= UDP:c:\windows\Temp\~os2D68.tmp\ossproxy.exe:ossproxy.exe
"{65E2D9E6-5085-41B1-A1A1-4BF6F6F0B40D}"= UDP:c:\windows\Temp\~osB8E5.tmp\ossproxy.exe:ossproxy.exe
"{9294B130-34BE-4F01-9690-9C44553B63AE}"= UDP:c:\windows\Temp\~os48A5.tmp\ossproxy.exe:ossproxy.exe
"{D83FDA8C-16F4-47F9-AF69-E7CC80C1657E}"= UDP:c:\windows\Temp\~osD79B.tmp\ossproxy.exe:ossproxy.exe
"{6D0FB905-D42F-4219-8EC0-4416C5499F83}"= UDP:c:\windows\Temp\~os66FE.tmp\ossproxy.exe:ossproxy.exe
"{8F68930E-4CEF-47BF-8A8C-D960D9904BFD}"= UDP:c:\windows\Temp\~osF059.tmp\ossproxy.exe:ossproxy.exe
"{3B0CBAF0-9C2F-45C3-BD69-8FA860EBF181}"= UDP:c:\windows\Temp\~os788B.tmp\ossproxy.exe:ossproxy.exe
"{75780E10-FB25-423E-B077-16D23DC49E4E}"= UDP:c:\windows\Temp\~os54F.tmp\ossproxy.exe:ossproxy.exe
"{62467C17-DE83-47CB-9692-A2C69A923182}"= UDP:c:\windows\Temp\~os9281.tmp\ossproxy.exe:ossproxy.exe
"{7A13D305-E416-40F2-8869-C0DA63F1DEBF}"= UDP:c:\windows\Temp\~os1CA6.tmp\ossproxy.exe:ossproxy.exe
"{E192739A-6306-4169-947F-343CCA33907D}"= UDP:c:\windows\Temp\~os9D88.tmp\ossproxy.exe:ossproxy.exe
"{14B05A9F-1A0C-48FA-9FCB-B2EED76304FC}"= UDP:c:\windows\Temp\~os342C.tmp\ossproxy.exe:ossproxy.exe
"{9801259A-AF4C-4FC1-913F-2BC6C1F5BAE6}"= UDP:c:\windows\Temp\~osF0A7.tmp\ossproxy.exe:ossproxy.exe
"{F18EFD26-0B7A-43A6-80AB-26EA596A7B88}"= UDP:c:\windows\Temp\~os8048.tmp\ossproxy.exe:ossproxy.exe
"{C4CA7347-8CA6-4F98-9BAB-FD001541063A}"= UDP:c:\windows\Temp\~osC42.tmp\ossproxy.exe:ossproxy.exe
"{AF963F4D-56FE-40DB-8C4B-CA34A777CDAC}"= UDP:c:\windows\Temp\~os9889.tmp\ossproxy.exe:ossproxy.exe
"{6D919832-0885-4664-B375-92580799ED69}"= UDP:c:\windows\Temp\~os237A.tmp\ossproxy.exe:ossproxy.exe
"{BEAAFE73-8376-4B2F-89FB-58B819EA598D}"= UDP:c:\windows\Temp\~osAB2F.tmp\ossproxy.exe:ossproxy.exe
"{13023E59-2C0D-4CCD-8CA2-6CC32E68117E}"= UDP:c:\windows\Temp\~os36DB.tmp\ossproxy.exe:ossproxy.exe
"{9471E50D-8C36-4707-BAAF-EC1FF49510D5}"= UDP:c:\windows\Temp\~osC6AB.tmp\ossproxy.exe:ossproxy.exe
"{59576599-0219-4344-9263-6393376F4F27}"= UDP:c:\windows\Temp\~os5591.tmp\ossproxy.exe:ossproxy.exe
"{DD7B9C3C-49F4-4644-8965-F709B00515FD}"= UDP:c:\windows\Temp\~osE36E.tmp\ossproxy.exe:ossproxy.exe
"{4906223A-D122-42BB-B7A5-2B9C5AD00D1F}"= UDP:c:\windows\Temp\~os6E4F.tmp\ossproxy.exe:ossproxy.exe
"{B85CCD1E-B464-4AFA-95B9-9B71CEFA6026}"= UDP:c:\windows\Temp\~osA353.tmp\ossproxy.exe:ossproxy.exe
"{AEA7E0BA-3C5C-49AE-BBF8-2DF980DC030B}"= UDP:c:\windows\Temp\~os3268.tmp\ossproxy.exe:ossproxy.exe
"{0050B7C5-4CCB-4103-ADB4-C8A5FF05457B}"= UDP:c:\windows\Temp\~osC093.tmp\ossproxy.exe:ossproxy.exe
"{1C31FD53-A1FD-4E4A-90A5-586BFFE3B2F4}"= UDP:c:\windows\Temp\~os516D.tmp\ossproxy.exe:ossproxy.exe
"{E2FDFA79-59CB-457C-B25A-DA26759B1EF4}"= UDP:c:\windows\Temp\~osE053.tmp\ossproxy.exe:ossproxy.exe
"{7C16A6F2-51DF-44E2-89E2-49A26C67881C}"= UDP:c:\windows\Temp\~os6F39.tmp\ossproxy.exe:ossproxy.exe
"{E98EC159-DC0C-479D-88E9-AC9B20390459}"= UDP:c:\windows\Temp\~osF691.tmp\ossproxy.exe:ossproxy.exe
"{52C82397-ABF5-4FBD-B1DA-C6899CDE0EAA}"= UDP:c:\windows\Temp\~os827B.tmp\ossproxy.exe:ossproxy.exe
"{CD44F33B-184F-4716-B3D2-009F53F45B17}"= UDP:c:\windows\Temp\~osF7D.tmp\ossproxy.exe:ossproxy.exe
"{74EC0A84-CA79-432E-BE09-285BDABE70C3}"= UDP:c:\windows\Temp\~osA8CF.tmp\ossproxy.exe:ossproxy.exe
"{14FAFA47-82E0-4C56-A231-3C3CD07B70F6}"= UDP:c:\windows\Temp\~os3E3B.tmp\ossproxy.exe:ossproxy.exe
"{A13FC092-828F-4657-8305-8784EBA1DF3E}"= UDP:c:\windows\Temp\~osD27E.tmp\ossproxy.exe:ossproxy.exe
"{DB96823F-B379-4D21-9B2B-52CC2B4235D0}"= UDP:c:\windows\Temp\~os5E96.tmp\ossproxy.exe:ossproxy.exe
"{8AD7D947-0811-4F29-8EB1-8E66AB7B6667}"= UDP:c:\windows\Temp\~osF1FF.tmp\ossproxy.exe:ossproxy.exe
"{34847FFC-854C-444A-9520-E620CB02B7EF}"= UDP:c:\windows\Temp\~os86DE.tmp\ossproxy.exe:ossproxy.exe
"{6F55EFDD-947C-443C-B0CA-68C5400615B9}"= UDP:c:\windows\Temp\~os10A6.tmp\ossproxy.exe:ossproxy.exe
"{45A042B9-6A6C-408A-8032-9C2D554A5983}"= UDP:c:\windows\Temp\~os9BD5.tmp\ossproxy.exe:ossproxy.exe
"{AE87CEC4-FE7A-4448-B3F8-975D5F284D17}"= UDP:c:\windows\Temp\~os28D7.tmp\ossproxy.exe:ossproxy.exe
"{F9A14690-0E78-4BEE-BD68-6533A4C18FFE}"= UDP:c:\windows\Temp\~osB953.tmp\ossproxy.exe:ossproxy.exe
"{07A658D9-EB10-49CF-A8E0-BD02AB987442}"= UDP:c:\windows\Temp\~os4656.tmp\ossproxy.exe:ossproxy.exe
"{18EE85AB-8337-4EAD-908E-7590BBB086A2}"= UDP:c:\windows\Temp\~osD25F.tmp\ossproxy.exe:ossproxy.exe
"{DA2A98B4-7383-4E9E-94E0-2E36FD89DA6E}"= UDP:c:\windows\Temp\~os5E39.tmp\ossproxy.exe:ossproxy.exe
"{CD57C8B2-EA2E-4A55-A502-92A36113C5DB}"= UDP:c:\windows\Temp\~osEA23.tmp\ossproxy.exe:ossproxy.exe
"{FDBD94A8-259F-47D0-9770-C4B9C45421EE}"= UDP:c:\windows\Temp\~os782F.tmp\ossproxy.exe:ossproxy.exe
"{28BC55DC-FA78-4569-921E-EA67C72B8807}"= UDP:c:\windows\Temp\~os3CB.tmp\ossproxy.exe:ossproxy.exe
"{DC356627-8DB1-47DE-B283-19F87C62AF65}"= UDP:c:\windows\Temp\~os914A.tmp\ossproxy.exe:ossproxy.exe
"{FB84545E-BB99-4C5B-899A-12B387A97F36}"= UDP:c:\windows\Temp\~os1E9B.tmp\ossproxy.exe:ossproxy.exe
"{06A49AB0-8709-4C95-B39E-9105B17D9F73}"= UDP:c:\windows\Temp\~osA7B7.tmp\ossproxy.exe:ossproxy.exe
"{472ED974-75C3-4462-9A79-DBBB08EACBC1}"= UDP:c:\windows\Temp\~os7D3E.tmp\ossproxy.exe:ossproxy.exe
"{66B09129-DA80-4FBF-BF08-0D7BAB4BBAB9}"= UDP:c:\windows\Temp\~os57D3.tmp\ossproxy.exe:ossproxy.exe
"{F03B0F7D-FBF3-4543-A75F-1324A6B877AB}"= UDP:c:\windows\Temp\~osE6BA.tmp\ossproxy.exe:ossproxy.exe
"{E6F3AAE6-5CF1-470C-BEEC-D6B8B068DB12}"= UDP:c:\windows\Temp\~os6DB4.tmp\ossproxy.exe:ossproxy.exe
"{AEB45DEA-F81B-4D7B-9A69-BBE21B151BB1}"= UDP:c:\windows\Temp\~osF644.tmp\ossproxy.exe:ossproxy.exe
"{5AB604C5-5E39-4025-BEC4-E03BFB338879}"= UDP:c:\windows\Temp\~os8568.tmp\ossproxy.exe:ossproxy.exe
"{7CFB1617-92F1-4A91-BD5B-B33246C04C4E}"= UDP:c:\windows\Temp\~os12C9.tmp\ossproxy.exe:ossproxy.exe
"{84874455-3D67-4D90-AEC2-5E8AC940EAE4}"= UDP:c:\windows\Temp\~os9E84.tmp\ossproxy.exe:ossproxy.exe
"{BA7BA7CF-622A-4736-A9A0-328A533CED25}"= UDP:c:\windows\Temp\~os288A.tmp\ossproxy.exe:ossproxy.exe
"{CA088555-AD08-410A-B991-332EFC994C01}"= UDP:c:\windows\Temp\~osB2DE.tmp\ossproxy.exe:ossproxy.exe
"{F81D47A2-2839-4816-84A9-F3030501B7E9}"= UDP:c:\windows\Temp\~os4270.tmp\ossproxy.exe:ossproxy.exe
"{7D9B0CCD-9CBD-4810-B77E-37C5285B1C04}"= UDP:c:\windows\Temp\~osD1E3.tmp\ossproxy.exe:ossproxy.exe
"{CE3193FC-9EC1-49EA-9E8F-36C31D1AAFB4}"= UDP:c:\windows\Temp\~os61D2.tmp\ossproxy.exe:ossproxy.exe
"{D8EBE209-7825-4898-B686-F950B1E78340}"= UDP:c:\windows\Temp\~osEF42.tmp\ossproxy.exe:ossproxy.exe
"{01E2F20B-978B-4F78-A36D-BCD0CEFD5D02}"= UDP:c:\windows\Temp\~os7A51.tmp\ossproxy.exe:ossproxy.exe
"{EF3F720C-934F-4802-8041-BECECD35FB3D}"= UDP:c:\windows\Temp\~os7F1.tmp\ossproxy.exe:ossproxy.exe
"{0D980C44-C5AD-421C-8CFF-EAB616FA347E}"= UDP:c:\windows\Temp\~os9541.tmp\ossproxy.exe:ossproxy.exe
"{3B14AAFB-D22F-453E-AC9F-217076A69500}"= UDP:c:\windows\Temp\~os2936.tmp\ossproxy.exe:ossproxy.exe
"{BCBCFD35-3BE8-4545-AAC0-E92FA00B9D95}"= UDP:c:\windows\Temp\~osB722.tmp\ossproxy.exe:ossproxy.exe
"{59E6542B-FA54-4B9B-9A84-AE6B63173927}"= UDP:c:\windows\Temp\~os46C4.tmp\ossproxy.exe:ossproxy.exe
"{A3EAF9E9-BEBC-4513-A389-DADF691E371F}"= UDP:c:\windows\Temp\~osD0AB.tmp\ossproxy.exe:ossproxy.exe
"{F75E03E4-B56F-44A9-93C2-BB9EFDE413E9}"= UDP:c:\windows\Temp\~os6AB8.tmp\ossproxy.exe:ossproxy.exe
"{C558FFB5-7313-43B8-8D59-750A765AFB82}"= UDP:c:\windows\Temp\~osF9AE.tmp\ossproxy.exe:ossproxy.exe
"{59B10871-113D-44D4-87FF-9F00EA03356F}"= UDP:c:\windows\Temp\~os93BB.tmp\ossproxy.exe:ossproxy.exe
"{893FB044-5439-44C9-B654-4A7F6E0CDC01}"= UDP:c:\windows\Temp\~os1384.tmp\ossproxy.exe:ossproxy.exe
"{BCF1C7E6-371B-413D-AB28-4E0496AF3A6D}"= UDP:c:\windows\Temp\~osA171.tmp\ossproxy.exe:ossproxy.exe
"{73341196-543F-4CCA-8EB9-ADF14A2BE936}"= UDP:c:\windows\Temp\~os2F5E.tmp\ossproxy.exe:ossproxy.exe
"{AD01F30F-EFDC-48DA-BA2F-4CCD03FF4327}"= UDP:c:\windows\Temp\~osBBA5.tmp\ossproxy.exe:ossproxy.exe
"{8221CF90-2A99-4BF6-81E1-2BD9EF37BEC2}"= UDP:c:\windows\Temp\~os45F9.tmp\ossproxy.exe:ossproxy.exe
"{A60179CF-C8A0-4DAB-8BDD-E23535020FA4}"= UDP:c:\windows\Temp\~osCDED.tmp\ossproxy.exe:ossproxy.exe
"{933F1D6B-42AF-4203-AAFF-59C6FA403782}"= UDP:c:\windows\Temp\~os588F.tmp\ossproxy.exe:ossproxy.exe
"{0D379C1D-A374-427D-8CE1-21BC692AA133}"= UDP:c:\windows\Temp\~osDCAC.tmp\ossproxy.exe:ossproxy.exe
"{EC5FCEE7-6B21-41E2-A84D-6BAF34E48173}"= UDP:c:\windows\Temp\~os680B.tmp\ossproxy.exe:ossproxy.exe
"{290EEB03-6EE5-4F93-A2C4-D26062BEA261}"= UDP:c:\windows\Temp\~osF809.tmp\ossproxy.exe:ossproxy.exe
"{E817F3CE-E47A-42E1-8965-FF1A450D352F}"= UDP:c:\windows\Temp\~os88C3.tmp\ossproxy.exe:ossproxy.exe
"{EC07A040-D018-4B96-8144-4F02CC13E3BA}"= UDP:c:\windows\Temp\~os10E6.tmp\ossproxy.exe:ossproxy.exe
"{389436F8-5C3A-4279-9020-7B2FEF24EE3C}"= UDP:c:\windows\Temp\~os981F.tmp\ossproxy.exe:ossproxy.exe
"{631D2916-5CA2-4497-B0F5-874C6F5A7FF9}"= UDP:c:\windows\Temp\~os23AB.tmp\ossproxy.exe:ossproxy.exe
"{AE269381-DEC1-4992-BA10-523963A30372}"= UDP:c:\windows\Temp\~osAD63.tmp\ossproxy.exe:ossproxy.exe
"{49CD6122-3A9C-453E-BCAC-AC4882ACF3EA}"= UDP:c:\windows\Temp\~os3DC0.tmp\ossproxy.exe:ossproxy.exe
"{41BA9780-2A1A-4DA9-8BE1-8F076C71552A}"= UDP:c:\windows\Temp\~osC611.tmp\ossproxy.exe:ossproxy.exe
"{A5E00B6A-5C4E-411D-8FA8-7D78DF5A873B}"= UDP:c:\windows\Temp\~os568D.tmp\ossproxy.exe:ossproxy.exe
"{87FF54A1-D05D-4102-99FC-266FF766ED66}"= UDP:c:\windows\Temp\~osE506.tmp\ossproxy.exe:ossproxy.exe
"{BDC5F014-02C5-4142-A1D7-73C190D4FA45}"= UDP:c:\windows\Temp\~os742B.tmp\ossproxy.exe:ossproxy.exe
"{669AF28F-04A2-49E5-B42C-608C610D9D7F}"= UDP:c:\windows\Temp\~osFC8C.tmp\ossproxy.exe:ossproxy.exe
"{4ED63582-C440-4257-A6E1-F583D0718205}"= UDP:c:\windows\Temp\~os8C9A.tmp\ossproxy.exe:ossproxy.exe
"{14863A7F-9B79-4262-A1D3-5EB4A0E44551}"= UDP:c:\windows\Temp\~os29D3.tmp\ossproxy.exe:ossproxy.exe
"{16AEEEAA-1B53-496F-91B8-4FE908D6C6FD}"= UDP:c:\windows\Temp\~osC1FC.tmp\ossproxy.exe:ossproxy.exe
"{CEAB4012-88F1-4362-8016-A736D3C566EA}"= UDP:c:\windows\Temp\~os55D2.tmp\ossproxy.exe:ossproxy.exe
"{BCE43E30-A522-4389-9315-5B560CC3D747}"= UDP:c:\windows\Temp\~osF57A.tmp\ossproxy.exe:ossproxy.exe
"{6AAFF7BE-D5F9-496C-9E61-2F4942B612A9}"= UDP:c:\windows\Temp\~os80C8.tmp\ossproxy.exe:ossproxy.exe
"{A8AB5525-ED83-45B9-9453-DE5AE3E1D9FD}"= UDP:c:\windows\Temp\~os1615.tmp\ossproxy.exe:ossproxy.exe
"{DE7A1D53-2E6F-47E1-9CBC-D70109FF1A0C}"= UDP:c:\windows\Temp\~osA430.tmp\ossproxy.exe:ossproxy.exe

aybsee
Intermediate
Intermediate

Posts Posts : 102
Joined Joined : 2008-12-19
OS OS : wnidows vista home premium
Points Points : 29512
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Trojan

Post by aybsee on 9th July 2009, 4:51 am

part 21

"{2A60A685-6C44-4ABA-B885-D2F866A948B1}"= UDP:c:\windows\Temp\~os3058.tmp\ossproxy.exe:ossproxy.exe
"{0B1BA01B-3127-46A9-BC24-831DE7869F81}"= UDP:c:\windows\Temp\~osB917.tmp\ossproxy.exe:ossproxy.exe
"{4A8A6B50-98DB-42FC-8B18-AE3A9DBFF167}"= UDP:c:\windows\Temp\~os453F.tmp\ossproxy.exe:ossproxy.exe
"{93FCAD60-C916-4095-8C6D-BF5DF307B664}"= UDP:c:\windows\Temp\~osD139.tmp\ossproxy.exe:ossproxy.exe
"{4F2F368E-E52F-427A-8A39-5D34DB249891}"= UDP:c:\windows\Temp\~os5DAF.tmp\ossproxy.exe:ossproxy.exe
"{9108A694-57C4-4E5C-8F5D-596D3FA6CAB7}"= UDP:c:\windows\Temp\~osE4B9.tmp\ossproxy.exe:ossproxy.exe
"{71A24B52-EE58-43C7-9C65-C1ECC5A0A6A2}"= UDP:c:\windows\Temp\~os6C5E.tmp\ossproxy.exe:ossproxy.exe
"{9D3D0EF3-C53C-4F0B-9FE2-76C8A8C5D65D}"= UDP:c:\windows\Temp\~osF636.tmp\ossproxy.exe:ossproxy.exe
"{59A24440-3F55-4289-AFF3-94E24B8D7523}"= UDP:c:\windows\Temp\~os7EA7.tmp\ossproxy.exe:ossproxy.exe
"{51CC31D0-F010-47A4-8B72-EDD9F9877AB1}"= UDP:c:\windows\Temp\~os505.tmp\ossproxy.exe:ossproxy.exe
"{BA7B8246-D587-43AD-BB11-F2D972E0F357}"= UDP:c:\windows\Temp\~os8BA2.tmp\ossproxy.exe:ossproxy.exe
"{A8F9B85A-32B4-4DC3-8E52-BFA0A385B69C}"= UDP:c:\windows\Temp\~os1AC6.tmp\ossproxy.exe:ossproxy.exe
"{428D9047-A888-453F-8BC3-634219744580}"= UDP:c:\windows\Temp\~osA559.tmp\ossproxy.exe:ossproxy.exe
"{9E7A3BED-B139-4864-9E34-47942AEBBDFD}"= UDP:c:\windows\Temp\~os2DAA.tmp\ossproxy.exe:ossproxy.exe
"{7275E8B4-885D-4250-8477-E8A642D3235D}"= UDP:c:\windows\Temp\~osC1BF.tmp\ossproxy.exe:ossproxy.exe
"{C6E0BA85-BD91-4DBE-8B5C-8F9F5BF60F2B}"= UDP:c:\windows\Temp\~os5363.tmp\ossproxy.exe:ossproxy.exe
"{2AC77B7E-9D16-4618-B4A2-7E442DBC8F61}"= UDP:c:\windows\Temp\~osD3C8.tmp\ossproxy.exe:ossproxy.exe
"{28FFD192-15E3-43BD-8B75-89FFD4D154F4}"= UDP:c:\windows\Temp\~osD713.tmp\ossproxy.exe:ossproxy.exe
"{0F268A3D-9605-4A98-98C5-2B54E3577760}"= UDP:c:\windows\Temp\~osCAB4.tmp\ossproxy.exe:ossproxy.exe
"{8098E6BE-DF8E-497E-B916-706D68471280}"= UDP:c:\windows\Temp\~osD790.tmp\ossproxy.exe:ossproxy.exe
"{8EB7C143-233B-4ABA-9E67-728CE1711AA2}"= UDP:c:\windows\Temp\~os79F6.tmp\ossproxy.exe:ossproxy.exe
"{C1794F06-77AD-44BD-AFB2-9C77533188A8}"= UDP:c:\windows\Temp\~os177C.tmp\ossproxy.exe:ossproxy.exe
"{BD8F1ECF-E50D-4EA3-9153-53FE23FAC9E7}"= UDP:c:\windows\Temp\~osC2A9.tmp\ossproxy.exe:ossproxy.exe
"{50DFAF27-41D9-4878-8C89-4073F72A4FAF}"= UDP:c:\windows\Temp\~os5B7E.tmp\ossproxy.exe:ossproxy.exe
"{78C08FB0-EFFA-40E2-8E6E-D54F0E2D2C0D}"= UDP:c:\windows\Temp\~osE7C5.tmp\ossproxy.exe:ossproxy.exe
"{35DD9550-0E3E-4408-A6DC-006432870415}"= UDP:c:\windows\Temp\~osA24D.tmp\ossproxy.exe:ossproxy.exe
"{EC1C864D-F3D9-4A33-81BD-B04D37B28CEE}"= UDP:c:\windows\Temp\~os2D0F.tmp\ossproxy.exe:ossproxy.exe
"{A339730A-A171-49D2-8A58-01D438FDA8BB}"= UDP:c:\windows\Temp\~osB62B.tmp\ossproxy.exe:ossproxy.exe
"{45999001-915B-4129-802B-EA16A1F23923}"= UDP:c:\windows\Temp\~os4012.tmp\ossproxy.exe:ossproxy.exe
"{EC072032-DA79-4C9F-AA3F-D03B447144FB}"= UDP:c:\windows\Temp\~osCA28.tmp\ossproxy.exe:ossproxy.exe
"{9EACCC7B-4B93-47EF-A63F-8D5AA74C3E34}"= UDP:c:\windows\Temp\~os52A8.tmp\ossproxy.exe:ossproxy.exe
"{7541016C-6AA3-4809-92A7-BA1B4FE820C9}"= UDP:c:\windows\Temp\~osDDE6.tmp\ossproxy.exe:ossproxy.exe
"{117E4786-F5AB-4E0A-917B-37C245AAD772}"= UDP:c:\windows\Temp\~os6925.tmp\ossproxy.exe:ossproxy.exe
"{9F442063-AB6E-4609-A67F-62F6B2A6B8E7}"= UDP:c:\windows\Temp\~osFA2D.tmp\ossproxy.exe:ossproxy.exe
"{D501D021-2662-4AC0-AEFE-C9D7B684D86B}"= UDP:c:\windows\Temp\~os873F.tmp\ossproxy.exe:ossproxy.exe
"{9E9800A8-65C3-4519-AB2E-E8A9AAD62954}"= UDP:c:\windows\Temp\~os17EA.tmp\ossproxy.exe:ossproxy.exe
"{423B54CD-B28B-4269-89FE-6CEA8271055C}"= UDP:c:\windows\Temp\~osA470.tmp\ossproxy.exe:ossproxy.exe
"{1A659977-9734-4420-BB25-07CEACCD01C7}"= UDP:c:\windows\Temp\~os3356.tmp\ossproxy.exe:ossproxy.exe
"{08BB65E3-C0B5-46D9-A1AC-4E48B4F9F14F}"= UDP:c:\windows\Temp\~osBF21.tmp\ossproxy.exe:ossproxy.exe
"{A7823D83-CD29-40A5-BCE4-21CC2117259C}"= UDP:c:\windows\Temp\~os47EF.tmp\ossproxy.exe:ossproxy.exe
"{756A7354-3907-4090-99A7-CC1EAA786F3E}"= UDP:c:\windows\Temp\~osD1B7.tmp\ossproxy.exe:ossproxy.exe
"{3E12DD23-AB5B-47F1-AEE9-AF48096C0B13}"= UDP:c:\windows\Temp\~os609D.tmp\ossproxy.exe:ossproxy.exe
"{5C101302-7E61-4AAA-8F9B-A150B033902F}"= UDP:c:\windows\Temp\~osEF54.tmp\ossproxy.exe:ossproxy.exe
"{A3BDC317-6393-458A-9989-323448E08632}"= UDP:c:\windows\Temp\~os7DCD.tmp\ossproxy.exe:ossproxy.exe
"{486FAF77-C370-4F92-8BE8-74A2D19B1D70}"= UDP:c:\windows\Temp\~os16A2.tmp\ossproxy.exe:ossproxy.exe
"{11837216-DA2E-4B40-8399-5DF5DD77D4F0}"= UDP:c:\windows\Temp\~os9F71.tmp\ossproxy.exe:ossproxy.exe
"{C40AAED9-0036-4F08-AB17-11D4CC37994A}"= UDP:c:\windows\Temp\~os263C.tmp\ossproxy.exe:ossproxy.exe
"{EE716B13-DB10-42E4-AED9-A138AC90D025}"= UDP:c:\windows\Temp\~osC068.tmp\ossproxy.exe:ossproxy.exe
"{52DF36D1-ECDE-4003-A218-96F4607F9BDA}"= UDP:c:\windows\Temp\~os4437.tmp\ossproxy.exe:ossproxy.exe
"{3FEDE734-DAFC-431D-9411-9F407F34484A}"= UDP:c:\windows\Temp\~osD2C0.tmp\ossproxy.exe:ossproxy.exe
"{4193878A-A618-4835-B519-3A0085E2BF42}"= UDP:c:\windows\Temp\~os5D24.tmp\ossproxy.exe:ossproxy.exe
"{89C24324-6E70-4C78-9677-7C93B8970DC0}"= UDP:c:\windows\Temp\~osE778.tmp\ossproxy.exe:ossproxy.exe
"{828F23A9-9398-4507-917D-AACA36B82540}"= UDP:c:\windows\Temp\~os7880.tmp\ossproxy.exe:ossproxy.exe
"{0DCE8292-1EEF-46C1-ABCD-10F36B6DBDE1}"= UDP:c:\windows\Temp\~os40D.tmp\ossproxy.exe:ossproxy.exe
"{95332F38-0A87-418F-BDA1-E6C2EA5B4E02}"= UDP:c:\windows\Temp\~os944A.tmp\ossproxy.exe:ossproxy.exe
"{283039F0-4FD9-4ADC-90D0-B0F18079E3BB}"= UDP:c:\windows\Temp\~os240C.tmp\ossproxy.exe:ossproxy.exe
"{70E0A4ED-77F4-4847-83F3-627F7D7BEF5C}"= UDP:c:\windows\Temp\~osB0B0.tmp\ossproxy.exe:ossproxy.exe
"{77582855-5A3F-4961-BD4C-D175786B3908}"= UDP:c:\windows\Temp\~os3865.tmp\ossproxy.exe:ossproxy.exe
"{54AD4A6A-79B1-463A-BDCA-9C8E0EF9A802}"= UDP:c:\windows\Temp\~osC6CF.tmp\ossproxy.exe:ossproxy.exe
"{2EE586C4-3A32-4FC5-AC76-BEA55956EE50}"= UDP:c:\windows\Temp\~os5087.tmp\ossproxy.exe:ossproxy.exe
"{6FEB3A1C-4590-4548-B851-E193AA0BE84F}"= UDP:c:\windows\Temp\~osDBD5.tmp\ossproxy.exe:ossproxy.exe
"{96062C3B-4599-4558-BB53-6DFE5FCE827F}"= UDP:c:\windows\Temp\~os6AEA.tmp\ossproxy.exe:ossproxy.exe
"{4D444593-817C-4065-B1BE-9AD3444AE55D}"= UDP:c:\windows\Temp\~osF944.tmp\ossproxy.exe:ossproxy.exe
"{875FB6A8-3979-4461-A752-88BB2707312B}"= UDP:c:\windows\Temp\~os1942.tmp\ossproxy.exe:ossproxy.exe
"{18B2328C-02B4-4BE5-89FB-9C7A4530BE01}"= UDP:c:\windows\Temp\~os3BC0.tmp\ossproxy.exe:ossproxy.exe
"{F6DB20CB-5B1F-4E78-A5FC-65B1F8C8DA13}"= UDP:c:\windows\Temp\~os22A4.tmp\ossproxy.exe:ossproxy.exe
"{75036F9C-C171-4B6D-AF7F-3B203707A50C}"= UDP:c:\windows\Temp\~os2D9C.tmp\ossproxy.exe:ossproxy.exe
"{115E20CC-590E-4F62-A149-0CC51A707346}"= UDP:c:\windows\Temp\~os1829.tmp\ossproxy.exe:ossproxy.exe
"{04E723FD-7A66-4482-8868-314D88D9A430}"= UDP:c:\windows\Temp\~os1DD4.tmp\ossproxy.exe:ossproxy.exe
"{4ACBD6CF-7D55-4535-971B-6C683B8A7BF1}"= UDP:c:\windows\Temp\~os27E2.tmp\ossproxy.exe:ossproxy.exe
"{7C9B981E-0051-458B-9DBA-D89ADD14662F}"= UDP:c:\windows\Temp\~osC874.tmp\ossproxy.exe:ossproxy.exe
"{12D318F2-E021-4B42-8106-A033D0F93730}"= UDP:c:\windows\Temp\~os599C.tmp\ossproxy.exe:ossproxy.exe
"{082FB199-5062-4790-BE54-DF7B395C3337}"= UDP:c:\windows\Temp\~osE335.tmp\ossproxy.exe:ossproxy.exe
"{75AEAD0B-B928-46CF-8325-D5312E642914}"= UDP:c:\windows\Temp\~os7575.tmp\ossproxy.exe:ossproxy.exe
"{F5A9B6BB-F147-4316-93B7-E160925442BA}"= UDP:c:\windows\Temp\~os1FB.tmp\ossproxy.exe:ossproxy.exe
"{E0D2FA03-8A34-4BE4-A10C-FCEB5D49E09A}"= UDP:c:\windows\Temp\~os8C01.tmp\ossproxy.exe:ossproxy.exe
"{991D1479-C6D4-4B09-A5E9-A8B108841BDF}"= UDP:c:\windows\Temp\~os14C0.tmp\ossproxy.exe:ossproxy.exe
"{45101C95-E139-4651-A87F-7199D9A8BD14}"= UDP:c:\windows\Temp\~osA175.tmp\ossproxy.exe:ossproxy.exe
"{38FB579F-4807-41BD-94ED-DB14DC378940}"= UDP:c:\windows\Temp\~osDED.tmp\ossproxy.exe:ossproxy.exe
"{376EF844-4F8D-4BFA-9D45-FA7496F3B48C}"= UDP:c:\windows\Temp\~os6427.tmp\ossproxy.exe:ossproxy.exe
"{13D09E80-F834-4F8E-9D7F-E76B3E5A50D5}"= UDP:c:\windows\Temp\~os8FB9.tmp\ossproxy.exe:ossproxy.exe
"{C015CA29-58CD-4C83-9C6C-6F0CC41B56ED}"= UDP:c:\windows\Temp\~os73F0.tmp\ossproxy.exe:ossproxy.exe
"{71CAA831-A81E-44BC-8D04-CBA1DDB6D538}"= UDP:c:\windows\Temp\~osEAD3.tmp\ossproxy.exe:ossproxy.exe
"{6E37CB8E-D26D-4803-BD08-25E8B774DFAD}"= UDP:c:\windows\Temp\~os90A3.tmp\ossproxy.exe:ossproxy.exe
"{FC588D0E-3CC1-4B9D-8FA2-49A003426B2A}"= UDP:c:\windows\Temp\~os239F.tmp\ossproxy.exe:ossproxy.exe
"{E5E1A847-07F2-42D7-B00E-88D5D84F43D0}"= UDP:c:\windows\Temp\~os2B2D.tmp\ossproxy.exe:ossproxy.exe
"{C5F8C7B4-3E9C-45D4-9D00-E38D747CEF7A}"= UDP:c:\windows\Temp\~osD522.tmp\ossproxy.exe:ossproxy.exe
"{F100193A-21C6-439F-BD15-1B96ECE7909A}"= UDP:c:\windows\Temp\~os68E8.tmp\ossproxy.exe:ossproxy.exe
"{83033938-1173-4CAF-9ACE-E052C60CAEFF}"= UDP:c:\windows\Temp\~os20D1.tmp\ossproxy.exe:ossproxy.exe
"{1F19DF34-005F-428F-A6B6-2FC11EE2B4C1}"= UDP:c:\windows\Temp\~osB7B3.tmp\ossproxy.exe:ossproxy.exe
"{24C7D0E9-C448-4B28-A4BE-F4A0D69487CA}"= UDP:c:\windows\Temp\~os45DE.tmp\ossproxy.exe:ossproxy.exe
"{D829CD30-C4AF-488A-9F75-A476C3F27EB3}"= UDP:c:\windows\Temp\~osF9B2.tmp\ossproxy.exe:ossproxy.exe
"{6C99406B-4EB1-42CF-A4C2-0BE552ECE093}"= UDP:c:\windows\Temp\~os8B18.tmp\ossproxy.exe:ossproxy.exe
"{F7A33640-6314-4499-B0C3-0F617E90EF9A}"= UDP:c:\windows\Temp\~os1A2D.tmp\ossproxy.exe:ossproxy.exe
"{DB0D4742-1B1D-429A-8281-E63EFAF236F6}"= UDP:c:\windows\Temp\~os3442.tmp\ossproxy.exe:ossproxy.exe
"{93C41187-953D-4E46-877B-9D46282B17A4}"= UDP:c:\windows\Temp\~os4439.tmp\ossproxy.exe:ossproxy.exe
"{8F0F7557-920E-4D64-B02C-5C6DC3B9D677}"= UDP:c:\windows\Temp\~osD9A5.tmp\ossproxy.exe:ossproxy.exe
"{8AA06EC6-EFB1-4211-902E-91993DFCE19B}"= UDP:c:\windows\Temp\~os83B9.tmp\ossproxy.exe:ossproxy.exe
"{40740540-0E51-4B3A-A9AC-FA8CECC0E590}"= UDP:c:\windows\Temp\~os2A25.tmp\ossproxy.exe:ossproxy.exe
"{843BB238-E287-4B64-90D5-21AF9D40A960}"= UDP:c:\windows\Temp\~os93B0.tmp\ossproxy.exe:ossproxy.exe
"{DFC9379E-849F-4D30-B973-1E13C1B9CBF0}"= UDP:c:\windows\Temp\~os52CA.tmp\ossproxy.exe:ossproxy.exe
"{AF1E0340-4363-4674-B337-27849B391F47}"= UDP:c:\windows\Temp\~osBAEF.tmp\ossproxy.exe:ossproxy.exe
"{73558012-4809-4C71-B5BD-FE65E6BB93C7}"= UDP:c:\windows\Temp\~osB093.tmp\ossproxy.exe:ossproxy.exe
"{D806E6D2-6342-4C58-9016-E93329574D06}"= UDP:c:\windows\Temp\~os8D98.tmp\ossproxy.exe:ossproxy.exe
"{1BF25FFA-FEA2-479A-BD31-A857E6D90817}"= UDP:c:\windows\Temp\~osCC6.tmp\ossproxy.exe:ossproxy.exe
"{A4C1794B-C4F1-495A-B9D9-3F7BD084C103}"= UDP:c:\windows\Temp\~osD17B.tmp\ossproxy.exe:ossproxy.exe
"{3323C62D-B0D4-4CC2-A679-69B9AF802861}"= UDP:c:\windows\Temp\~osDE76.tmp\ossproxy.exe:ossproxy.exe
"{B410B765-2AB4-4907-8F50-13F3B83A105E}"= UDP:c:\windows\Temp\~osEAB5.tmp\ossproxy.exe:ossproxy.exe
"{65879225-648A-4053-89C4-9A95350A3220}"= UDP:c:\windows\Temp\~osCD37.tmp\ossproxy.exe:ossproxy.exe
"{C951732E-CAAF-4552-BDE3-5311821E77BE}"= UDP:c:\windows\Temp\~os8D1C.tmp\ossproxy.exe:ossproxy.exe
"{39A7A795-F333-40A5-A5FD-D45BF80F1361}"= UDP:c:\windows\Temp\~os2C66.tmp\ossproxy.exe:ossproxy.exe
"{D82E8173-C017-41C2-A7DD-E0D513F00DD1}"= UDP:c:\windows\Temp\~os2F6.tmp\ossproxy.exe:ossproxy.exe
"{D561402A-5EF3-4076-99D8-535CBB9CF98F}"= UDP:c:\windows\Temp\~osA241.tmp\ossproxy.exe:ossproxy.exe
"{71C6F612-9CCE-4815-8406-D571801FBCD0}"= UDP:c:\windows\Temp\~os7E1E.tmp\ossproxy.exe:ossproxy.exe
"{FC60F57C-06D7-4419-AEB1-2B07549B52B6}"= UDP:c:\windows\Temp\~os46D9.tmp\ossproxy.exe:ossproxy.exe
"{16B7FA60-6606-453F-B125-48C3B4CC3B08}"= UDP:c:\windows\Temp\~os41BB.tmp\ossproxy.exe:ossproxy.exe
"{4B639D27-5496-47C9-89A1-6EAE87DFE02E}"= UDP:c:\windows\Temp\~os3147.tmp\ossproxy.exe:ossproxy.exe
"{A2C1F866-71C6-4CA0-89DC-6EFBEA4CA9C4}"= UDP:c:\windows\Temp\~osE327.tmp\ossproxy.exe:ossproxy.exe

aybsee
Intermediate
Intermediate

Posts Posts : 102
Joined Joined : 2008-12-19
OS OS : wnidows vista home premium
Points Points : 29512
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Trojan

Post by aybsee on 9th July 2009, 4:51 am

part 22

"{1EC5EB3D-C11C-4A4A-ADE0-CF7C92727401}"= UDP:c:\windows\Temp\~os725C.tmp\ossproxy.exe:ossproxy.exe
"{0E7A0944-F319-4551-AA1D-911B3F57E841}"= UDP:c:\windows\Temp\~os1DB7.tmp\ossproxy.exe:ossproxy.exe
"{D5B21F6F-3C98-4A72-8A66-96E18E142E36}"= UDP:c:\windows\Temp\~osEF96.tmp\ossproxy.exe:ossproxy.exe
"{C0B5FF40-EABC-4D06-90BB-D99F99B135DC}"= UDP:c:\windows\Temp\~os8FF9.tmp\ossproxy.exe:ossproxy.exe
"{75193D03-9388-4EB0-AC92-A7F291154CF8}"= UDP:c:\windows\Temp\~osD2C3.tmp\ossproxy.exe:ossproxy.exe
"{BFDA3C53-990B-40D5-A7D6-68F5EE6E1069}"= UDP:c:\windows\Temp\~os5B43.tmp\ossproxy.exe:ossproxy.exe
"{7FD5765F-04A4-42D4-9DA6-35C714C411BE}"= UDP:c:\windows\Temp\~osF486.tmp\ossproxy.exe:ossproxy.exe
"{CE6348E2-8264-4BD8-BB7D-446B06F754DC}"= UDP:c:\windows\Temp\~os9009.tmp\ossproxy.exe:ossproxy.exe
"{EEEC582A-D072-4C4F-BE5C-42D149436CCC}"= UDP:c:\windows\Temp\~os1EB1.tmp\ossproxy.exe:ossproxy.exe
"{27E4E2A7-D229-41AE-A547-ABF98FB9E874}"= UDP:c:\windows\Temp\~osCB06.tmp\ossproxy.exe:ossproxy.exe
"{2FF4B635-285C-4858-B946-BB4A940EFD8A}"= UDP:c:\windows\Temp\~osC59A.tmp\ossproxy.exe:ossproxy.exe
"{7623229B-F00C-44F2-A1DD-A5B5925DDC79}"= UDP:c:\windows\Temp\~os744F.tmp\ossproxy.exe:ossproxy.exe
"{8DA86D53-16E9-4FB0-8EA6-53AFAC58A6AB}"= UDP:c:\windows\Temp\~os9E1D.tmp\ossproxy.exe:ossproxy.exe
"{59650040-17E5-42AD-83B4-D3AF2818B079}"= UDP:c:\windows\Temp\~os6996.tmp\ossproxy.exe:ossproxy.exe
"{3912AB10-B295-42F5-BF1C-4E2C46D0370E}"= UDP:c:\windows\Temp\~os6957.tmp\ossproxy.exe:ossproxy.exe
"{5FCC4CDD-A2A8-4C16-BC79-2B97ADEF6AAE}"= UDP:c:\windows\Temp\~osEF78.tmp\ossproxy.exe:ossproxy.exe
"{00079E19-C57A-46FF-B2BA-3103E9D67E54}"= UDP:c:\windows\Temp\~os9B8E.tmp\ossproxy.exe:ossproxy.exe
"{C7A4D9BD-0C81-4C12-93FC-1CB98FD01296}"= UDP:c:\windows\Temp\~os1F0F.tmp\ossproxy.exe:ossproxy.exe
"{9EDCF86C-8E14-448B-80A8-760EDDD95D50}"= UDP:c:\windows\Temp\~osE76C.tmp\ossproxy.exe:ossproxy.exe
"{8A250BB7-2CB8-4337-AB0D-6082232A7AD6}"= UDP:c:\windows\Temp\~osA712.tmp\ossproxy.exe:ossproxy.exe
"{810A84E7-6A5D-4F5D-A362-BD61E98D087D}"= UDP:c:\windows\Temp\~os4322.tmp\ossproxy.exe:ossproxy.exe
"{DC3F70B5-B339-40A7-ADEC-C65A276D08E6}"= UDP:c:\windows\Temp\~osF1F7.tmp\ossproxy.exe:ossproxy.exe
"{AA1DDBC7-F352-4C01-82CA-A00221CF1DEF}"= UDP:c:\windows\Temp\~osA020.tmp\ossproxy.exe:ossproxy.exe
"{AAC13925-324D-411C-B075-144D1470CD30}"= UDP:c:\windows\Temp\~os4DFB.tmp\ossproxy.exe:ossproxy.exe
"{708C750B-6987-45D6-8535-DAC21CC4ADB0}"= UDP:c:\windows\Temp\~os1291.tmp\ossproxy.exe:ossproxy.exe
"{A99767E9-8A16-4835-B4E0-E34ACF280655}"= UDP:c:\windows\Temp\~osEEAD.tmp\ossproxy.exe:ossproxy.exe
"{3486E5CD-6A78-41C1-B07B-A7DA53D08675}"= UDP:c:\windows\Temp\~osA2BF.tmp\ossproxy.exe:ossproxy.exe
"{F3952E3A-CCAB-41FD-9333-530723637F32}"= UDP:c:\windows\Temp\~os34C1.tmp\ossproxy.exe:ossproxy.exe
"{9ABF4AB3-89DF-435E-9339-CCECE0CCDB20}"= UDP:c:\windows\Temp\~os12D0.tmp\ossproxy.exe:ossproxy.exe
"{A807F0D7-526D-4DEE-A552-0F0FD1FD19F8}"= UDP:c:\windows\Temp\~osD17C.tmp\ossproxy.exe:ossproxy.exe
"{2068A843-D5C1-4DFA-90AB-02B4211CE473}"= UDP:c:\windows\Temp\~os727C.tmp\ossproxy.exe:ossproxy.exe
"{44D2BA68-6DB6-4C1A-A784-0EDD39F68124}"= UDP:c:\windows\Temp\~os25E2.tmp\ossproxy.exe:ossproxy.exe
"{2CA928AB-B89B-4A3A-BAC7-29873EF38542}"= UDP:c:\windows\Temp\~os9C0B.tmp\ossproxy.exe:ossproxy.exe
"{61C2739A-7BD1-4F99-B754-520E54028054}"= UDP:c:\windows\Temp\~osFBB7.tmp\ossproxy.exe:ossproxy.exe
"{68BCA0FE-4860-4814-BD75-126C93FDA26E}"= UDP:c:\windows\Temp\~os3869.tmp\ossproxy.exe:ossproxy.exe
"{21EE187D-031F-4EDC-ADCF-0D2C8411E228}"= UDP:c:\windows\Temp\~osBB10.tmp\ossproxy.exe:ossproxy.exe
"{2F94DE27-7838-4B4F-9444-E0A7069CF3FC}"= UDP:c:\windows\Temp\~osAF7C.tmp\ossproxy.exe:ossproxy.exe
"{D874B035-115C-46C4-9F8A-D05C37270ABE}"= UDP:c:\windows\Temp\~os9D53.tmp\ossproxy.exe:ossproxy.exe
"{0563867E-5ABF-4682-9A38-52FE8A8F213B}"= UDP:c:\windows\Temp\~os9FE2.tmp\ossproxy.exe:ossproxy.exe
"{56C2C845-A771-4C87-8B2E-A8C908515CCE}"= UDP:c:\windows\Temp\~os9410.tmp\ossproxy.exe:ossproxy.exe
"{4F8930A9-D5D7-48FE-B8B6-A48B3FEF8B3B}"= UDP:c:\windows\Temp\~osDB4C.tmp\ossproxy.exe:ossproxy.exe
"{E38AF34D-1C11-4E97-82AC-0CADA4D655AB}"= UDP:c:\windows\Temp\~os922C.tmp\ossproxy.exe:ossproxy.exe
"{CB676165-A701-4591-BCED-5AE819A9BF72}"= UDP:c:\windows\Temp\~os2029.tmp\ossproxy.exe:ossproxy.exe
"{6ABF27CF-32E1-4B1B-8869-15F008C6E77C}"= UDP:c:\windows\Temp\~osDB7B.tmp\ossproxy.exe:ossproxy.exe
"{8564A1A9-9B04-4244-A2AB-E76B710AE3F8}"= UDP:c:\windows\Temp\~osA5CC.tmp\ossproxy.exe:ossproxy.exe
"{F509A486-5723-4D19-839F-CC15E42C7250}"= UDP:c:\windows\Temp\~os51B4.tmp\ossproxy.exe:ossproxy.exe
"{92255122-27B8-4077-A5E3-3E9A34FA2D5C}"= UDP:c:\windows\Temp\~os172.tmp\ossproxy.exe:ossproxy.exe
"{F79D0CF0-C68B-46B6-BBE2-7CF0E31F9E1F}"= UDP:c:\windows\Temp\~osB96B.tmp\ossproxy.exe:ossproxy.exe
"{32593EDC-FA23-438D-8931-2A7BA651F8A9}"= UDP:c:\windows\Temp\~os8C82.tmp\ossproxy.exe:ossproxy.exe
"{C02BA99F-5797-48CC-9FF5-22750CB81490}"= UDP:c:\windows\Temp\~os334B.tmp\ossproxy.exe:ossproxy.exe
"{A2DDE46E-C356-4C21-BA0F-2DA1AC95402B}"= UDP:c:\windows\Temp\~os1C04.tmp\ossproxy.exe:ossproxy.exe
"{D783F9F3-C8DD-4CB3-9B06-88C38DC338E9}"= UDP:c:\windows\Temp\~osD499.tmp\ossproxy.exe:ossproxy.exe
"{16DE04A9-E3D0-448D-8F0C-6AEEA8FF9E34}"= UDP:c:\windows\Temp\~osA3D9.tmp\ossproxy.exe:ossproxy.exe
"{87F17C9D-8E34-44F0-A0F6-5101B0342703}"= UDP:c:\windows\Temp\~os42A7.tmp\ossproxy.exe:ossproxy.exe
"{4B50BFC4-7AD1-4D09-9304-9E00D76DA187}"= UDP:c:\windows\Temp\~osDF72.tmp\ossproxy.exe:ossproxy.exe
"{CB312AAE-DCBA-4A77-89BA-C9226CFA5377}"= UDP:c:\windows\Temp\~osCE90.tmp\ossproxy.exe:ossproxy.exe
"{F1BCD7E5-54D2-4E60-B2AE-84B193C3BC2B}"= UDP:c:\windows\Temp\~osA14A.tmp\ossproxy.exe:ossproxy.exe
"{785BFA9D-E2DD-485C-B72E-B4EE8A379BD4}"= UDP:c:\windows\Temp\~os76B1.tmp\ossproxy.exe:ossproxy.exe
"{1E23C116-8AAE-41E2-9EBD-F814D08A870B}"= UDP:c:\windows\Temp\~os3F2.tmp\ossproxy.exe:ossproxy.exe
"{09D76D9A-4A47-47FD-BFCC-E027A35EEE42}"= UDP:c:\windows\Temp\~osAC72.tmp\ossproxy.exe:ossproxy.exe
"{ECE626F0-2956-4F38-B2C0-AF71A8CA4144}"= UDP:c:\windows\Temp\~os7CF8.tmp\ossproxy.exe:ossproxy.exe
"{3E912C06-28DE-40C8-8BA1-D228E5E3652C}"= UDP:c:\windows\Temp\~os2383.tmp\ossproxy.exe:ossproxy.exe
"{7B9D3635-A981-40AF-A0F4-29AFEB060B60}"= UDP:c:\windows\Temp\~osE829.tmp\ossproxy.exe:ossproxy.exe
"{D7881FC4-55A7-46F3-90D0-2C52E84C38FC}"= UDP:c:\windows\Temp\~osA050.tmp\ossproxy.exe:ossproxy.exe
"{03EB23C4-8B9E-4E18-8ED6-C9C8BAC9185C}"= UDP:c:\windows\Temp\~os5646.tmp\ossproxy.exe:ossproxy.exe
"{7123871B-AF1C-4DC4-BD18-D24578A19231}"= UDP:c:\windows\Temp\~os35CB.tmp\ossproxy.exe:ossproxy.exe
"{4AB49DC9-E91E-4510-8A6B-B564E0DBCC5A}"= UDP:c:\windows\Temp\~osC944.tmp\ossproxy.exe:ossproxy.exe
"{4EE0BD24-794A-4730-BCEC-6616471757A4}"= UDP:c:\windows\Temp\~os5C01.tmp\ossproxy.exe:ossproxy.exe
"{58804D49-7915-4FDF-800D-7B9D56698E18}"= UDP:c:\windows\Temp\~os638F.tmp\ossproxy.exe:ossproxy.exe
"{CECF3E0B-4C17-46DC-90B9-39D6C6BCC49C}"= UDP:c:\windows\Temp\~os3AFA.tmp\ossproxy.exe:ossproxy.exe
"{076E21AD-03E3-426F-82C7-F670E0C20CE2}"= UDP:c:\windows\Temp\~os1061.tmp\ossproxy.exe:ossproxy.exe
"{7715BA9A-1999-42D6-837E-9560038FDF8A}"= UDP:c:\windows\Temp\~osDED6.tmp\ossproxy.exe:ossproxy.exe
"{D49C7D36-9FBA-4C33-B04A-5C70FFB07369}"= UDP:c:\windows\Temp\~osA697.tmp\ossproxy.exe:ossproxy.exe
"{60D006CB-4483-4597-B776-9A4182BD1B6F}"= UDP:c:\windows\Temp\~os49F7.tmp\ossproxy.exe:ossproxy.exe
"{82A97FAC-14B5-4D5E-B831-2F432F0383D6}"= UDP:c:\windows\Temp\~os88DB.tmp\ossproxy.exe:ossproxy.exe
"{3598D97C-A0D6-403E-B467-800671C46EB0}"= UDP:c:\windows\Temp\~os72AC.tmp\ossproxy.exe:ossproxy.exe
"{455149AD-BCF8-45CF-90BD-CA84805C88F9}"= UDP:c:\windows\Temp\~osC139.tmp\ossproxy.exe:ossproxy.exe
"{8CD26D92-E88A-422A-9326-F33EAF3EC7BB}"= UDP:c:\windows\Temp\~os93B4.tmp\ossproxy.exe:ossproxy.exe
"{4D6196C7-AFA2-4B2A-9D69-54835E3A108F}"= UDP:c:\windows\Temp\~osBB50.tmp\ossproxy.exe:ossproxy.exe
"{9C831C1C-1220-491C-82AF-6DE031AB7D42}"= UDP:c:\windows\Temp\~osF8DC.tmp\ossproxy.exe:ossproxy.exe
"{75904086-A22B-41AE-970C-EC599383DD7C}"= UDP:c:\windows\Temp\~osC638.tmp\ossproxy.exe:ossproxy.exe
"{143ABC42-83A4-4619-B6DB-8BF9F586AA88}"= UDP:c:\windows\Temp\~os5167.tmp\ossproxy.exe:ossproxy.exe
"{970AF228-BB31-4CF1-8057-7FA10BF6AF81}"= UDP:c:\windows\Temp\~os491D.tmp\ossproxy.exe:ossproxy.exe
"{719A58B0-B79C-4D17-970D-99D8A904BB7E}"= UDP:c:\windows\Temp\~os2152.tmp\ossproxy.exe:ossproxy.exe
"{F5539CDA-6FAC-4315-A15D-D1CA39226E0D}"= UDP:c:\windows\Temp\~osC2FE.tmp\ossproxy.exe:ossproxy.exe
"{29E05A3D-DEC6-4FAF-B65A-42B828262B93}"= UDP:c:\windows\Temp\~osB892.tmp\ossproxy.exe:ossproxy.exe
"{1BD4EF85-C045-4ED2-BEED-29EAF852BA8E}"= UDP:c:\windows\Temp\~os96F.tmp\ossproxy.exe:ossproxy.exe
"{F96C3CD8-A6BC-4B55-B14B-213B58889D5F}"= UDP:c:\windows\Temp\~osB8FF.tmp\ossproxy.exe:ossproxy.exe
"{459E4F5B-935E-46F4-B6FE-32451658C471}"= UDP:c:\windows\Temp\~os2B13.tmp\ossproxy.exe:ossproxy.exe
"{CA4B0DD6-AAB1-4B4E-A0F0-2F70C10998EB}"= UDP:c:\windows\Temp\~osA79.tmp\ossproxy.exe:ossproxy.exe
"{76C8CDC8-C1FD-4953-BBC1-DC8AFFB9CEFA}"= UDP:c:\windows\Temp\~os1F31.tmp\ossproxy.exe:ossproxy.exe
"{602B0062-27E2-4E8E-89D1-94748B6D5F3A}"= UDP:c:\windows\Temp\~os58E6.tmp\ossproxy.exe:ossproxy.exe
"{AEAC93BF-4124-42EF-B311-0DCFB16A0D1F}"= UDP:c:\windows\Temp\~os82A5.tmp\ossproxy.exe:ossproxy.exe
"{07BD2660-9AB8-4212-9C69-A881B21813A9}"= UDP:c:\windows\Temp\~osCD1C.tmp\ossproxy.exe:ossproxy.exe
"{154B34EE-276A-4E5E-B7D0-3FADA07CCD23}"= UDP:c:\windows\Temp\~os67A6.tmp\ossproxy.exe:ossproxy.exe
"{F7DB2706-46C0-4DBA-BAC0-C1DF0E091A15}"= UDP:c:\windows\Temp\~os8FCE.tmp\ossproxy.exe:ossproxy.exe
"{802715E2-B56D-4F19-AF0C-E15955562D44}"= UDP:c:\windows\Temp\~os5FAA.tmp\ossproxy.exe:ossproxy.exe
"{9444020E-8E09-4EF3-913C-4B5FC036F51E}"= UDP:c:\windows\Temp\~osA9E3.tmp\ossproxy.exe:ossproxy.exe
"{F189F23E-A915-433A-8C0F-7654B0B32A71}"= UDP:c:\windows\Temp\~osBC2B.tmp\ossproxy.exe:ossproxy.exe
"{D87D6415-BD9F-425D-A445-52C325AD5197}"= UDP:c:\windows\Temp\~osA6B8.tmp\ossproxy.exe:ossproxy.exe
"{B56B7283-9DA3-40F0-A766-C3C2FA143CBD}"= UDP:c:\windows\Temp\~os59D1.tmp\ossproxy.exe:ossproxy.exe
"{BE8BBF29-2329-4DDB-A518-C8A921C106A2}"= UDP:c:\windows\Temp\~osF95A.tmp\ossproxy.exe:ossproxy.exe
"{8F2D8F05-F68A-4965-B81A-BE490D4DCFBF}"= UDP:c:\windows\Temp\~osFF43.tmp\ossproxy.exe:ossproxy.exe
"{93C982B7-B948-4C7E-B35A-3A8C042C5671}"= UDP:c:\windows\Temp\~os162D.tmp\ossproxy.exe:ossproxy.exe
"{CE24F4C9-33FA-4436-83FB-287E27BFAFBF}"= UDP:c:\windows\Temp\~osAEE3.tmp\ossproxy.exe:ossproxy.exe
"{4AD91DFD-9148-49D2-BB0D-A8018690E2D8}"= UDP:c:\windows\Temp\~osAD7C.tmp\ossproxy.exe:ossproxy.exe
"{635189F6-407F-4616-A931-50C8347BB99C}"= UDP:c:\windows\Temp\~os6269.tmp\ossproxy.exe:ossproxy.exe
"{97B862D0-AE86-4645-BE44-BBECE7BD70C4}"= UDP:c:\windows\Temp\~osF027.tmp\ossproxy.exe:ossproxy.exe
"{92C199F5-2B46-47C2-AA85-3CE5ED95F12F}"= UDP:c:\windows\Temp\~os8B.tmp\ossproxy.exe:ossproxy.exe
"{9E4E20C9-2D8D-4418-BD4F-5450FE6A34E9}"= UDP:c:\windows\Temp\~osC512.tmp\ossproxy.exe:ossproxy.exe
"{5D163FA9-322B-4A35-ADB8-03B40111AC7B}"= UDP:c:\windows\Temp\~osB1C0.tmp\ossproxy.exe:ossproxy.exe
"{1FC9B40F-4CC0-4A03-85C0-A054CBB8FCD7}"= UDP:c:\windows\Temp\~os691D.tmp\ossproxy.exe:ossproxy.exe
"{66B240AB-E967-4BAB-A88E-303026423103}"= UDP:c:\windows\Temp\~os5EF0.tmp\ossproxy.exe:ossproxy.exe
"{103E4F6A-7F67-4B9A-8827-E34436A16F76}"= UDP:c:\windows\Temp\~os7859.tmp\ossproxy.exe:ossproxy.exe
"{05F1755C-70EF-4AEA-A886-B57DD3CB0836}"= UDP:c:\windows\Temp\~os2E11.tmp\ossproxy.exe:ossproxy.exe

aybsee
Intermediate
Intermediate

Posts Posts : 102
Joined Joined : 2008-12-19
OS OS : wnidows vista home premium
Points Points : 29512
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Trojan

Post by aybsee on 9th July 2009, 4:52 am

part 23

"{3D31F797-4111-4952-BC42-C26F845D491F}"= UDP:c:\windows\Temp\~osEE15.tmp\ossproxy.exe:ossproxy.exe
"{432A92BA-87CC-41E4-AC3C-BA6649C299E4}"= UDP:c:\windows\Temp\~os9D47.tmp\ossproxy.exe:ossproxy.exe
"{5565F4A0-3977-4592-89F6-9A68A2642DF2}"= UDP:c:\windows\Temp\~os4D34.tmp\ossproxy.exe:ossproxy.exe
"{60C6D259-DDD8-4825-9D3E-B7CB7CB815BD}"= UDP:c:\windows\Temp\~os12B4.tmp\ossproxy.exe:ossproxy.exe
"{6AF82702-26E2-46FC-A3EC-B3AACC133CD7}"= UDP:c:\windows\Temp\~osF0F2.tmp\ossproxy.exe:ossproxy.exe
"{73043FAD-8851-4847-8F3A-9A08CFC1A7FD}"= UDP:c:\windows\Temp\~osC495.tmp\ossproxy.exe:ossproxy.exe
"{4D469390-B101-49D9-A288-4FBCF373C8AA}"= UDP:c:\windows\Temp\~os61CD.tmp\ossproxy.exe:ossproxy.exe
"{D32A3320-79DC-4641-BFC9-71587C624E7D}"= UDP:c:\windows\Temp\~osE7CE.tmp\ossproxy.exe:ossproxy.exe
"{D85EB3CE-7A54-4EEF-A850-0A3B06F008E9}"= UDP:c:\windows\Temp\~osCA31.tmp\ossproxy.exe:ossproxy.exe
"{84CDC577-6C7B-42FE-9FF0-79FFB792AD16}"= UDP:c:\windows\Temp\~os89B8.tmp\ossproxy.exe:ossproxy.exe
"{17ABC7EA-7636-4523-A93E-3B829AF87AE8}"= UDP:c:\windows\Temp\~os7A0E.tmp\ossproxy.exe:ossproxy.exe
"{3036948E-0E40-440B-8CFE-842D8D3EE7D6}"= UDP:c:\windows\Temp\~os6D42.tmp\ossproxy.exe:ossproxy.exe
"{6EDE3804-F86C-4104-A50C-A9317D2CD914}"= UDP:c:\windows\Temp\~os360D.tmp\ossproxy.exe:ossproxy.exe
"{2C0D5752-23BE-4FAC-A057-8497F557C58D}"= UDP:c:\windows\Temp\~os186F.tmp\ossproxy.exe:ossproxy.exe
"{74CF7B26-A7B0-4DC5-BB7A-A15D3F095F3D}"= UDP:c:\windows\Temp\~os160F.tmp\ossproxy.exe:ossproxy.exe
"{11E0532F-3677-4507-9CE2-4530D6A22ABA}"= UDP:c:\windows\Temp\~osB386.tmp\ossproxy.exe:ossproxy.exe
"{D001124D-530F-43E7-BB4F-C3C4A7D83D94}"= UDP:c:\windows\Temp\~osDECA.tmp\ossproxy.exe:ossproxy.exe
"{5C9AFFAD-C9BD-4F69-8E06-948FD517827D}"= UDP:c:\windows\Temp\~osEABB.tmp\ossproxy.exe:ossproxy.exe
"{540D9CEF-4EC5-4860-81F2-D61E53DA57D4}"= UDP:c:\windows\Temp\~osBA59.tmp\ossproxy.exe:ossproxy.exe
"{17102275-8C0C-498C-9204-96420E706042}"= UDP:c:\windows\Temp\~osA978.tmp\ossproxy.exe:ossproxy.exe
"{86CAEBDE-C1D5-41A0-824E-4CF4565A5F93}"= UDP:c:\windows\Temp\~osD317.tmp\ossproxy.exe:ossproxy.exe
"{C40EB048-CA9E-448B-A491-BF097DA99EA4}"= UDP:c:\windows\Temp\~osD42F.tmp\ossproxy.exe:ossproxy.exe
"{37E803C6-1330-45B0-88CA-393DC049986A}"= UDP:c:\windows\Temp\~os1A5.tmp\ossproxy.exe:ossproxy.exe
"{FDD0C764-6271-46B8-B268-83D4AF1A6CDE}"= UDP:c:\windows\Temp\~os1322.tmp\ossproxy.exe:ossproxy.exe
"{C4876E9F-D794-40AD-9FD1-89CBCECFD270}"= UDP:c:\windows\Temp\~osF2F6.tmp\ossproxy.exe:ossproxy.exe
"{0753C259-AAED-4849-9150-1AC002228A88}"= UDP:c:\windows\Temp\~osF4CA.tmp\ossproxy.exe:ossproxy.exe
"{8407C888-0337-4F91-A42B-F808EF7F50AB}"= UDP:c:\windows\Temp\~os8FB1.tmp\ossproxy.exe:ossproxy.exe
"{6AEFE81D-A34B-4822-89FB-AE97D5730C43}"= UDP:c:\windows\Temp\~os9B26.tmp\ossproxy.exe:ossproxy.exe
"{B21C8A00-497F-496A-84CF-217AA0D4D8F3}"= UDP:c:\windows\Temp\~osC918.tmp\ossproxy.exe:ossproxy.exe
"{F5A19CC2-BE3C-462D-954B-2D75B0B7979E}"= UDP:c:\windows\Temp\~osF392.tmp\ossproxy.exe:ossproxy.exe
"{1A382EA8-02F4-4640-86D4-8ED695678502}"= UDP:c:\windows\Temp\~os1313.tmp\ossproxy.exe:ossproxy.exe
"{10778804-7DE9-43EB-9CDC-F249B684F574}"= UDP:c:\windows\Temp\~osDA67.tmp\ossproxy.exe:ossproxy.exe
"{B76516A9-C7B7-47A1-A480-05DFF381341C}"= UDP:c:\windows\Temp\~osFF84.tmp\ossproxy.exe:ossproxy.exe
"{FF82930C-553F-4977-B46B-492CFEB68EB8}"= UDP:c:\windows\Temp\~os2452.tmp\ossproxy.exe:ossproxy.exe
"{7CBAA0EF-47E9-4759-9897-CA7792BC5F21}"= UDP:c:\windows\Temp\~osE07F.tmp\ossproxy.exe:ossproxy.exe
"{3D89C430-63B3-45E2-8C91-60F746146919}"= UDP:c:\windows\Temp\~os11CC.tmp\ossproxy.exe:ossproxy.exe
"{9E39EBD5-72A5-436A-AA02-37463ADE125A}"= UDP:c:\windows\Temp\~os1BCA.tmp\ossproxy.exe:ossproxy.exe
"{B0220145-7830-48C8-B5AF-B3C9ACD26D84}"= UDP:c:\windows\Temp\~osD6BF.tmp\ossproxy.exe:ossproxy.exe
"{E7BF5879-1408-4F5A-92B5-48C10A2C29BD}"= UDP:c:\windows\Temp\~os915.tmp\ossproxy.exe:ossproxy.exe
"{97AAA88F-5CA4-4EFD-8EB8-AB262F76C747}"= UDP:c:\windows\Temp\~os464.tmp\ossproxy.exe:ossproxy.exe
"{A26AE8A8-22DA-4E92-8F93-FE1D06E786AD}"= UDP:c:\windows\Temp\~osE753.tmp\ossproxy.exe:ossproxy.exe
"{F2D035B5-FB77-486C-8F27-583E3A6E0023}"= UDP:c:\windows\Temp\~osB01D.tmp\ossproxy.exe:ossproxy.exe
"{CAD03E7E-9E03-477F-901C-3B91EE0D47F1}"= UDP:c:\windows\Temp\~os99C0.tmp\ossproxy.exe:ossproxy.exe
"{D46E0E40-BA9C-4ACD-90CB-C509F837FBA6}"= UDP:c:\windows\Temp\~osA17D.tmp\ossproxy.exe:ossproxy.exe
"{176E2884-5BDA-45DA-B96D-09348A395E02}"= UDP:c:\windows\Temp\~os69F9.tmp\ossproxy.exe:ossproxy.exe
"{E6A24E81-201C-4A83-9AD6-C32038024763}"= UDP:c:\windows\Temp\~os7B29.tmp\ossproxy.exe:ossproxy.exe
"{ABA88EDB-478A-408D-8550-269199E0E113}"= UDP:c:\windows\Temp\~os7935.tmp\ossproxy.exe:ossproxy.exe
"{2669F083-F1A2-40F7-8607-3908B377D376}"= UDP:c:\windows\Temp\~os8B6E.tmp\ossproxy.exe:ossproxy.exe
"TCP Query User{2F71B2B6-E0AD-4567-B4A4-4017A1047D85}c:\\program files\\roxio creator 2009\\audiocore\\rxaudioconvert11.exe"= UDP:c:\program files\roxio creator 2009\audiocore\rxaudioconvert11.exe:Roxio Audio Converter
"UDP Query User{AB8CC344-E80B-4D0F-839E-4857E1E5B0C0}c:\\program files\\roxio creator 2009\\audiocore\\rxaudioconvert11.exe"= TCP:c:\program files\roxio creator 2009\audiocore\rxaudioconvert11.exe:Roxio Audio Converter
"TCP Query User{EC1CBDB9-B222-48CB-8B40-BCE3EF788DBA}c:\\program files\\real alternative\\media player classic\\mplayerc.exe"= UDP:c:\program files\real alternative\media player classic\mplayerc.exe:Media Player Classic
"UDP Query User{4456ED6B-D4C9-4AA8-8234-657A885B3025}c:\\program files\\real alternative\\media player classic\\mplayerc.exe"= TCP:c:\program files\real alternative\media player classic\mplayerc.exe:Media Player Classic
"TCP Query User{F6FC7195-4743-4890-BB92-C3A1967CA37A}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule
"UDP Query User{3C5330E1-9D2E-42B7-A1F9-D09436F2AD75}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule
"TCP Query User{5AB55C57-35F8-4824-A574-EEC62F132AF9}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:µTorrent
"UDP Query User{D568868A-4A44-4633-80D6-CA5AB8377481}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:µTorrent
"{718EAD58-AF40-4874-A333-78C236C9F656}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync
"{29B06935-4637-41A0-815B-8A13ABDD3497}"= UDP:c:\program files\7-Zip\7zFM.exe:7-Zip File Manager
"{78AAB40F-9CBD-454A-992C-175B71F62D1B}"= TCP:c:\program files\7-Zip\7zFM.exe:7-Zip File Manager
"TCP Query User{22ABD74D-D031-4705-B2BB-65928690C6F5}c:\\program files\\gnutella turbo\\gnutella turbo.exe"= Disabled:UDP:c:\program files\gnutella turbo\gnutella turbo.exe:Gnutella Turbo
"UDP Query User{A0102799-6747-4D99-B726-11059455C9C3}c:\\program files\\gnutella turbo\\gnutella turbo.exe"= Disabled:TCP:c:\program files\gnutella turbo\gnutella turbo.exe:Gnutella Turbo
"{5261569F-6FE5-4B0A-883E-E96E1EC88921}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{4A6B7676-E83D-4CBF-BBE1-07C20E834324}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"TCP Query User{7200439A-D87F-4F1E-88CD-C2433D1F4030}c:\\program files\\readon technology\\readon tv movie radio player 5.5.0.0\\internettv.exe"= UDP:c:\program files\readon technology\readon tv movie radio player 5.5.0.0\internettv.exe:Readon TV Movie Radio Player
"UDP Query User{A72394F4-7185-4D77-8D6E-B9927DB00CB2}c:\\program files\\readon technology\\readon tv movie radio player 5.5.0.0\\internettv.exe"= TCP:c:\program files\readon technology\readon tv movie radio player 5.5.0.0\internettv.exe:Readon TV Movie Radio Player
"TCP Query User{375D88B0-FC00-46D0-8D86-C1D79A2225FD}c:\\program files\\readon technology\\readon tv movie radio player 5.5.5.0\\internettv.exe"= UDP:c:\program files\readon technology\readon tv movie radio player 5.5.5.0\internettv.exe:Readon TV Movie Radio Player
"UDP Query User{04D71998-EC0B-4266-8891-1CB46C79D792}c:\\program files\\readon technology\\readon tv movie radio player 5.5.5.0\\internettv.exe"= TCP:c:\program files\readon technology\readon tv movie radio player 5.5.5.0\internettv.exe:Readon TV Movie Radio Player
"{8971E39A-7E68-4EAE-8F89-977D1B1A2971}"= UDP:c:\users\aybsee\AppData\Local\temp\7zS3F58.tmp\SymNRT.exe:Norton Removal Tool
"{F4439C3A-D7A8-4EF3-B780-927809907782}"= TCP:c:\users\aybsee\AppData\Local\temp\7zS3F58.tmp\SymNRT.exe:Norton Removal Tool

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R1 c2scsi;c2scsi;c:\windows\System32\drivers\C2SCSI.SYS [11/08/2008 12:03 254320]
R1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\Symantec\Definitions\SymcData\ipsdefs\20090707.001\IDSvix86.sys [07/07/2009 18:14 272432]
R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe -k netsvcs [21/01/2008 03:23 21504]
R2 LiveUpdate Notice;LiveUpdate Notice;c:\program files\Common Files\Symantec Shared\ccSvcHst.exe [18/02/2008 20:37 149352]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [01/07/2009 16:54 101936]
R3 MBAMProtector;MBAMProtector;c:\windows\System32\drivers\mbam.sys [30/06/2009 12:41 19096]
R3 netr73;USB Wireless 802.11 b/g Adaptor Driver for Vista;c:\windows\System32\drivers\netr73.sys [21/10/2008 05:00 497152]
R3 ST330;ST330;c:\windows\System32\drivers\st330.sys [22/01/2009 13:10 30464]
R3 STBUS;STBUS;c:\windows\System32\drivers\stbus.sys [22/01/2009 13:10 12672]
R3 stppp;Speedtouch PPP Adapter Adapter;c:\windows\System32\drivers\stppp.sys [22/01/2009 13:10 35328]
R3 SYMNDISV;SYMNDISV;c:\windows\System32\drivers\symndisv.sys [19/02/2009 13:31 41008]
S2 gupdate1c98b96f0dcc87;Google Update Service (gupdate1c98b96f0dcc87);c:\program files\Google\Update\GoogleUpdate.exe [10/02/2009 16:41 133104]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [30/06/2009 12:41 195856]
S2 Roxio Upnp Server 11;Roxio Upnp Server 11;c:\program files\Roxio Creator 2009\Digital Home 11\RoxioUpnpService11.exe [14/08/2008 01:25 367088]
S2 RoxLiveShare11;LiveShare P2P Server 11;c:\program files\Common Files\Roxio Shared\11.0\SharedCOM\RoxLiveShare11.exe [14/08/2008 01:24 309744]
S2 RoxWatch11;Roxio Hard Drive Watcher 11;c:\program files\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatch11.exe [14/08/2008 01:24 170480]
S3 COH_Mon;COH_Mon;c:\windows\System32\drivers\COH_Mon.sys [13/01/2008 03:32 23888]
S3 PCD5SRVC{BD6912E3-AC9D80E8-05040000};PCD5SRVC{BD6912E3-AC9D80E8-05040000} - PCDR Kernel Mode Service Helper Driver;c:\progra~1\PC-DOC~1\PCD5SRVC.pkms [22/05/2008 20:20 20640]
S3 Roxio UPnP Renderer 11;Roxio UPnP Renderer 11;c:\program files\Roxio Creator 2009\Digital Home 11\RoxioUPnPRenderer11.exe [14/08/2008 01:25 313840]
S3 RoxMediaDB11;RoxMediaDB11;c:\program files\Common Files\Roxio Shared\11.0\SharedCOM\RoxMediaDB11.exe [14/08/2008 01:23 1124848]
S4 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [16/02/2009 22:49 1153368]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - COMHOST

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Common Files\LightScribe\LSRunOnce.exe"
.
Contents of the 'Scheduled Tasks' folder

2009-07-09 c:\windows\Tasks\AWC Startup.job
- c:\program files\IObit\Advanced SystemCare 3\AWC.exe [2009-05-12 20:22]

2009-07-09 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-22 14:37]

2009-07-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-10 15:41]

2009-07-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-10 15:41]

2009-07-09 c:\windows\Tasks\Malwarebytes' Scheduled Scan for aybsee.job
- c:\program files\Malwarebytes' Anti-Malware\mbam.exe [2009-06-30 10:27]

2009-07-09 c:\windows\Tasks\Malwarebytes' Scheduled Update for aybsee.job
- c:\program files\Malwarebytes' Anti-Malware\mbam.exe [2009-06-30 10:27]

2009-07-09 c:\windows\Tasks\User_Feed_Synchronization-{0CEEB377-AB13-4DF2-8DDA-DD47DF65C0E6}.job
- c:\windows\system32\msfeedssync.exe [2008-01-21 02:24]
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
mStart Page = [You must be registered and logged in to see this link.]
IE: Download with &Shareaza - c:\program files\Gnutella Turbo\Plugins\RazaWebHook.dll/3000
TCP: {990D65D1-2159-41E8-B150-CBC833F36E3A} = 212.139.132.11 212.139.132.10
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2009-07-09 05:01
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PCD5SRVC{BD6912E3-AC9D80E8-05040000}]
"ImagePath"="\??\c:\progra~1\PC-DOC~1\PCD5SRVC.pkms"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\st330service]
"ImagePath"="C:\Program Files/Thomson/ST330/service/st330service.exe -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.HTM"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.HTM"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.MHT"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.MHT"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.url\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.URL"
.
Completion time: 2009-07-09 5:03
ComboFix-quarantined-files.txt 2009-07-09 04:03
ComboFix2.txt 2009-07-09 03:46
ComboFix3.txt 2009-07-08 20:27
ComboFix4.txt 2009-06-18 12:18

Pre-Run: 116,244,815,872 bytes free
Post-Run: 116,224,315,392 bytes free

2710 --- E O F --- 2009-06-29 21:05

aybsee
Intermediate
Intermediate

Posts Posts : 102
Joined Joined : 2008-12-19
OS OS : wnidows vista home premium
Points Points : 29512
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Trojan

Post by Belahzur on 9th July 2009, 2:00 pm

Hello.
I want to get an uninstall list.

  • Open HijackThis.
  • When Hijack This opens, click "Open the Misc Tools section"
  • Then select "Open Uninstall Manager"
  • Click on "Save List..." (generates uninstall_list.txt)
  • Click Save, copy and paste the results in your next post.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245121
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Trojan

Post by aybsee on 9th July 2009, 5:23 pm

Thanks, heres that log


32 Bit HP CIO Components Installer
7-Zip 4.65
Adobe AIR
Adobe AIR
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Default Language CS3
Adobe Device Central CS3
Adobe ExtendScript Toolkit 2
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Photoshop CS3
Adobe Reader 9.1.2
Adobe Setup
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
Advanced SystemCare 3
Allok 3GP PSP MP4 iPod Video Converter 5.1.1223
Any Video Converter 2.7.0
AppCore
Apple Mobile Device Support
Apple Software Update
AudioLabel
Backup
Bonjour
ccCommon
CCleaner (remove only)
Choice Guard
Compatibility Pack for the 2007 Office system
ConvertXtoDVD 3.6.2.153
Date Cracker 2000
dBpoweramp DSP Effects
dBpoweramp Music Converter
dBpoweramp Shorten Codec
DirectX 9 Runtime
EMC 11 Content
Enhanced Multimedia Keyboard Solution
Free&Easy Font Viewer 2.0
Froddle Pod
GearDrvs
GearDrvs
GOM Player
Google Earth
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Google Update Helper
Google Updater
Hardware Diagnostic Tools
Hewlett-Packard Active Check for Health Check
Hewlett-Packard Asset Agent for Health Check
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Active Support Library
HP Customer Experience Enhancements
HP Customer Feedback
HP Customer Participation Program 10.0
HP Demo
HP Easy Setup - Frontend
HP Imaging Device Functions 10.0
HP On-Screen Cap/Num/Scroll Lock Indicator
HP Photosmart All-In-One Driver Software 10.0 Rel .2
HP Photosmart Essential
HP Photosmart Essential 2.5
HP Photosmart.All-In-One Driver Software 8.0 .A
HP Picasso Media Center Add-In
HP Recovery Manager RSS
HP Smart Web Printing
HP Solution Center 10.0
HP Total Care Advisor
HP Update
ImgBurn
iTunes
Java(TM) 6 Update 14
K-Lite Mega Codec Pack 4.7.5
LabelPrint
LightScribe System Software 1.14.25.1
LiveUpdate (Symantec Corporation)
LiveUpdate (Symantec Corporation)
Malwarebytes' Anti-Malware
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual J# 2.0 Redistributable Package
Microsoft Works
MobileMe Control Panel
MP3 Cutter Plus 1.0
MSVCRT
MSXML 4.0 SP2 (KB954430)
muvee autoProducer 6.1
My HP Games
Norton 360
Norton 360
Norton 360
Norton 360
Norton 360 (Symantec Corporation)
Norton 360 HTMLHelp
Norton Confidential Core
NVIDIA Drivers
OCR Software by I.R.I.S. 10.0
OpenOffice.org 3.1
Opera 9.64
P2PFilter 3.0.5
PDF Settings
PhotoScape
Power2Go
PowerDVD
PowerISO
Python 2.5.2
QuickTime
Readon TV Movie Radio Player 5.5.0.0
Readon TV Movie Radio Player 5.5.5.0
Real Alternative 1.9.0
Realtek High Definition Audio Driver
Revo Uninstaller 1.83
Roxio Activation Module
Roxio BackOnTrack
Roxio CinePlayer
Roxio CinePlayer Decoder Pack
Roxio Creator 2009
Roxio Creator 2009
Roxio Creator 2009
Roxio File Backup
Roxio Update Manager
Search Settings 1.2
Shop for HP Supplies
SmartSound Quicktracks Plugin
SoulSeek 157 NS 13c
SPBBC 32bit
SpeedTouch 330
Spybot - Search & Destroy
SpywareBlaster 4.2
Switch Sound File Converter
Symantec Real Time Storage Protection Component
Symantec Technical Support Controls
TagScanner 5.0 build 531
Uniblue DriverScanner 2009
Uniblue DriverScanner 2009
Uniblue RegistryBooster 2009
Uniblue RegistryBooster 2009
Uniblue SpeedUpMyPC 2009
Uniblue SpeedUpMyPC 2009
Vector Magic
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VLC media player 0.9.9
Winamp
Windows Installer Clean Up
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Movie Maker Beta
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
WinRAR archiver
XdN Tweaker 0.9.1.6
XviD MPEG-4 Codec
Yahoo! Toolbar

aybsee
Intermediate
Intermediate

Posts Posts : 102
Joined Joined : 2008-12-19
OS OS : wnidows vista home premium
Points Points : 29512
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Trojan

Post by Belahzur on 9th July 2009, 7:12 pm

Hello.

Please download the [You must be registered and logged in to see this link.].

  • Save it to your desktop.
  • Please double-click OTM.exe to run it.
  • Copy the bolded text below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose CopyCrying


    :files
    c:\program files\ooaqmbwb.txt
    c:\users\aybsee\AppData\Roaming\Microsoft\qwadjb.dll
    c:\users\aybsee\AppData\Roaming\Microsoft\bass.dll
    c:\users\aybsee\AppData\Roaming\Microsoft\1eaadjc.dll
    c:\users\aybsee\AppData\Roaming\Microsoft\rsaadjd.dll
    c:\users\aybsee\AppData\Roaming\Microsoft\kfgresk.dll
    c:\users\aybsee\AppData\Roaming\Microsoft\mjcriu.dll
    c:\users\aybsee\AppData\Roaming\Microsoft\peaadje.dll
    c:\windows\system32\drivers\cknzucu.sys


  • Return to OTMoveIt, right click in the "Paste instructions for items to be Moved" window (under the light blue bar) and choose Paste.
  • Click the red Moveit! button.
  • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTMoveIt
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

Please post the OTMoveIt log.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245121
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Trojan

Post by aybsee on 9th July 2009, 8:00 pm

here is that log

========== FILES ==========
File move failed. c:\program files\ooaqmbwb.txt scheduled to be moved on reboot.
LoadLibrary failed for c:\users\aybsee\AppData\Roaming\Microsoft\qwadjb.dll
c:\users\aybsee\AppData\Roaming\Microsoft\qwadjb.dll NOT unregistered.
c:\users\aybsee\AppData\Roaming\Microsoft\qwadjb.dll moved successfully.
LoadLibrary failed for c:\users\aybsee\AppData\Roaming\Microsoft\bass.dll
c:\users\aybsee\AppData\Roaming\Microsoft\bass.dll NOT unregistered.
c:\users\aybsee\AppData\Roaming\Microsoft\bass.dll moved successfully.
LoadLibrary failed for c:\users\aybsee\AppData\Roaming\Microsoft\1eaadjc.dll
c:\users\aybsee\AppData\Roaming\Microsoft\1eaadjc.dll NOT unregistered.
c:\users\aybsee\AppData\Roaming\Microsoft\1eaadjc.dll moved successfully.
LoadLibrary failed for c:\users\aybsee\AppData\Roaming\Microsoft\rsaadjd.dll
c:\users\aybsee\AppData\Roaming\Microsoft\rsaadjd.dll NOT unregistered.
c:\users\aybsee\AppData\Roaming\Microsoft\rsaadjd.dll moved successfully.
LoadLibrary failed for c:\users\aybsee\AppData\Roaming\Microsoft\kfgresk.dll
c:\users\aybsee\AppData\Roaming\Microsoft\kfgresk.dll NOT unregistered.
c:\users\aybsee\AppData\Roaming\Microsoft\kfgresk.dll moved successfully.
LoadLibrary failed for c:\users\aybsee\AppData\Roaming\Microsoft\mjcriu.dll
c:\users\aybsee\AppData\Roaming\Microsoft\mjcriu.dll NOT unregistered.
c:\users\aybsee\AppData\Roaming\Microsoft\mjcriu.dll moved successfully.
LoadLibrary failed for c:\users\aybsee\AppData\Roaming\Microsoft\peaadje.dll
c:\users\aybsee\AppData\Roaming\Microsoft\peaadje.dll NOT unregistered.
c:\users\aybsee\AppData\Roaming\Microsoft\peaadje.dll moved successfully.
File/Folder c:\windows\system32\drivers\cknzucu.sys not found.

OTM by OldTimer - Version 3.0.0.4 log created on 07092009_205337

Files moved on Reboot...
File move failed. c:\program files\ooaqmbwb.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...


thanks

aybsee
Intermediate
Intermediate

Posts Posts : 102
Joined Joined : 2008-12-19
OS OS : wnidows vista home premium
Points Points : 29512
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Trojan

Post by Belahzur on 9th July 2009, 8:16 pm

I'm curious as to why a text file can't be moved.
Can you manually delete this file?
c:\program files\ooaqmbwb.txt


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245121
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Trojan

Post by aybsee on 10th July 2009, 6:43 am

thanks,I have now manually deleted that file

aybsee
Intermediate
Intermediate

Posts Posts : 102
Joined Joined : 2008-12-19
OS OS : wnidows vista home premium
Points Points : 29512
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Trojan

Post by Belahzur on 10th July 2009, 12:46 pm

This looks fine now. Smile


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245121
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Trojan

Post by aybsee on 10th July 2009, 1:10 pm

The problem still remains unfortunately.Any further help would be really appreciated as i am still manually closing IE every 2-3 minutes.

aybsee
Intermediate
Intermediate

Posts Posts : 102
Joined Joined : 2008-12-19
OS OS : wnidows vista home premium
Points Points : 29512
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Trojan

Post by Belahzur on 10th July 2009, 2:03 pm

Hello.

Delete these two folders:

c:\programdata\DriverScanner
c:\program files\DriverScanner

Let me know if it keeps happening.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245121
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Trojan

Post by aybsee on 10th July 2009, 3:17 pm

Thank you, that appears to have fixed it. IE has stopped continually opening at last! thank you again.

aybsee
Intermediate
Intermediate

Posts Posts : 102
Joined Joined : 2008-12-19
OS OS : wnidows vista home premium
Points Points : 29512
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Trojan

Post by Belahzur on 10th July 2009, 3:26 pm

Heh.
DriveScanner is a rogue product. I saw it earlier, but no run value for it, so it was essentially dead, but obviously not.

Glad I could help. Smile


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245121
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Trojan

Post by aybsee on 11th July 2009, 7:37 am

Hi,When i started up the pc this morning the problem returned .It appeared to have been solved yesterday as i had no more instances of it over several hours,but unfortunately its back.Any further help would really be apppreciated.

aybsee
Intermediate
Intermediate

Posts Posts : 102
Joined Joined : 2008-12-19
OS OS : wnidows vista home premium
Points Points : 29512
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Trojan

Post by Belahzur on 11th July 2009, 4:32 pm

See if them two folders came back again. If so, something regenerated them.

Let me know.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245121
# Likes # Likes : 1

View user profile

Back to top Go down

Page 1 of 2 1, 2  Next

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum