|
-
August 12th, 2010, 05:53 PM
#16
ComboFix 10-08-12.02 - Paul 12/08/2010 18:47:14.10.2 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1014.526 [GMT -2.5:30]
Running from: c:\documents and settings\Paul\My Documents\Downloads\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100812-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\docume~1\Paul\LOCALS~1\Temp\jna7693632927727710563.dll
c:\documents and settings\Paul\Local Settings\temp\jna7693632927727710563.dll
.
---- Previous Run -------
.
c:\docume~1\Paul\LOCALS~1\Temp\jna2096167780467187785.dll
c:\documents and settings\Paul\Local Settings\temp\jna2096167780467187785.dll
.
((((((((((((((((((((((((( Files Created from 2010-07-12 to 2010-08-12 )))))))))))))))))))))))))))))))
.
2010-08-10 00:23 . 2010-08-10 00:33 -------- d-----w- C:\wCFix4728w
2010-08-09 23:03 . 2010-08-09 23:08 -------- d-----w- C:\wCFix19870w
2010-08-04 22:45 . 2010-08-05 02:21 -------- d-----w- C:\wCFix
2010-08-04 01:05 . 2010-08-04 01:17 -------- d-----w- C:\wCFix14503w
2010-08-02 00:13 . 2010-08-02 00:13 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-08-02 00:13 . 2010-08-02 00:13 -------- d-----w- c:\documents and settings\Administrator.MICHELLE\Local Settings\Application Data\Google
2010-08-02 00:07 . 2010-08-02 00:07 -------- d-----w- c:\documents and settings\Administrator.MICHELLE\Local Settings\Application Data\Mozilla
2010-08-01 15:32 . 2010-08-01 15:32 -------- d-----w- c:\documents and settings\Administrator.MICHELLE\Application Data\Malwarebytes
2010-07-31 08:43 . 2010-07-31 08:43 -------- d-----w- c:\windows\TI8VLB1XSI84TI84
2010-07-31 08:37 . 2010-07-31 08:37 -------- d-----w- c:\windows\CORGK2OZAZALALWL
2010-07-15 18:20 . 2010-07-18 16:33 -------- d-----w- c:\program files\Common Files\Doblon
2010-07-15 18:20 . 2010-07-15 23:24 -------- d-----w- c:\program files\Common Files\cdrdao
2010-07-15 18:20 . 2010-01-14 15:07 31744 ----a-w- c:\windows\system32\WnASPI32.dll
2010-07-15 18:20 . 2010-07-18 16:30 -------- d-----w- c:\program files\Doblon
2010-07-15 18:11 . 2010-07-15 18:12 -------- d-----w- C:\MAGICDVDCOPY_TEMP
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-12 21:29 . 2007-06-14 02:57 -------- d-----w- c:\documents and settings\Paul\Application Data\LimeWire
2010-07-21 22:21 . 2007-07-10 02:57 23094 ----a-w- c:\documents and settings\Paul\Application Data\wklnhst.dat
2010-07-19 21:28 . 2006-10-03 19:51 -------- d-----w- c:\program files\Dl_cats
2010-07-18 20:06 . 2008-10-28 14:24 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\NOS
2010-07-18 18:11 . 2008-03-14 20:23 -------- d-----w- c:\documents and settings\Paul\Application Data\BitTorrent
2010-07-15 18:11 . 2010-06-03 13:14 -------- d-----w- c:\program files\MagicDVDCopier
2010-07-15 18:10 . 2007-11-28 01:59 -------- d-----w- c:\documents and settings\Paul\Application Data\Vso
2010-06-25 22:32 . 2010-06-25 22:32 -------- d-----w- c:\documents and settings\Paul\Application Data\Home Sweet Home 2
2010-06-24 11:38 . 2007-06-12 22:53 43640 ----a-w- c:\documents and settings\Paul\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-06-24 02:04 . 2007-03-15 21:38 -------- d-----w- c:\program files\Messenger Plus! Live
2010-06-20 19:29 . 2010-06-20 19:29 -------- d-----w- c:\documents and settings\Paul\Application Data\PlayFirst
2010-06-20 19:29 . 2007-10-01 21:12 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\PlayFirst
2010-06-14 01:54 . 2006-10-03 18:47 -------- d-----w- c:\program files\LimeWire
2008-03-09 17:46 . 2008-03-09 17:46 0 ----a-w- c:\program files\temp01
2007-10-14 19:14 . 2007-10-14 19:14 251 ----a-w- c:\program files\wt3d.ini
2006-10-08 19:26 . 2006-10-08 19:26 774144 ----a-w- c:\program files\RngInterstitial.dll
2007-06-14 02:09 . 2007-06-14 02:11 135168 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2004-08-10 59392]
"LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-07-25 563984]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2007-07-25 2027792]
"Nikon Transfer Monitor"="c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe" [2008-09-30 485208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-10-14 77824]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-11 417792]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-11-12 141600]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"DLCCCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll" [2005-09-14 73728]
c:\documents and settings\Paul\Start Menu\Programs\Startup\
LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2010-5-26 503808]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2008-01-04 19:16 10792 ----a-w- c:\program files\Citrix\GoToAssist\480\g2awinlogon.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Dell Photo AIO Printer 924\\dlccaiox.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\MSN\\MSNCoreFiles\\msn6.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\progra~1\\mozill~1\\firefox.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:Remote Desktop
"65533:TCP"= 65533:TCP:Services
"52344:TCP"= 52344:TCP:Services
"7514:TCP"= 7514:TCP:Services
"4507:TCP"= 4507:TCP:Services
"7460:TCP"= 7460:TCP:Services
"7461:TCP"= 7461:TCP:Services
"3257:TCP"= 3257:TCP:Services
"5014:TCP"= 5014:TCP:Services
"3585:TCP"= 3585:TCP:Services
"5670:TCP"= 5670:TCP:Services
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [20/08/2008 1:53 PM 114768]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [05/01/2010 8:56 AM 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [05/01/2010 8:56 AM 74480]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [20/08/2008 1:53 PM 20560]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [16/02/2008 3:08 PM 716272]
S2 gupdate1c9a3e5d42c25db;Google Update Service (gupdate1c9a3e5d42c25db);c:\program files\Google\Update\GoogleUpdate.exe [13/03/2009 11:43 AM 133104]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [05/01/2010 8:56 AM 7408]
.
Contents of the 'Scheduled Tasks' folder
2010-08-12 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 15:04]
2010-08-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-13 14:12]
2010-08-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-13 14:12]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2535290
uInternet Connection Wizard,ShellNext = hxxp://www.aliant.net/
uInternet Settings,ProxyOverride = *.local
DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} - hxxp://downloads.ewido.net/ewidoOnlineScan.cab
DPF: {BBD4C71D-71F5-11D2-8BB0-000000001234} - hxxp://games.bigfishgames.com/en_paper-chase/online/PaperChaseLoader.cab
DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} - hxxps://secure.gopetslive.com/dev/GoPetsWeb.cab
FF - ProfilePath - c:\documents and settings\Paul\Application Data\Mozilla\Firefox\Profiles\ko9me5pm.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2535290&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxp://www.vocm.com/index.asp
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2535290&q=
FF - component: c:\documents and settings\Paul\Application Data\Mozilla\Firefox\Profiles\ko9me5pm.default\extensions\{437c4386-9237-441f-a940-009430030ee0}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\Paul\Application Data\Mozilla\Firefox\Profiles\ko9me5pm.default\extensions\{437c4386-9237-441f-a940-009430030ee0}\components\RadioWMPCore.dll
FF - component: c:\documents and settings\Paul\Application Data\Mozilla\Firefox\Profiles\ko9me5pm.default\extensions\[email protected]\components\PlaySushiFF.dll
FF - plugin: c:\documents and settings\Paul\Application Data\Mozilla\Firefox\Profiles\ko9me5pm.default\extensions\[email protected]\platform\WINNT_x86-msvc\plugins\npmnqmp07074039.dll
FF - plugin: c:\documents and settings\Paul\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npmozax.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NpPopup.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npracplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npunagi2.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHANS REMOVED - - - -
AddRemove-Octoshape add-in for Adobe Flash Player - c:\documents and settings\Paul\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-12 18:58
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
DLCCCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{018AEEB2-991D-1A04-BD95-3732724599D6}\ProxyStubClsid]
@DACL=(02 0000)
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{018AEEB2-991D-1A04-BD95-3732724599D6}\ProxyStubClsid32]
@DACL=(02 0000)
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{018AEEB2-991D-1A04-BD95-3732724599D6}\TypeLib]
@DACL=(02 0000)
@="{2CEAF59B-9412-C46A-69C6-DF41A7CC6F15}"
"Version"="1.0"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid]
@DACL=(02 0000)
@="{00020420-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid32]
@DACL=(02 0000)
@="{00020420-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib]
@DACL=(02 0000)
@="{29D67D3C-509A-4544-903F-C8C1B8236554}"
"Version"="1.0"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{318F50FE-44BE-3D0D-CD2E-086A2F9BEA54}\ProxyStubClsid]
@DACL=(02 0000)
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{318F50FE-44BE-3D0D-CD2E-086A2F9BEA54}\ProxyStubClsid32]
@DACL=(02 0000)
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{318F50FE-44BE-3D0D-CD2E-086A2F9BEA54}\TypeLib]
@DACL=(02 0000)
@="{2CEAF59B-9412-C46A-69C6-DF41A7CC6F15}"
"Version"="1.0"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{400EDC65-3199-7508-E853-493259993D39}\ProxyStubClsid]
@DACL=(02 0000)
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{400EDC65-3199-7508-E853-493259993D39}\ProxyStubClsid32]
@DACL=(02 0000)
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{400EDC65-3199-7508-E853-493259993D39}\TypeLib]
@DACL=(02 0000)
@="{2CEAF59B-9412-C46A-69C6-DF41A7CC6F15}"
"Version"="1.0"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\ProxyStubClsid]
@DACL=(02 0000)
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\ProxyStubClsid32]
@DACL=(02 0000)
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\TypeLib]
@DACL=(02 0000)
@="{E47CAEE0-DEEA-464A-9326-3F2801535A4D}"
"Version"="1.0"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{8AD9AD05-36BE-4E40-BA62-5422EB0D02FB}\ProxyStubClsid]
@DACL=(02 0000)
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{8AD9AD05-36BE-4E40-BA62-5422EB0D02FB}\ProxyStubClsid32]
@DACL=(02 0000)
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{8AD9AD05-36BE-4E40-BA62-5422EB0D02FB}\TypeLib]
@DACL=(02 0000)
@="{CDCA70D8-C6A6-49EE-9BED-7429D6C477A2}"
"Version"="1.0"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{AEBF09E2-0C15-43C8-99BF-928C645D98A0}\ProxyStubClsid]
@DACL=(02 0000)
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{AEBF09E2-0C15-43C8-99BF-928C645D98A0}\ProxyStubClsid32]
@DACL=(02 0000)
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{AEBF09E2-0C15-43C8-99BF-928C645D98A0}\TypeLib]
@DACL=(02 0000)
@="{CDCA70D8-C6A6-49EE-9BED-7429D6C477A2}"
"Version"="1.0"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{D8560AC2-21B5-4C1A-BDD4-BD12BC83B082}\ProxyStubClsid]
@DACL=(02 0000)
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{D8560AC2-21B5-4C1A-BDD4-BD12BC83B082}\ProxyStubClsid32]
@DACL=(02 0000)
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{D8560AC2-21B5-4C1A-BDD4-BD12BC83B082}\TypeLib]
@DACL=(02 0000)
@="{E343EDFC-1E6C-4CB5-AA29-E9C922641C80}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(652)
c:\program files\Citrix\GoToAssist\480\G2AWinLogon.dll
- - - - - - - > 'explorer.exe'(6628)
c:\windows\system32\WININET.dll
c:\program files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll
c:\windows\system32\ieframe.dll
.
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
