API tools faq
paste
Guest User

Untitled

a guest
May 7th, 2013
108
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 13.40 KB | None | 0 0
raw download clone embed print report
  1. DDS (Ver_2012-11-20.01) - NTFS_x86
  2. Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.21.2
  3. Run by Sunce at 13:50:41 on 2013-05-07
  4. Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1790.903 [GMT 2:00]
  5. .
  6. AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
  7. FW: avast! Antivirus *Disabled*
  8. .
  9. ============== Running Processes ================
  10. .
  11. C:\WINDOWS\system32\Ati2evxx.exe
  12. C:\Program Files\AVAST Software\Avast\AvastSvc.exe
  13. C:\WINDOWS\system32\Ati2evxx.exe
  14. C:\WINDOWS\system32\spoolsv.exe
  15. C:\WINDOWS\Explorer.EXE
  16. C:\Program Files\AVAST Software\Avast\avastUI.exe
  17. C:\Program Files\Java\jre7\bin\jqs.exe
  18. C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
  19. C:\WINDOWS\system32\LGScsiCommandService.exe
  20. C:\WINDOWS\PixArt\PAC7302\Monitor.exe
  21. C:\Program Files\Common Files\Java\Java Update\jusched.exe
  22. C:\WINDOWS\system32\ctfmon.exe
  23. C:\Program Files\MCShield\mcshieldrtm.exe
  24. C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
  25. C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
  26. C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
  27. C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
  28. C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
  29. C:\Program Files\Tenda\Common\RaRegistry.exe
  30. C:\WINDOWS\system32\wdfmgr.exe
  31. C:\WINDOWS\System32\alg.exe
  32. C:\WINDOWS\explorer.exe
  33. C:\Program Files\Mozilla Firefox\firefox.exe
  34. C:\WINDOWS\system32\msiexec.exe
  35. C:\WINDOWS\system32\wbem\wmiprvse.exe
  36. C:\WINDOWS\System32\svchost.exe -k netsvcs
  37. C:\WINDOWS\system32\svchost.exe -k NetworkService
  38. C:\WINDOWS\system32\svchost.exe -k LocalService
  39. C:\WINDOWS\system32\svchost.exe -k LocalService
  40. C:\WINDOWS\system32\svchost.exe -k imgsvc
  41. C:\WINDOWS\System32\svchost.exe -k HTTPFilter
  42. .
  43. ============== Pseudo HJT Report ===============
  44. .
  45. uStart Page = hxxp://www.google.rs/
  46. uURLSearchHooks: <No Name>: - LocalServer32 - <no file>
  47. BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
  48. BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
  49. BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
  50. BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
  51. BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
  52. BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
  53. BHO: BHO_TIMELINEREMOVE.Bho: {e7b9b609-19ad-40a4-a288-b300a3087465} -
  54. TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
  55. uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
  56. uRun: [Google Update] "c:\documents and settings\sunce\local settings\application data\google\update\GoogleUpdate.exe" /c
  57. uRun: [MCShield Monitor] c:\program files\mcshield\mcshieldrtm.exe
  58. mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
  59. mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
  60. mRun: [NPSStartup] <no file>
  61. dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
  62. uPolicies-Explorer: NoDriveTypeAutoRun = dword:255
  63. mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
  64. IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
  65. IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000
  66. IE: {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files\icq7.7\ICQ.exe
  67. IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
  68. IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
  69. DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
  70. DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
  71. DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
  72. TCP: NameServer = 192.168.0.1
  73. TCP: Interfaces\{564A8F95-23F4-4D9B-B324-AED396002702} : DHCPNameServer = 192.168.0.1
  74. TCP: Interfaces\{5C99A329-153A-4F3D-9DE7-969EE90BA1AE} : DHCPNameServer = 95.180.0.18 8.8.8.8
  75. Notify: AtiExtEvent - Ati2evxx.dll
  76. LSA: Authentication Packages = msv1_0 nwprovau
  77. .
  78. ================= FIREFOX ===================
  79. .
  80. FF - ProfilePath - c:\documents and settings\sunce\application data\mozilla\firefox\profiles\qswbevjb.default\
  81. FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/
  82. FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?AF=109217&babsrc=adbartrp&mntrId=008697ac000000000000f46d040aef71&q=
  83. FF - prefs.js: network.proxy.type - 0
  84. FF - plugin: c:\documents and settings\sunce\application data\mozilla\plugins\npgoogletalk.dll
  85. FF - plugin: c:\documents and settings\sunce\application data\mozilla\plugins\npgtpo3dautoplugin.dll
  86. FF - plugin: c:\documents and settings\sunce\application data\mozilla\plugins\npo1d.dll
  87. FF - plugin: c:\documents and settings\sunce\local settings\application data\google\update\1.3.21.135\npGoogleUpdate3.dll
  88. FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
  89. FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
  90. FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
  91. FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_169.dll
  92. .
  93. ---- FIREFOX POLICIES ----
  94. FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=109217
  95. FF - user.js: extensions.BabylonToolbar_i.babExt -
  96. FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
  97. FF - user.js: extensions.BabylonToolbar_i.id - 008697ac000000000000f46d040aef71
  98. FF - user.js: extensions.BabylonToolbar_i.hardId - 008697ac000000000000f46d040aef71
  99. FF - user.js: extensions.BabylonToolbar_i.instlDay - 15456
  100. FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
  101. FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
  102. FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.170:39:57
  103. FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
  104. FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
  105. FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
  106. FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
  107. FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
  108. FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
  109. FF - user.js: extensions.searchya_i.hmpg - true
  110. FF - user.js: extensions.searchya_i.hmpgUrl - hxxp://searchya.com/?chnl=dcom-100&s=0&cr=1137905894&cd=2XzutAtN2Y1L1QzutN0D0TzutBtDtCtBtDyDtCtA
  111. FF - user.js: extensions.searchya_i.dfltSrch - true
  112. FF - user.js: extensions.searchya_i.srchPrvdr - SearchYa!
  113. FF - user.js: extensions.searchya_i.dnsErr - true
  114. FF - user.js: extensions.searchya_i.newTab - true
  115. FF - user.js: extensions.searchya_i.newTabUrl - hxxp://searchya.com/?chnl=dcom-100&s=2&cr=1137905894&cd=2XzutAtN2Y1L1QzutN0D0TzutBtDtCtBtDyDtCtA
  116. FF - user.js: extensions.searchya_i.tlbrSrchUrl - hxxp://searchya.com/?chnl=dcom-100&s=3&cr=1137905894&cd=2XzutAtN2Y1L1QzutN0D0TzutBtDtCtBtDyDtCtA&q=
  117. FF - user.js: extensions.searchya_i.id - 008697ac000000000000f46d040aef71
  118. FF - user.js: extensions.searchya_i.instlDay - 15473
  119. FF - user.js: extensions.searchya_i.vrsn - 1.5.13.0
  120. FF - user.js: extensions.searchya_i.vrsni - 1.5.13.0
  121. FF - user.js: extensions.searchya_i.vrsnTs - 1.5.13.014:53:33
  122. FF - user.js: extensions.searchya_i.prtnrId - ironsrc
  123. FF - user.js: extensions.searchya_i.prdct - searchya
  124. FF - user.js: extensions.searchya_i.aflt - dcom
  125. FF - user.js: extensions.searchya_i.smplGrp - none
  126. FF - user.js: extensions.searchya_i.tlbrId - base
  127. FF - user.js: extensions.searchya_i.instlRef - dcom-100
  128. FF - user.js: extensions.searchya_i.dfltLng -
  129. FF - user.js: extensions.searchya_i.excTlbr - false
  130. .
  131. .
  132. ============= SERVICES / DRIVERS ===============
  133. .
  134. R0 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2012-11-5 21576]
  135. R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-3-12 49248]
  136. R0 hotcore3;hc3ServiceName;c:\windows\system32\drivers\hotcore3.sys [2011-8-9 40560]
  137. R0 mv61xxmm;mv61xxmm;c:\windows\system32\drivers\mv61xxmm.sys [2011-2-14 13616]
  138. R0 mv64xxmm;mv64xxmm;c:\windows\system32\drivers\mv64xxmm.sys [2011-2-14 5632]
  139. R0 mvxxmm;mvxxmm;c:\windows\system32\drivers\mvxxmm.sys [2011-2-14 13616]
  140. R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-12-5 765736]
  141. R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-12-5 368176]
  142. R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-12-5 29816]
  143. R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-3-12 66336]
  144. R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-12-5 45248]
  145. R2 LGScsiCommandService;LG SCSI command service;c:\windows\system32\LGScsiCommandService.exe [2013-2-4 47616]
  146. R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-9-11 418376]
  147. R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-8-8 701512]
  148. R2 RalinkRegistryWriter;Ralink Registry Writer;c:\program files\tenda\common\RaRegistry.exe [2013-4-9 193888]
  149. R2 Scutum50;Scutum50 NDIS Protocol Driver;c:\windows\system32\drivers\Scutum50.sys [2013-4-9 19072]
  150. R3 L1c;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [2011-8-9 45056]
  151. R3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\drivers\lgbtport.sys [2009-9-29 12160]
  152. R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\drivers\lgbtbus.sys [2009-9-29 10496]
  153. R3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\drivers\lgvmodem.sys [2009-9-29 12928]
  154. R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-8-8 22856]
  155. R3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver;c:\windows\system32\drivers\rt2870.sys [2013-4-9 1130848]
  156. R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2011-8-9 2135280]
  157. S3 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-3-12 164736]
  158. S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2012-7-13 36608]
  159. S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [2012-7-13 98432]
  160. S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [2012-7-13 14848]
  161. S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [2012-7-13 123648]
  162. S4 PuranDefrag;PuranDefrag;c:\windows\system32\PuranDefragS.exe [2011-12-16 229376]
  163. .
  164. =============== Created Last 30 ================
  165. .
  166. 2013-05-06 18:50:33 -------- d-----w- c:\program files\NirSoft
  167. 2013-05-06 11:37:28 40437664 ----a-w- c:\program files\QuickTimeInstaller.exe
  168. 2013-05-06 11:37:28 1563968 ----a-w- c:\program files\iobit-uninstaller.exe
  169. 2013-05-06 11:37:28 1006912 ----a-w- c:\program files\advanced_systemcare_installer.exe
  170. 2013-05-06 11:37:27 38494576 ----a-w- c:\program files\SafariSetup.exe
  171. 2013-05-06 11:37:26 3012984 ----a-w- c:\program files\unlocker-setup.exe
  172. 2013-05-06 11:37:26 19566776 ----a-w- c:\program files\6.0_ACDSee6.0PowerPack.exe
  173. 2013-04-27 20:46:31 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
  174. 2013-04-09 06:50:38 480608 ----a-w- c:\windows\system32\DiagFunc.dll
  175. 2013-04-09 06:50:38 2168160 ----a-w- c:\windows\system32\Scutum.dll
  176. 2013-04-09 06:50:38 19072 ----a-w- c:\windows\system32\drivers\Scutum50.sys
  177. 2013-04-09 06:50:38 185696 ----a-w- c:\windows\system32\W32N55.dll
  178. 2013-04-09 06:50:38 1607008 ----a-w- c:\windows\system32\RaCertMgr.dll
  179. 2013-04-09 06:50:38 139264 ----a-w- c:\windows\system32\RalinkGina.dll
  180. 2013-04-09 06:50:17 238944 ----a-w- c:\windows\system32\RaCoInst.dll
  181. 2013-04-09 06:50:17 1130848 ----a-w- c:\windows\system32\drivers\rt2870.sys
  182. 2013-04-09 06:50:16 -------- d-----w- c:\documents and settings\all users\application data\Tenda Driver
  183. 2013-04-09 06:50:15 -------- d-----w- c:\program files\Tenda
  184. .
  185. ==================== Find3M ====================
  186. .
  187. 2013-04-13 20:32:33 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
  188. 2013-04-13 20:32:33 691592 ----a-w- c:\windows\system32\FlashPlayerApp.exe
  189. 2013-04-04 12:50:32 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
  190. 2013-03-08 08:35:47 293376 ----a-w- c:\windows\system32\winsrv.dll
  191. 2013-03-07 01:35:46 2149888 ----a-w- c:\windows\system32\ntoskrnl.exe
  192. 2013-03-07 00:53:36 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe
  193. 2013-03-06 23:33:24 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
  194. 2013-03-06 23:33:24 49248 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
  195. 2013-03-06 23:33:24 164736 ----a-w- c:\windows\system32\drivers\aswVmm.sys
  196. 2013-03-06 23:33:23 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
  197. 2013-03-06 23:33:22 21576 ----a-w- c:\windows\system32\drivers\aswKbd.sys
  198. 2013-03-06 23:32:51 41664 ----a-w- c:\windows\avastSS.scr
  199. 2013-03-05 23:47:07 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
  200. 2013-03-05 23:47:07 782240 ----a-w- c:\windows\system32\deployJava1.dll
  201. 2013-03-02 02:05:19 920064 ----a-w- c:\windows\system32\wininet.dll
  202. 2013-03-02 02:05:18 43520 ----a-w- c:\windows\system32\licmgr10.dll
  203. 2013-03-02 02:05:18 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
  204. 2013-03-02 01:31:30 1876224 ----a-w- c:\windows\system32\win32k.sys
  205. 2013-03-02 01:08:57 385024 ----a-w- c:\windows\system32\html.iec
  206. 2013-02-12 00:32:23 12928 ----a-w- c:\windows\system32\drivers\usb8023.sys
  207. .
  208. ============= FINISH: 13:50:54.32 ===============
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!