API tools faq
paste
Advertisement
Guest User

DDS

a guest
Apr 1st, 2011
158
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 14.39 KB | None | 0 0
raw download clone embed print report
  1. .
  2. DDS (Ver_11-03-05.01) - NTFSx86
  3. Run by Owner at 18:01:53.82 on Fri 04/01/2011
  4. Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_13
  5. Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.151 [GMT -4:00]
  6. .
  7. AV: McAfee VirusScan *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
  8. AV: ESET Smart Security 4.2 *Disabled/Outdated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
  9. FW: ESET Personal firewall *Disabled*
  10. FW: McAfee Personal Firewall *Enabled*
  11. .
  12. ============== Running Processes ===============
  13. .
  14. C:\WINDOWS\system32\svchost -k DcomLaunch
  15. svchost.exe
  16. C:\WINDOWS\System32\svchost.exe -k netsvcs
  17. svchost.exe
  18. svchost.exe
  19. C:\WINDOWS\Explorer.EXE
  20. C:\Program Files\Java\jre6\bin\jusched.exe
  21. C:\Program Files\ESET\ESET Smart Security\egui.exe
  22. C:\Program Files\AIM\aim.exe
  23. C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
  24. C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
  25. C:\Program Files\Bonjour\mDNSResponder.exe
  26. C:\Program Files\ESET\ESET Smart Security\ekrn.exe
  27. C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
  28. C:\WINDOWS\System32\svchost.exe -k HTTPFilter
  29. C:\Program Files\Java\jre6\bin\jqs.exe
  30. C:\WINDOWS\system32\HPZipm12.exe
  31. C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
  32. C:\Program Files\Viewpoint\Common\ViewpointService.exe
  33. C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
  34. C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
  35. C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
  36. C:\Program Files\IObit\Game Booster\gbtray.exe
  37. C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
  38. C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
  39. C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
  40. C:\WINDOWS\system32\svchost.exe -k imgsvc
  41. C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
  42. C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
  43. C:\Documents and Settings\Owner\My Documents\Downloads\dds.scr
  44. .
  45. ============== Pseudo HJT Report ===============
  46. .
  47. uStart Page = hxxp://www.yahoo.com/
  48. uSearch Page = hxxp://www.google.com
  49. uSearch Bar = hxxp://www.google.com/ie
  50. uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
  51. uInternet Connection Wizard,ShellNext = iexplore
  52. uInternet Settings,ProxyOverride = *.local
  53. uSearchAssistant = hxxp://www.google.com/ie
  54. uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
  55. mSearchAssistant = hxxp://www.google.com/ie
  56. BHO: AcroIEHelperStub: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - Adobe PDF Link Helper
  57. BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
  58. BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
  59. BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
  60. BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn toolbar\platform\6.3.2317.0\npwinext.dll
  61. BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
  62. BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
  63. TB: @c:\program files\msn toolbar\platform\6.3.2317.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn toolbar\platform\6.3.2317.0\npwinext.dll
  64. TB: {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No File
  65. TB: {724D43A0-0D85-11D4-9908-00400523E39A} - No File
  66. TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
  67. uRun: [BitTorrent DNA] "c:\program files\dna\btdna.exe"
  68. uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
  69. uRun: [Aim] "c:\program files\aim\aim.exe" /d locale=en-US
  70. uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
  71. uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
  72. uRun: [Google Update] "c:\documents and settings\owner\local settings\application data\google\update\GoogleUpdate.exe" /c
  73. mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
  74. mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
  75. mRun: [Persistence] c:\windows\system32\igfxpers.exe
  76. mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
  77. mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
  78. mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice
  79. mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
  80. mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
  81. mRun: [Bing Bar] "c:\program files\msn toolbar\platform\6.3.2317.0\mswinext.exe"
  82. mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSConfig.exe /auto
  83. IE: &Search
  84. IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
  85. IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
  86. IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC} - c:\program files\java\jre6\bin\jp2iexp.dll
  87. IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
  88. DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1218157883593
  89. DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
  90. DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - hxxps://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
  91. DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
  92. DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
  93. DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
  94. DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
  95. DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
  96. Notify: igfxcui - igfxdev.dll
  97. SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
  98. mASetup: {D58F39FF-953E-4F45-898F-59F243B9A523} - RUNDLL32 advpack.dll,LaunchINFSection Sidebar.inf,Register
  99. mASetup: {L17VSL2L-WD2S-DW7D-3O30-B267UDHUP01J} - c:\windows\system32\install\Svchost.exe
  100. .
  101. ================= FIREFOX ===================
  102. .
  103. FF - ProfilePath - c:\docume~1\owner\applic~1\mozilla\firefox\profiles\cjzujtba.default\
  104. FF - prefs.js: browser.search.selectedEngine - Secure Search
  105. FF - prefs.js: browser.startup.homepage - www.firefox.com
  106. FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p=
  107. FF - plugin: c:\documents and settings\all users\application data\nexonus\ngm\npNxGameUS.dll
  108. FF - plugin: c:\documents and settings\owner\local settings\application data\google\update\1.2.183.39\npGoogleOneClick8.dll
  109. FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
  110. FF - plugin: c:\program files\google\update\1.3.21.49\npGoogleUpdate2.dll
  111. FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
  112. FF - plugin: c:\program files\mozilla firefox\plugins\npdnupdater2.dll
  113. FF - plugin: c:\program files\msn toolbar\platform\6.3.2317.0\npwinext.dll
  114. FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
  115. FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll
  116. FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
  117. FF - Ext: Java Console: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
  118. FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
  119. FF - Ext: Font Finder: fontfinder@bendodson.com - %profile%\extensions\fontfinder@bendodson.com
  120. FF - Ext: Rotate Image: rotateimage@minisystems.de - %profile%\extensions\rotateimage@minisystems.de
  121. FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
  122. FF - Ext: Aquatint Black: {7694c49c-9fbd-11dc-8314-0800200c9a66} - %profile%\extensions\{7694c49c-9fbd-11dc-8314-0800200c9a66}
  123. FF - Ext: TryAgain: {992791ee-61dc-7b98-a8fd-dc49b7deeee9} - %profile%\extensions\{992791ee-61dc-7b98-a8fd-dc49b7deeee9}
  124. FF - Ext: WOT: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} - %profile%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
  125. FF - Ext: AIM Toolbar: {c2f863cd-0429-48c7-bb54-db756a951760} - %profile%\extensions\{c2f863cd-0429-48c7-bb54-db756a951760}
  126. FF - Ext: Fast Video Download (with SearchMenu): {c50ca3c4-5656-43c2-a061-13e717f73fc8} - %profile%\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}
  127. FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
  128. FF - Ext: Download Statusbar: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} - %profile%\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
  129. FF - Ext: Gradient iCool: {de5809e0-2b07-11dd-bd0b-0800200c9a66} - %profile%\extensions\{de5809e0-2b07-11dd-bd0b-0800200c9a66}
  130. FF - Ext: SearchPreview: {EF522540-89F5-46b9-B6FE-1829E2B572C6} - %profile%\extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6}
  131. FF - Ext: Autofill Forms: autofillForms@blueimp.net - %profile%\extensions\autofillForms@blueimp.net
  132. FF - Ext: Prize Live Toolbar: prizelivetoolbar@prizelive.com - %profile%\extensions\prizelivetoolbar@prizelive.com
  133. FF - Ext: Virtus Search Opt-in: extension@virtusdesigns.com - %profile%\extensions\extension@virtusdesigns.com
  134. FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
  135. FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
  136. .
  137. ---- FIREFOX POLICIES ----
  138. FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(general.useragent.extra.brc, BRI/1
  139. FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false
  140. ============= SERVICES / DRIVERS ===============
  141. .
  142. R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2010-1-5 385536]
  143. R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2010-4-28 114984]
  144. R2 ekrn;ESET Service;c:\program files\eset\eset smart security\ekrn.exe [2010-6-24 810144]
  145. R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2010\TuneUpUtilitiesService32.exe [2010-4-19 1050440]
  146. R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2008-8-7 24652]
  147. R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2010\TuneUpUtilitiesDriver32.sys [2010-2-25 10064]
  148. S2 gupdate1c913778b22e288;Google Update Service (gupdate1c913778b22e288);c:\program files\google\update\GoogleUpdate.exe [2008-9-10 133104]
  149. S2 McNaiAnn;McAfee VirusScan Announcer;"c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe" /mccoresvc --> c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [?]
  150. S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\eaglexnt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]
  151. S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2008-9-10 133104]
  152. S3 IlvMoneyDRIVER53;IlvMoneyDRIVER53;\??\c:\docume~1\owner\locals~1\temp\rar$ex01.859\ilvmoney1196.sys --> c:\docume~1\owner\locals~1\temp\rar$ex01.859\IlvMoney1196.sys [?]
  153. S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
  154. .
  155. =============== Created Last 30 ================
  156. .
  157. 2011-04-01 19:33:15 -------- d-----w- c:\program files\Spybot - Search & Destroy
  158. 2011-04-01 19:33:15 -------- d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
  159. 2011-04-01 19:25:28 -------- d-----w- c:\docume~1\owner\applic~1\Malwarebytes
  160. 2011-04-01 19:25:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
  161. 2011-04-01 19:25:05 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
  162. 2011-04-01 19:25:01 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
  163. 2011-04-01 19:25:00 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
  164. 2011-04-01 01:49:04 -------- d-----w- c:\program files\MSN Toolbar
  165. 2011-03-31 21:33:10 -------- d-----w- c:\docume~1\owner\applic~1\NeopleLauncherDFO
  166. 2011-03-05 14:46:56 -------- d-----w- c:\windows\system32\wbem\repository\FS
  167. 2011-03-05 14:46:56 -------- d-----w- c:\windows\system32\wbem\Repository
  168. 2011-03-04 20:38:34 -------- d-----w- c:\docume~1\alluse~1\applic~1\fFeMkDd06511
  169. .
  170. ==================== Find3M ====================
  171. .
  172. 2011-02-09 13:53:52 270848 ----a-w- c:\windows\system32\sbe.dll
  173. 2011-02-09 13:53:52 186880 ----a-w- c:\windows\system32\encdec.dll
  174. 2011-02-02 07:58:35 2067456 ----a-w- c:\windows\system32\mstscax.dll
  175. 2011-01-27 11:57:06 677888 ----a-w- c:\windows\system32\mstsc.exe
  176. 2011-01-21 14:44:37 439296 ----a-w- c:\windows\system32\shimgvw.dll
  177. 2011-01-07 14:09:02 290048 ----a-w- c:\windows\system32\atmfd.dll
  178. 2011-01-04 21:42:39 0 ----a-w- c:\windows\Kkexeceweweciqu.bin
  179. .
  180. ============= FINISH: 18:02:50.21 ===============
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!