Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- .
- DDS (Ver_11-03-05.01) - NTFSx86
- Run by Owner at 18:01:53.82 on Fri 04/01/2011
- Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_13
- Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.151 [GMT -4:00]
- .
- AV: McAfee VirusScan *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
- AV: ESET Smart Security 4.2 *Disabled/Outdated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
- FW: ESET Personal firewall *Disabled*
- FW: McAfee Personal Firewall *Enabled*
- .
- ============== Running Processes ===============
- .
- C:\WINDOWS\system32\svchost -k DcomLaunch
- svchost.exe
- C:\WINDOWS\System32\svchost.exe -k netsvcs
- svchost.exe
- svchost.exe
- C:\WINDOWS\Explorer.EXE
- C:\Program Files\Java\jre6\bin\jusched.exe
- C:\Program Files\ESET\ESET Smart Security\egui.exe
- C:\Program Files\AIM\aim.exe
- C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
- C:\Program Files\Bonjour\mDNSResponder.exe
- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
- C:\WINDOWS\System32\svchost.exe -k HTTPFilter
- C:\Program Files\Java\jre6\bin\jqs.exe
- C:\WINDOWS\system32\HPZipm12.exe
- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
- C:\Program Files\Viewpoint\Common\ViewpointService.exe
- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
- C:\Program Files\IObit\Game Booster\gbtray.exe
- C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
- C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
- C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
- C:\WINDOWS\system32\svchost.exe -k imgsvc
- C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
- C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
- C:\Documents and Settings\Owner\My Documents\Downloads\dds.scr
- .
- ============== Pseudo HJT Report ===============
- .
- uStart Page = hxxp://www.yahoo.com/
- uSearch Page = hxxp://www.google.com
- uSearch Bar = hxxp://www.google.com/ie
- uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
- uInternet Connection Wizard,ShellNext = iexplore
- uInternet Settings,ProxyOverride = *.local
- uSearchAssistant = hxxp://www.google.com/ie
- uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
- mSearchAssistant = hxxp://www.google.com/ie
- BHO: AcroIEHelperStub: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - Adobe PDF Link Helper
- BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
- BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
- BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
- BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn toolbar\platform\6.3.2317.0\npwinext.dll
- BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
- BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
- TB: @c:\program files\msn toolbar\platform\6.3.2317.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn toolbar\platform\6.3.2317.0\npwinext.dll
- TB: {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No File
- TB: {724D43A0-0D85-11D4-9908-00400523E39A} - No File
- TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
- uRun: [BitTorrent DNA] "c:\program files\dna\btdna.exe"
- uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
- uRun: [Aim] "c:\program files\aim\aim.exe" /d locale=en-US
- uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
- uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
- uRun: [Google Update] "c:\documents and settings\owner\local settings\application data\google\update\GoogleUpdate.exe" /c
- mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
- mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
- mRun: [Persistence] c:\windows\system32\igfxpers.exe
- mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
- mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
- mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice
- mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
- mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
- mRun: [Bing Bar] "c:\program files\msn toolbar\platform\6.3.2317.0\mswinext.exe"
- mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSConfig.exe /auto
- IE: &Search
- IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
- IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
- IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC} - c:\program files\java\jre6\bin\jp2iexp.dll
- IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
- DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1218157883593
- DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
- DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - hxxps://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
- DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
- DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
- DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
- DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
- DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
- Notify: igfxcui - igfxdev.dll
- SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
- mASetup: {D58F39FF-953E-4F45-898F-59F243B9A523} - RUNDLL32 advpack.dll,LaunchINFSection Sidebar.inf,Register
- mASetup: {L17VSL2L-WD2S-DW7D-3O30-B267UDHUP01J} - c:\windows\system32\install\Svchost.exe
- .
- ================= FIREFOX ===================
- .
- FF - ProfilePath - c:\docume~1\owner\applic~1\mozilla\firefox\profiles\cjzujtba.default\
- FF - prefs.js: browser.search.selectedEngine - Secure Search
- FF - prefs.js: browser.startup.homepage - www.firefox.com
- FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p=
- FF - plugin: c:\documents and settings\all users\application data\nexonus\ngm\npNxGameUS.dll
- FF - plugin: c:\documents and settings\owner\local settings\application data\google\update\1.2.183.39\npGoogleOneClick8.dll
- FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
- FF - plugin: c:\program files\google\update\1.3.21.49\npGoogleUpdate2.dll
- FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
- FF - plugin: c:\program files\mozilla firefox\plugins\npdnupdater2.dll
- FF - plugin: c:\program files\msn toolbar\platform\6.3.2317.0\npwinext.dll
- FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
- FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll
- FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- FF - Ext: Java Console: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
- FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
- FF - Ext: Font Finder: fontfinder@bendodson.com - %profile%\extensions\fontfinder@bendodson.com
- FF - Ext: Rotate Image: rotateimage@minisystems.de - %profile%\extensions\rotateimage@minisystems.de
- FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
- FF - Ext: Aquatint Black: {7694c49c-9fbd-11dc-8314-0800200c9a66} - %profile%\extensions\{7694c49c-9fbd-11dc-8314-0800200c9a66}
- FF - Ext: TryAgain: {992791ee-61dc-7b98-a8fd-dc49b7deeee9} - %profile%\extensions\{992791ee-61dc-7b98-a8fd-dc49b7deeee9}
- FF - Ext: WOT: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} - %profile%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
- FF - Ext: AIM Toolbar: {c2f863cd-0429-48c7-bb54-db756a951760} - %profile%\extensions\{c2f863cd-0429-48c7-bb54-db756a951760}
- FF - Ext: Fast Video Download (with SearchMenu): {c50ca3c4-5656-43c2-a061-13e717f73fc8} - %profile%\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}
- FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
- FF - Ext: Download Statusbar: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} - %profile%\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
- FF - Ext: Gradient iCool: {de5809e0-2b07-11dd-bd0b-0800200c9a66} - %profile%\extensions\{de5809e0-2b07-11dd-bd0b-0800200c9a66}
- FF - Ext: SearchPreview: {EF522540-89F5-46b9-B6FE-1829E2B572C6} - %profile%\extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6}
- FF - Ext: Autofill Forms: autofillForms@blueimp.net - %profile%\extensions\autofillForms@blueimp.net
- FF - Ext: Prize Live Toolbar: prizelivetoolbar@prizelive.com - %profile%\extensions\prizelivetoolbar@prizelive.com
- FF - Ext: Virtus Search Opt-in: extension@virtusdesigns.com - %profile%\extensions\extension@virtusdesigns.com
- FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
- FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
- .
- ---- FIREFOX POLICIES ----
- FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(general.useragent.extra.brc, BRI/1
- FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false
- ============= SERVICES / DRIVERS ===============
- .
- R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2010-1-5 385536]
- R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2010-4-28 114984]
- R2 ekrn;ESET Service;c:\program files\eset\eset smart security\ekrn.exe [2010-6-24 810144]
- R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2010\TuneUpUtilitiesService32.exe [2010-4-19 1050440]
- R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2008-8-7 24652]
- R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2010\TuneUpUtilitiesDriver32.sys [2010-2-25 10064]
- S2 gupdate1c913778b22e288;Google Update Service (gupdate1c913778b22e288);c:\program files\google\update\GoogleUpdate.exe [2008-9-10 133104]
- S2 McNaiAnn;McAfee VirusScan Announcer;"c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe" /mccoresvc --> c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [?]
- S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\eaglexnt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]
- S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2008-9-10 133104]
- S3 IlvMoneyDRIVER53;IlvMoneyDRIVER53;\??\c:\docume~1\owner\locals~1\temp\rar$ex01.859\ilvmoney1196.sys --> c:\docume~1\owner\locals~1\temp\rar$ex01.859\IlvMoney1196.sys [?]
- S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
- .
- =============== Created Last 30 ================
- .
- 2011-04-01 19:33:15 -------- d-----w- c:\program files\Spybot - Search & Destroy
- 2011-04-01 19:33:15 -------- d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
- 2011-04-01 19:25:28 -------- d-----w- c:\docume~1\owner\applic~1\Malwarebytes
- 2011-04-01 19:25:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
- 2011-04-01 19:25:05 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
- 2011-04-01 19:25:01 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
- 2011-04-01 19:25:00 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
- 2011-04-01 01:49:04 -------- d-----w- c:\program files\MSN Toolbar
- 2011-03-31 21:33:10 -------- d-----w- c:\docume~1\owner\applic~1\NeopleLauncherDFO
- 2011-03-05 14:46:56 -------- d-----w- c:\windows\system32\wbem\repository\FS
- 2011-03-05 14:46:56 -------- d-----w- c:\windows\system32\wbem\Repository
- 2011-03-04 20:38:34 -------- d-----w- c:\docume~1\alluse~1\applic~1\fFeMkDd06511
- .
- ==================== Find3M ====================
- .
- 2011-02-09 13:53:52 270848 ----a-w- c:\windows\system32\sbe.dll
- 2011-02-09 13:53:52 186880 ----a-w- c:\windows\system32\encdec.dll
- 2011-02-02 07:58:35 2067456 ----a-w- c:\windows\system32\mstscax.dll
- 2011-01-27 11:57:06 677888 ----a-w- c:\windows\system32\mstsc.exe
- 2011-01-21 14:44:37 439296 ----a-w- c:\windows\system32\shimgvw.dll
- 2011-01-07 14:09:02 290048 ----a-w- c:\windows\system32\atmfd.dll
- 2011-01-04 21:42:39 0 ----a-w- c:\windows\Kkexeceweweciqu.bin
- .
- ============= FINISH: 18:02:50.21 ===============
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement