Advertisement
Guest User

Untitled

a guest
Jul 10th, 2013
105
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 14.56 KB | None | 0 0
  1. DDS (Ver_2012-11-20.01) - NTFS_x86
  2. Internet Explorer: 6.0.2900.2180
  3. Run by Pedja at 9:55:20 on 2013-07-10
  4. Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2047.1318 [GMT 2:00]
  5. .
  6. AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
  7. .
  8. ============== Running Processes ================
  9. .
  10. C:\WINDOWS\system32\nvsvc32.exe
  11. C:\WINDOWS\system32\spoolsv.exe
  12. C:\Program Files\Application Updater\ApplicationUpdater.exe
  13. C:\WINDOWS\Explorer.EXE
  14. C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
  15. C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe
  16. C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
  17. C:\WINDOWS\system32\RUNDLL32.EXE
  18. C:\Program Files\AVG Secure Search\vprot.exe
  19. C:\WINDOWS\RTHDCPL.EXE
  20. C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
  21. C:\WINDOWS\system32\ctfmon.exe
  22. C:\Documents and Settings\Pedja\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe
  23. C:\Program Files\Skype\Phone\Skype.exe
  24. C:\WINDOWS\System32\WScript.exe
  25. C:\Program Files\MCShield\mcshieldrtm.exe
  26. C:\WINDOWS\System32\alg.exe
  27. C:\Program Files\Mozilla Firefox\firefox.exe
  28. C:\Program Files\Mozilla Firefox\plugin-container.exe
  29. C:\WINDOWS\system32\wbem\wmiprvse.exe
  30. C:\WINDOWS\System32\svchost.exe -k netsvcs
  31. C:\WINDOWS\system32\svchost.exe -k NetworkService
  32. C:\WINDOWS\system32\svchost.exe -k LocalService
  33. C:\WINDOWS\system32\svchost.exe -k imgsvc
  34. .
  35. ============== Pseudo HJT Report ===============
  36. .
  37. uStart Page = hxxp://www2.delta-search.com/?affID=119816&tt=gc_&babsrc=HP_ss&mntrId=ACB3485B39B5BFD0
  38. uURLSearchHooks: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - c:\program files\iobit apps toolbar\ie\7.2\iobitappsToolbarIE.dll
  39. BHO: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - c:\program files\iobit apps toolbar\ie\7.2\iobitappsToolbarIE.dll
  40. BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
  41. BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
  42. BHO: {2A5A2A90-3B30-4E6E-A955-2F232C6EF517} - <orphaned>
  43. BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\15.2.0.5\AVG Secure Search_toolbar.dll
  44. TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
  45. TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\15.2.0.5\AVG Secure Search_toolbar.dll
  46. TB: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - c:\program files\iobit apps toolbar\ie\7.2\iobitappsToolbarIE.dll
  47. uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
  48. uRun: [Google Update] "c:\documents and settings\pedja\local settings\application data\google\update\GoogleUpdate.exe" /c
  49. uRun: [Facebook Update] "c:\documents and settings\pedja\local settings\application data\facebook\update\FacebookUpdate.exe" /c /nocrashserver
  50. uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
  51. uRun: [help.vbe] "c:\docume~1\pedja\locals~1\temp\help.vbe"
  52. uRun: [MCShield Monitor] c:\program files\mcshield\mcshieldrtm.exe
  53. mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /install
  54. mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
  55. mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
  56. mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
  57. mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
  58. mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
  59. mRun: [RTHDCPL] RTHDCPL.EXE
  60. mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
  61. mRun: [SearchSettings] "c:\program files\common files\spigot\search settings\SearchSettings.exe"
  62. mRun: [help.vbe] "c:\docume~1\pedja\locals~1\temp\help.vbe"
  63. StartupFolder: c:\documents and settings\pedja\start menu\programs\startup\help.vbe
  64. uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
  65. mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
  66. IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
  67. IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
  68. IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
  69. DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1367525119187
  70. TCP: NameServer = 79.143.160.20 79.143.168.8
  71. TCP: Interfaces\{6E250B0A-5289-4F49-A575-F8EDE5AC939F} : DHCPNameServer = 79.143.160.20 79.143.168.8
  72. Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
  73. Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\15.2.0\ViProtocol.dll
  74. AppInit_DLLs= c:\docume~1\alluse~1\applic~1\browse~1\261249~1.132\{c16c1~1\browse~1.dll
  75. .
  76. ================= FIREFOX ===================
  77. .
  78. FF - ProfilePath - c:\documents and settings\pedja\application data\mozilla\firefox\profiles\spy0hywg.default\
  79. FF - prefs.js: browser.startup.homepage - hxxp://www.google.ba/
  80. FF - plugin: c:\documents and settings\pedja\local settings\application data\facebook\video\skype\npFacebookVideoCalling.dll
  81. FF - plugin: c:\documents and settings\pedja\local settings\application data\google\update\1.3.21.149\npGoogleUpdate3.dll
  82. FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
  83. FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\15.2.0\npsitesafety.dll
  84. FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_224.dll
  85. FF - ExtSQL: 2013-05-16 22:07; iobitapps@mybrowserbar.com; c:\program files\iobit apps toolbar\FF
  86. FF - ExtSQL: 2013-06-09 13:45; plugin@getwebcake.com; c:\documents and settings\pedja\application data\mozilla\firefox\profiles\spy0hywg.default\extensions\plugin@getwebcake.com
  87. FF - ExtSQL: 2013-07-08 11:00; jid1-tdms4EWes6XF5w@jetpack; c:\documents and settings\pedja\application data\mozilla\firefox\profiles\spy0hywg.default\extensions\jid1-tdms4EWes6XF5w@jetpack.xpi
  88. .
  89. ---- FIREFOX POLICIES ----
  90. FF - user.js: extentions.webcake.installId - 0ee9768a-cfb4-4e11-87a5-2ab67cb201a1
  91. FF - user.js: extentions.webcake.defaultEnableAppsList - layers,brain/features,newOffers/wc
  92. .
  93. ============= SERVICES / DRIVERS ===============
  94. .
  95. R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2013-2-8 60216]
  96. R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2013-2-8 245048]
  97. R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2013-2-8 96568]
  98. R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2013-2-8 39224]
  99. R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2013-2-26 208184]
  100. R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2013-3-1 22328]
  101. R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2013-2-8 170808]
  102. R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2013-2-14 182072]
  103. R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2013-5-2 37664]
  104. R2 Application Updater;Application Updater;c:\program files\application updater\ApplicationUpdater.exe [2013-6-7 806776]
  105. R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2013-5-14 4937264]
  106. R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2013-4-18 283136]
  107. R2 vToolbarUpdater15.2.0;vToolbarUpdater15.2.0;c:\program files\common files\avg secure search\vtoolbarupdater\15.2.0\ToolbarUpdater.exe [2013-5-23 1015984]
  108. S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-4-19 161384]
  109. S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2013-5-3 1684736]
  110. .
  111. =============== Created Last 30 ================
  112. .
  113. 2013-07-09 08:16:22 -------- d-----w- c:\program files\MCShield
  114. 2013-07-09 08:16:22 -------- d-----w- c:\documents and settings\all users\application data\MCShield
  115. 2013-07-08 09:08:28 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
  116. 2013-07-08 08:33:57 -------- d-----w- c:\windows\system32\wbem\repository\FS
  117. 2013-07-08 08:33:57 -------- d-----w- c:\windows\system32\wbem\Repository
  118. 2013-07-08 08:28:17 -------- d-----w- c:\program files\OpenAL
  119. 2013-07-07 12:37:00 -------- d-----w- c:\documents and settings\pedja\application data\avidemux
  120. 2013-07-07 09:25:35 -------- d-----w- c:\documents and settings\pedja\application data\NCH Software
  121. 2013-07-07 09:25:24 -------- d-----w- c:\program files\NCH Software
  122. 2013-07-07 08:37:25 -------- d-----w- c:\documents and settings\pedja\application data\Malwarebytes
  123. 2013-07-07 08:35:18 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
  124. 2013-07-07 08:35:18 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
  125. 2013-07-07 08:34:44 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy
  126. 2013-06-30 13:58:44 -------- d-----w- c:\documents and settings\all users\GlarySoft
  127. 2013-06-30 13:32:59 -------- d-----w- c:\program files\Glary Utilities 3
  128. 2013-06-19 11:34:44 -------- d-----w- c:\documents and settings\pedja\application data\Search Settings
  129. 2013-06-19 11:34:31 -------- d-----w- c:\program files\IObit Apps Toolbar
  130. 2013-06-19 11:34:31 -------- d-----w- c:\program files\Application Updater
  131. 2013-06-10 15:02:52 -------- d-----w- c:\documents and settings\pedja\application data\IObit Apps
  132. .
  133. ==================== Find3M ====================
  134. .
  135. 2013-06-18 16:52:44 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
  136. 2013-06-18 16:52:44 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
  137. 2013-06-01 16:07:35 444952 ----a-w- c:\windows\system32\wrap_oal.dll
  138. 2013-06-01 16:07:35 109080 ----a-w- c:\windows\system32\OpenAL32.dll
  139. 2013-05-23 09:34:14 37664 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
  140. .
  141. ============= FINISH: 9:55:38.26 ===============
  142. .
  143. UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
  144. IF REQUESTED, ZIP IT UP & ATTACH IT
  145. .
  146. DDS (Ver_2012-11-20.01)
  147. .
  148. Microsoft Windows XP Professional
  149. Boot Device: \Device\HarddiskVolume1
  150. Install Date: 5/2/2013 4:47:52 PM
  151. System Uptime: 7/10/2013 9:22:13 AM (0 hours ago)
  152. .
  153. Motherboard: ASUSTeK Computer INC. | | M2N68-AM SE2
  154. Processor: AMD Athlon(tm) II X2 250 Processor | AM2 | 3013/200mhz
  155. Processor: AMD Athlon(tm) II X2 250 Processor | AM2 | 3013/200mhz
  156. .
  157. ==== Disk Partitions =========================
  158. .
  159. C: is FIXED (NTFS) - 154 GiB total, 142.541 GiB free.
  160. D: is FIXED (NTFS) - 164 GiB total, 156.607 GiB free.
  161. E: is FIXED (NTFS) - 147 GiB total, 47.865 GiB free.
  162. F: is CDROM ()
  163. .
  164. ==== Disabled Device Manager Items =============
  165. .
  166. Class GUID:
  167. Description:
  168. Device ID: HDAUDIO\FUNC_01&VEN_10DE&DEV_000B&SUBSYS_10DE0101&REV_1001\5&1E4128DC&1&0101
  169. Manufacturer:
  170. Name:
  171. PNP Device ID: HDAUDIO\FUNC_01&VEN_10DE&DEV_000B&SUBSYS_10DE0101&REV_1001\5&1E4128DC&1&0101
  172. Service:
  173. .
  174. ==== System Restore Points ===================
  175. .
  176. RP1: 5/2/2013 4:52:34 PM - System Checkpoint
  177. RP2: 5/2/2013 6:20:48 PM - Installed AMD Processor Driver
  178. RP3: 5/2/2013 6:22:00 PM - Installed NVIDIA ForceWare Network Access Manager
  179. RP4: 5/2/2013 6:22:40 PM - Installed Windows Installer KB893803v2.
  180. RP5: 5/2/2013 6:24:05 PM - Installed NVIDIA PhysX
  181. RP6: 5/2/2013 6:31:52 PM - Installed Adobe Reader 9.1.
  182. RP7: 5/2/2013 6:32:33 PM - Installed PC Probe II
  183. RP8: 5/2/2013 6:42:10 PM - Installed AVG 2013
  184. RP9: 5/2/2013 6:42:21 PM - Installed AVG 2013
  185. RP10: 5/2/2013 6:56:03 PM - Installed Nero 7 Demo
  186. RP11: 5/2/2013 7:01:15 PM - Removed COMODO Firewall
  187. RP12: 5/2/2013 7:06:25 PM - Installed Realtek High Definition Audio Driver
  188. RP13: 5/2/2013 7:07:06 PM - Installed Windows XP KB888111WXPSP2.
  189. RP14: 5/2/2013 7:09:15 PM - Installed Realtek High Definition Audio Driver
  190. RP15: 5/2/2013 7:15:46 PM - Installed Windows Media Player 9 Series
  191. RP16: 5/2/2013 7:34:55 PM - Installed Realtek High Definition Audio Driver
  192. RP17: 5/2/2013 7:36:24 PM - Installed Realtek High Definition Audio Driver
  193. RP18: 5/2/2013 10:04:16 PM - Removed AVG 2013
  194. RP19: 5/3/2013 11:19:53 AM - Removed Realtek High Definition Audio Driver
  195. RP20: 5/3/2013 11:23:49 AM - Installed Realtek High Definition Audio Driver
  196. RP21: 5/3/2013 11:24:32 AM - Installed Windows XP KB888111WXPSP2.
  197. RP22: 5/7/2013 10:05:09 AM - Installed DirectX
  198. RP23: 5/10/2013 9:56:46 AM - Removed AVG 2013
  199. RP24: 5/11/2013 11:07:04 AM - Removed Adobe Reader 9.1.
  200. RP25: 5/11/2013 4:01:29 PM - Removed Adobe Reader 9.2.
  201. RP26: 5/12/2013 8:14:25 PM - Installed Disney Interactive Studios
  202. RP27: 5/12/2013 8:22:59 PM - Removed Disney Interactive Studios
  203. RP28: 5/12/2013 8:23:35 PM - Installed Disney Interactive Studios
  204. RP29: 5/12/2013 8:31:05 PM - Removed Disney Interactive Studios
  205. RP30: 5/12/2013 8:33:19 PM - Installed Disney Interactive Studios
  206. RP31: 5/12/2013 8:40:00 PM - Removed Disney Interactive Studios
  207. RP32: 5/12/2013 8:41:03 PM - Installed Disney Interactive Studios
  208. RP33: 5/16/2013 2:16:00 PM - System Checkpoint
  209. RP34: 5/19/2013 6:02:02 PM - System Checkpoint
  210. RP35: 5/21/2013 9:48:56 AM - Removed AVG 2013
  211. RP36: 5/23/2013 10:34:02 AM - Removed AVG 2013
  212. RP37: 5/24/2013 7:01:07 PM - System Checkpoint
  213. RP38: 5/27/2013 11:10:22 AM - System Checkpoint
  214. RP39: 5/28/2013 11:24:23 AM - System Checkpoint
  215. RP40: 5/30/2013 8:17:45 PM - System Checkpoint
  216. RP41: 5/31/2013 10:31:11 AM - Installed Microsoft Office Professional Edition 2003
  217. RP42: 6/1/2013 6:02:25 PM - Removed Adobe Reader 9.5.5.
  218. RP43: 6/5/2013 7:11:23 PM - System Checkpoint
  219. RP44: 6/7/2013 9:45:06 AM - Removed AVG 2013
  220. RP45: 6/8/2013 5:41:12 PM - System Checkpoint
  221. RP46: 6/9/2013 10:22:45 PM - Removed Skype™ 5.10
  222. RP47: 6/10/2013 6:57:03 PM - Removed AVG 2013
  223. RP48: 6/12/2013 2:37:13 PM - System Checkpoint
  224. RP49: 6/15/2013 2:34:11 PM - System Checkpoint
  225. RP50: 6/17/2013 2:34:26 PM - System Checkpoint
  226. RP51: 6/19/2013 1:34:22 PM - Removed IObit Apps Toolbar v7.1.
  227. RP52: 6/20/2013 1:50:32 PM - System Checkpoint
  228. RP53: 6/24/2013 2:16:49 PM - System Checkpoint
  229. RP54: 6/25/2013 6:48:24 PM - System Checkpoint
  230. RP55: 6/26/2013 9:47:06 AM - Removed AVG 2013
  231. RP56: 7/1/2013 2:01:15 PM - System Checkpoint
  232. RP57: 7/4/2013 1:23:46 PM - Removed COMODO Firewall
  233. RP58: 7/5/2013 3:43:08 PM - System Checkpoint
  234. RP59: 7/7/2013 2:38:00 PM - Removed Disney Interactive Studios
  235. RP60: 7/8/2013 10:21:48 AM - Restore Operation
  236. RP61: 7/8/2013 10:26:06 AM - Restore Operation
  237. RP62: 7/8/2013 10:27:51 AM - Restore Operation
  238. RP63: 7/8/2013 10:36:53 AM - Removed COMODO Firewall
  239. RP64: 7/8/2013 10:39:01 AM - Removed AVG 2013
  240. RP65: 7/9/2013 10:15:53 AM - Removed AVG 2013
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement