Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- DDS (Ver_2012-11-20.01) - NTFS_x86
- Internet Explorer: 6.0.2900.2180
- Run by Pedja at 9:55:20 on 2013-07-10
- Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2047.1318 [GMT 2:00]
- .
- AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
- .
- ============== Running Processes ================
- .
- C:\WINDOWS\system32\nvsvc32.exe
- C:\WINDOWS\system32\spoolsv.exe
- C:\Program Files\Application Updater\ApplicationUpdater.exe
- C:\WINDOWS\Explorer.EXE
- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe
- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
- C:\WINDOWS\system32\RUNDLL32.EXE
- C:\Program Files\AVG Secure Search\vprot.exe
- C:\WINDOWS\RTHDCPL.EXE
- C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
- C:\WINDOWS\system32\ctfmon.exe
- C:\Documents and Settings\Pedja\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe
- C:\Program Files\Skype\Phone\Skype.exe
- C:\WINDOWS\System32\WScript.exe
- C:\Program Files\MCShield\mcshieldrtm.exe
- C:\WINDOWS\System32\alg.exe
- C:\Program Files\Mozilla Firefox\firefox.exe
- C:\Program Files\Mozilla Firefox\plugin-container.exe
- C:\WINDOWS\system32\wbem\wmiprvse.exe
- C:\WINDOWS\System32\svchost.exe -k netsvcs
- C:\WINDOWS\system32\svchost.exe -k NetworkService
- C:\WINDOWS\system32\svchost.exe -k LocalService
- C:\WINDOWS\system32\svchost.exe -k imgsvc
- .
- ============== Pseudo HJT Report ===============
- .
- uStart Page = hxxp://www2.delta-search.com/?affID=119816&tt=gc_&babsrc=HP_ss&mntrId=ACB3485B39B5BFD0
- uURLSearchHooks: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - c:\program files\iobit apps toolbar\ie\7.2\iobitappsToolbarIE.dll
- BHO: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - c:\program files\iobit apps toolbar\ie\7.2\iobitappsToolbarIE.dll
- BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
- BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
- BHO: {2A5A2A90-3B30-4E6E-A955-2F232C6EF517} - <orphaned>
- BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\15.2.0.5\AVG Secure Search_toolbar.dll
- TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
- TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\15.2.0.5\AVG Secure Search_toolbar.dll
- TB: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - c:\program files\iobit apps toolbar\ie\7.2\iobitappsToolbarIE.dll
- uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
- uRun: [Google Update] "c:\documents and settings\pedja\local settings\application data\google\update\GoogleUpdate.exe" /c
- uRun: [Facebook Update] "c:\documents and settings\pedja\local settings\application data\facebook\update\FacebookUpdate.exe" /c /nocrashserver
- uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
- uRun: [help.vbe] "c:\docume~1\pedja\locals~1\temp\help.vbe"
- uRun: [MCShield Monitor] c:\program files\mcshield\mcshieldrtm.exe
- mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /install
- mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
- mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
- mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
- mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
- mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
- mRun: [RTHDCPL] RTHDCPL.EXE
- mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
- mRun: [SearchSettings] "c:\program files\common files\spigot\search settings\SearchSettings.exe"
- mRun: [help.vbe] "c:\docume~1\pedja\locals~1\temp\help.vbe"
- StartupFolder: c:\documents and settings\pedja\start menu\programs\startup\help.vbe
- uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
- mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
- IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
- IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
- IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
- DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1367525119187
- TCP: NameServer = 79.143.160.20 79.143.168.8
- TCP: Interfaces\{6E250B0A-5289-4F49-A575-F8EDE5AC939F} : DHCPNameServer = 79.143.160.20 79.143.168.8
- Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
- Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\15.2.0\ViProtocol.dll
- AppInit_DLLs= c:\docume~1\alluse~1\applic~1\browse~1\261249~1.132\{c16c1~1\browse~1.dll
- .
- ================= FIREFOX ===================
- .
- FF - ProfilePath - c:\documents and settings\pedja\application data\mozilla\firefox\profiles\spy0hywg.default\
- FF - prefs.js: browser.startup.homepage - hxxp://www.google.ba/
- FF - plugin: c:\documents and settings\pedja\local settings\application data\facebook\video\skype\npFacebookVideoCalling.dll
- FF - plugin: c:\documents and settings\pedja\local settings\application data\google\update\1.3.21.149\npGoogleUpdate3.dll
- FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
- FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\15.2.0\npsitesafety.dll
- FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_224.dll
- FF - ExtSQL: 2013-05-16 22:07; iobitapps@mybrowserbar.com; c:\program files\iobit apps toolbar\FF
- FF - ExtSQL: 2013-06-09 13:45; plugin@getwebcake.com; c:\documents and settings\pedja\application data\mozilla\firefox\profiles\spy0hywg.default\extensions\plugin@getwebcake.com
- FF - ExtSQL: 2013-07-08 11:00; jid1-tdms4EWes6XF5w@jetpack; c:\documents and settings\pedja\application data\mozilla\firefox\profiles\spy0hywg.default\extensions\jid1-tdms4EWes6XF5w@jetpack.xpi
- .
- ---- FIREFOX POLICIES ----
- FF - user.js: extentions.webcake.installId - 0ee9768a-cfb4-4e11-87a5-2ab67cb201a1
- FF - user.js: extentions.webcake.defaultEnableAppsList - layers,brain/features,newOffers/wc
- .
- ============= SERVICES / DRIVERS ===============
- .
- R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2013-2-8 60216]
- R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2013-2-8 245048]
- R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2013-2-8 96568]
- R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2013-2-8 39224]
- R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2013-2-26 208184]
- R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2013-3-1 22328]
- R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2013-2-8 170808]
- R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2013-2-14 182072]
- R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2013-5-2 37664]
- R2 Application Updater;Application Updater;c:\program files\application updater\ApplicationUpdater.exe [2013-6-7 806776]
- R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2013-5-14 4937264]
- R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2013-4-18 283136]
- R2 vToolbarUpdater15.2.0;vToolbarUpdater15.2.0;c:\program files\common files\avg secure search\vtoolbarupdater\15.2.0\ToolbarUpdater.exe [2013-5-23 1015984]
- S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-4-19 161384]
- S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2013-5-3 1684736]
- .
- =============== Created Last 30 ================
- .
- 2013-07-09 08:16:22 -------- d-----w- c:\program files\MCShield
- 2013-07-09 08:16:22 -------- d-----w- c:\documents and settings\all users\application data\MCShield
- 2013-07-08 09:08:28 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
- 2013-07-08 08:33:57 -------- d-----w- c:\windows\system32\wbem\repository\FS
- 2013-07-08 08:33:57 -------- d-----w- c:\windows\system32\wbem\Repository
- 2013-07-08 08:28:17 -------- d-----w- c:\program files\OpenAL
- 2013-07-07 12:37:00 -------- d-----w- c:\documents and settings\pedja\application data\avidemux
- 2013-07-07 09:25:35 -------- d-----w- c:\documents and settings\pedja\application data\NCH Software
- 2013-07-07 09:25:24 -------- d-----w- c:\program files\NCH Software
- 2013-07-07 08:37:25 -------- d-----w- c:\documents and settings\pedja\application data\Malwarebytes
- 2013-07-07 08:35:18 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
- 2013-07-07 08:35:18 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
- 2013-07-07 08:34:44 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy
- 2013-06-30 13:58:44 -------- d-----w- c:\documents and settings\all users\GlarySoft
- 2013-06-30 13:32:59 -------- d-----w- c:\program files\Glary Utilities 3
- 2013-06-19 11:34:44 -------- d-----w- c:\documents and settings\pedja\application data\Search Settings
- 2013-06-19 11:34:31 -------- d-----w- c:\program files\IObit Apps Toolbar
- 2013-06-19 11:34:31 -------- d-----w- c:\program files\Application Updater
- 2013-06-10 15:02:52 -------- d-----w- c:\documents and settings\pedja\application data\IObit Apps
- .
- ==================== Find3M ====================
- .
- 2013-06-18 16:52:44 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
- 2013-06-18 16:52:44 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
- 2013-06-01 16:07:35 444952 ----a-w- c:\windows\system32\wrap_oal.dll
- 2013-06-01 16:07:35 109080 ----a-w- c:\windows\system32\OpenAL32.dll
- 2013-05-23 09:34:14 37664 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
- .
- ============= FINISH: 9:55:38.26 ===============
- .
- UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
- IF REQUESTED, ZIP IT UP & ATTACH IT
- .
- DDS (Ver_2012-11-20.01)
- .
- Microsoft Windows XP Professional
- Boot Device: \Device\HarddiskVolume1
- Install Date: 5/2/2013 4:47:52 PM
- System Uptime: 7/10/2013 9:22:13 AM (0 hours ago)
- .
- Motherboard: ASUSTeK Computer INC. | | M2N68-AM SE2
- Processor: AMD Athlon(tm) II X2 250 Processor | AM2 | 3013/200mhz
- Processor: AMD Athlon(tm) II X2 250 Processor | AM2 | 3013/200mhz
- .
- ==== Disk Partitions =========================
- .
- C: is FIXED (NTFS) - 154 GiB total, 142.541 GiB free.
- D: is FIXED (NTFS) - 164 GiB total, 156.607 GiB free.
- E: is FIXED (NTFS) - 147 GiB total, 47.865 GiB free.
- F: is CDROM ()
- .
- ==== Disabled Device Manager Items =============
- .
- Class GUID:
- Description:
- Device ID: HDAUDIO\FUNC_01&VEN_10DE&DEV_000B&SUBSYS_10DE0101&REV_1001\5&1E4128DC&1&0101
- Manufacturer:
- Name:
- PNP Device ID: HDAUDIO\FUNC_01&VEN_10DE&DEV_000B&SUBSYS_10DE0101&REV_1001\5&1E4128DC&1&0101
- Service:
- .
- ==== System Restore Points ===================
- .
- RP1: 5/2/2013 4:52:34 PM - System Checkpoint
- RP2: 5/2/2013 6:20:48 PM - Installed AMD Processor Driver
- RP3: 5/2/2013 6:22:00 PM - Installed NVIDIA ForceWare Network Access Manager
- RP4: 5/2/2013 6:22:40 PM - Installed Windows Installer KB893803v2.
- RP5: 5/2/2013 6:24:05 PM - Installed NVIDIA PhysX
- RP6: 5/2/2013 6:31:52 PM - Installed Adobe Reader 9.1.
- RP7: 5/2/2013 6:32:33 PM - Installed PC Probe II
- RP8: 5/2/2013 6:42:10 PM - Installed AVG 2013
- RP9: 5/2/2013 6:42:21 PM - Installed AVG 2013
- RP10: 5/2/2013 6:56:03 PM - Installed Nero 7 Demo
- RP11: 5/2/2013 7:01:15 PM - Removed COMODO Firewall
- RP12: 5/2/2013 7:06:25 PM - Installed Realtek High Definition Audio Driver
- RP13: 5/2/2013 7:07:06 PM - Installed Windows XP KB888111WXPSP2.
- RP14: 5/2/2013 7:09:15 PM - Installed Realtek High Definition Audio Driver
- RP15: 5/2/2013 7:15:46 PM - Installed Windows Media Player 9 Series
- RP16: 5/2/2013 7:34:55 PM - Installed Realtek High Definition Audio Driver
- RP17: 5/2/2013 7:36:24 PM - Installed Realtek High Definition Audio Driver
- RP18: 5/2/2013 10:04:16 PM - Removed AVG 2013
- RP19: 5/3/2013 11:19:53 AM - Removed Realtek High Definition Audio Driver
- RP20: 5/3/2013 11:23:49 AM - Installed Realtek High Definition Audio Driver
- RP21: 5/3/2013 11:24:32 AM - Installed Windows XP KB888111WXPSP2.
- RP22: 5/7/2013 10:05:09 AM - Installed DirectX
- RP23: 5/10/2013 9:56:46 AM - Removed AVG 2013
- RP24: 5/11/2013 11:07:04 AM - Removed Adobe Reader 9.1.
- RP25: 5/11/2013 4:01:29 PM - Removed Adobe Reader 9.2.
- RP26: 5/12/2013 8:14:25 PM - Installed Disney Interactive Studios
- RP27: 5/12/2013 8:22:59 PM - Removed Disney Interactive Studios
- RP28: 5/12/2013 8:23:35 PM - Installed Disney Interactive Studios
- RP29: 5/12/2013 8:31:05 PM - Removed Disney Interactive Studios
- RP30: 5/12/2013 8:33:19 PM - Installed Disney Interactive Studios
- RP31: 5/12/2013 8:40:00 PM - Removed Disney Interactive Studios
- RP32: 5/12/2013 8:41:03 PM - Installed Disney Interactive Studios
- RP33: 5/16/2013 2:16:00 PM - System Checkpoint
- RP34: 5/19/2013 6:02:02 PM - System Checkpoint
- RP35: 5/21/2013 9:48:56 AM - Removed AVG 2013
- RP36: 5/23/2013 10:34:02 AM - Removed AVG 2013
- RP37: 5/24/2013 7:01:07 PM - System Checkpoint
- RP38: 5/27/2013 11:10:22 AM - System Checkpoint
- RP39: 5/28/2013 11:24:23 AM - System Checkpoint
- RP40: 5/30/2013 8:17:45 PM - System Checkpoint
- RP41: 5/31/2013 10:31:11 AM - Installed Microsoft Office Professional Edition 2003
- RP42: 6/1/2013 6:02:25 PM - Removed Adobe Reader 9.5.5.
- RP43: 6/5/2013 7:11:23 PM - System Checkpoint
- RP44: 6/7/2013 9:45:06 AM - Removed AVG 2013
- RP45: 6/8/2013 5:41:12 PM - System Checkpoint
- RP46: 6/9/2013 10:22:45 PM - Removed Skype™ 5.10
- RP47: 6/10/2013 6:57:03 PM - Removed AVG 2013
- RP48: 6/12/2013 2:37:13 PM - System Checkpoint
- RP49: 6/15/2013 2:34:11 PM - System Checkpoint
- RP50: 6/17/2013 2:34:26 PM - System Checkpoint
- RP51: 6/19/2013 1:34:22 PM - Removed IObit Apps Toolbar v7.1.
- RP52: 6/20/2013 1:50:32 PM - System Checkpoint
- RP53: 6/24/2013 2:16:49 PM - System Checkpoint
- RP54: 6/25/2013 6:48:24 PM - System Checkpoint
- RP55: 6/26/2013 9:47:06 AM - Removed AVG 2013
- RP56: 7/1/2013 2:01:15 PM - System Checkpoint
- RP57: 7/4/2013 1:23:46 PM - Removed COMODO Firewall
- RP58: 7/5/2013 3:43:08 PM - System Checkpoint
- RP59: 7/7/2013 2:38:00 PM - Removed Disney Interactive Studios
- RP60: 7/8/2013 10:21:48 AM - Restore Operation
- RP61: 7/8/2013 10:26:06 AM - Restore Operation
- RP62: 7/8/2013 10:27:51 AM - Restore Operation
- RP63: 7/8/2013 10:36:53 AM - Removed COMODO Firewall
- RP64: 7/8/2013 10:39:01 AM - Removed AVG 2013
- RP65: 7/9/2013 10:15:53 AM - Removed AVG 2013
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement