Advertisement
Guest User

Untitled

a guest
Sep 5th, 2014
1,292
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 13.47 KB | None | 0 0
  1. DDS (Ver_2012-11-20.01) - NTFS_AMD64
  2. Internet Explorer: 11.0.9600.17239
  3. Run by Idan at 22:35:59 on 2014-09-05
  4. Microsoft Windows 7 Ultimate 6.1.7601.1.1255.972.1033.18.4063.1193 [GMT 3:00]
  5. .
  6. SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  7. .
  8. ============== Running Processes ===============
  9. .
  10. C:\Windows\system32\lsm.exe
  11. C:\Windows\system32\svchost.exe -k DcomLaunch
  12. C:\Windows\system32\nvvsvc.exe
  13. C:\Windows\system32\svchost.exe -k RPCSS
  14. C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
  15. C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
  16. C:\Windows\system32\svchost.exe -k LocalService
  17. C:\Windows\system32\svchost.exe -k netsvcs
  18. C:\Windows\system32\svchost.exe -k NetworkService
  19. C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
  20. C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
  21. C:\Windows\system32\nvvsvc.exe
  22. C:\Windows\system32\Dwm.exe
  23. C:\Windows\system32\svchost.exe -k imgsvc
  24. C:\Windows\System32\svchost.exe -k secsvcs
  25. C:\Program Files\iPod\bin\iPodService.exe
  26. C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
  27. C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
  28. C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
  29. C:\Windows\explorer.exe
  30. C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
  31. C:\Windows\system32\notepad.exe
  32. C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  33. C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  34. C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  35. C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  36. C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  37. C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  38. C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  39. C:\Program Files (x86)\Origin\Origin.exe
  40. C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  41. C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  42. C:\Windows\system32\wbem\wmiprvse.exe
  43. C:\Windows\System32\cscript.exe
  44. .
  45. ============== Pseudo HJT Report ===============
  46. .
  47. uStart Page = hxxp://www.google.co.il/
  48. BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} -
  49. mRun: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
  50. mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
  51. uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
  52. uPolicies-Explorer: NoDrives = dword:0
  53. mPolicies-Explorer: NoDriveTypeAutoRun = dword:255
  54. mPolicies-Explorer: NoDrives = dword:0
  55. mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
  56. mPolicies-System: ConsentPromptBehaviorUser = dword:3
  57. mPolicies-System: EnableLUA = dword:0
  58. mPolicies-System: EnableUIADesktopToggle = dword:0
  59. mPolicies-System: PromptOnSecureDesktop = dword:0
  60. TCP: NameServer = 192.117.235.235 62.219.186.7
  61. TCP: Interfaces\{7DE4A546-C524-4607-BDB6-4E458998E7B6} : DHCPNameServer = 192.117.235.235 62.219.186.7
  62. Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
  63. SSODL: WebCheck - <orphaned>
  64. SEH: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - <orphaned>
  65. x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
  66. x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
  67. x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
  68. x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
  69. x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
  70. x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
  71. x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
  72. x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
  73. x64-SSODL: WebCheck - <orphaned>
  74. x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
  75. x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\39.0.2138.3\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
  76. .
  77. ================= FIREFOX ===================
  78. .
  79. FF - ProfilePath - C:\Users\Idan\AppData\Roaming\Mozilla\Firefox\Profiles\qxx9bulx.default\
  80. FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
  81. FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
  82. FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
  83. FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
  84. FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
  85. FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
  86. .
  87. ============= SERVICES / DRIVERS ===============
  88. .
  89. R1 HWiNFO32;HWiNFO32/64 Kernel Driver;C:\Program Files (x86)\HWiNFO32\HWiNFO64A.SYS [2011-12-12 30080]
  90. R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2011-5-5 254528]
  91. R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-4-10 849992]
  92. R3 rzdaendpt;Razer DeathAdder end point;C:\Windows\System32\drivers\rzdaendpt.sys [2014-5-19 33448]
  93. R3 rzudd;Razer Mouse Driver;C:\Windows\System32\drivers\rzudd.sys [2014-5-19 155816]
  94. R3 rzvkeyboard;Razer Virtual Keyboard Driver;C:\Windows\System32\drivers\rzvkeyboard.sys [2014-5-19 31400]
  95. R3 t3;Sound Blaster X-Fi Xtreme Audio;C:\Windows\System32\drivers\t3.sys [2009-5-6 639512]
  96. S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
  97. S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
  98. S2 hasplms;HASP License Manager;C:\Windows\System32\hasplms.exe -run --> C:\Windows\System32\hasplms.exe -run [?]
  99. S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
  100. S3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2010-12-8 122856]
  101. S3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2010-12-8 369640]
  102. S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-11-6 79360]
  103. S3 danewFltr;NewDeathAdder Mouse;C:\Windows\System32\drivers\danew.sys [2011-12-4 12032]
  104. S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
  105. S3 DrvAgent64;DrvAgent64;C:\Windows\SysWOW64\drivers\DrvAgent64.SYS [2013-8-1 21712]
  106. S3 Giraffic;Giraffic Video Accelerator;C:\Program Files (x86)\Giraffic\GirafficWatchdog.exe --service --> C:\Program Files (x86)\Giraffic\GirafficWatchdog.exe --service [?]
  107. S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-8-15 111616]
  108. S3 Linksys_adapter_H;Linksys Adapter Network Driver;C:\Windows\System32\drivers\AE2500w764.sys [2011-3-29 1254464]
  109. S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
  110. S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992]
  111. S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
  112. S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2010-11-21 88960]
  113. S3 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-8-7 5052224]
  114. S3 teamviewervpn;TeamViewer VPN Adapter;C:\Windows\System32\drivers\teamviewervpn.sys [2011-7-2 35112]
  115. S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2010-11-21 34816]
  116. S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
  117. S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
  118. S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2010-11-21 117248]
  119. S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
  120. S3 VKbms;Virtual HID Minidriver;C:\Windows\System32\drivers\VKbms.sys [2011-12-4 13312]
  121. S3 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [2011-3-25 539248]
  122. S3 vna_ap;Check Point Virtual Network Adapter - Apollo;C:\Windows\System32\drivers\vnaap.sys [2010-9-26 161256]
  123. S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-5-5 1255736]
  124. .
  125. =============== Created Last 30 ================
  126. .
  127. 2014-09-05 18:56:13 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9DC27DB2-8404-4C11-9AF8-6672EB379644}\offreg.dll
  128. 2014-09-04 21:22:36 -------- d-----w- C:\Program Files (x86)\ESET
  129. 2014-09-04 21:13:15 -------- d-----w- C:\Windows\ERUNT
  130. 2014-09-03 23:32:33 536576 ----a-w- C:\Windows\SysWow64\sqlite3.dll
  131. 2014-09-03 23:30:54 -------- d-----w- C:\AdwCleaner
  132. 2014-09-02 18:03:23 11319192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9DC27DB2-8404-4C11-9AF8-6672EB379644}\mpengine.dll
  133. 2014-08-29 18:10:31 -------- d-----w- C:\Program Files\Speccy
  134. 2014-08-28 08:30:42 404480 ----a-w- C:\Windows\System32\gdi32.dll
  135. 2014-08-28 08:30:42 3163648 ----a-w- C:\Windows\System32\win32k.sys
  136. 2014-08-28 08:30:42 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
  137. 2014-08-14 00:03:50 99480 ----a-w- C:\Windows\SysWow64\infocardapi.dll
  138. 2014-08-14 00:03:50 171160 ----a-w- C:\Windows\System32\infocardapi.dll
  139. 2014-08-14 00:03:49 619672 ----a-w- C:\Windows\SysWow64\icardagt.exe
  140. 2014-08-14 00:03:49 1389208 ----a-w- C:\Windows\System32\icardagt.exe
  141. 2014-08-14 00:03:45 8856 ----a-w- C:\Windows\SysWow64\icardres.dll
  142. 2014-08-14 00:03:45 8856 ----a-w- C:\Windows\System32\icardres.dll
  143. 2014-08-14 00:03:07 35480 ----a-w- C:\Windows\SysWow64\TsWpfWrp.exe
  144. 2014-08-14 00:03:07 35480 ----a-w- C:\Windows\System32\TsWpfWrp.exe
  145. 2014-08-13 20:51:28 664064 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
  146. 2014-08-13 20:51:28 1216000 ----a-w- C:\Windows\System32\rpcrt4.dll
  147. 2014-08-13 20:51:27 529920 ----a-w- C:\Windows\System32\aepdu.dll
  148. 2014-08-13 20:51:27 424448 ----a-w- C:\Windows\System32\aeinv.dll
  149. .
  150. ==================== Find3M ====================
  151. .
  152. 2014-08-05 06:20:00 270496 ------w- C:\Windows\System32\MpSigStub.exe
  153. 2014-07-25 14:02:12 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
  154. 2014-07-25 14:01:41 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
  155. 2014-07-25 13:30:30 66048 ----a-w- C:\Windows\System32\iesetup.dll
  156. 2014-07-25 13:28:35 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
  157. 2014-07-25 13:28:27 548352 ----a-w- C:\Windows\System32\vbscript.dll
  158. 2014-07-25 13:25:45 83968 ----a-w- C:\Windows\System32\MshtmlDac.dll
  159. 2014-07-25 13:04:40 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
  160. 2014-07-25 13:00:51 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
  161. 2014-07-25 13:00:25 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
  162. 2014-07-25 12:59:28 758272 ----a-w- C:\Windows\System32\jscript9diag.dll
  163. 2014-07-25 12:47:25 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
  164. 2014-07-25 12:34:49 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
  165. 2014-07-25 12:34:03 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll
  166. 2014-07-25 12:33:08 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
  167. 2014-07-25 12:30:32 61952 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
  168. 2014-07-25 12:28:15 5824512 ----a-w- C:\Windows\System32\jscript9.dll
  169. 2014-07-25 12:28:05 72704 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
  170. 2014-07-25 12:10:15 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
  171. 2014-07-25 12:08:47 597504 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
  172. 2014-07-25 12:06:47 4204032 ----a-w- C:\Windows\SysWow64\jscript9.dll
  173. 2014-07-25 11:43:16 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
  174. 2014-07-25 11:39:29 2087936 ----a-w- C:\Windows\System32\inetcpl.cpl
  175. 2014-07-25 11:39:25 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
  176. 2014-07-25 11:07:49 2001920 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
  177. 2014-07-25 11:07:10 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
  178. 2014-07-25 10:52:06 2266624 ----a-w- C:\Windows\System32\wininet.dll
  179. 2014-07-25 10:05:23 1792512 ----a-w- C:\Windows\SysWow64\wininet.dll
  180. 2014-07-19 17:42:40 111016 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
  181. 2014-07-16 03:23:41 2048 ----a-w- C:\Windows\System32\tzres.dll
  182. 2014-07-16 02:46:02 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
  183. 2014-07-13 09:18:36 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
  184. 2014-07-13 09:18:36 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
  185. 2014-07-09 02:03:23 7168 ----a-w- C:\Windows\System32\KBDYAK.DLL
  186. 2014-07-09 02:03:22 7168 ----a-w- C:\Windows\System32\KBDBASH.DLL
  187. 2014-07-09 01:31:42 7168 ----a-w- C:\Windows\SysWow64\KBDYAK.DLL
  188. 2014-07-09 01:31:41 6656 ----a-w- C:\Windows\SysWow64\KBDBASH.DLL
  189. 2014-06-18 02:18:30 692736 ----a-w- C:\Windows\System32\osk.exe
  190. 2014-06-18 01:51:32 646144 ----a-w- C:\Windows\SysWow64\osk.exe
  191. 2014-06-16 02:10:19 985536 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
  192. .
  193. ============= FINISH: 22:37:11.07 ===============
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement