Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- DDS (Ver_2012-11-20.01) - NTFS_AMD64
- Internet Explorer: 11.0.9600.17239
- Run by Idan at 22:35:59 on 2014-09-05
- Microsoft Windows 7 Ultimate 6.1.7601.1.1255.972.1033.18.4063.1193 [GMT 3:00]
- .
- SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
- .
- ============== Running Processes ===============
- .
- C:\Windows\system32\lsm.exe
- C:\Windows\system32\svchost.exe -k DcomLaunch
- C:\Windows\system32\nvvsvc.exe
- C:\Windows\system32\svchost.exe -k RPCSS
- C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
- C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
- C:\Windows\system32\svchost.exe -k LocalService
- C:\Windows\system32\svchost.exe -k netsvcs
- C:\Windows\system32\svchost.exe -k NetworkService
- C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
- C:\Windows\system32\nvvsvc.exe
- C:\Windows\system32\Dwm.exe
- C:\Windows\system32\svchost.exe -k imgsvc
- C:\Windows\System32\svchost.exe -k secsvcs
- C:\Program Files\iPod\bin\iPodService.exe
- C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
- C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
- C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
- C:\Windows\explorer.exe
- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
- C:\Windows\system32\notepad.exe
- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- C:\Program Files (x86)\Origin\Origin.exe
- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- C:\Windows\system32\wbem\wmiprvse.exe
- C:\Windows\System32\cscript.exe
- .
- ============== Pseudo HJT Report ===============
- .
- uStart Page = hxxp://www.google.co.il/
- BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} -
- mRun: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
- mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
- uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
- uPolicies-Explorer: NoDrives = dword:0
- mPolicies-Explorer: NoDriveTypeAutoRun = dword:255
- mPolicies-Explorer: NoDrives = dword:0
- mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
- mPolicies-System: ConsentPromptBehaviorUser = dword:3
- mPolicies-System: EnableLUA = dword:0
- mPolicies-System: EnableUIADesktopToggle = dword:0
- mPolicies-System: PromptOnSecureDesktop = dword:0
- TCP: NameServer = 192.117.235.235 62.219.186.7
- TCP: Interfaces\{7DE4A546-C524-4607-BDB6-4E458998E7B6} : DHCPNameServer = 192.117.235.235 62.219.186.7
- Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
- SSODL: WebCheck - <orphaned>
- SEH: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - <orphaned>
- x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
- x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
- x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
- x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
- x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
- x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
- x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
- x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
- x64-SSODL: WebCheck - <orphaned>
- x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
- x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\39.0.2138.3\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
- .
- ================= FIREFOX ===================
- .
- FF - ProfilePath - C:\Users\Idan\AppData\Roaming\Mozilla\Firefox\Profiles\qxx9bulx.default\
- FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
- FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
- FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
- FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
- FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
- FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
- .
- ============= SERVICES / DRIVERS ===============
- .
- R1 HWiNFO32;HWiNFO32/64 Kernel Driver;C:\Program Files (x86)\HWiNFO32\HWiNFO64A.SYS [2011-12-12 30080]
- R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2011-5-5 254528]
- R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-4-10 849992]
- R3 rzdaendpt;Razer DeathAdder end point;C:\Windows\System32\drivers\rzdaendpt.sys [2014-5-19 33448]
- R3 rzudd;Razer Mouse Driver;C:\Windows\System32\drivers\rzudd.sys [2014-5-19 155816]
- R3 rzvkeyboard;Razer Virtual Keyboard Driver;C:\Windows\System32\drivers\rzvkeyboard.sys [2014-5-19 31400]
- R3 t3;Sound Blaster X-Fi Xtreme Audio;C:\Windows\System32\drivers\t3.sys [2009-5-6 639512]
- S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
- S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
- S2 hasplms;HASP License Manager;C:\Windows\System32\hasplms.exe -run --> C:\Windows\System32\hasplms.exe -run [?]
- S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
- S3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2010-12-8 122856]
- S3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2010-12-8 369640]
- S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-11-6 79360]
- S3 danewFltr;NewDeathAdder Mouse;C:\Windows\System32\drivers\danew.sys [2011-12-4 12032]
- S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
- S3 DrvAgent64;DrvAgent64;C:\Windows\SysWOW64\drivers\DrvAgent64.SYS [2013-8-1 21712]
- S3 Giraffic;Giraffic Video Accelerator;C:\Program Files (x86)\Giraffic\GirafficWatchdog.exe --service --> C:\Program Files (x86)\Giraffic\GirafficWatchdog.exe --service [?]
- S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-8-15 111616]
- S3 Linksys_adapter_H;Linksys Adapter Network Driver;C:\Windows\System32\drivers\AE2500w764.sys [2011-3-29 1254464]
- S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
- S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992]
- S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
- S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2010-11-21 88960]
- S3 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-8-7 5052224]
- S3 teamviewervpn;TeamViewer VPN Adapter;C:\Windows\System32\drivers\teamviewervpn.sys [2011-7-2 35112]
- S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2010-11-21 34816]
- S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
- S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
- S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2010-11-21 117248]
- S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
- S3 VKbms;Virtual HID Minidriver;C:\Windows\System32\drivers\VKbms.sys [2011-12-4 13312]
- S3 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [2011-3-25 539248]
- S3 vna_ap;Check Point Virtual Network Adapter - Apollo;C:\Windows\System32\drivers\vnaap.sys [2010-9-26 161256]
- S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-5-5 1255736]
- .
- =============== Created Last 30 ================
- .
- 2014-09-05 18:56:13 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9DC27DB2-8404-4C11-9AF8-6672EB379644}\offreg.dll
- 2014-09-04 21:22:36 -------- d-----w- C:\Program Files (x86)\ESET
- 2014-09-04 21:13:15 -------- d-----w- C:\Windows\ERUNT
- 2014-09-03 23:32:33 536576 ----a-w- C:\Windows\SysWow64\sqlite3.dll
- 2014-09-03 23:30:54 -------- d-----w- C:\AdwCleaner
- 2014-09-02 18:03:23 11319192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9DC27DB2-8404-4C11-9AF8-6672EB379644}\mpengine.dll
- 2014-08-29 18:10:31 -------- d-----w- C:\Program Files\Speccy
- 2014-08-28 08:30:42 404480 ----a-w- C:\Windows\System32\gdi32.dll
- 2014-08-28 08:30:42 3163648 ----a-w- C:\Windows\System32\win32k.sys
- 2014-08-28 08:30:42 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
- 2014-08-14 00:03:50 99480 ----a-w- C:\Windows\SysWow64\infocardapi.dll
- 2014-08-14 00:03:50 171160 ----a-w- C:\Windows\System32\infocardapi.dll
- 2014-08-14 00:03:49 619672 ----a-w- C:\Windows\SysWow64\icardagt.exe
- 2014-08-14 00:03:49 1389208 ----a-w- C:\Windows\System32\icardagt.exe
- 2014-08-14 00:03:45 8856 ----a-w- C:\Windows\SysWow64\icardres.dll
- 2014-08-14 00:03:45 8856 ----a-w- C:\Windows\System32\icardres.dll
- 2014-08-14 00:03:07 35480 ----a-w- C:\Windows\SysWow64\TsWpfWrp.exe
- 2014-08-14 00:03:07 35480 ----a-w- C:\Windows\System32\TsWpfWrp.exe
- 2014-08-13 20:51:28 664064 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
- 2014-08-13 20:51:28 1216000 ----a-w- C:\Windows\System32\rpcrt4.dll
- 2014-08-13 20:51:27 529920 ----a-w- C:\Windows\System32\aepdu.dll
- 2014-08-13 20:51:27 424448 ----a-w- C:\Windows\System32\aeinv.dll
- .
- ==================== Find3M ====================
- .
- 2014-08-05 06:20:00 270496 ------w- C:\Windows\System32\MpSigStub.exe
- 2014-07-25 14:02:12 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
- 2014-07-25 14:01:41 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
- 2014-07-25 13:30:30 66048 ----a-w- C:\Windows\System32\iesetup.dll
- 2014-07-25 13:28:35 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
- 2014-07-25 13:28:27 548352 ----a-w- C:\Windows\System32\vbscript.dll
- 2014-07-25 13:25:45 83968 ----a-w- C:\Windows\System32\MshtmlDac.dll
- 2014-07-25 13:04:40 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
- 2014-07-25 13:00:51 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
- 2014-07-25 13:00:25 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
- 2014-07-25 12:59:28 758272 ----a-w- C:\Windows\System32\jscript9diag.dll
- 2014-07-25 12:47:25 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
- 2014-07-25 12:34:49 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
- 2014-07-25 12:34:03 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll
- 2014-07-25 12:33:08 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
- 2014-07-25 12:30:32 61952 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
- 2014-07-25 12:28:15 5824512 ----a-w- C:\Windows\System32\jscript9.dll
- 2014-07-25 12:28:05 72704 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
- 2014-07-25 12:10:15 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
- 2014-07-25 12:08:47 597504 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
- 2014-07-25 12:06:47 4204032 ----a-w- C:\Windows\SysWow64\jscript9.dll
- 2014-07-25 11:43:16 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
- 2014-07-25 11:39:29 2087936 ----a-w- C:\Windows\System32\inetcpl.cpl
- 2014-07-25 11:39:25 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
- 2014-07-25 11:07:49 2001920 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
- 2014-07-25 11:07:10 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
- 2014-07-25 10:52:06 2266624 ----a-w- C:\Windows\System32\wininet.dll
- 2014-07-25 10:05:23 1792512 ----a-w- C:\Windows\SysWow64\wininet.dll
- 2014-07-19 17:42:40 111016 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
- 2014-07-16 03:23:41 2048 ----a-w- C:\Windows\System32\tzres.dll
- 2014-07-16 02:46:02 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
- 2014-07-13 09:18:36 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
- 2014-07-13 09:18:36 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
- 2014-07-09 02:03:23 7168 ----a-w- C:\Windows\System32\KBDYAK.DLL
- 2014-07-09 02:03:22 7168 ----a-w- C:\Windows\System32\KBDBASH.DLL
- 2014-07-09 01:31:42 7168 ----a-w- C:\Windows\SysWow64\KBDYAK.DLL
- 2014-07-09 01:31:41 6656 ----a-w- C:\Windows\SysWow64\KBDBASH.DLL
- 2014-06-18 02:18:30 692736 ----a-w- C:\Windows\System32\osk.exe
- 2014-06-18 01:51:32 646144 ----a-w- C:\Windows\SysWow64\osk.exe
- 2014-06-16 02:10:19 985536 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
- .
- ============= FINISH: 22:37:11.07 ===============
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement