API tools faq
paste
Advertisement
Guest User

dddds

a guest
Apr 2nd, 2011
77
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 13.04 KB | None | 0 0
raw download clone embed print report
  1. .
  2. DDS (Ver_11-03-05.01) - NTFSx86
  3. Run by Owner at 14:52:45.45 on Sat 04/02/2011
  4. Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_24
  5. Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.203 [GMT -4:00]
  6. .
  7. AV: McAfee VirusScan *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
  8. AV: ESET Smart Security 4.2 *Enabled/Outdated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
  9. FW: ESET Personal firewall *Enabled*
  10. FW: McAfee Personal Firewall *Enabled*
  11. .
  12. ============== Running Processes ===============
  13. .
  14. C:\WINDOWS\system32\svchost -k DcomLaunch
  15. svchost.exe
  16. C:\WINDOWS\System32\svchost.exe -k netsvcs
  17. svchost.exe
  18. svchost.exe
  19. C:\WINDOWS\Explorer.EXE
  20. C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
  21. C:\Program Files\Bonjour\mDNSResponder.exe
  22. C:\Program Files\ESET\ESET Smart Security\ekrn.exe
  23. C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
  24. C:\WINDOWS\System32\svchost.exe -k HTTPFilter
  25. C:\WINDOWS\system32\HPZipm12.exe
  26. C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
  27. C:\Program Files\ESET\ESET Smart Security\egui.exe
  28. C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
  29. C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
  30. C:\Program Files\IObit\Game Booster\gbtray.exe
  31. C:\Program Files\AIM\aim.exe
  32. C:\WINDOWS\system32\svchost.exe -k imgsvc
  33. C:\WINDOWS\system32\wuauclt.exe
  34. C:\WINDOWS\system32\taskmgr.exe
  35. C:\WINDOWS\system32\msiexec.exe
  36. C:\Program Files\Java\jre6\bin\jqs.exe
  37. C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
  38. C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
  39. C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
  40. C:\Documents and Settings\Owner\My Documents\Downloads\dds (2).scr
  41. .
  42. ============== Pseudo HJT Report ===============
  43. .
  44. uStart Page = hxxp://www.yahoo.com/
  45. uSearch Page = hxxp://www.google.com
  46. uSearch Bar = hxxp://www.google.com/ie
  47. uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
  48. uInternet Connection Wizard,ShellNext = iexplore
  49. uInternet Settings,ProxyOverride = *.local
  50. uSearchAssistant = hxxp://www.google.com/ie
  51. uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
  52. mSearchAssistant = hxxp://www.google.com/ie
  53. BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
  54. BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
  55. BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
  56. TB: {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No File
  57. TB: {724D43A0-0D85-11D4-9908-00400523E39A} - No File
  58. TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
  59. uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
  60. uRun: [Aim] "c:\program files\aim\aim.exe" /d locale=en-US
  61. uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
  62. uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
  63. uRun: [Google Update] "c:\documents and settings\owner\local settings\application data\google\update\GoogleUpdate.exe" /c
  64. mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
  65. mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
  66. mRun: [Persistence] c:\windows\system32\igfxpers.exe
  67. mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
  68. mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice
  69. mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
  70. mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
  71. mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
  72. IE: &Search
  73. IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
  74. IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
  75. IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
  76. DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1218157883593
  77. DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
  78. DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - hxxps://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
  79. DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
  80. DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
  81. DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
  82. DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
  83. DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
  84. Notify: igfxcui - igfxdev.dll
  85. SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
  86. mASetup: {D58F39FF-953E-4F45-898F-59F243B9A523} - RUNDLL32 advpack.dll,LaunchINFSection Sidebar.inf,Register
  87. mASetup: {L17VSL2L-WD2S-DW7D-3O30-B267UDHUP01J} - c:\windows\system32\install\Svchost.exe
  88. .
  89. ================= FIREFOX ===================
  90. .
  91. FF - ProfilePath - c:\docume~1\owner\applic~1\mozilla\firefox\profiles\cjzujtba.default\
  92. FF - prefs.js: browser.search.selectedEngine - Secure Search
  93. FF - prefs.js: browser.startup.homepage - www.firefox.com
  94. FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p=
  95. FF - plugin: c:\documents and settings\all users\application data\nexonus\ngm\npNxGameUS.dll
  96. FF - plugin: c:\documents and settings\owner\local settings\application data\google\update\1.2.183.39\npGoogleOneClick8.dll
  97. FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
  98. FF - plugin: c:\program files\google\update\1.3.21.49\npGoogleUpdate2.dll
  99. FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
  100. FF - plugin: c:\program files\mozilla firefox\plugins\npdnupdater2.dll
  101. FF - plugin: c:\program files\msn toolbar\platform\6.3.2317.0\npwinext.dll
  102. FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
  103. FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll
  104. FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
  105. FF - Ext: Java Console: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
  106. FF - Ext: Font Finder: fontfinder@bendodson.com - %profile%\extensions\fontfinder@bendodson.com
  107. FF - Ext: Rotate Image: rotateimage@minisystems.de - %profile%\extensions\rotateimage@minisystems.de
  108. FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
  109. FF - Ext: Aquatint Black: {7694c49c-9fbd-11dc-8314-0800200c9a66} - %profile%\extensions\{7694c49c-9fbd-11dc-8314-0800200c9a66}
  110. FF - Ext: TryAgain: {992791ee-61dc-7b98-a8fd-dc49b7deeee9} - %profile%\extensions\{992791ee-61dc-7b98-a8fd-dc49b7deeee9}
  111. FF - Ext: WOT: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} - %profile%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
  112. FF - Ext: AIM Toolbar: {c2f863cd-0429-48c7-bb54-db756a951760} - %profile%\extensions\{c2f863cd-0429-48c7-bb54-db756a951760}
  113. FF - Ext: Fast Video Download (with SearchMenu): {c50ca3c4-5656-43c2-a061-13e717f73fc8} - %profile%\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}
  114. FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
  115. FF - Ext: Download Statusbar: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} - %profile%\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
  116. FF - Ext: Gradient iCool: {de5809e0-2b07-11dd-bd0b-0800200c9a66} - %profile%\extensions\{de5809e0-2b07-11dd-bd0b-0800200c9a66}
  117. FF - Ext: SearchPreview: {EF522540-89F5-46b9-B6FE-1829E2B572C6} - %profile%\extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6}
  118. FF - Ext: Autofill Forms: autofillForms@blueimp.net - %profile%\extensions\autofillForms@blueimp.net
  119. FF - Ext: Prize Live Toolbar: prizelivetoolbar@prizelive.com - %profile%\extensions\prizelivetoolbar@prizelive.com
  120. FF - Ext: Virtus Search Opt-in: extension@virtusdesigns.com - %profile%\extensions\extension@virtusdesigns.com
  121. FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
  122. FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
  123. .
  124. ---- FIREFOX POLICIES ----
  125. FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(general.useragent.extra.brc, BRI/1
  126. FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false
  127. ============= SERVICES / DRIVERS ===============
  128. .
  129. R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2010-1-5 385536]
  130. R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2010-4-28 114984]
  131. R2 ekrn;ESET Service;c:\program files\eset\eset smart security\ekrn.exe [2010-6-24 810144]
  132. R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2010\TuneUpUtilitiesService32.exe [2010-4-19 1050440]
  133. R3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\eaglexnt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]
  134. R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2010\TuneUpUtilitiesDriver32.sys [2010-2-25 10064]
  135. S2 gupdate1c913778b22e288;Google Update Service (gupdate1c913778b22e288);c:\program files\google\update\GoogleUpdate.exe [2008-9-10 133104]
  136. S2 McNaiAnn;McAfee VirusScan Announcer;"c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe" /mccoresvc --> c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [?]
  137. S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2008-9-10 133104]
  138. S3 IlvMoneyDRIVER53;IlvMoneyDRIVER53;\??\c:\docume~1\owner\locals~1\temp\rar$ex01.859\ilvmoney1196.sys --> c:\docume~1\owner\locals~1\temp\rar$ex01.859\IlvMoney1196.sys [?]
  139. S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
  140. .
  141. =============== Created Last 30 ================
  142. .
  143. 2011-04-02 18:43:38 -------- d-----w- c:\program files\Sun
  144. 2011-04-02 18:43:17 73728 ----a-w- c:\windows\system32\javacpl.cpl
  145. 2011-04-02 18:43:17 472808 ----a-w- c:\windows\system32\deployJava1.dll
  146. 2011-04-02 18:43:17 472808 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll
  147. 2011-04-01 19:33:15 -------- d-----w- c:\program files\Spybot - Search & Destroy
  148. 2011-04-01 19:33:15 -------- d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
  149. 2011-04-01 19:25:28 -------- d-----w- c:\docume~1\owner\applic~1\Malwarebytes
  150. 2011-04-01 19:25:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
  151. 2011-04-01 19:25:05 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
  152. 2011-04-01 19:25:01 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
  153. 2011-04-01 19:25:00 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
  154. 2011-03-31 21:33:10 -------- d-----w- c:\docume~1\owner\applic~1\NeopleLauncherDFO
  155. 2011-03-05 14:46:56 -------- d-----w- c:\windows\system32\wbem\repository\FS
  156. 2011-03-05 14:46:56 -------- d-----w- c:\windows\system32\wbem\Repository
  157. 2011-03-04 20:38:34 -------- d-----w- c:\docume~1\alluse~1\applic~1\fFeMkDd06511
  158. .
  159. ==================== Find3M ====================
  160. .
  161. 2011-02-09 13:53:52 270848 ----a-w- c:\windows\system32\sbe.dll
  162. 2011-02-09 13:53:52 186880 ----a-w- c:\windows\system32\encdec.dll
  163. 2011-02-02 07:58:35 2067456 ----a-w- c:\windows\system32\mstscax.dll
  164. 2011-01-27 11:57:06 677888 ----a-w- c:\windows\system32\mstsc.exe
  165. 2011-01-21 14:44:37 439296 ----a-w- c:\windows\system32\shimgvw.dll
  166. 2011-01-07 14:09:02 290048 ----a-w- c:\windows\system32\atmfd.dll
  167. 2011-01-04 21:42:39 0 ----a-w- c:\windows\Kkexeceweweciqu.bin
  168. .
  169. ============= FINISH: 14:53:50.73 ===============
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!