Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORK
- Internet Explorer: 8.0.7600.17267
- Run by Borko at 23:31:39 on 2013-08-08
- Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.4096.3375 [GMT 2:00]
- .
- SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
- .
- ============== Running Processes ===============
- .
- C:\Windows\system32\lsm.exe
- C:\Windows\system32\svchost.exe -k DcomLaunch
- C:\Windows\system32\svchost.exe -k RPCSS
- C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
- C:\Windows\system32\svchost.exe -k netsvcs
- C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
- C:\Windows\system32\svchost.exe -k LocalService
- C:\Windows\system32\svchost.exe -k NetworkService
- C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
- C:\Windows\Explorer.EXE
- C:\Windows\system32\ctfmon.exe
- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
- C:\Windows\system32\NOTEPAD.EXE
- C:\Windows\System32\svchost.exe -k secsvcs
- C:\Windows\system32\wbem\wmiprvse.exe
- C:\Windows\system32\wbem\wmiprvse.exe
- C:\Windows\System32\cscript.exe
- .
- ============== Pseudo HJT Report ===============
- .
- uStart Page = hxxp://www.google.com
- mStart Page = hxxp://www.google.com
- mWinlogon: Userinit = userinit.exe
- BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
- BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
- BHO: cOOntiinuetoosave: {9A991F87-2E8A-1480-4F9E-E619E706132A} -
- TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
- uRun: [uTorrent] "C:\Users\\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
- uRunOnce: [Report] C:\AdwCleaner[S1].txt
- mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
- mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
- mPolicies-Explorer: NoActiveDesktop = dword:1
- mPolicies-Explorer: NoActiveDesktopChanges = dword:1
- mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
- mPolicies-System: ConsentPromptBehaviorUser = dword:3
- mPolicies-System: EnableUIADesktopToggle = dword:0
- TCP: Interfaces\{5C6F8FA9-153D-4092-B319-3E833C05AA10} : DHCPNameServer = 89.216.1.30 89.216.1.50
- Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
- Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
- SSODL: WebCheck - <orphaned>
- mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
- x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
- x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
- x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
- x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
- x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - <orphaned>
- x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
- x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
- x64-SSODL: WebCheck - <orphaned>
- .
- ================= FIREFOX ===================
- .
- FF - ProfilePath - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\2s8gjif6.default\
- FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
- FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
- FF - plugin: C:\Program Files (x86)\Veetle\Player\npvlc.dll
- FF - plugin: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
- FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
- FF - ExtSQL: 2013-06-09 00:09; m4plmq9_8bo@ov-yaofyyuecmy.edu; C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\2s8gjif6.default\extensions\m4plmq9_8bo@ov-yaofyyuecmy.edu
- FF - ExtSQL: 2013-07-10 17:49; 05dd836e-2cbd-4204-9ff3-2f8a8665967d@a8876730-fb0c-4057-a2fc-f9c09d438e81.com; C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\2s8gjif6.default\extensions\05dd836e-2cbd-4204-9ff3-2f8a8665967d@a8876730-fb0c-4057-a2fc-f9c09d438e81.com
- FF - ExtSQL: 2013-08-08 21:34; wrc@avast.com; C:\Program Files\AVAST Software\Avast\WebRep\FF
- .
- ============= SERVICES / DRIVERS ===============
- .
- R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2013-6-28 2470736]
- R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2013-4-18 46136]
- R3 dtscsibus;DAEMON Tools Virtual SCSI Bus;C:\Windows\System32\drivers\dtscsibus.sys [2013-4-26 29696]
- S0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-8-8 65336]
- S0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-8-8 189936]
- S1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-8-8 1030952]
- S1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-8-8 378944]
- S2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-11-16 238080]
- S2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-11-16 361984]
- S2 AODDriver4.1;AODDriver4.1;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-3-5 53888]
- S2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2013-8-8 33400]
- S2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-8-8 80816]
- S2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-8-8 46808]
- S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
- S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
- S2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-7-12 3289472]
- S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384]
- S3 AtiDCM;AtiDCM;C:\Users\\AppData\Local\Temp\atdcm64a.sys [2013-8-8 31400]
- S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-2-23 95760]
- S3 Disc Soft Bus Service;Disc Soft Bus Service;C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe [2013-3-6 580672]
- S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [2012-11-16 11880]
- S4 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2012-11-29 2401632]
- .
- =============== Created Last 30 ================
- .
- 2013-08-08 19:34:37 72016 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
- 2013-08-08 19:34:37 1030952 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
- 2013-08-08 19:34:36 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
- 2013-08-08 19:34:36 189936 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
- 2013-08-08 19:34:32 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
- 2013-08-08 19:34:05 41664 ----a-w- C:\Windows\avastSS.scr
- 2013-08-08 19:33:48 -------- d-----w- C:\Program Files\AVAST Software
- 2013-08-08 19:33:42 -------- d-----w- C:\ProgramData\AVAST Software
- 2013-08-04 18:18:39 -------- d-----w- C:\Program Files (x86)\SaveShare
- 2013-07-19 02:08:17 9460976 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E8549574-61E4-4F51-8787-B27DA6794287}\mpengine.dll
- 2013-07-12 12:42:18 6129024 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
- 2013-07-12 12:42:18 6129024 ----a-w- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
- 2013-07-11 12:27:30 -------- d-----w- C:\Users\\AppData\Roaming\LolClient
- 2013-07-11 10:09:12 467984 ----a-w- C:\Windows\SysWow64\d3dx10_39.dll
- 2013-07-11 10:09:12 1493528 ----a-w- C:\Windows\SysWow64\D3DCompiler_39.dll
- 2013-07-11 10:09:11 3851784 ----a-w- C:\Windows\SysWow64\D3DX9_39.dll
- 2013-07-11 10:08:51 -------- d-sh--w- C:\Windows\SysWow64\AI_RecycleBin
- 2013-07-11 10:04:42 -------- d-----w- C:\Program Files (x86)\Pando Networks
- 2013-07-11 10:04:05 -------- d-----w- C:\Users\\AppData\Roaming\Riot Games
- 2013-07-10 15:50:04 -------- d-----w- C:\Program Files (x86)\PrivitizeVPN
- 2013-07-10 15:49:54 -------- d-----w- C:\Program Files (x86)\hosts
- .
- ==================== Find3M ====================
- .
- 2013-06-29 17:23:03 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
- 2013-06-12 13:28:39 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
- 2013-06-01 19:30:40 834544 ----a-w- C:\Windows\System32\drivers\sptd.sys
- 2013-05-28 13:05:16 163328 ----a-w- C:\Windows\SysWow64\FlashPlayerUpdateService.exe
- 2013-05-25 15:50:36 108448 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
- 2013-05-25 15:50:35 971680 ----a-w- C:\Windows\System32\deployJava1.dll
- 2013-05-25 15:50:35 1092512 ----a-w- C:\Windows\System32\npDeployJava1.dll
- .
- ============= FINISH: 23:32:18,59 ===============
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement