API tools faq
paste
Advertisement
Guest User

Zemunelo

a guest
Jan 31st, 2012
132
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 12.68 KB | None | 0 0
raw download clone embed print report
  1. .
  2. DDS (Ver_2011-08-26.01) - NTFSx86
  3. Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_29
  4. Run by radnik at 0:08:59 on 2012-02-01
  5. Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1791.1029 [GMT 1:00]
  6. .
  7. AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
  8. .
  9. ============== Running Processes ===============
  10. .
  11. C:\windows\system32\Ati2evxx.exe
  12. C:\windows\system32\svchost -k DcomLaunch
  13. svchost.exe
  14. C:\windows\System32\svchost.exe -k netsvcs
  15. svchost.exe
  16. svchost.exe
  17. C:\Program Files\AVAST Software\Avast\AvastSvc.exe
  18. C:\windows\system32\Ati2evxx.exe
  19. C:\windows\Explorer.EXE
  20. C:\Program Files\Java\jre6\bin\jqs.exe
  21. C:\windows\RTHDCPL.EXE
  22. C:\windows\system32\PnkBstrA.exe
  23. C:\Program Files\AVAST Software\Avast\avastUI.exe
  24. C:\windows\system32\ctfmon.exe
  25. C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
  26. C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
  27. C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
  28. C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
  29. C:\Program Files\Macro Express3\MacExp.exe
  30. C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
  31. C:\windows\System32\TUProgSt.exe
  32. C:\Program Files\TightVNC\tvnserver.exe
  33. C:\Program Files\TeamViewer\Version7\TeamViewer.exe
  34. C:\Program Files\UltraVNC\WinVNC.exe
  35. C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
  36. C:\Program Files\UltraVNC\WinVNC.exe
  37. C:\Program Files\TeamViewer\Version7\tv_w32.exe
  38. C:\Documents and Settings\radnik\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
  39. C:\Documents and Settings\radnik\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
  40. C:\Documents and Settings\radnik\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
  41. C:\Documents and Settings\radnik\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
  42. C:\Documents and Settings\radnik\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
  43. C:\Documents and Settings\radnik\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
  44. C:\Documents and Settings\radnik\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
  45. C:\Documents and Settings\radnik\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
  46. C:\Documents and Settings\radnik\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
  47. c:\program files\teamviewer\version7\TeamViewer_Desktop.exe
  48. C:\Documents and Settings\radnik\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
  49. C:\Program Files\totalcmd\TOTALCMD.EXE
  50. .
  51. ============== Pseudo HJT Report ===============
  52. .
  53. BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
  54. BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
  55. BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
  56. BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
  57. BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
  58. BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
  59. BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
  60. TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
  61. uRun: [AlcoholAutomount] "c:\program files\alcohol soft\alcohol 52\AxAutoMntSrv.exe" -automount
  62. uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
  63. uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
  64. mRun: [RTHDCPL] RTHDCPL.EXE
  65. mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
  66. mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
  67. mExplorerRun: [HpqpPhUnl] c:\windows\system32\HpqpPhUnl.exe
  68. StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\macroe~1.lnk - c:\program files\macro express3\MacExp.exe
  69. uPolicies-explorer: NoActiveDesktop = 1 (0x1)
  70. uPolicies-explorer: NoFileUrl = 0 (0x0)
  71. mPolicies-explorer: NoActiveDesktop = 1 (0x1)
  72. mPolicies-explorer: NoFileUrl = 0 (0x0)
  73. dPolicies-explorer: NoActiveDesktop = 1 (0x1)
  74. dPolicies-explorer: NoFileUrl = 0 (0x0)
  75. IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
  76. DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
  77. DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
  78. DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
  79. DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
  80. TCP: DhcpNameServer = 192.168.1.1
  81. TCP: Interfaces\{BA2944C4-15E3-4A73-90CF-BE93939BC053} : DhcpNameServer = 192.168.1.1
  82. Notify: AtiExtEvent - Ati2evxx.dll
  83. Hosts: 66.220.158.18 www.facebook.com
  84. .
  85. ================= FIREFOX ===================
  86. .
  87. FF - ProfilePath - c:\documents and settings\radnik\application data\mozilla\firefox\profiles\clq2mpim.default\
  88. FF - plugin: c:\documents and settings\all users\application data\id software\quakelive\npquakezero.dll
  89. FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
  90. FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
  91. FF - plugin: c:\documents and settings\radnik\local settings\application data\google\update\1.3.21.79\npGoogleUpdate3.dll
  92. FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
  93. FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
  94. FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
  95. FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
  96. FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
  97. FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll
  98. .
  99. ---- FIREFOX POLICIES ----
  100. FF - user.js: network.http.max-persistent-connections-per-server - 4
  101. FF - user.js: nglayout.initialpaint.delay - 600
  102. FF - user.js: content.notify.interval - 600000
  103. FF - user.js: content.max.tokenizing.time - 1800000
  104. FF - user.js: content.switch.threshold - 600000
  105. .
  106. ============= SERVICES / DRIVERS ===============
  107. .
  108. R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-1-30 435032]
  109. R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-1-30 314456]
  110. R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-1-30 20568]
  111. R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-1-30 44768]
  112. R2 StarWindServiceAE;StarWind AE Service;c:\program files\alcohol soft\alcohol 52\starwind\StarWindServiceAE.exe [2009-12-23 370688]
  113. R2 TeamViewer6;TeamViewer 6;c:\program files\teamviewer\version6\TeamViewer_Service.exe [2011-11-3 2358656]
  114. R2 TeamViewer7;TeamViewer 7;c:\program files\teamviewer\version7\TeamViewer_Service.exe [2011-11-29 2916736]
  115. R2 tvnserver;TightVNC Server;c:\program files\tightvnc\tvnserver.exe [2011-8-3 828944]
  116. R2 uvnc_service;uvnc_service;c:\program files\ultravnc\winvnc.exe [2011-12-6 2016504]
  117. R3 mv2;mv2;c:\windows\system32\drivers\mv2.sys [2011-10-22 11496]
  118. S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
  119. S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2011-2-3 1684736]
  120. S3 GGSAFERDriver;GGSAFER Driver;\??\c:\program files\garena\safedrv.sys --> c:\program files\garena\safedrv.sys [?]
  121. S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [2011-2-5 24576]
  122. S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
  123. .
  124. =============== Created Last 30 ================
  125. .
  126. 2012-01-31 12:43:08 -------- d-----w- C:\Riot Games
  127. 2012-01-31 11:36:02 -------- d-----w- C:\lol
  128. 2012-01-31 11:35:09 -------- d-----w- c:\documents and settings\radnik\local settings\application data\PMB Files
  129. 2012-01-31 11:35:03 -------- d-----w- c:\documents and settings\all users\application data\PMB Files
  130. 2012-01-31 00:24:45 -------- d-sh--w- c:\documents and settings\radnik\IECompatCache
  131. 2012-01-30 23:36:51 -------- d-----w- c:\windows\pss
  132. 2012-01-30 21:15:50 -------- d-----w- c:\documents and settings\radnik\application data\Malwarebytes
  133. 2012-01-30 21:15:01 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
  134. 2012-01-30 21:15:00 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
  135. 2012-01-30 21:15:00 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
  136. 2012-01-30 19:40:12 -------- d-----w- c:\program files\Unlocker
  137. 2012-01-30 15:03:14 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
  138. 2012-01-30 15:02:55 41184 ----a-w- c:\windows\avastSS.scr
  139. 2012-01-30 15:02:45 -------- d-----w- c:\program files\AVAST Software
  140. 2012-01-30 15:02:45 -------- d-----w- c:\documents and settings\all users\application data\AVAST Software
  141. 2012-01-24 21:04:35 -------- d-----w- c:\program files\SpeedFan
  142. 2012-01-22 22:00:22 -------- d-----w- c:\program files\AMD APP
  143. 2012-01-15 16:31:21 -------- d-----w- c:\program files\GRETECH
  144. 2012-01-15 16:27:27 536064 ----a-w- c:\windows\system32\RegShellSM.exe
  145. .
  146. ==================== Find3M ====================
  147. .
  148. 2011-12-31 12:05:54 352256 ----a-w- c:\windows\eSellerateEngine.dll
  149. 2011-12-06 10:13:38 11496 ----a-w- c:\windows\system32\drivers\mv2.sys
  150. 2011-12-06 10:13:37 21480 ----a-w- c:\windows\system32\mv2.dll
  151. 2011-12-06 09:59:49 499712 ----a-w- c:\windows\system32\msvcp71.dll
  152. 2011-12-06 09:59:49 348160 ----a-w- c:\windows\system32\msvcr71.dll
  153. 2011-11-27 22:06:56 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
  154. 2011-11-19 11:29:45 138264 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
  155. 2011-11-19 11:29:37 234768 ----a-w- c:\windows\system32\PnkBstrB.xtr
  156. 2011-11-19 11:29:37 234768 ----a-w- c:\windows\system32\PnkBstrB.exe
  157. 2011-11-10 03:42:12 7493120 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
  158. 2011-11-10 03:34:58 311296 ----a-w- c:\windows\system32\atiiiexx.dll
  159. 2011-11-10 03:26:40 57344 ----a-w- c:\windows\system32\aticalrt.dll
  160. 2011-11-10 03:26:32 53248 ----a-w- c:\windows\system32\aticalcl.dll
  161. 2011-11-10 03:20:22 7196672 ----a-w- c:\windows\system32\aticaldd.dll
  162. 2011-11-10 03:06:36 19210240 ----a-w- c:\windows\system32\atioglxx.dll
  163. 2011-11-10 02:54:28 466944 ----a-w- c:\windows\system32\ATIDEMGX.dll
  164. 2011-11-10 02:53:20 304640 ----a-w- c:\windows\system32\ati2dvag.dll
  165. 2011-11-10 02:50:00 5266624 ----a-w- c:\windows\system32\ati3duag.dll
  166. 2011-11-10 02:41:00 956160 ----a-w- c:\windows\system32\ativvamv.dll
  167. 2011-11-10 02:32:38 212992 ----a-w- c:\windows\system32\atipdlxx.dll
  168. 2011-11-10 02:32:24 155648 ----a-w- c:\windows\system32\Oemdspif.dll
  169. 2011-11-10 02:32:16 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
  170. 2011-11-10 02:32:08 43520 ----a-w- c:\windows\system32\ati2edxx.dll
  171. 2011-11-10 02:31:56 192512 ----a-w- c:\windows\system32\ati2evxx.dll
  172. 2011-11-10 02:30:42 643072 ----a-w- c:\windows\system32\ati2evxx.exe
  173. 2011-11-10 02:30:14 3303040 ----a-w- c:\windows\system32\ativvaxx.dll
  174. 2011-11-10 02:29:24 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
  175. 2011-11-10 02:27:54 159744 ----a-w- c:\windows\system32\atiapfxx.exe
  176. 2011-11-10 02:23:30 806912 ----a-w- c:\windows\system32\atikvmag.dll
  177. 2011-11-10 02:20:58 602112 ----a-w- c:\windows\system32\atiok3x2.dll
  178. 2011-11-10 02:18:32 233472 ----a-w- c:\windows\system32\atiadlxx.dll
  179. 2011-11-10 02:18:08 17408 ----a-w- c:\windows\system32\atitvo32.dll
  180. 2011-11-10 02:12:22 884736 ----a-w- c:\windows\system32\ati2cqag.dll
  181. 2011-11-10 02:12:02 65024 ----a-w- c:\windows\system32\atimpc32.dll
  182. 2011-11-10 02:12:02 65024 ----a-w- c:\windows\system32\amdpcom32.dll
  183. 2011-11-10 02:12:00 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
  184. 2011-11-09 21:39:44 59904 ----a-w- c:\windows\system32\OpenVideo.dll
  185. 2011-11-09 21:39:32 54784 ----a-w- c:\windows\system32\OVDecode.dll
  186. 2011-11-09 21:38:40 14375936 ----a-w- c:\windows\system32\amdocl.dll
  187. 2011-11-09 21:37:46 44032 ----a-w- c:\windows\system32\OpenCL.dll
  188. .
  189. ============= FINISH: 0:11:07.57 ===============
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!