API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Aug 14th, 2017
482
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 13.45 KB | None | 0 0
raw download clone embed print report
  1. .
  2. DDS (Ver_11-03-05.01) - NTFSx86
  3. Run by ONGELDIG at 22:22:41,84 on zo 01/05/2011
  4. Internet Explorer: 6.0.2900.5512
  5. Microsoft Windows XP Home Edition 5.1.2600.3.1252.32.1043.18.3037.2299 [GMT 2:00]
  6. .
  7. AV: Emsisoft Anti-Malware *Enabled/Updated* {0F8591BB-342B-4493-91C3-4E948ED21255}
  8. FW: AVG Firewall *Disabled*
  9. .
  10. ============== Running Processes ===============
  11. .
  12. D:\Program Files\Emsisoft Anti-Malware\a2service.exe
  13. D:\WINDOWS\system32\svchost -k DcomLaunch
  14. svchost.exe
  15. D:\WINDOWS\System32\svchost.exe -k netsvcs
  16. svchost.exe
  17. svchost.exe
  18. D:\WINDOWS\system32\spoolsv.exe
  19. D:\WINDOWS\Explorer.EXE
  20. svchost.exe
  21. d:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
  22. D:\WINDOWS\system32\igfxpers.exe
  23. D:\WINDOWS\RTHDCPL.EXE
  24. D:\Program Files\DivX\DivX Update\DivXUpdate.exe
  25. D:\Program Files\Real\RealPlayer\update\realsched.exe
  26. D:\WINDOWS\system32\ctfmon.exe
  27. D:\WINDOWS\System32\svchost.exe -k HTTPFilter
  28. D:\WINDOWS\system32\wuauclt.exe
  29. D:\WINDOWS\system32\notepad.exe
  30. D:\WINDOWS\system32\NOTEPAD.EXE
  31. D:\Documents and Settings\ONGELDIG\Mijn documenten\Security\gmer\gmer.exe
  32. D:\Program Files\Mozilla Firefox\firefox.exe
  33. D:\Program Files\Mozilla Firefox\plugin-container.exe
  34. D:\Documents and Settings\ONGELDIG\Mijn documenten\Security\dds.scr
  35. .
  36. ============== Pseudo HJT Report ===============
  37. .
  38. uStart Page = hxxp://google.be/
  39. BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - d:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
  40. BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - d:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
  41. BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - d:\program files\divx\divx plus web player\npdivx32.dll
  42. BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - d:\progra~1\spybot~1\SDHelper.dll
  43. BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - d:\program files\divx\divx plus web player\npdivx32.dll
  44. BHO: Windows Live Aanmelden - Help: {9030d464-4c02-4abf-8ecc-5164760863c6} - d:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
  45. uRun: [CTFMON.EXE] d:\windows\system32\ctfmon.exe
  46. uRun: [PSwitch] d:\program files\proxy switcher standard\ProxySwitcher.exe
  47. uRun: [MsnMsgr] "d:\program files\windows live\messenger\MsnMsgr.Exe" /background
  48. mRun: [IgfxTray] d:\windows\system32\igfxtray.exe
  49. mRun: [HotKeysCmds] d:\windows\system32\hkcmd.exe
  50. mRun: [Persistence] d:\windows\system32\igfxpers.exe
  51. mRun: [RTHDCPL] RTHDCPL.EXE
  52. mRun: [Adobe Reader Speed Launcher] "d:\program files\adobe\reader 10.0\reader\Reader_sl.exe"
  53. mRun: [Adobe ARM] "d:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
  54. mRun: [DivXUpdate] "d:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
  55. mRun: [TkBellExe] "d:\program files\real\realplayer\update\realsched.exe" -osboot
  56. mRun: [Malwarebytes' Anti-Malware] "d:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
  57. dRun: [CTFMON.EXE] d:\windows\system32\CTFMON.EXE
  58. mPolicies-system: EnableLUA = 0 (0x0)
  59. IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
  60. IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - d:\program files\messenger\msmsgs.exe
  61. IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - d:\progra~1\spybot~1\SDHelper.dll
  62. DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
  63. TCP: {87DD3708-75C2-4496-AB07-8414AA4BFEBF} = 192.168.1.1,192.168.1.3
  64. Notify: igfxcui - igfxdev.dll
  65. SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - d:\windows\system32\WPDShServiceObj.dll
  66. mASetup: {112N4SYL-VVVC-E1XP-7B83-X6246F532FAT} - d:\program files\.net microsoft\msgr.exe
  67. mASetup: {1V1E5A02-CTT5-QAL6-NF5G-1W2HIPNHAE2H} - d:\program files\.net microsoft\msgr.exe
  68. mASetup: {2N6H6OE2-J0PH-E4J2-RU7B-31E7IR2PYT6M} - d:\program files\.net microsoft\msgr.exe
  69. mASetup: {AF54LVE0-XPPI-E80K-UA6C-6873VD2G2650} - d:\program files\.net microsoft\msgr.exe
  70. mASetup: {E5T5LTM6-CWE0-E8VG-RGE7-XE254EX8774S} - d:\program files\.net microsoft\msgr.exe
  71. .
  72. ================= FIREFOX ===================
  73. .
  74. FF - ProfilePath - d:\docume~1\ongeldig\applic~1\mozilla\firefox\profiles\9ferjxw8.default\
  75. FF - prefs.js: browser.search.selectedEngine -
  76. FF - prefs.js: browser.startup.homepage - hxxp://google.be
  77. FF - prefs.js: network.proxy.ftp - 91.176.223.252
  78. FF - prefs.js: network.proxy.ftp_port - 8080
  79. FF - prefs.js: network.proxy.gopher - 91.176.223.252
  80. FF - prefs.js: network.proxy.gopher_port - 8080
  81. FF - prefs.js: network.proxy.http - 91.176.223.252
  82. FF - prefs.js: network.proxy.http_port - 8080
  83. FF - prefs.js: network.proxy.socks - 91.176.223.252
  84. FF - prefs.js: network.proxy.socks_port - 8080
  85. FF - prefs.js: network.proxy.ssl - 91.176.223.252
  86. FF - prefs.js: network.proxy.ssl_port - 8080
  87. FF - prefs.js: network.proxy.type - 0
  88. FF - component: d:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
  89. FF - component: d:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordlegacyext.dll
  90. FF - plugin: d:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
  91. FF - plugin: d:\program files\divx\divx ovs helper\npovshelper.dll
  92. FF - plugin: d:\program files\divx\divx plus web player\npdivx32.dll
  93. FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - d:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
  94. FF - Ext: FoxyProxy Standard: foxyproxy@eric.h.jung - %profile%\extensions\foxyproxy@eric.h.jung
  95. FF - Ext: FoxyProxy Basic: foxyproxy@eric.h.jung - %profile%\extensions\foxyproxy@eric.h.jung
  96. FF - Ext: Real Hide IP: support@real-hide-ip.com - %profile%\extensions\support@real-hide-ip.com
  97. FF - Ext: Add N Edit Cookies: {038dc421-b19e-4711-a218-1fd10de9163b} - %profile%\extensions\{038dc421-b19e-4711-a218-1fd10de9163b}
  98. FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
  99. FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - d:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
  100. FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - d:\program files\divx\divx plus web player\firefox\html5video
  101. FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - d:\program files\divx\divx plus web player\firefox\wpa
  102. FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - d:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\Ext
  103. .
  104. ============= SERVICES / DRIVERS ===============
  105. .
  106. R1 a2injectiondriver;a2injectiondriver;d:\program files\emsisoft anti-malware\a2dix86.sys [2011-3-23 41928]
  107. R1 a2util;a-squared Malware-IDS utility driver;d:\program files\emsisoft anti-malware\a2util32.sys [2011-3-23 11776]
  108. R2 a2AntiMalware;Emsisoft Anti-Malware 5.0 - Service;d:\program files\emsisoft anti-malware\a2service.exe [2011-3-23 2860800]
  109. R3 MBAMProtector;MBAMProtector;d:\windows\system32\drivers\mbam.sys [2011-4-1 20952]
  110. S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;d:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
  111. S2 MBAMService;MBAMService;d:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-4-1 363344]
  112. S3 a2acc;a2acc;d:\program files\emsisoft anti-malware\a2accx86.sys [2011-3-23 73728]
  113. S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;d:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
  114. S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;d:\program files\microsoft sql server\100\shared\sqladhlp.exe [2009-7-23 47128]
  115. S4 RsFx0103;RsFx0103 Driver;d:\windows\system32\drivers\RsFx0103.sys [2009-3-30 239336]
  116. S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);d:\program files\microsoft sql server\mssql10.sqlexpress\mssql\binn\SQLAGENT.EXE [2009-3-30 366936]
  117. .
  118. =============== Created Last 30 ================
  119. .
  120. 2011-05-01 16:43:49 -------- d-----w- D:\_OTL
  121. 2011-04-30 10:33:40 -------- d-----w- d:\program files\ESET
  122. 2011-04-29 12:24:56 388096 ----a-r- d:\docume~1\ongeldig\applic~1\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
  123. 2011-04-29 12:24:56 -------- d-----w- d:\program files\Trend Micro
  124. 2011-04-28 11:00:13 -------- d-----w- d:\docume~1\ongeldig\locals~1\applic~1\Deployment
  125. 2011-04-26 16:20:07 -------- d-----w- d:\docume~1\ongeldig\locals~1\applic~1\WMTools Downloaded Files
  126. 2011-04-26 13:58:02 -------- d-----w- d:\program files\FFB - Facebook Friend Bomber
  127. 2011-04-26 12:04:21 -------- d-----w- d:\program files\Windows Media Connect 2
  128. 2011-04-19 15:06:53 203976 ----a-w- d:\windows\system32\richtx32.ocx
  129. 2011-04-19 15:06:53 141576 ----a-w- d:\windows\system32\smtp50.ocx
  130. 2011-04-19 15:06:53 133384 ----a-w- d:\windows\system32\ipdaem50.ocx
  131. 2011-04-19 15:06:53 129288 ----a-w- d:\windows\system32\ipport50.ocx
  132. 2011-04-19 15:06:53 108808 ----a-w- d:\windows\system32\ipinfo50.ocx
  133. 2011-04-19 15:06:52 -------- d-----w- d:\program files\IRCXpro
  134. 2011-04-19 14:58:37 -------- d-----w- d:\docume~1\ongeldig\applic~1\NoNameScript
  135. 2011-04-19 14:58:14 -------- d-----w- d:\docume~1\ongeldig\applic~1\mIRC
  136. 2011-04-19 14:58:13 -------- d-----w- d:\program files\mIRC
  137. 2011-04-19 14:40:44 -------- d-----w- d:\program files\Service Pack 6
  138. 2011-04-19 14:31:13 -------- d-----w- d:\program files\Microsoft Platform SDK
  139. 2011-04-12 10:53:53 -------- d-----w- D:\## aswSnx private storage
  140. 2011-04-12 02:53:57 -------- d-----w- d:\program files\AVAST Software
  141. 2011-04-12 02:53:57 -------- d-----w- d:\docume~1\alluse~1\applic~1\AVAST Software
  142. 2011-04-09 12:38:04 -------- d-----w- d:\windows\Windupdt
  143. 2011-04-08 03:18:36 58642 ----a-w- d:\docume~1\ongeldig\applic~1\ONGELDIG3SQLite3.dll
  144. 2011-04-07 23:35:57 -------- d-----w- d:\docume~1\ongeldig\applic~1\RealHideIP
  145. 2011-04-07 23:35:57 -------- d-----w- d:\docume~1\alluse~1\applic~1\RealHideIP
  146. 2011-04-07 23:34:24 -------- d-----w- d:\program files\RealHideIP
  147. 2011-04-07 16:49:29 -------- d-----w- d:\documents and settings\ongeldig\.thumbnails
  148. 2011-04-07 16:44:30 -------- d-----w- d:\documents and settings\ongeldig\.gimp-2.6
  149. 2011-04-07 16:43:54 -------- d-----w- d:\program files\GIMP-2.0
  150. 2011-04-07 16:35:47 -------- d-----w- d:\program files\GIMP 2
  151. 2011-04-07 11:22:51 -------- d-----w- d:\program files\Total Video Converter
  152. 2011-04-05 23:34:09 -------- d-----w- d:\program files\ZD Soft
  153. 2011-04-05 01:00:26 -------- d-----w- d:\program files\Microsoft CAPICOM 2.1.0.2
  154. 2011-04-04 15:59:16 -------- d-----w- d:\program files\ASProtect Demo
  155. 2011-04-04 15:52:47 -------- d-----w- d:\docume~1\ongeldig\applic~1\PE Explorer
  156. 2011-04-04 15:52:41 -------- d-----w- d:\program files\PE Explorer
  157. 2011-04-04 11:17:15 274288 ----a-w- d:\windows\system32\mucltui.dll
  158. 2011-04-04 11:17:15 215920 ----a-w- d:\windows\system32\muweb.dll
  159. 2011-04-04 11:17:15 17776 ----a-w- d:\windows\system32\mucltui.dll.mui
  160. 2011-04-04 01:34:16 -------- d-----w- d:\docume~1\ongeldig\applic~1\TeamViewer
  161. 2011-04-04 01:34:09 -------- d-----w- d:\program files\TeamViewer
  162. 2011-04-03 21:38:58 -------- d-----w- d:\documents and settings\ongeldig\Tracing
  163. 2011-04-03 21:37:04 -------- d-----w- d:\program files\Microsoft
  164. 2011-04-03 21:36:30 -------- d-----w- d:\program files\Windows Live SkyDrive
  165. 2011-04-03 21:35:25 84718440 ----a-w- d:\program files\common files\windows live\.cache\wlcDC.tmp
  166. 2011-04-03 21:34:57 -------- d-----w- d:\program files\common files\Windows Live
  167. 2011-04-03 21:33:28 -------- d-----w- d:\documents and settings\ongeldig\Contacts
  168. 2011-04-03 21:30:54 -------- dcsh--w- d:\program files\common files\WindowsLiveInstaller
  169. 2011-04-02 01:36:59 -------- d-----w- d:\program files\common files\DeskShare Shared
  170. 2011-04-02 01:36:57 -------- d-----w- d:\program files\Deskshare
  171. 2011-04-02 01:30:17 356352 ----a-w- d:\windows\eSellerateEngine.dll
  172. .
  173. ==================== Find3M ====================
  174. .
  175. 2011-03-30 22:36:09 499712 ----a-w- d:\windows\system32\msvcp71.dll
  176. 2011-03-30 22:36:09 348160 ----a-w- d:\windows\system32\msvcr71.dll
  177. 2011-03-11 22:43:28 73216 ----a-w- d:\windows\ST6UNST.EXE
  178. 2011-03-07 05:33:45 692736 ----a-w- d:\windows\system32\inetcomm.dll
  179. 2011-03-04 06:44:12 434176 ----a-w- d:\windows\system32\vbscript.dll
  180. 2011-03-03 13:53:36 1858048 ----a-w- d:\windows\system32\win32k.sys
  181. 2011-02-17 13:51:57 670208 ----a-w- d:\windows\system32\wininet.dll
  182. 2011-02-17 13:51:57 61952 ----a-w- d:\windows\system32\tdc.ocx
  183. 2011-02-17 13:51:56 81920 ----a-w- d:\windows\system32\ieencode.dll
  184. 2011-02-17 13:50:47 371712 ----a-w- d:\windows\system32\html.iec
  185. 2011-02-17 13:02:04 20029032 ----a-w- d:\windows\RTHDCPL.EXE
  186. 2011-02-17 12:54:07 5632 ----a-w- d:\windows\system32\xpsp4res.dll
  187. 2011-02-15 12:56:39 290432 ----a-w- d:\windows\system32\atmfd.dll
  188. 2011-02-09 14:56:00 1284712 ----a-w- d:\windows\RtlExUpd.dll
  189. 2011-02-09 13:54:04 270848 ----a-w- d:\windows\system32\sbe.dll
  190. 2011-02-09 13:54:04 186880 ----a-w- d:\windows\system32\encdec.dll
  191. 2011-02-08 13:33:59 978944 ----a-w- d:\windows\system32\mfc42.dll
  192. 2011-02-08 13:33:59 974848 ----a-w- d:\windows\system32\mfc42u.dll
  193. 2011-02-02 07:58:57 2067456 ----a-w- d:\windows\system32\mstscax.dll
  194. .
  195. ============= FINISH: 22:23:09,04 ===============
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!