Jump to content

dhdhor

Members
 View Profile  See their activity

  • Posts

    2

  • Joined

  • Last visited

 Content Type 

Everything posted by dhdhor

  1. dhdhor
    additionally, everytime when I shut iexplorer, my cookie setting resets to the lowest level which is accept all cookies and cookies already saved on this computer can be read by the website who made it.
  2. dhdhor
    Hello I've been searching .fsharproj solution for few days since I'm keep getting redirected to the strange web site(ask the crew,etc). and backspace or alt+<- key doesn't work, as many as I click it, it puts me back to the site where I was. and also I'M Having random random pop up ads like "congratulation! you won blah blah" please help! your aid will be greatly appreciated! Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Database version: 8243 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 11/27/2011 2:32:32 PM mbam-log-2011-11-27 (14-32-32).txt Scan type: Quick scan Objects scanned: 192189 Time elapsed: 13 minute(s), 34 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.6001.18702 Run by USER at 14:19:34 on 2011-11-27 Microsoft Windows XP Professional 5.1.2600.3.949.1.1033.18.3069.1861 [GMT -8:00] . AV: 알약 *Enabled/Updated* {B9431E5A-E196-4B6F-843A-10E01DB25461} . ============== Running Processes =============== . C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\Program Files\ESTsoft\ALYac\AYRTSrv.aye C:\Program Files\ESTsoft\ALYac\AYUpdSrv.aye C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\Clubfos.com\Clubfos(fast)\WinCloud.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\sttray.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Naver\QuickManager2\MRDaemon.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\ESTsoft\ALYac\AYAgent.aye C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe C:\WINDOWS\System32\svchost.exe -k HTTPFilter C:\WINDOWS\system32\conime.exe c:\program files\estsoft\alyac\ALYac.aye C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\taskmgr.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.naver.com uDefault_Page_URL = hxxp://www.msn.com uInternet Settings,ProxyOverride = *.local BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [MRDaemon.exe] c:\program files\naver\quickmanager2\MRDaemon.exe uRun: [AppleData] rundll32.exe "c:\documents and settings\user\local settings\application data\apple computer\appledata\Appledata.dll",DllRegisterServer mRun: [iMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [iDTSysTrayApp] sttray.exe mRun: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe mRun: [QlbCtrl.exe] c:\program files\hewlett-packard\hp quick launch buttons\QlbCtrl.exe /Start mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [ALYac] "c:\program files\estsoft\alyac\AYLaunch.exe" /run mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE dRun: [AppleData] rundll32.exe "c:\documents and settings\user\local settings\application data\apple computer\appledata\Appledata.dll",DllRegisterServer StartupFolder: c:\docume~1\user\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE uPolicies-explorer: NoInstrumentation = 1 (0x1) dPolicies-explorer: NoInstrumentation = 1 (0x1) dPolicies-explorer: ForceClassicControlPanel = 1 (0x1) IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL LSP: mswsock.dll DPF: {4222484B-6567-4C76-A078-A733022E6AE4} - hxxp://www.clubfos.com/scripts/clubfos/mmsv/ClubfosFileControl.CAB DPF: {FE342FC7-4374-4EBE-86DB-D73AE861F779} - hxxp://music.naver.com/NaverAXGuide.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{7081B436-05D0-4BCE-A433-2F41E3AB3E1C} : DhcpNameServer = 192.168.1.1 SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll SEH: ShellHook Class: {88485281-8b4b-4f8d-9ede-82e29a064277} - c:\progra~1\markany\conten~1\MACSMA~1.DLL . ============= SERVICES / DRIVERS =============== . R1 EstRtwIFDrv;EstRtwIFDrv;c:\windows\system32\drivers\EstRtw.sys [2011-10-19 205112] R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/08/20 15:57:33];c:\program files\cyberlink\powerdvd9\000.fcl [2009-2-28 87536] R2 ALYac_RTSrv;ALYac RealTime Service;c:\program files\estsoft\alyac\AYRTSrv.aye [2011-8-24 377656] R2 ALYac_UpdSrv;ALYac Update Service;c:\program files\estsoft\alyac\AYUpdSrv.aye [2011-8-24 657720] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-1-20 366152] R2 WinCloud;WinCloud;c:\program files\clubfos.com\clubfos(fast)\WinCloud.exe [2011-6-4 1341528] R3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [2010-8-20 112128] R3 Com4QLBEx;Com4QLBEx;c:\program files\hewlett-packard\hp quick launch buttons\Com4QLBEx.exe [2010-8-20 193840] R3 JMCR;JMCR;c:\windows\system32\drivers\jmcr.sys [2008-7-20 100184] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-1-20 22216] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [2010-8-20 91496] R3 scskusbf;USB SCSK Filter Driver Service;c:\windows\system32\drivers\scskusbf.sys [2011-8-19 18184] R4 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2011-11-27 41272] S3 AhnFlt2k;AhnFlt2k;\??\c:\windows\system32\drivers\ahnflt2k.sys --> c:\windows\system32\drivers\AhnFlt2k.sys [?] S3 AhnRec2k;AhnRec2k;\??\c:\windows\system32\drivers\ahnrec2k.sys --> c:\windows\system32\drivers\AhnRec2k.sys [?] S3 cdspacex;cdspacex;c:\windows\system32\drivers\cdspacex.sys --> c:\windows\system32\drivers\CDSPACEX.sys [?] S3 GGSAFERDriver;GGSAFER Driver;\??\c:\program files\garena\safedrv.sys --> c:\program files\garena\safedrv.sys [?] S3 JRSKD24;JRSKD24;c:\windows\system32\JRSKD24.SYS [2010-12-31 37688] S3 JRSUKD25;JRSUKD25;c:\windows\system32\JRSUKD25.SYS [2010-8-26 12728] S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?] S3 scsk5;SCSK5 Driver Service;c:\windows\system32\drivers\scsk5.sys --> c:\windows\system32\drivers\scsk5.sys [?] S3 scskusbs;USB SCSK Driver Service;c:\windows\system32\drivers\scskusbs.sys [2011-8-19 175872] S3 TwoRabts;Two Rabbits Live Bus;c:\windows\system32\drivers\tworabts.sys --> c:\windows\system32\drivers\TwoRabts.sys [?] . =============== Created Last 30 ================ . 2011-11-27 22:07:50 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-11-27 19:50:25 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy 2011-11-27 18:15:38 -------- d-----w- c:\windows\pss 2011-11-17 18:50:10 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl . ==================== Find3M ==================== . 2011-10-24 11:09:41 205112 ----a-w- c:\windows\system32\drivers\EstRtw.sys 2011-10-14 01:04:38 790528 ----a-w- c:\windows\system32\ffdshow.ax 2011-10-14 01:04:15 921600 ----a-w- c:\windows\system32\vorbisenc.dll 2011-10-14 01:04:09 188416 ----a-w- c:\windows\system32\vorbis.dll 2011-10-14 01:04:07 237568 ----a-w- c:\windows\system32\OggDS.dll 2011-10-14 01:04:05 45056 ----a-w- c:\windows\system32\ogg.dll 2011-10-14 01:04:04 102160 ----a-w- c:\windows\system32\vb6ko.dll 2011-10-14 01:04:02 1385744 ----a-w- c:\windows\system32\MSVBVM60.DLL 2011-10-12 02:45:00 2159696 ----a-w- c:\windows\system32\btscan.exe 2011-09-28 00:02:30 18184 ----a-w- c:\windows\system32\drivers\scskusbf.sys 2011-09-28 00:02:30 175872 ----a-w- c:\windows\system32\drivers\scskusbs.sys 2011-09-16 09:26:12 108472 ----a-w- c:\windows\system32\NSAppHelper.dll 2011-09-01 01:00:50 22216 ----a-w- c:\windows\system32\drivers\mbam.sys . ============= FINISH: 14:20:51.56 =============== attach.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.