Jump to content

muday

Members
  • Posts

    1
  • Joined

  • Last visited

Everything posted by muday

  1. ============== Running Processes ================ . C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\ltmoh\Ltmoh.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe C:\Program Files\Skype\Phone\Skype.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Thoosje\thoosje vista sidebar\Thoosje Sidebar.exe C:\WINDOWS\system32\agrsmsvc.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\Java\jre7\bin\jqs.exe C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe C:\Program Files\ZTE Dialer\bin\MonServiceUDisk.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\BitTorrent\BitTorrent.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k bthsvcs C:\WINDOWS\System32\svchost.exe -k HTTPFilter . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ uSearch Bar = hxxp://www.bing.com mStart Page = hxxp://websearch.helpmefindyour.info/?pid=727&r=2013/04/13&hid=3530116696&lg=EN&cc=IN BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\alwil software\avast5\aswWebRepIE.dll BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\alwil software\avast5\aswWebRepIE.dll uRun: [skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [LtMoh] c:\program files\ltmoh\Ltmoh.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent mRun: [googletalk] c:\program files\google\google talk\googletalk.exe /autostart mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui dRunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 uPolicies-Explorer: NoDriveTypeAutoRun = dword:1 mPolicies-Explorer: NoDriveTypeAutoRun = dword:145 IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: Send to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC} - c:\program files\java\jre7\bin\jp2iexp.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab TCP: NameServer = 192.168.1.254 TCP: Interfaces\{3FD4E0CE-A39C-4DDC-90C5-4E04D58B41C6} : DHCPNameServer = 192.168.1.254 TCP: Interfaces\{7783B1DB-1711-4F39-A08E-14368431378D} : NameServer = 61.1.96.71,61.1.96.69 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll Notify: igfxcui - igfxdev.dll AppInit_DLLs= c:\progra~1\saveas\sprote~1.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\26.0.1410.64\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\saranya\application data\mozilla\firefox\profiles\ddfa38q1.default\ FF - prefs.js: browser.search.defaulturl - hxxp://websearch.helpmefindyour.info/?pid=727&r=2013/04/13&hid=3530116696&lg=EN&cc=IN&l=1&q= FF - prefs.js: browser.search.selectedEngine - WebSearch FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - prefs.js: keyword.URL - hxxp://websearch.helpmefindyour.info/?pid=727&r=2013/04/13&hid=3530116696&lg=EN&cc=IN&l=1&q= FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll FF - plugin: c:\program files\google\update\1.3.21.135\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_169.dll FF - plugin: c:\windows\system32\npDeployJava1.dll FF - plugin: c:\windows\system32\npptools.dll FF - ExtSQL: 2013-02-22 17:25; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; c:\program files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} FF - ExtSQL: 2013-03-04 07:29; {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}; c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} FF - ExtSQL: 2013-03-04 22:19; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension FF - ExtSQL: 2013-04-10 22:56; linkfilter@kaspersky.ru; c:\program files\mozilla firefox\extensions\linkfilter@kaspersky.ru FF - ExtSQL: 2013-04-16 22:09; wrc@avast.com; c:\program files\alwil software\avast5\webrep\FF . ---- FIREFOX POLICIES ---- FF - user.js: extensions.delta.autoRvrt - false FF - user.js: extensions.delta.rvrt - false FF - user.js: extensions.delta.tlbrSrchUrl - FF - user.js: extensions.delta.id - f821b07d0000000000000016e3e6702b FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} FF - user.js: extensions.delta.instlDay - 15767 FF - user.js: extensions.delta.vrsn - 1.8.10.0 FF - user.js: extensions.delta.vrsni - 1.8.10.0 FF - user.js: extensions.delta.vrsnTs - 1.8.10.020:34:36 FF - user.js: extensions.delta.prtnrId - delta FF - user.js: extensions.delta.prdct - delta FF - user.js: extensions.delta.aflt - babsst FF - user.js: extensions.delta.smplGrp - none FF - user.js: extensions.delta.tlbrId - base FF - user.js: extensions.delta.instlRef - sst FF - user.js: extensions.delta.dfltLng - en FF - user.js: extensions.delta.excTlbr - false FF - user.js: extensions.delta.admin - false FF - user.js: extensions.delta.newTab - false . . . . ============= SERVICES / DRIVERS =============== . R? aswVmm;aswVmm R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86 R? ew_hwusbdev;Huawei MobileBroadband USB PNP Device R? huawei_enumerator;huawei_enumerator R? SkypeUpdate;Skype Updater R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0 R? ztemtusbser;ZTEMT Legacy Serial Communication S? aswFsBlk;aswFsBlk S? aswMonFlt;aswMonFlt S? aswRvrt;aswRvrt S? aswSnx;aswSnx S? aswSP;aswSP S? avast! Antivirus;avast! Antivirus S? NPUsbLIP;NPUsbLIP S? Skype C2C Service;Skype C2C Service S? UDisk Monitor;UDisk Monitor . =============== File Associations =============== . FileExt: .scr: scrfile="%1" %* ShellExec: MediaConverter.exe: open="c:\program files\sandisk\sansa media converter\uMediaConverter.exe" "%1" . =============== Created Last 30 ================ . 2013-04-17 02:10:35 -------- d-----w- c:\documents and settings\saranya\application data\GlarySoft 2013-04-17 02:08:28 -------- d-----w- c:\program files\Glarysoft 2013-04-17 02:07:49 -------- d--h--w- c:\windows\PIF 2013-04-16 17:39:43 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2013-04-16 17:39:42 164736 ----a-w- c:\windows\system32\drivers\aswVmm.sys 2013-04-16 17:39:41 49248 ----a-w- c:\windows\system32\drivers\aswRvrt.sys 2013-04-16 17:39:40 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2013-04-16 17:39:31 41664 ----a-w- c:\windows\avastSS.scr 2013-04-16 15:16:15 -------- d-----w- C:\temp 2013-04-15 18:00:20 -------- d-----w- c:\windows\system32\NtmsData 2013-04-14 18:11:45 -------- d-----w- c:\windows\system32\XPSViewer 2013-04-14 06:34:47 -------- d-----w- c:\documents and settings\saranya\application data\Uniblue 2013-04-14 04:48:59 -------- d-----w- c:\documents and settings\all users\Uniblue 2013-04-13 03:12:11 -------- d-----w- c:\documents and settings\all users\application data\SoftSafe 2013-04-12 17:56:43 -------- d-----w- c:\program files\BrowseToSave 2013-04-11 15:23:30 12744 ------w- c:\windows\system32\drivers\NPUsbLIP.sys 2013-04-11 15:22:53 -------- d-----w- c:\program files\microsoft 2013-04-11 15:22:44 49152 ------w- c:\documents and settings\saranya\NPProt.bkp 2013-04-11 15:21:20 -------- d-----w- c:\documents and settings\saranya\local settings\application data\Identities 2013-04-11 15:08:27 -------- d-----w- c:\documents and settings\all users\application data\WebSecure 2013-04-11 09:11:41 -------- d-----w- c:\program files\Microsoft Visual Studio 8 2013-04-11 09:07:44 -------- d-----w- c:\windows\SHELLNEW 2013-04-11 09:06:21 -------- d-----w- c:\documents and settings\saranya\local settings\application data\Microsoft Help 2013-04-10 18:26:14 162320 ------w- c:\program files\mozilla firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll 2013-04-10 18:23:18 -------- d-----w- c:\documents and settings\all users\application data\Kaspersky Lab 2013-04-10 15:07:56 -------- d-----w- c:\program files\WebSearch 2013-04-09 01:51:32 -------- d-----w- c:\documents and settings\saranya\application data\searchresultstb 2013-04-08 18:04:54 -------- d-----w- c:\documents and settings\saranya\AppData 2013-04-08 16:35:01 -------- d-----w- c:\program files\MSXML 4.0 2013-04-08 16:33:20 75264 ------w- c:\windows\system32\nmwcdcls.dll 2013-04-08 16:32:32 -------- d-----w- c:\documents and settings\saranya\local settings\application data\Nokia 2013-03-24 09:00:04 -------- d-----w- c:\documents and settings\all users\application data\boost_interprocess 2013-03-24 08:45:31 -------- d-----w- c:\documents and settings\saranya\application data\FixBee 2013-03-24 08:45:31 -------- d-----w- c:\documents and settings\all users\application data\FixBee 2013-03-22 16:22:54 12928 -c----w- c:\windows\system32\dllcache\usb8023x.sys 2013-03-21 16:57:58 -------- d-----w- c:\documents and settings\saranya\application data\RoboForm 2013-03-18 15:18:17 -------- d-----w- c:\program files\TOSHIBA . ==================== Find3M ==================== . 2013-04-11 14:09:02 691592 ------w- c:\windows\system32\FlashPlayerApp.exe 2013-04-11 14:09:01 71048 ------w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-03-08 08:36:22 293376 ------w- c:\windows\system32\winsrv.dll 2013-03-07 01:32:25 2149888 ------w- c:\windows\system32\ntoskrnl.exe 2013-03-07 00:50:30 2028544 ------w- c:\windows\system32\ntkrnlpa.exe 2013-03-06 17:19:06 94112 ------w- c:\windows\system32\WindowsAccessBridge.dll 2013-03-06 17:18:59 143872 ------w- c:\windows\system32\javacpl.cpl 2013-03-06 17:18:57 861088 ------w- c:\windows\system32\npDeployJava1.dll 2013-03-06 17:18:57 782240 ------w- c:\windows\system32\deployJava1.dll 2013-03-02 02:06:31 916480 ------w- c:\windows\system32\wininet.dll 2013-03-02 02:06:30 43520 ------w- c:\windows\system32\licmgr10.dll 2013-03-02 02:06:30 1469440 ------w- c:\windows\system32\inetcpl.cpl 2013-03-02 01:25:02 1867264 ------w- c:\windows\system32\win32k.sys 2013-03-02 01:08:47 385024 ------w- c:\windows\system32\html.iec 2013-02-27 07:56:51 2067456 ------w- c:\windows\system32\mstscax.dll 2013-02-12 00:32:23 12928 ------w- c:\windows\system32\drivers\usb8023.sys 2013-01-26 03:55:44 552448 ------w- c:\windows\system32\oleaut32.dll 2013-01-26 03:55:44 552448 ------w- c:\windows\system32\oleaut32(2)(2)(2).dll . ============= FINISH: 7:08:39.23 =============== dds.txt attach.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.