.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31
Run by Stine at 11:51:24 on 2012-03-24
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.1980.419 [GMT 1:00]
.
AV: Panda Cloud Antivirus *Enabled/Updated* {86971480-9989-6750-B122-681A86518D59}
SP: Panda Cloud Antivirus *Enabled/Updated* {3DF6F564-BFB3-68DE-8B92-5368FDD6C7E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Intel\AMT\LMS.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\MyBrowserCash\MyBrowserCash.exe
C:\Program Files (x86)\20Dollars2Surf\20dollars2surf.exe
C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Paradiesbar\paradiesbar.exe
C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe
C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUNMain.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.de/
BHO: WTBAddon Class: {1630669f-9d0c-4f0b-8aa9-10de8bee1755} - C:\Program Files (x86)\MyBrowserCash\WTBPlugin.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
uRun: [MyBrowserCash] C:\Program Files (x86)\MyBrowserCash\MyBrowserCash.exe
mRun: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
mRun: [PSUNMain] "C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" /Traybar
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\20DOLL~1.LNK - C:\Program Files (x86)\20Dollars2Surf\20dollars2surf.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {C8E7CBFB-9F2E-42C7-B4CB-D4B7FC89A363} - hxxp://www.gather.com/imageuploader/GatherUploader5.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: DhcpNameServer = 192.168.178.1
TCP: Interfaces\{E2AA6D53-D891-4386-87DF-D895AED8EF0E} : DhcpNameServer = 192.168.178.1
{1630669F-9D0C-4F0B-8AA9-10DE8BEE1755}
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
mRun-x64: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
mRun-x64: [PSUNMain] "C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" /Traybar
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Stine\AppData\Roaming\Mozilla\Firefox\Profiles\rqd8rrnh.default\
FF - prefs.js: browser.search.selectedEngine - Tixuma
FF - prefs.js: browser.startup.homepage - hxxp://www.klamm.de/
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
============= SERVICES / DRIVERS ===============
.
R1 PSINKNC;PSINKNC;C:\Windows\system32\DRIVERS\psinknc.sys --> C:\Windows\system32\DRIVERS\psinknc.sys [?]
R2 NanoServiceMain;Panda Cloud Antivirus Service;C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe [2011-4-28 140608]
R2 PSINAFLT;PSINAFLT;C:\Windows\system32\DRIVERS\PSINAflt.sys --> C:\Windows\system32\DRIVERS\PSINAflt.sys [?]
R2 PSINFILE;PSINFILE;C:\Windows\system32\DRIVERS\PSINFile.sys --> C:\Windows\system32\DRIVERS\PSINFile.sys [?]
R2 PSINPROC;PSINPROC;C:\Windows\system32\DRIVERS\PSINProc.sys --> C:\Windows\system32\DRIVERS\PSINProc.sys [?]
R2 PSINPROT;PSINPROT;C:\Windows\system32\DRIVERS\PSINProt.sys --> C:\Windows\system32\DRIVERS\PSINProt.sys [?]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2011-6-26 2066968]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;C:\Windows\system32\DRIVERS\e1k62x64.sys --> C:\Windows\system32\DRIVERS\e1k62x64.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 Secunia Update Agent;Secunia Update Agent;"C:\Program Files (x86)\Secunia\PSI\sua.exe" --start-service --> C:\Program Files (x86)\Secunia\PSI\sua.exe [?]
S3 optousb;OPTO ELECTRONICS optousb;C:\Windows\system32\DRIVERS\optousb.sys --> C:\Windows\system32\DRIVERS\optousb.sys [?]
S3 optovcm;OPTO ELECTRONICS optovcm;C:\Windows\system32\DRIVERS\optovcm.sys --> C:\Windows\system32\DRIVERS\optovcm.sys [?]
S3 StorSvc;Speicherdienst;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 20992]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
.
=============== Created Last 30 ================
.
2012-03-24 09:22:44 -------- d-----w- C:\Users\Stine\AppData\Roaming\Panda Security
2012-03-24 09:20:51 -------- d-----w- C:\ProgramData\Panda Security
2012-03-24 09:20:51 -------- d-----w- C:\Program Files (x86)\Panda Security
2012-03-24 08:01:45 -------- d-----w- C:\ProgramData\AVAST Software
2012-03-24 08:01:45 -------- d-----w- C:\Program Files\Avast
2012-03-24 07:58:56 -------- d-----w- C:\Program Files (x86)\Paradiesbar
2012-03-24 07:55:16 -------- d-----w- C:\Program Files (x86)\MyBrowserCash
2012-03-24 06:08:13 59904 ----a-w- C:\Windows\SysWow64\wbemdisp.tlb
2012-03-24 06:08:13 -------- d-----w- C:\Program Files (x86)\20Dollars2Surf
2012-03-24 05:48:58 -------- d-----w- C:\Users\Stine\AppData\Local\temp
2012-03-24 05:45:28 -------- d-sh--w- C:\$RECYCLE.BIN
2012-03-24 05:33:23 98816 ----a-w- C:\Windows\sed.exe
2012-03-24 05:33:23 518144 ----a-w- C:\Windows\SWREG.exe
2012-03-24 05:33:23 256000 ----a-w- C:\Windows\PEV.exe
2012-03-24 05:33:23 208896 ----a-w- C:\Windows\MBR.exe
2012-03-24 05:18:25 740216 ----a-w- C:\Program Files (x86)\uTorrent.exe
2012-03-18 09:48:52 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%
2012-03-17 18:32:22 509952 ----a-w- C:\Windows\System32\ntshrui.dll
2012-03-17 18:32:22 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
2012-03-17 18:32:18 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-03-17 18:32:18 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-03-17 18:19:41 -------- d-----w- C:\Users\Stine\AppData\Local\WindowsUpdate
2012-03-17 18:16:00 -------- d-----w- C:\Users\Stine\AppData\Local\Secunia PSI
2012-03-17 16:41:28 -------- d-----w- C:\Windows\pss
2012-03-17 10:25:40 5559152 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-03-17 10:25:38 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-03-17 10:25:38 3913584 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-03-17 10:09:31 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2012-03-17 10:08:38 1731920 ----a-w- C:\Windows\System32\ntdll.dll
2012-03-17 10:08:38 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll
2012-03-17 10:06:51 77312 ----a-w- C:\Windows\System32\packager.dll
2012-03-17 10:06:50 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2012-03-17 10:02:03 592824 ----a-w- C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll
2012-03-17 10:02:03 44472 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
2012-03-11 09:15:13 -------- d-----w- C:\Users\Stine\AppData\Roaming\kodak
2012-03-10 08:01:27 -------- d-----w- C:\Users\Stine\AppData\Roaming\Ughoahh
2012-03-10 08:01:27 -------- d-----w- C:\Users\Stine\AppData\Roaming\Cufiwoe
2012-03-04 09:26:02 -------- d-----w- C:\Users\Stine\AppData\Roaming\Syewoce
2012-03-04 09:26:02 -------- d-----w- C:\Users\Stine\AppData\Roaming\Axvy
.
==================== Find3M ====================
.
2012-03-18 08:11:29 525544 ----a-w- C:\Windows\System32\deployJava1.dll
2012-03-18 08:07:43 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-03-18 07:53:13 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-17 06:38:26 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-02-17 05:34:22 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-02-17 04:58:24 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-02-17 04:57:32 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-02-10 06:36:07 1544192 ----a-w- C:\Windows\System32\DWrite.dll
2012-02-10 05:38:43 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll
2012-02-03 04:34:34 3145728 ----a-w- C:\Windows\System32\win32k.sys
2012-01-25 06:38:39 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-01-25 06:38:38 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-01-25 06:33:30 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-01-05 12:10:11 161032 ----a-w- C:\Windows\System32\drivers\PSINAflt.sys
2011-12-30 06:26:08 515584 ----a-w- C:\Windows\System32\timedate.cpl
2011-12-30 05:27:56 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl
2011-12-28 03:59:24 498688 ----a-w- C:\Windows\System32\drivers\afd.sys
.
============= FINISH: 11:52:52,74 ===============