Hello and thanks for this free service,
I have recently had a problem with my desktop computer. Namely, the internet browsers will not launch. Also, when I try to double-click on a Word file it won't open. Instead, I get a message which reads "this file does not have a program associated with it for performing this action. Create an association in the folder options control panel." I don't know if this is related at all to browser problem, or potential malware, but I thought I should mention it regardless.
It should be noted that I have often used that computer in the past to download torrents.
Thanks for the help. I am currently learning as much as possible about internet security.
I don't have a back up CD/Reboot CD.
Here is the DDS:
DDS (Ver_2012-11-07.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702
Run by pc1 at 16:19:09 on 2012-11-11
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3071.1684 [GMT 9:00]
.
AV: V3 Internet Security *Disabled/Outdated* {D881C1F7-6566-4C80-82F8-BA5258DDD50E}
FW: V3 Internet Security *Disabled*
.
============== Running Processes ================
.
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AhnLab\ACA\ACAAS.exe
C:\Program Files\AhnLab\V3IS2007\V3ClnSrv.exe
C:\Program Files\Common Files\AhnLab\ACA\ACAEGMgr.exe
C:\Program Files\AhnLab\V3IS2007\MSProxy.ahn
C:\Program Files\Common Files\AhnLab\ACA\ACAIS.exe
C:\Program Files\AhnLab\Smart Update Utility\AhnSDsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Documents and Settings\All Users\Application Data\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
C:\Documents and Settings\All Users\Application Data\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
C:\Program Files\Hotspot Shield\bin\hsswd.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\KaraokeSer.exe
C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
C:\Documents and Settings\pc1\Local Settings\Application Data\Pokki\v0.260.6.332\pokki.exe
C:\Program Files\AhnLab\Smart Update Utility\AhnSD.exe
C:\PROGRA~1\COMMON~1\AhnLab\ACA\ACASP.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\WinZip\WZQKPICK32.EXE
C:\Program Files\MagicDisc\MagicDisc.exe
C:\Program Files\DAUM\MyPeople\MyPeople\MyPeople.exe
C:\Documents and Settings\pc1\Local Settings\Application Data\Autobahn\nexdef.exe
C:\Documents and Settings\pc1\Local Settings\Application Data\Pokki\v0.260.6.332\pokki.exe
C:\Documents and Settings\pc1\Local Settings\Application Data\Pokki\v0.260.6.332\pokki.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Hotspot Shield\bin\openvpntray.exe
C:\Documents and Settings\pc1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\pc1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\pc1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\pc1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\pc1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\pc1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\pc1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\pc1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\pc1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\pc1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\pc1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\pc1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\pc1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.exe
C:\Documents and Settings\pc1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.daum.net/
uWindow Title = Internet Explorer, optimized for Bing and MSN
uInternet Connection Wizard,ShellNext = hxxp://us.yahoo.com/
uProxyOverride = <local>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Codecv Class: {340AB0F0-418F-FEC0-B368-B2CC553BB1D3} - c:\documents and settings\all users\application data\codecv\bhoclass.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: PodcastBHO Class: {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - c:\program files\common files\doubletwist\IEPodcastPlugin.dll
BHO: ALToolbarBho: {7F1A79F9-78D1-4186-9F60-EE0B63DF042A} - c:\program files\estsoft\altoolbar\ALToolBar_2240.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\13.2.0.5\AVG Secure Search_toolbar.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Daum Ŭ¸®³Ê: {BDDB5A00-D1EB-49D5-B197-72A06DF78AA1} - c:\program files\daum\cleaner\DaumStart.1.5.0.118.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\microsoft\bingbar\7.1.391.0\BingExt.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: Hotspot Shield Class: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - c:\program files\hotspot shield\hssie\HssIE.dll
BHO: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} -
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\13.2.0.5\AVG Secure Search_toolbar.dll
TB: ALToolBar: {38FBE93D-4CA1-4414-AF6A-94920C5BD8DA} - c:\program files\estsoft\altoolbar\ALToolBar_2240.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Google Update] "c:\documents and settings\pc1\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [Pokki] "c:\documents and settings\pc1\local settings\application data\pokki\v0.260.6.332\pokki.exe"
uRun: [DaumCleaner] "c:\program files\daum\cleaner\DaumCleaner.exe" /T
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [AHNSD] "c:\program files\ahnlab\smart update utility\AhnSD.exe"
mRun: [AhnLab Session Process] "c:\progra~1\common~1\ahnlab\aca\ACASP.exe"
mRun: [imekrmig7.0] "c:\program files\common files\microsoft shared\ime\imkr7\IMEKRMIG.EXE"
mRun: [nwiz] nwiz.exe /installquiet
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [HDAudDeck] c:\program files\via\viaudioi\hdadeck\HDeck.exe 1
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [ROC_ROC_JULY_P1] "c:\program files\avg secure search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRunOnce: [SpybotSnD] "c:\program files\spybot - search & destroy\SpybotSD.exe" /autocheck
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\pc1\startm~1\programs\startup\digsby.lnk - c:\program files\digsby\digsby.exe
StartupFolder: c:\docume~1\pc1\startm~1\programs\startup\magicd~1.lnk - c:\program files\magicdisc\MagicDisc.exe
StartupFolder: c:\docume~1\pc1\startm~1\programs\startup\mypeople.lnk - c:\program files\daum\mypeople\mypeople\MyPeople.exe
StartupFolder: c:\docume~1\pc1\startm~1\programs\startup\nexdef~1.lnk - c:\documents and settings\pc1\local settings\application data\autobahn\nexdef.exe
StartupFolder: c:\docume~1\pc1\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK32.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: Microsoft Excel? ????(&X) - <no file>
IE: ¾ËÅø¹Ù ºü¸¥°Ë»ö(&Q) - <no file>
IE: À̹ÌÁö EXIF Á¤º¸ º¸±â - <no file>
IE: ??? ????(&Q) - <no file>
IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files\pokerstars\PokerStarsUpdate.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {7E9FDB80-5316-11D4-B02C-00C04F0CD404} - hxxps://yescardacs.keb.co.kr/XecureObject/xw_install.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
TCP: Interfaces\{0BA823E8-018B-418C-8751-C8BF38812ABC} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{2C294D05-F296-4F0B-B697-71187BFB1392} : DHCPNameServer = 168.126.63.1 168.126.63.2
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: smart - {402CA0E4-3090-402e-BE90-3EE9B766EBB0} - c:\program files\estsoft\altoolbar\ALToolBarProtocol.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\13.2.0\ViProtocol.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\pc1\application data\mozilla\firefox\profiles\ev1fuoyj.default\
FF - prefs.js: network.proxy.ftp - 98.192.103.79
FF - prefs.js: network.proxy.ftp_port - 41897
FF - prefs.js: network.proxy.http - 98.192.103.79
FF - prefs.js: network.proxy.http_port - 41897
FF - prefs.js: network.proxy.socks - 98.192.103.79
FF - prefs.js: network.proxy.socks_port - 41897
FF - prefs.js: network.proxy.ssl - 98.192.103.79
FF - prefs.js: network.proxy.ssl_port - 41897
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\documents and settings\pc1\application data\mozilla\plugins\NPNLiveCast.dll
FF - plugin: c:\documents and settings\pc1\local settings\application data\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\13.2.0\npsitesafety.dll
FF - plugin: c:\program files\common files\doubletwist\NPPodcast.dll
FF - plugin: c:\program files\common files\gretech\npgomtvx_nie.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\interezen\plugins\NPI3GManager.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\kcp\plugin\npKCPPlugin.dll
FF - plugin: c:\program files\microsoft silverlight\5.0.61118.0\npctrlui.dll
FF - plugin: c:\program files\softforum\xecureweb\activex\npxwebplugin.dll
FF - plugin: c:\program files\softforum\xecureweb\activex\npxwebplugin_file.dll
FF - plugin: c:\program files\veetle\player\npvlc.dll
FF - plugin: c:\program files\veetle\plugins\npVeetle.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_402_287.dll
FF - plugin: c:\windows\system32\npCmn.dll
FF - plugin: c:\windows\system32\npeutilex.dll
FF - plugin: c:\windows\system32\nPFW.dll
FF - plugin: c:\windows\system32\nPFWFlt.dll
FF - plugin: c:\windows\system32\npidsx.dll
FF - plugin: c:\windows\system32\npKeyPro.dll
FF - plugin: c:\windows\system32\npOrdInstruct.dll
FF - plugin: c:\windows\system32\npptools.dll
FF - ExtSQL: 2012-10-01 13:37; 50691f0c728dc@50691f0c72916.com; c:\documents and settings\pc1\application data\mozilla\firefox\profiles\ev1fuoyj.default\extensions\50691f0c728dc@50691f0c72916.com.xpi
FF - ExtSQL: 2012-10-05 23:04; plugin@yontoo.com; c:\documents and settings\pc1\application data\mozilla\firefox\profiles\ev1fuoyj.default\extensions\plugin@yontoo.com
.
---- FIREFOX POLICIES ----
FF - user.js: extentions.y2layers.installId - ebd2b67b-3623-47fe-9391-fb359b27d44b
FF - user.js: extentions.y2layers.defaultEnableAppsList - Buzzdock,Buzzdock,
FF - user.js: extensions.autoDisableScopes - 14
FF - user.js: security.csp.enable - false
FF - user.js: extensions.claro.tlbrSrchUrl -
FF - user.js: extensions.claro.id - a891602f00000000000000ff8e473fb0
FF - user.js: extensions.claro.appId - {C3110516-8EFC-49D6-8B72-69354F332062}
FF - user.js: extensions.claro.instlDay - 15652
FF - user.js: extensions.claro.vrsn - 1.8.3.10
FF - user.js: extensions.claro.vrsni - 1.8.3.10
FF - user.js: extensions.claro_i.vrsnTs - 1.8.3.1011:39:36
FF - user.js: extensions.claro.prtnrId - claro
FF - user.js: extensions.claro.prdct - claro
FF - user.js: extensions.claro.aflt - babsst
FF - user.js: extensions.claro_i.smplGrp - none
FF - user.js: extensions.claro.tlbrId - claro
FF - user.js: extensions.claro.instlRef - sst
FF - user.js: extensions.claro.dfltLng - en
FF - user.js: extensions.claro.excTlbr - false
FF - user.js: extensions.claro.admin - false
.
============= SERVICES / DRIVERS ===============
.
R1 AMonTDnt;AMonTDnt;c:\windows\system32\drivers\AMonTDnt.sys [2008-7-6 95880]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-9-4 26984]
R2 AhnLab Application Service;AhnLab Application Service;c:\program files\common files\ahnlab\aca\ACAAS.exe [2008-7-6 35016]
R2 AhnLab Clean Service;AhnLab Clean Service;c:\program files\ahnlab\v3is2007\v3clnsrv.exe [2008-7-6 338144]
R2 AhnLab Guarantee Service;AhnLab Guarantee Service;c:\program files\common files\ahnlab\aca\ACAEGMgr.exe [2008-7-6 50384]
R2 AhnLab Information Service;AhnLab Information Service;c:\program files\common files\ahnlab\aca\ACAIS.exe [2008-7-6 36040]
R2 AhnLab Task Scheduler;AhnLab Task Scheduler;c:\program files\ahnlab\smart update utility\AhnSDsv.exe [2008-7-6 191208]
R2 AMonHKnt;AMonHKnt;c:\windows\system32\drivers\AMonHKnt.sys [2008-7-6 53224]
R2 Browser Manager;Browser Manager;c:\documents and settings\all users\application data\browser manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [2012-11-8 2312216]
R2 hshld;Hotspot Shield Service;c:\program files\hotspot shield\bin\openvpnas.exe [2012-7-13 471408]
R2 HssWd;Hotspot Shield Monitoring Service;c:\program files\hotspot shield\bin\hsswd.exe [2012-7-10 385392]
R2 iPodDrv;iPodDrv;c:\windows\system32\drivers\iPodDrv.sys [2011-7-28 6656]
R2 KaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\KaraokeSer.exe [2012-1-8 88688]
R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\all users\application data\skype\toolbars\skype c2c service\c2c_service.exe [2012-10-2 3064000]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2012\TuneUpUtilitiesService32.exe [2012-5-29 1528672]
R2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files\common files\avg secure search\vtoolbarupdater\13.2.0\ToolbarUpdater.exe [2012-11-9 711112]
R3 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\7.1.391.0\SeaPort.EXE [2012-6-11 240208]
R3 CdmDrvNt;CdmDrvNt;c:\windows\system32\drivers\CdmDrvNT.sys [2008-7-6 19640]
R3 ISFWEnt;ISFWEnt;c:\program files\ahnlab\v3is2007\ISFWENt.sys [2008-7-6 143744]
R3 ISIPSEnt;ISIPSEnt;c:\program files\ahnlab\v3is2007\ISIPSENt.sys [2008-7-6 139752]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2012\TuneUpUtilitiesDriver32.sys [2012-5-8 10064]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2012-1-8 2819968]
S1 ATamptNt_V3IS2007;ATamptNt_V3IS2007;c:\progra~1\ahnlab\v3is2007\ATamptNt.sys [2012-7-16 168032]
S2 BBSvc;BingBar Service;c:\program files\microsoft\bingbar\7.1.391.0\BBSvc.EXE [2012-6-11 193616]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-1-31 158856]
S3 AhnFlt2k;AhnFlt2k;c:\windows\system32\drivers\AhnFlt2k.sys [2008-7-6 53088]
S3 AhnRec2k;AhnRec2k;c:\windows\system32\drivers\AhnRec2k.sys [2008-7-6 20576]
S3 AhnRghNt;AhnRghNt;c:\windows\system32\drivers\AhnRghNt.sys [2008-7-6 58592]
S3 AhnSZE;AhnSZE;c:\windows\system32\drivers\ahnsze.sys [2008-7-6 1594808]
S3 AMBFilt;AMBFilt;c:\windows\system32\drivers\Ambfilt.sys [2012-1-8 1656960]
S3 ArfMonNt;ArfMonNt;c:\program files\ahnlab\v3is2007\ArfMonNt.sys [2008-7-6 118752]
S3 ASZFltNt;ASZFltNt;c:\progra~1\ahnlab\v3is2007\ASZFltNt.sys [2008-7-6 127584]
S3 ISPIBEnt;ISPIBEnt;c:\program files\ahnlab\v3is2007\ISPIBENt.sys [2008-7-6 128392]
S3 ISPrxEnt;ISPrxEnt;c:\program files\ahnlab\v3is2007\ISPrxENT.sys [2008-7-6 77128]
S3 ISTrkEnt;ISTrkEnt;c:\program files\ahnlab\v3is2007\ISTrkENt.sys [2008-7-6 90920]
S3 JRSKD24;JRSKD24;\??\c:\windows\system32\jrskd24.sys --> c:\windows\system32\JRSKD24.SYS [?]
S3 JRSUKD25;JRSUKD25;c:\windows\system32\JRSUKD25.SYS [2012-1-19 22480]
S3 kcrtx86;kcrtx86;c:\windows\system32\kcrtx86.sys [2012-1-19 126048]
S3 NPF;Netgroup Packet Filter;c:\windows\system32\drivers\efm-npf.sys [2012-4-11 42000]
S3 NPFW;NPFW;c:\windows\system32\Npfw.sys [2012-1-19 108736]
S3 NPFWFLT;NPFWFLT;c:\windows\system32\npfwflt.sys [2012-1-19 82496]
S3 NPIDS;NPIDS;c:\windows\system32\npids.sys [2012-1-19 61792]
S3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192cu.sys [2012-1-8 994024]
S3 v3engine;v3engine;c:\windows\system32\drivers\V3Engine.sys [2008-7-6 2256184]
S3 V3Flt2K;V3Flt2K;c:\progra~1\ahnlab\v3is2007\V3Flt2K.sys [2008-7-6 161888]
S3 V3IFt2K;V3IFt2K;c:\progra~1\ahnlab\v3is2007\V3IFt2K.sys [2008-7-6 77664]
.
=============== Created Last 30 ================
.
2012-11-11 06:52:00 -------- d-----w- c:\program files\Spybot - Search & Destroy
2012-11-11 06:52:00 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy
2012-11-11 06:43:11 -------- d-----w- c:\documents and settings\pc1\application data\Claro LTD
2012-11-08 02:39:46 -------- d-----w- c:\documents and settings\pc1\application data\Claro
2012-11-08 02:39:46 -------- d-----w- c:\documents and settings\all users\application data\Browser Manager
2012-11-08 02:39:36 -------- d-----w- c:\program files\Claro LTD
2012-11-03 01:14:24 -------- d-----w- c:\windows\system32\Hotspot Shield
2012-10-28 07:49:06 -------- d-----w- c:\documents and settings\pc1\local settings\application data\Naver
2012-10-28 07:48:57 -------- d-----w- c:\documents and settings\pc1\application data\Naver
2012-10-14 14:33:29 138320 ----a-r- c:\windows\system32\CKAgent.exe
2012-10-14 13:30:44 -------- dc-h--w- c:\windows\ie8
2012-10-14 02:03:13 -------- d-----w- c:\documents and settings\pc1\.autobahn
2012-10-14 02:03:02 -------- d-----w- c:\documents and settings\pc1\local settings\application data\Autobahn
.
==================== Find3M ====================
.
2012-11-08 15:55:02 26984 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2012-10-09 19:05:03 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-09 19:05:02 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
============= FINISH: 16:19:26.48 ===============
I have recently had a problem with my desktop computer. Namely, the internet browsers will not launch. Also, when I try to double-click on a Word file it won't open. Instead, I get a message which reads "this file does not have a program associated with it for performing this action. Create an association in the folder options control panel." I don't know if this is related at all to browser problem, or potential malware, but I thought I should mention it regardless.
It should be noted that I have often used that computer in the past to download torrents.
Thanks for the help. I am currently learning as much as possible about internet security.
I don't have a back up CD/Reboot CD.
Here is the DDS:
DDS (Ver_2012-11-07.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702
Run by pc1 at 16:19:09 on 2012-11-11
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3071.1684 [GMT 9:00]
.
AV: V3 Internet Security *Disabled/Outdated* {D881C1F7-6566-4C80-82F8-BA5258DDD50E}
FW: V3 Internet Security *Disabled*
.
============== Running Processes ================
.
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AhnLab\ACA\ACAAS.exe
C:\Program Files\AhnLab\V3IS2007\V3ClnSrv.exe
C:\Program Files\Common Files\AhnLab\ACA\ACAEGMgr.exe
C:\Program Files\AhnLab\V3IS2007\MSProxy.ahn
C:\Program Files\Common Files\AhnLab\ACA\ACAIS.exe
C:\Program Files\AhnLab\Smart Update Utility\AhnSDsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Documents and Settings\All Users\Application Data\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
C:\Documents and Settings\All Users\Application Data\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
C:\Program Files\Hotspot Shield\bin\hsswd.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\KaraokeSer.exe
C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
C:\Documents and Settings\pc1\Local Settings\Application Data\Pokki\v0.260.6.332\pokki.exe
C:\Program Files\AhnLab\Smart Update Utility\AhnSD.exe
C:\PROGRA~1\COMMON~1\AhnLab\ACA\ACASP.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\WinZip\WZQKPICK32.EXE
C:\Program Files\MagicDisc\MagicDisc.exe
C:\Program Files\DAUM\MyPeople\MyPeople\MyPeople.exe
C:\Documents and Settings\pc1\Local Settings\Application Data\Autobahn\nexdef.exe
C:\Documents and Settings\pc1\Local Settings\Application Data\Pokki\v0.260.6.332\pokki.exe
C:\Documents and Settings\pc1\Local Settings\Application Data\Pokki\v0.260.6.332\pokki.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Hotspot Shield\bin\openvpntray.exe
C:\Documents and Settings\pc1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\pc1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\pc1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\pc1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\pc1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\pc1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\pc1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\pc1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\pc1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\pc1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\pc1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\pc1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\pc1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.exe
C:\Documents and Settings\pc1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.daum.net/
uWindow Title = Internet Explorer, optimized for Bing and MSN
uInternet Connection Wizard,ShellNext = hxxp://us.yahoo.com/
uProxyOverride = <local>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Codecv Class: {340AB0F0-418F-FEC0-B368-B2CC553BB1D3} - c:\documents and settings\all users\application data\codecv\bhoclass.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: PodcastBHO Class: {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - c:\program files\common files\doubletwist\IEPodcastPlugin.dll
BHO: ALToolbarBho: {7F1A79F9-78D1-4186-9F60-EE0B63DF042A} - c:\program files\estsoft\altoolbar\ALToolBar_2240.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\13.2.0.5\AVG Secure Search_toolbar.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Daum Ŭ¸®³Ê: {BDDB5A00-D1EB-49D5-B197-72A06DF78AA1} - c:\program files\daum\cleaner\DaumStart.1.5.0.118.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\microsoft\bingbar\7.1.391.0\BingExt.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: Hotspot Shield Class: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - c:\program files\hotspot shield\hssie\HssIE.dll
BHO: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} -
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\13.2.0.5\AVG Secure Search_toolbar.dll
TB: ALToolBar: {38FBE93D-4CA1-4414-AF6A-94920C5BD8DA} - c:\program files\estsoft\altoolbar\ALToolBar_2240.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Google Update] "c:\documents and settings\pc1\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [Pokki] "c:\documents and settings\pc1\local settings\application data\pokki\v0.260.6.332\pokki.exe"
uRun: [DaumCleaner] "c:\program files\daum\cleaner\DaumCleaner.exe" /T
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [AHNSD] "c:\program files\ahnlab\smart update utility\AhnSD.exe"
mRun: [AhnLab Session Process] "c:\progra~1\common~1\ahnlab\aca\ACASP.exe"
mRun: [imekrmig7.0] "c:\program files\common files\microsoft shared\ime\imkr7\IMEKRMIG.EXE"
mRun: [nwiz] nwiz.exe /installquiet
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [HDAudDeck] c:\program files\via\viaudioi\hdadeck\HDeck.exe 1
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [ROC_ROC_JULY_P1] "c:\program files\avg secure search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRunOnce: [SpybotSnD] "c:\program files\spybot - search & destroy\SpybotSD.exe" /autocheck
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\pc1\startm~1\programs\startup\digsby.lnk - c:\program files\digsby\digsby.exe
StartupFolder: c:\docume~1\pc1\startm~1\programs\startup\magicd~1.lnk - c:\program files\magicdisc\MagicDisc.exe
StartupFolder: c:\docume~1\pc1\startm~1\programs\startup\mypeople.lnk - c:\program files\daum\mypeople\mypeople\MyPeople.exe
StartupFolder: c:\docume~1\pc1\startm~1\programs\startup\nexdef~1.lnk - c:\documents and settings\pc1\local settings\application data\autobahn\nexdef.exe
StartupFolder: c:\docume~1\pc1\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK32.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: Microsoft Excel? ????(&X) - <no file>
IE: ¾ËÅø¹Ù ºü¸¥°Ë»ö(&Q) - <no file>
IE: À̹ÌÁö EXIF Á¤º¸ º¸±â - <no file>
IE: ??? ????(&Q) - <no file>
IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files\pokerstars\PokerStarsUpdate.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {7E9FDB80-5316-11D4-B02C-00C04F0CD404} - hxxps://yescardacs.keb.co.kr/XecureObject/xw_install.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
TCP: Interfaces\{0BA823E8-018B-418C-8751-C8BF38812ABC} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{2C294D05-F296-4F0B-B697-71187BFB1392} : DHCPNameServer = 168.126.63.1 168.126.63.2
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: smart - {402CA0E4-3090-402e-BE90-3EE9B766EBB0} - c:\program files\estsoft\altoolbar\ALToolBarProtocol.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\13.2.0\ViProtocol.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\pc1\application data\mozilla\firefox\profiles\ev1fuoyj.default\
FF - prefs.js: network.proxy.ftp - 98.192.103.79
FF - prefs.js: network.proxy.ftp_port - 41897
FF - prefs.js: network.proxy.http - 98.192.103.79
FF - prefs.js: network.proxy.http_port - 41897
FF - prefs.js: network.proxy.socks - 98.192.103.79
FF - prefs.js: network.proxy.socks_port - 41897
FF - prefs.js: network.proxy.ssl - 98.192.103.79
FF - prefs.js: network.proxy.ssl_port - 41897
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\documents and settings\pc1\application data\mozilla\plugins\NPNLiveCast.dll
FF - plugin: c:\documents and settings\pc1\local settings\application data\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\13.2.0\npsitesafety.dll
FF - plugin: c:\program files\common files\doubletwist\NPPodcast.dll
FF - plugin: c:\program files\common files\gretech\npgomtvx_nie.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\interezen\plugins\NPI3GManager.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\kcp\plugin\npKCPPlugin.dll
FF - plugin: c:\program files\microsoft silverlight\5.0.61118.0\npctrlui.dll
FF - plugin: c:\program files\softforum\xecureweb\activex\npxwebplugin.dll
FF - plugin: c:\program files\softforum\xecureweb\activex\npxwebplugin_file.dll
FF - plugin: c:\program files\veetle\player\npvlc.dll
FF - plugin: c:\program files\veetle\plugins\npVeetle.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_402_287.dll
FF - plugin: c:\windows\system32\npCmn.dll
FF - plugin: c:\windows\system32\npeutilex.dll
FF - plugin: c:\windows\system32\nPFW.dll
FF - plugin: c:\windows\system32\nPFWFlt.dll
FF - plugin: c:\windows\system32\npidsx.dll
FF - plugin: c:\windows\system32\npKeyPro.dll
FF - plugin: c:\windows\system32\npOrdInstruct.dll
FF - plugin: c:\windows\system32\npptools.dll
FF - ExtSQL: 2012-10-01 13:37; 50691f0c728dc@50691f0c72916.com; c:\documents and settings\pc1\application data\mozilla\firefox\profiles\ev1fuoyj.default\extensions\50691f0c728dc@50691f0c72916.com.xpi
FF - ExtSQL: 2012-10-05 23:04; plugin@yontoo.com; c:\documents and settings\pc1\application data\mozilla\firefox\profiles\ev1fuoyj.default\extensions\plugin@yontoo.com
.
---- FIREFOX POLICIES ----
FF - user.js: extentions.y2layers.installId - ebd2b67b-3623-47fe-9391-fb359b27d44b
FF - user.js: extentions.y2layers.defaultEnableAppsList - Buzzdock,Buzzdock,
FF - user.js: extensions.autoDisableScopes - 14
FF - user.js: security.csp.enable - false
FF - user.js: extensions.claro.tlbrSrchUrl -
FF - user.js: extensions.claro.id - a891602f00000000000000ff8e473fb0
FF - user.js: extensions.claro.appId - {C3110516-8EFC-49D6-8B72-69354F332062}
FF - user.js: extensions.claro.instlDay - 15652
FF - user.js: extensions.claro.vrsn - 1.8.3.10
FF - user.js: extensions.claro.vrsni - 1.8.3.10
FF - user.js: extensions.claro_i.vrsnTs - 1.8.3.1011:39:36
FF - user.js: extensions.claro.prtnrId - claro
FF - user.js: extensions.claro.prdct - claro
FF - user.js: extensions.claro.aflt - babsst
FF - user.js: extensions.claro_i.smplGrp - none
FF - user.js: extensions.claro.tlbrId - claro
FF - user.js: extensions.claro.instlRef - sst
FF - user.js: extensions.claro.dfltLng - en
FF - user.js: extensions.claro.excTlbr - false
FF - user.js: extensions.claro.admin - false
.
============= SERVICES / DRIVERS ===============
.
R1 AMonTDnt;AMonTDnt;c:\windows\system32\drivers\AMonTDnt.sys [2008-7-6 95880]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-9-4 26984]
R2 AhnLab Application Service;AhnLab Application Service;c:\program files\common files\ahnlab\aca\ACAAS.exe [2008-7-6 35016]
R2 AhnLab Clean Service;AhnLab Clean Service;c:\program files\ahnlab\v3is2007\v3clnsrv.exe [2008-7-6 338144]
R2 AhnLab Guarantee Service;AhnLab Guarantee Service;c:\program files\common files\ahnlab\aca\ACAEGMgr.exe [2008-7-6 50384]
R2 AhnLab Information Service;AhnLab Information Service;c:\program files\common files\ahnlab\aca\ACAIS.exe [2008-7-6 36040]
R2 AhnLab Task Scheduler;AhnLab Task Scheduler;c:\program files\ahnlab\smart update utility\AhnSDsv.exe [2008-7-6 191208]
R2 AMonHKnt;AMonHKnt;c:\windows\system32\drivers\AMonHKnt.sys [2008-7-6 53224]
R2 Browser Manager;Browser Manager;c:\documents and settings\all users\application data\browser manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [2012-11-8 2312216]
R2 hshld;Hotspot Shield Service;c:\program files\hotspot shield\bin\openvpnas.exe [2012-7-13 471408]
R2 HssWd;Hotspot Shield Monitoring Service;c:\program files\hotspot shield\bin\hsswd.exe [2012-7-10 385392]
R2 iPodDrv;iPodDrv;c:\windows\system32\drivers\iPodDrv.sys [2011-7-28 6656]
R2 KaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\KaraokeSer.exe [2012-1-8 88688]
R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\all users\application data\skype\toolbars\skype c2c service\c2c_service.exe [2012-10-2 3064000]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2012\TuneUpUtilitiesService32.exe [2012-5-29 1528672]
R2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files\common files\avg secure search\vtoolbarupdater\13.2.0\ToolbarUpdater.exe [2012-11-9 711112]
R3 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\7.1.391.0\SeaPort.EXE [2012-6-11 240208]
R3 CdmDrvNt;CdmDrvNt;c:\windows\system32\drivers\CdmDrvNT.sys [2008-7-6 19640]
R3 ISFWEnt;ISFWEnt;c:\program files\ahnlab\v3is2007\ISFWENt.sys [2008-7-6 143744]
R3 ISIPSEnt;ISIPSEnt;c:\program files\ahnlab\v3is2007\ISIPSENt.sys [2008-7-6 139752]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2012\TuneUpUtilitiesDriver32.sys [2012-5-8 10064]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2012-1-8 2819968]
S1 ATamptNt_V3IS2007;ATamptNt_V3IS2007;c:\progra~1\ahnlab\v3is2007\ATamptNt.sys [2012-7-16 168032]
S2 BBSvc;BingBar Service;c:\program files\microsoft\bingbar\7.1.391.0\BBSvc.EXE [2012-6-11 193616]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-1-31 158856]
S3 AhnFlt2k;AhnFlt2k;c:\windows\system32\drivers\AhnFlt2k.sys [2008-7-6 53088]
S3 AhnRec2k;AhnRec2k;c:\windows\system32\drivers\AhnRec2k.sys [2008-7-6 20576]
S3 AhnRghNt;AhnRghNt;c:\windows\system32\drivers\AhnRghNt.sys [2008-7-6 58592]
S3 AhnSZE;AhnSZE;c:\windows\system32\drivers\ahnsze.sys [2008-7-6 1594808]
S3 AMBFilt;AMBFilt;c:\windows\system32\drivers\Ambfilt.sys [2012-1-8 1656960]
S3 ArfMonNt;ArfMonNt;c:\program files\ahnlab\v3is2007\ArfMonNt.sys [2008-7-6 118752]
S3 ASZFltNt;ASZFltNt;c:\progra~1\ahnlab\v3is2007\ASZFltNt.sys [2008-7-6 127584]
S3 ISPIBEnt;ISPIBEnt;c:\program files\ahnlab\v3is2007\ISPIBENt.sys [2008-7-6 128392]
S3 ISPrxEnt;ISPrxEnt;c:\program files\ahnlab\v3is2007\ISPrxENT.sys [2008-7-6 77128]
S3 ISTrkEnt;ISTrkEnt;c:\program files\ahnlab\v3is2007\ISTrkENt.sys [2008-7-6 90920]
S3 JRSKD24;JRSKD24;\??\c:\windows\system32\jrskd24.sys --> c:\windows\system32\JRSKD24.SYS [?]
S3 JRSUKD25;JRSUKD25;c:\windows\system32\JRSUKD25.SYS [2012-1-19 22480]
S3 kcrtx86;kcrtx86;c:\windows\system32\kcrtx86.sys [2012-1-19 126048]
S3 NPF;Netgroup Packet Filter;c:\windows\system32\drivers\efm-npf.sys [2012-4-11 42000]
S3 NPFW;NPFW;c:\windows\system32\Npfw.sys [2012-1-19 108736]
S3 NPFWFLT;NPFWFLT;c:\windows\system32\npfwflt.sys [2012-1-19 82496]
S3 NPIDS;NPIDS;c:\windows\system32\npids.sys [2012-1-19 61792]
S3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192cu.sys [2012-1-8 994024]
S3 v3engine;v3engine;c:\windows\system32\drivers\V3Engine.sys [2008-7-6 2256184]
S3 V3Flt2K;V3Flt2K;c:\progra~1\ahnlab\v3is2007\V3Flt2K.sys [2008-7-6 161888]
S3 V3IFt2K;V3IFt2K;c:\progra~1\ahnlab\v3is2007\V3IFt2K.sys [2008-7-6 77664]
.
=============== Created Last 30 ================
.
2012-11-11 06:52:00 -------- d-----w- c:\program files\Spybot - Search & Destroy
2012-11-11 06:52:00 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy
2012-11-11 06:43:11 -------- d-----w- c:\documents and settings\pc1\application data\Claro LTD
2012-11-08 02:39:46 -------- d-----w- c:\documents and settings\pc1\application data\Claro
2012-11-08 02:39:46 -------- d-----w- c:\documents and settings\all users\application data\Browser Manager
2012-11-08 02:39:36 -------- d-----w- c:\program files\Claro LTD
2012-11-03 01:14:24 -------- d-----w- c:\windows\system32\Hotspot Shield
2012-10-28 07:49:06 -------- d-----w- c:\documents and settings\pc1\local settings\application data\Naver
2012-10-28 07:48:57 -------- d-----w- c:\documents and settings\pc1\application data\Naver
2012-10-14 14:33:29 138320 ----a-r- c:\windows\system32\CKAgent.exe
2012-10-14 13:30:44 -------- dc-h--w- c:\windows\ie8
2012-10-14 02:03:13 -------- d-----w- c:\documents and settings\pc1\.autobahn
2012-10-14 02:03:02 -------- d-----w- c:\documents and settings\pc1\local settings\application data\Autobahn
.
==================== Find3M ====================
.
2012-11-08 15:55:02 26984 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2012-10-09 19:05:03 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-09 19:05:02 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
============= FINISH: 16:19:26.48 ===============