DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 6.0.2900.2180Run by Pe

1. DDS (Ver_2012-11-20.01) - NTFS_x86
2. Internet Explorer: 6.0.2900.2180
3. Run by Pedja at 21:04:59 on 2013-07-13
4. Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2047.1321 [GMT 2:00]
5. .
6. AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
7. .
8. ============== Running Processes ================
9. .
10. C:\WINDOWS\system32\nvsvc32.exe
11. C:\WINDOWS\system32\spoolsv.exe
12. C:\WINDOWS\Explorer.EXE
13. C:\WINDOWS\system32\RUNDLL32.EXE
14. C:\WINDOWS\RTHDCPL.EXE
15. C:\WINDOWS\system32\ctfmon.exe
16. C:\Documents and Settings\Pedja\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe
17. C:\Program Files\Skype\Phone\Skype.exe
18. C:\Program Files\MCShield\MCShieldRTM.exe
19. C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
20. C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
21. C:\WINDOWS\System32\alg.exe
22. C:\Program Files\Mozilla Firefox\firefox.exe
23. C:\Program Files\Mozilla Firefox\plugin-container.exe
24. C:\WINDOWS\system32\wbem\wmiprvse.exe
25. C:\WINDOWS\System32\svchost.exe -k netsvcs
26. C:\WINDOWS\system32\svchost.exe -k NetworkService
27. C:\WINDOWS\system32\svchost.exe -k LocalService
28. C:\WINDOWS\system32\svchost.exe -k imgsvc
29. .
30. ============== Pseudo HJT Report ===============
31. .
32. uStart Page = hxxp://www.google.com
33. BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
34. uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
35. uRun: [Google Update] "c:\documents and settings\pedja\local settings\application data\google\update\GoogleUpdate.exe" /c
36. uRun: [Facebook Update] "c:\documents and settings\pedja\local settings\application data\facebook\update\FacebookUpdate.exe" /c /nocrashserver
37. uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
38. uRun: [MCShield Monitor] c:\program files\mcshield\MCShieldRTM.exe
39. mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /install
40. mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
41. mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
42. mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
43. mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
44. mRun: [RTHDCPL] RTHDCPL.EXE
45. mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
46. uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
47. mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
48. IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
49. IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
50. IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
51. DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1367525119187
52. TCP: NameServer = 79.143.160.20 79.143.168.8
53. TCP: Interfaces\{6E250B0A-5289-4F49-A575-F8EDE5AC939F} : DHCPNameServer = 79.143.160.20 79.143.168.8
54. Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
55. AppInit_DLLs= c:\docume~1\alluse~1\applic~1\browse~1\261249~1.132\{c16c1~1\browse~1.dll
56. .
57. ================= FIREFOX ===================
58. .
59. FF - ProfilePath - c:\documents and settings\pedja\application data\mozilla\firefox\profiles\spy0hywg.default\
60. FF - prefs.js: browser.startup.homepage - hxxp://www.google.ba/
61. FF - plugin: c:\documents and settings\pedja\local settings\application data\facebook\video\skype\npFacebookVideoCalling.dll
62. FF - plugin: c:\documents and settings\pedja\local settings\application data\google\update\1.3.21.153\npGoogleUpdate3.dll
63. FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
64. FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_224.dll
65. FF - ExtSQL: 2013-07-08 11:00; jid1-tdms4EWes6XF5w@jetpack; c:\documents and settings\pedja\application data\mozilla\firefox\profiles\spy0hywg.default\extensions\jid1-tdms4EWes6XF5w@jetpack.xpi
66. .
67. ============= SERVICES / DRIVERS ===============
68. .
69. R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2013-2-8 60216]
70. R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2013-2-8 245048]
71. R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2013-2-8 96568]
72. R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2013-2-8 39224]
73. R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2013-2-26 208184]
74. R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2013-3-1 22328]
75. R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2013-2-8 170808]
76. R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2013-2-14 182072]
77. R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2013-5-2 37664]
78. R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2013-5-14 4937264]
79. R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2013-4-18 283136]
80. S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-4-19 161384]
81. S2 vToolbarUpdater15.2.0;vToolbarUpdater15.2.0;c:\program files\common files\avg secure search\vtoolbarupdater\15.2.0\toolbarupdater.exe --> c:\program files\common files\avg secure search\vtoolbarupdater\15.2.0\ToolbarUpdater.exe [?]
82. S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2013-5-3 1684736]
83. .
84. =============== Created Last 30 ================
85. .
86. 2013-07-13 16:11:06 24064 ----a-w- c:\windows\zoek-delete.exe
87. 2013-07-11 08:57:32 -------- d-----w- c:\documents and settings\all users\application data\MCShield
88. 2013-07-11 08:57:31 -------- d-----w- c:\program files\MCShield
89. 2013-07-08 09:08:28 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
90. 2013-07-08 08:33:57 -------- d-----w- c:\windows\system32\wbem\repository\FS
91. 2013-07-08 08:33:57 -------- d-----w- c:\windows\system32\wbem\Repository
92. 2013-07-08 08:28:17 -------- d-----w- c:\program files\OpenAL
93. 2013-07-07 12:37:00 -------- d-----w- c:\documents and settings\pedja\application data\avidemux
94. 2013-07-07 09:25:35 -------- d-----w- c:\documents and settings\pedja\application data\NCH Software
95. 2013-07-07 09:25:24 -------- d-----w- c:\program files\NCH Software
96. 2013-07-07 08:37:25 -------- d-----w- c:\documents and settings\pedja\application data\Malwarebytes
97. 2013-07-07 08:35:18 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
98. 2013-07-07 08:35:18 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
99. 2013-07-07 08:34:44 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy
100. 2013-06-30 13:58:44 -------- d-----w- c:\documents and settings\all users\GlarySoft
101. 2013-06-30 13:32:59 -------- d-----w- c:\program files\Glary Utilities 3
102. .
103. ==================== Find3M ====================
104. .
105. 2013-06-18 16:52:44 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
106. 2013-06-18 16:52:44 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
107. 2013-06-01 16:07:35 444952 ----a-w- c:\windows\system32\wrap_oal.dll
108. 2013-06-01 16:07:35 109080 ----a-w- c:\windows\system32\OpenAL32.dll
109. 2013-05-23 09:34:14 37664 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
110. .
111. ============= FINISH: 21:10:12.25 ===============