DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 6.0.2900.2180Run by Pe

1. DDS (Ver_2012-11-20.01) - NTFS_x86
2. Internet Explorer: 6.0.2900.2180
3. Run by Pedja at 11:14:45 on 2013-07-14
4. Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2047.1485 [GMT 2:00]
5. .
6. AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
7. .
8. ============== Running Processes ================
9. .
10. C:\WINDOWS\system32\nvsvc32.exe
11. C:\WINDOWS\system32\spoolsv.exe
12. C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
13. C:\WINDOWS\Explorer.EXE
14. C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
15. C:\WINDOWS\RTHDCPL.EXE
16. C:\WINDOWS\system32\ctfmon.exe
17. C:\Documents and Settings\Pedja\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe
18. C:\WINDOWS\System32\alg.exe
19. C:\Program Files\MCShield\MCShieldRTM.exe
20. C:\Program Files\Mozilla Firefox\firefox.exe
21. C:\Program Files\Mozilla Firefox\plugin-container.exe
22. C:\WINDOWS\system32\wbem\wmiprvse.exe
23. C:\WINDOWS\System32\svchost.exe -k netsvcs
24. C:\WINDOWS\system32\svchost.exe -k NetworkService
25. C:\WINDOWS\system32\svchost.exe -k LocalService
26. C:\WINDOWS\system32\svchost.exe -k imgsvc
27. .
28. ============== Pseudo HJT Report ===============
29. .
30. uStart Page = hxxp://www.google.com
31. BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
32. uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
33. uRun: [Google Update] "c:\documents and settings\pedja\local settings\application data\google\update\GoogleUpdate.exe" /c
34. uRun: [Facebook Update] "c:\documents and settings\pedja\local settings\application data\facebook\update\FacebookUpdate.exe" /c /nocrashserver
35. uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
36. uRun: [MCShield Monitor] c:\program files\mcshield\mcshieldrtm.exe
37. mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /install
38. mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
39. mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
40. mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
41. mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
42. mRun: [RTHDCPL] RTHDCPL.EXE
43. mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
44. uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
45. mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
46. IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
47. IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
48. IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
49. DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1367525119187
50. TCP: NameServer = 79.143.160.20 79.143.168.8
51. TCP: Interfaces\{6E250B0A-5289-4F49-A575-F8EDE5AC939F} : DHCPNameServer = 79.143.160.20 79.143.168.8
52. Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
53. .
54. ================= FIREFOX ===================
55. .
56. FF - ProfilePath - c:\documents and settings\pedja\application data\mozilla\firefox\profiles\spy0hywg.default\
57. FF - prefs.js: browser.startup.homepage - hxxp://www.google.ba/
58. FF - plugin: c:\documents and settings\pedja\local settings\application data\facebook\video\skype\npFacebookVideoCalling.dll
59. FF - plugin: c:\documents and settings\pedja\local settings\application data\google\update\1.3.21.153\npGoogleUpdate3.dll
60. FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
61. FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_224.dll
62. FF - ExtSQL: 2013-07-08 11:00; jid1-tdms4EWes6XF5w@jetpack; c:\documents and settings\pedja\application data\mozilla\firefox\profiles\spy0hywg.default\extensions\jid1-tdms4EWes6XF5w@jetpack.xpi
63. .
64. ============= SERVICES / DRIVERS ===============
65. .
66. R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2013-2-8 60216]
67. R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2013-2-8 245048]
68. R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2013-2-8 96568]
69. R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2013-2-8 39224]
70. R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2013-2-26 208184]
71. R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2013-3-1 22328]
72. R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2013-2-8 170808]
73. R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2013-2-14 182072]
74. R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2013-5-2 37664]
75. R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2013-5-14 4937264]
76. R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2013-4-18 283136]
77. S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-4-19 161384]
78. S2 vToolbarUpdater15.2.0;vToolbarUpdater15.2.0;c:\program files\common files\avg secure search\vtoolbarupdater\15.2.0\toolbarupdater.exe --> c:\program files\common files\avg secure search\vtoolbarupdater\15.2.0\ToolbarUpdater.exe [?]
79. S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2013-5-3 1684736]
80. .
81. =============== Created Last 30 ================
82. .
83. 2013-07-11 08:57:32 -------- d-----w- c:\documents and settings\all users\application data\MCShield
84. 2013-07-11 08:57:31 -------- d-----w- c:\program files\MCShield
85. 2013-07-08 09:08:28 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
86. 2013-07-08 08:33:57 -------- d-----w- c:\windows\system32\wbem\repository\FS
87. 2013-07-08 08:33:57 -------- d-----w- c:\windows\system32\wbem\Repository
88. 2013-07-08 08:28:17 -------- d-----w- c:\program files\OpenAL
89. 2013-07-07 12:37:00 -------- d-----w- c:\documents and settings\pedja\application data\avidemux
90. 2013-07-07 09:25:35 -------- d-----w- c:\documents and settings\pedja\application data\NCH Software
91. 2013-07-07 09:25:24 -------- d-----w- c:\program files\NCH Software
92. 2013-07-07 08:37:25 -------- d-----w- c:\documents and settings\pedja\application data\Malwarebytes
93. 2013-07-07 08:35:18 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
94. 2013-07-07 08:35:18 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
95. 2013-07-07 08:34:44 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy
96. 2013-06-30 13:58:44 -------- d-----w- c:\documents and settings\all users\GlarySoft
97. 2013-06-30 13:32:59 -------- d-----w- c:\program files\Glary Utilities 3
98. .
99. ==================== Find3M ====================
100. .
101. 2013-06-18 16:52:44 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
102. 2013-06-18 16:52:44 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
103. 2013-06-01 16:07:35 444952 ----a-w- c:\windows\system32\wrap_oal.dll
104. 2013-06-01 16:07:35 109080 ----a-w- c:\windows\system32\OpenAL32.dll
105. 2013-05-23 09:34:14 37664 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
106. .
107. ============= FINISH: 11:14:55.46 ===============