offline
- boki199777
- Elitni građanin
- Pridružio: 26 Sep 2012
- Poruke: 1869
- Gde živiš: Ček' da vidim...
|
Napisano: 20 Feb 2013 16:05
evo
dds:
https://www.mycity.rs/must-login.png
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16450 BrowserJavaVersion: 10.13.2
Run by boki at 16:01:42 on 2013-02-20
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.381.1033.18.1013.104 [GMT 1:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
D:\prolazni\systemcare\Advanced SystemCare 5\ASCService.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe
C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe
C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\USB Camera\VM331_STI.EXE
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Skype\Phone\Skype.exe
D:\New folder\MCShield\MCShieldRTM.exe
C:\Users\boki\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\boki\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\boki\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\boki\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\boki\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\boki\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\boki\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\boki\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\boki\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
C:\Users\boki\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\boki\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\boki\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://websearch.soft-quick.info/
uSearch Bar = Preserve
mStart Page = hxxp://websearch.soft-quick.info/
uURLSearchHooks: SearchHook Class: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - c:\program files\devicevm\browser configuration utility\AddressBarSearch.dll
uURLSearchHooks: {013a635f-e3aa-4371-b682-ece95ca974b0} - <orphaned>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\programdata\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
uRun: [Google Update] "c:\users\boki\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [MCShield Monitor] d:\new folder\mcshield\mcshieldrtm.exe
mRun: [BCU] "c:\program files\devicevm\browser configuration utility\BCU.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [VMonitorVMUVC] "c:\program files\vimicro corporation\vmuvc\VMonitor.exe" VMUVC
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [331BigDog] c:\program files\usb camera\VM331_STI.EXE
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [RTHDVCPL] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{0D8BC681-3B18-4B64-90A9-5D000E5D8B3C} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{0D8BC681-3B18-4B64-90A9-5D000E5D8B3C}\449637365737D2D2142464331393 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{0D8BC681-3B18-4B64-90A9-5D000E5D8B3C}\6596C61602D456469647562716E60223 : DHCPNameServer = 192.168.1.254
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs=
SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\boki\appdata\roaming\mozilla\firefox\profiles\2lkjynw4.default-1346234435416\
FF - prefs.js: browser.search.defaulturl - hxxp://websearch.soft-quick.info/?l=1&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL - hxxp://websearch.soft-quick.info/?l=1&q=
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\common files\adobe\oobe\pdapp\ccm\utilities\npAdobeAAMDetect32.dll
FF - plugin: c:\program files\common files\adobe\oobe\pdapp\ccm\utilities\npAdobeAAMDetect64.dll
FF - plugin: c:\program files\google\update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\mozilla firefox\plugins\nprpplugin.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlchromebrowserrecordext.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlhtml5videoshim.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlpepperflashvideoshim.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\npdlplugin.dll
FF - plugin: c:\users\boki\appdata\local\facebook\video\skype\npFacebookVideoCalling.dll
FF - plugin: c:\users\boki\appdata\local\google\update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_6_602_168.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
FF - ExtSQL: 2013-01-22 18:11; 50fec7786fd6f@50fec7786fda9.com; c:\users\boki\appdata\roaming\mozilla\firefox\profiles\2lkjynw4.default-1346234435416\extensions\50fec7786fd6f@50fec7786fda9.com
FF - ExtSQL: 2013-02-12 18:33; wrc@avast.com; c:\program files\avast software\avast\webrep\FF
.
---- FIREFOX POLICIES ----
user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0);
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-8-30 193552]
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;d:\prolazni\systemcare\advanced systemcare 5\ASCService.exe [2013-2-12 913792]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-2-12 58680]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2013-2-12 44808]
R2 BCUService;Browser Configuration Utility Service;c:\program files\devicevm\browser configuration utility\BCUService.exe [2012-5-3 219360]
R2 ES lite Service;ES lite Service for program management.;c:\program files\gigabyte\easysaver\essvr.exe [2012-5-3 68136]
R3 athur;Wireless Network Adapter Service;c:\windows\system32\drivers\athur.sys [2012-9-2 1500160]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2012-5-3 242240]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\drivers\L1C62x86.sys [2012-5-3 51712]
R3 vm331avs;VC0334 USB2.0 Digital Camera;c:\windows\system32\drivers\vm331avs.sys [2012-12-3 977920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-7-26 15872]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-7-26 52224]
S3 VMUVC;Vimicro Camera Service VMUVC;c:\windows\system32\drivers\VMUVC.sys [2012-5-3 256512]
S3 vvftUVC;Vimicro Camera Filter Service VMUVC;c:\windows\system32\drivers\vvftUVC.sys [2012-5-3 398720]
.
=============== Created Last 30 ================
.
2013-02-20 14:35:48 -------- d-----w- C:\_OTM
2013-02-19 16:58:47 -------- d-----w- c:\programdata\MCShield
2013-02-19 16:58:30 -------- d-----w- c:\users\boki\New folder
2013-02-12 17:13:32 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-02-12 17:12:20 41224 ----a-w- c:\windows\avastSS.scr
2013-02-12 17:11:33 -------- d-----w- c:\program files\AVAST Software
2013-02-12 07:06:08 6991832 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{1974a341-cd70-4760-ab16-b7a91ef55269}\mpengine.dll
2013-02-10 07:17:25 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-02-09 07:45:12 -------- d-----w- c:\users\boki\appdata\roaming\driveridentifier
2013-01-31 17:06:08 -------- d-----r- c:\program files\Skype
2013-01-22 16:45:21 -------- d-----w- c:\programdata\CLSoft LTD
2013-01-22 16:45:19 -------- d-----w- c:\program files\SoftQuick
2013-01-22 16:44:23 -------- d-----w- c:\program files\ContinueToSave
2013-01-22 16:44:19 -------- d-----w- c:\programdata\continuetosave
.
==================== Find3M ====================
.
2013-02-20 14:39:18 17488 ----a-w- c:\windows\gdrv.sys
2013-02-16 16:18:37 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-16 16:18:37 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-10 07:17:02 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-02-10 07:17:02 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-01-30 10:53:21 232336 ------w- c:\windows\system32\MpSigStub.exe
2013-01-19 11:58:25 1652 ----a-w- c:\windows\system32\ASOROSet.bin
2013-01-18 18:35:35 1536 ----a-w- c:\windows\system32\RtkMsgs.dll
2012-12-22 15:52:40 499712 ----a-w- c:\windows\system32\msvcp71.dll
2012-12-22 15:52:40 348160 ----a-w- c:\windows\system32\msvcr71.dll
.
============= FINISH: 16:03:04.38 ===============
https://www.mycity.rs/must-login.png
Dopuna: 21 Feb 2013 16:46
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16450 BrowserJavaVersion: 10.13.2
Run by boki at 15:20:28 on 2013-02-21
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.381.1033.18.1013.64 [GMT 1:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
D:\prolazni\systemcare\Advanced SystemCare 5\ASCService.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe
C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe
C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\USB Camera\VM331_STI.EXE
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Skype\Phone\Skype.exe
D:\New folder\MCShield\MCShieldRTM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\igfxsrvc.exe
C:\Users\boki\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\boki\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\boki\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\boki\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\boki\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\boki\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\boki\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\boki\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
C:\Users\boki\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\boki\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\boki\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\boki\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://websearch.soft-quick.info/
uSearch Bar = Preserve
mStart Page = hxxp://websearch.soft-quick.info/
uURLSearchHooks: SearchHook Class: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - c:\program files\devicevm\browser configuration utility\AddressBarSearch.dll
uURLSearchHooks: {013a635f-e3aa-4371-b682-ece95ca974b0} - <orphaned>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\programdata\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
uRun: [Google Update] "c:\users\boki\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [MCShield Monitor] d:\new folder\mcshield\mcshieldrtm.exe
mRun: [BCU] "c:\program files\devicevm\browser configuration utility\BCU.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [VMonitorVMUVC] "c:\program files\vimicro corporation\vmuvc\VMonitor.exe" VMUVC
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [331BigDog] c:\program files\usb camera\VM331_STI.EXE
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [RTHDVCPL] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{0D8BC681-3B18-4B64-90A9-5D000E5D8B3C} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{0D8BC681-3B18-4B64-90A9-5D000E5D8B3C}\449637365737D2D2142464331393 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{0D8BC681-3B18-4B64-90A9-5D000E5D8B3C}\6596C61602D456469647562716E60223 : DHCPNameServer = 192.168.1.254
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs=
SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\boki\appdata\roaming\mozilla\firefox\profiles\2lkjynw4.default-1346234435416\
FF - prefs.js: browser.search.defaulturl - hxxp://websearch.soft-quick.info/?l=1&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL - hxxp://websearch.soft-quick.info/?l=1&q=
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\common files\adobe\oobe\pdapp\ccm\utilities\npAdobeAAMDetect32.dll
FF - plugin: c:\program files\common files\adobe\oobe\pdapp\ccm\utilities\npAdobeAAMDetect64.dll
FF - plugin: c:\program files\google\update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\mozilla firefox\plugins\nprpplugin.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlchromebrowserrecordext.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlhtml5videoshim.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlpepperflashvideoshim.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\npdlplugin.dll
FF - plugin: c:\users\boki\appdata\local\facebook\video\skype\npFacebookVideoCalling.dll
FF - plugin: c:\users\boki\appdata\local\google\update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_6_602_168.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
FF - ExtSQL: 2013-01-22 18:11; 50fec7786fd6f@50fec7786fda9.com; c:\users\boki\appdata\roaming\mozilla\firefox\profiles\2lkjynw4.default-1346234435416\extensions\50fec7786fd6f@50fec7786fda9.com
FF - ExtSQL: 2013-02-12 18:33; wrc@avast.com; c:\program files\avast software\avast\webrep\FF
.
---- FIREFOX POLICIES ----
user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0);
============= SERVICES / DRIVERS ===============
.
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;d:\prolazni\systemcare\advanced systemcare 5\ASCService.exe [2013-2-12 913792]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-2-12 58680]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2013-2-12 44808]
R2 BCUService;Browser Configuration Utility Service;c:\program files\devicevm\browser configuration utility\BCUService.exe [2012-5-3 219360]
R2 ES lite Service;ES lite Service for program management.;c:\program files\gigabyte\easysaver\essvr.exe [2012-5-3 68136]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\realnetworks\realdownloader\rndlresolversvc.exe [2012-11-29 38608]
R2 TeamViewer8;TeamViewer 8;c:\program files\teamviewer\version8\TeamViewer_Service.exe [2013-1-7 3467768]
R3 athur;Wireless Network Adapter Service;c:\windows\system32\drivers\athur.sys [2012-9-2 1500160]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2012-5-3 242240]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\drivers\L1C62x86.sys [2012-5-3 51712]
R3 vm331avs;VC0334 USB2.0 Digital Camera;c:\windows\system32\drivers\vm331avs.sys [2012-12-3 977920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-1-8 161536]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-7-26 15872]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-7-26 52224]
S3 VMUVC;Vimicro Camera Service VMUVC;c:\windows\system32\drivers\VMUVC.sys [2012-5-3 256512]
S3 vvftUVC;Vimicro Camera Filter Service VMUVC;c:\windows\system32\drivers\vvftUVC.sys [2012-5-3 398720]
.
=============== Created Last 30 ================
.
2013-02-21 13:48:02 4620 ----a-w- C:\backup.reg
2013-02-21 13:47:56 574 ----a-w- C:\cleanup.bat
2013-02-21 13:47:56 19286 ----a-w- C:\cleanup.exe
2013-02-21 13:47:56 135168 ----a-w- C:\zip.exe
2013-02-19 16:58:47 -------- d-----w- c:\programdata\MCShield
2013-02-19 16:58:30 -------- d-----w- c:\users\boki\New folder
2013-02-12 17:13:32 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-02-12 17:12:20 41224 ----a-w- c:\windows\avastSS.scr
2013-02-12 17:11:33 -------- d-----w- c:\program files\AVAST Software
2013-02-12 07:06:08 6991832 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{1974a341-cd70-4760-ab16-b7a91ef55269}\mpengine.dll
2013-02-10 07:17:25 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-02-09 07:45:12 -------- d-----w- c:\users\boki\appdata\roaming\driveridentifier
2013-01-31 17:06:08 -------- d-----r- c:\program files\Skype
2013-01-22 16:45:21 -------- d-----w- c:\programdata\CLSoft LTD
2013-01-22 16:45:19 -------- d-----w- c:\program files\SoftQuick
2013-01-22 16:44:23 -------- d-----w- c:\program files\ContinueToSave
2013-01-22 16:44:19 -------- d-----w- c:\programdata\continuetosave
.
==================== Find3M ====================
.
2013-02-21 14:02:57 17488 ----a-w- c:\windows\gdrv.sys
2013-02-16 16:18:37 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-16 16:18:37 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-10 07:17:02 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-02-10 07:17:02 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-01-30 10:53:21 232336 ------w- c:\windows\system32\MpSigStub.exe
2013-01-19 11:58:25 1652 ----a-w- c:\windows\system32\ASOROSet.bin
2013-01-18 18:35:35 1536 ----a-w- c:\windows\system32\RtkMsgs.dll
2012-12-22 15:52:40 499712 ----a-w- c:\windows\system32\msvcp71.dll
2012-12-22 15:52:40 348160 ----a-w- c:\windows\system32\msvcr71.dll
.
============= FINISH: 15:23:11.02 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 03/05/2012 18:35:47
System Uptime: 21/02/2013 15:02:32 (0 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. | | G31M-ES2L
Processor: Intel(R) Celeron(R) CPU E3300 @ 2.50GHz | Socket 775 | 2500/200mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 73 GiB total, 52.496 GiB free.
D: is FIXED (NTFS) - 76 GiB total, 73.299 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP197: 17/02/2013 13:38:25 - Removed Google Drive
RP198: 17/02/2013 13:39:12 - Removed Google Drive
.
==== Installed Programs ======================
.
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.5)
Advanced SystemCare 5
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
avast! Free Antivirus
Browser Configuration Utility
CCleaner
EasySaver B9.0610.1
Facebook Video Calling 1.2.0.287
Google Chrome
Google Update Helper
Install Creator
Intel(R) Graphics Media Accelerator Driver
Intel(R) TV Wizard
Invazija CS 1.6
Java 7 Update 13
Java Auto Updater
MCShield ::Anti-Malware Tool::
Microsoft .NET Framework 4 Client Profile
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Mozilla Firefox 19.0 (x86 en-US)
Mozilla Maintenance Service
MSVC80_x86
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
RealUpgrade 1.1
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Skype™ 6.1
System Requirements Lab for Intel
TeamViewer 8
TP-LINK Wireless Client Utility
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
USB2.0 Digital Camera
VC80CRTRedist - 8.0.50727.6195
Vimicro USB2.0 UVC PC Camera
Windows Media Player Firefox Plugin
Windows Movie Maker 2.6
WinRAR 4.20 (32-bit)
.
==== Event Viewer Messages From Past Week ========
.
21/02/2013 15:02:43, Error: Service Control Manager [7000] - The Microsoft Antimalware Service service failed to start due to the following error: The system cannot find the file specified.
20/02/2013 15:35:49, Error: Service Control Manager [7034] - The Advanced SystemCare Service 5 service terminated unexpectedly. It has done this 1 time(s).
20/02/2013 15:29:56, Error: Service Control Manager [7030] - The ESET Uninstaller Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
20/02/2013 15:29:41, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
20/02/2013 15:29:41, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
20/02/2013 15:29:41, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
20/02/2013 15:29:39, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
20/02/2013 15:29:39, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
20/02/2013 15:29:38, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
20/02/2013 15:29:33, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
20/02/2013 15:29:28, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD CSC DfsC discache eamonm ehdrv MpFilter NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf
20/02/2013 15:29:27, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
20/02/2013 15:29:27, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
20/02/2013 15:29:27, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
20/02/2013 15:29:27, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
20/02/2013 15:29:27, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
20/02/2013 15:29:27, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
20/02/2013 15:29:27, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
20/02/2013 15:29:27, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
20/02/2013 15:29:27, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
20/02/2013 15:00:06, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft Antimalware Service service to connect.
20/02/2013 15:00:06, Error: Service Control Manager [7000] - The Microsoft Antimalware Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
19/02/2013 21:03:41, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Dnscache service.
19/02/2013 19:22:29, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001a (0x00041201, 0xc0008c68, 0x16315825, 0x85643e80). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 021913-16224-01.
17/02/2013 13:35:58, Error: Microsoft-Windows-HAL [12] - The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.
16/02/2013 17:12:45, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0xbbdfffb4, 0x00000002, 0x00000001, 0x82efd313). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 021613-21434-01.
.
==== End Of File ===========================
Evo uspesno otklonjen MSE....Hvala sto ste pomogli
|