DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 8.0.6001.18702
Run by capk at 18:40:48 on 2016-01-02
Systm Microsoft Windows XP Professional  5.1.2600.3.1250.420.1029.18.2047.1127 [GMT 1:00]
.
.
============== Running Processes ================
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\Documents and Settings\All Users\Data aplikac\Tmp0x0x\ProtectWindowsManager.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\kingsoft\ksdef\ksdefserver.exe
C:\DOCUME~1\CAPK~1\LOCALS~1\Temp\nsjB6.tmp
C:\Documents and Settings\capk\Data aplikac\TSv\TSvr.exe
C:\Program Files\7B92231C-1447171551-11D5-B7DC-135013F7F630\knsu18C6.tmp
C:\Program Files\SFK\SSFK.exe
C:\Documents and Settings\All Users\Data aplikac\lWdMl\WdMan.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\capk\Local Settings\Data aplikac\gmsd_ra_005010192\upgmsd_ra_005010192.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Maxthon\Bin\Maxthon.exe
C:\Program Files\Maxthon\Bin\Maxthon.exe
C:\Program Files\Maxthon\Bin\Maxthon.exe
C:\Program Files\Maxthon\Bin\Maxthon.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Maxthon\Bin\Maxthon.exe
C:\Program Files\Maxthon\Bin\Maxthon.exe
C:\Program Files\Maxthon\Bin\Maxthon.exe
C:\Program Files\Maxthon\Bin\Maxthon.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yoursites123.com/?type=hp&ts=1449646973&z=2b8bc677e49ba0004c8ffdegdzbzftdqfzcqdt8m1z&from=ient07021&uid=SAMSUNGXHD320KJ_S0PAJ9DQ503293
uSearch Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_B3daefMIBbhJBotjuEsagYx-Ruv_m2D1goL74ZDgpFqNObmO5R3MpzezEwIB5rgUts76PYNCZ32pvhL_nrV9h1Wu1Ax8bTdv9lPOrVF0LjLSj9IISoaC-Lev2yfwbhrzYGlKA5zgNwqzdIguzG5YcMeF7ifV6&q={searchTerms}
uSearch Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_B3daefMIBbhJBotjuEsagYx-Ruv_m2D1goL74ZDgpFqNObmO5R3MpzezEwIB5rgUts76PYNCZ32pvhL_nrV9h1Wu1Ax8bTdv9lPOrVF0LjLSj9IISoaC-Lev2yfwbhrzYGlKA5zgNwqzdIguzG5YcMeF7ifV6&q={searchTerms}
uDefault_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1449646973&z=2b8bc677e49ba0004c8ffdegdzbzftdqfzcqdt8m1z&from=ient07021&uid=SAMSUNGXHD320KJ_S0PAJ9DQ503293
mStart Page = hxxp://www.yoursites123.com/?type=hp&ts=1449646973&z=2b8bc677e49ba0004c8ffdegdzbzftdqfzcqdt8m1z&from=ient07021&uid=SAMSUNGXHD320KJ_S0PAJ9DQ503293
mSearch Page = hxxp://www.yoursites123.com/web/?type=ds&ts=1449646973&z=2b8bc677e49ba0004c8ffdegdzbzftdqfzcqdt8m1z&from=ient07021&uid=SAMSUNGXHD320KJ_S0PAJ9DQ503293&q={searchTerms}
mDefault_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1449646973&z=2b8bc677e49ba0004c8ffdegdzbzftdqfzcqdt8m1z&from=ient07021&uid=SAMSUNGXHD320KJ_S0PAJ9DQ503293
mDefault_Search_URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449646973&z=2b8bc677e49ba0004c8ffdegdzbzftdqfzcqdt8m1z&from=ient07021&uid=SAMSUNGXHD320KJ_S0PAJ9DQ503293&q={searchTerms}
uRun: [CCleaner Monitoring] "c:\program files\ccleaner\CCleaner.exe" /MONITOR
mRun: [upgmsd_ra_005010192.exe] c:\documents and settings\capk\local settings\data aplikac\gmsd_ra_005010192\upgmsd_ra_005010192.exe -runhelper
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:221
mPolicies-System: SoftwareSASGeneration = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{6C823907-514D-4C20-9167-FC448C18845F} : DHCPNameServer = 192.168.1.1
Notify: AtiExtEvent - Ati2evxx.dll
AppInit_DLLs= c:\docume~1\alluse~1\dataap~1\zitenop\Tintop.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\47.0.2526.106\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
Hosts: 0.0.0.1	mssplus.mcafee.com
.
============= SERVICES / DRIVERS ===============
.
R0 mv61xxmm;mv61xxmm;c:\windows\system32\drivers\mv61xxmm.sys [2015-5-9 14184]
R0 mv64xxmm;mv64xxmm;c:\windows\system32\drivers\mv64xxmm.sys [2015-5-9 5632]
R0 mvxxmm;mvxxmm;c:\windows\system32\drivers\mvxxmm.sys [2015-5-9 14184]
R2 DefSrv;DefSrv;c:\program files\kingsoft\ksdef\ksdefserver.exe [2015-11-17 1662800]
R2 ginoquci;Desktop Upload;c:\docume~1\capk~1\locals~1\temp\nsjB6.tmp [2015-12-2 222208]
R2 IhPul;IhPul;c:\documents and settings\capk\data aplikac\tsv\TSvr.exe [2015-12-8 580752]
R2 KSSafe;KSSafe;c:\windows\system32\drivers\KSSafe.sys [2015-11-17 232296]
R2 lezuqucy;Copy Bitmap;c:\program files\7b92231c-1447171551-11d5-b7dc-135013f7f630\knsu18C6.tmp [2015-11-16 399872]
R2 SSFK;SSFK;c:\program files\sfk\ssfk.exe -s --> c:\program files\sfk\SSFK.exe -s [?]
R2 WdMan;WdMan Service;c:\documents and settings\all users\data aplikac\lwdml\wdman.exe -svr --> c:\documents and settings\all users\data aplikac\lwdml\WdMan.exe -svr [?]
R2 WindowsMangerProtect;WindowsMangerProtect Service;c:\documents and settings\all users\data aplikac\tmp0x0x\protectwindowsmanager.exe -service --> c:\documents and settings\all users\data aplikac\tmp0x0x\ProtectWindowsManager.exe -service [?]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [2015-5-9 103040]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\drivers\dtlitescsibus.sys [2015-5-29 25016]
R3 PSched;Plnova paket technologie QoS;c:\windows\system32\drivers\psched.sys [2015-5-9 69120]
S1 QMUdisk;tencent QMUdisk;\??\c:\program files\tencent\qqpcmgr\11.1.16923.222\qmudisk.sys --> c:\program files\tencent\qqpcmgr\11.1.16923.222\QMUdisk.sys [?]
S1 softaal;softaal;\??\c:\program files\tencent\qqpcmgr\11.1.16923.222\softaal.sys --> c:\program files\tencent\qqpcmgr\11.1.16923.222\softaal.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 propsctpyo;Cansing; [x]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;c:\program files\daemon tools lite\DiscSoftBusService.exe [2015-5-21 1026288]
S3 TSSK;TSSK;c:\windows\system32\TSSK.sys [2015-11-17 67896]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2015-5-9 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-7-20 754856]
.
=============== Created Last 30 ================
.
2016-01-02 17:39:03	--------	d-----w-	c:\documents and settings\capk\data aplikac\WinRAR
2016-01-02 17:36:20	--------	d-----w-	C:\FRST
2016-01-02 17:20:17	--------	d--h--r-	c:\documents and settings\capk\Recent
2016-01-01 07:27:46	--------	d-----w-	c:\program files\gmsd_ra_005010193
2015-12-30 21:16:38	--------	d-----w-	c:\program files\gmsd_ra_005010192
2015-12-26 10:33:59	--------	d-----w-	c:\windows\pss
2015-12-17 20:10:43	0	----a-w-	c:\windows\system32\TempWmicBatchFile.bat
2015-12-09 07:43:46	--------	d-----w-	c:\documents and settings\capk\data aplikac\TSv
2015-12-08 03:35:33	--------	d-----w-	c:\documents and settings\capk\data aplikac\yoursearching
.
==================== Find3M  ====================
.
2015-12-29 20:19:45	796864	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2015-12-29 20:19:44	142528	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2015-12-01 04:34:11	30392	----a-w-	c:\windows\system32\drivers\TS888.sys
2015-11-23 15:56:20	67896	----a-w-	c:\windows\system32\TSSK.sys
2015-11-20 18:27:12	17840	----a-w-	c:\windows\system32\roboot.exe
2015-11-17 13:59:16	125440	----a-w-	c:\documents and settings\capk\data aplikac\Deployer.dll
.
============= FINISH: 18:40:55,82 ===============
