offline
- raco66
- Novi MyCity građanin
- Pridružio: 28 Jul 2009
- Poruke: 4
|
DDS (Ver_09-06-26.01) - NTFSx86
Run by Raco at 0:50:24,54 on гбЁ 29.07.2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.2.1251.381.1033.18.448.92 [GMT 2:00]
AV: Kaspersky Anti-Virus *On-access scanning enabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\htpatch.exe
C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\WINDOWS\system32\ctfmon.exe
svchost.exe
C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Raco\Desktop\Downloads\dds.pif
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.google.ba/
uSearch Bar = hxxp://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60341
mSearchAssistant = hxxp://www.crawler.com/search/ie.aspx?tb_id=60341
mCustomizeSearch = hxxp://dnl.crawler.com/support/sa_customize.aspx?TbId=60341
BHO: IDMIEHlprObj Class: {0055c089-8582-441b-a0bf-17b458c2a3a8} - c:\program files\internet download manager\IDMIECC.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: : {1cb20bf0-bbae-40a7-93f4-6435ff3d0411} - c:\progra~1\crawler\toolbar\ctbr.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton internet security\engine\16.5.0.135\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton internet security\engine\16.5.0.135\IPSBHO.DLL
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_03\bin\ssv.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton internet security\engine\16.5.0.135\coIEPlg.dll
TB: &Crawler Toolbar: {4b3803ea-5230-4dc3-a7fc-33638f3d3542} - c:\progra~1\crawler\toolbar\ctbr.dll
uRun: [IDMan] c:\program files\internet download manager\IDMan.exe /onboot
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SpywareTerminatorUpdate] "c:\progra~1\spywar~1\SpywareTerminatorUpdate.exe"
mRun: [HTpatch] c:\windows\htpatch.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [SpywareTerminator] "c:\progra~1\spywar~1\SpywareTerminatorShield.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32
IE: Crawler Search - tbr:iemenu
IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm
IE: Download FLV video content with IDM - c:\program files\internet download manager\IEGetVL.htm
IE: Download with IDM - c:\program files\internet download manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_03\bin\ssv.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - c:\program files\norton internet security\engine\16.5.0.135\CoIEPlg.dll
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\crawler\toolbar\ctbr.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\raco\applic~1\mozilla\firefox\profiles\y015guvb.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.ba
FF - component: c:\documents and settings\raco\application data\idm\idmmzcc3\components\idmmzcc.dll
---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\mozilla firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\mozilla firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
============= SERVICES / DRIVERS ===============
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1005000.087\SymEFA.sys [2009-7-13 310320]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\nis\1005000.087\BHDrvx86.sys [2009-7-13 258608]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\nis\1005000.087\cchpx86.sys [2009-7-13 482352]
R1 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\ipsdefs\20090722.001\IDSXpx86.sys [2009-7-28 276344]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2009-7-12 142592]
R2 Norton Internet Security;Norton Internet Security;c:\program files\norton internet security\engine\16.5.0.135\ccSvcHst.exe [2009-7-13 115560]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2009-7-12 101936]
R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20090727.073\NAVENG.SYS [2009-7-28 87888]
R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20090727.073\NAVEX15.SYS [2009-7-28 875728]
=============== Created Last 30 ================
2009-07-29 00:49 <DIR> --d-h--- c:\windows\PIF
2009-07-28 17:35 <DIR> --d----- c:\program files\WIBUKEY
2009-07-27 14:39 223,128 a------- c:\windows\system32\drivers\dtscsi.sys
2009-07-27 14:39 <DIR> --d----- c:\program files\DAEMON Tools
2009-07-27 14:01 1,205 a------- c:\windows\system32\BIN_STRSBW.SPT
2009-07-25 16:14 <DIR> --d----- c:\program files\HDD Regenerator
2009-07-23 00:19 <DIR> --d----- c:\docume~1\raco\applic~1\VitySoft
2009-07-14 09:42 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Symantec
2009-07-14 00:14 <DIR> --d----- c:\program files\Trend Micro
2009-07-13 23:52 <DIR> --dsh--- c:\documents and settings\raco\IECompatCache
2009-07-13 16:39 <DIR> --d----- c:\docume~1\raco\applic~1\Malwarebytes
2009-07-13 16:39 19,096 a------- c:\windows\system32\drivers\mbam.sys
2009-07-13 16:39 38,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-07-13 16:39 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-07-13 16:39 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-07-13 15:51 <DIR> --d----- c:\windows\Downloaded Installations
2009-07-13 15:46 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Spyware Terminator
2009-07-13 15:45 <DIR> --d----- c:\program files\Symantec
2009-07-13 11:21 <DIR> --d----- c:\program files\Microsoft AntiSpyware
2009-07-12 23:38 <DIR> --dsh--- c:\documents and settings\raco\PrivacIE
2009-07-12 23:31 <DIR> --dsh--- c:\documents and settings\raco\IETldCache
2009-07-12 23:11 102,912 -c------ c:\windows\system32\dllcache\iecompat.dll
2009-07-12 23:10 <DIR> --d----- c:\windows\ie8updates
2009-07-12 23:09 12,800 -c------ c:\windows\system32\dllcache\xpshims.dll
2009-07-12 23:09 1,985,024 -c------ c:\windows\system32\dllcache\iertutil.dll
2009-07-12 23:09 246,272 -c------ c:\windows\system32\dllcache\ieproxy.dll
2009-07-12 23:09 11,064,832 -c------ c:\windows\system32\dllcache\ieframe.dll
2009-07-12 23:07 <DIR> -cd-h--- c:\windows\ie8
2009-07-12 23:07 <DIR> --d----- c:\windows\system32\sr-Cyrl-CS
2009-07-12 20:58 <DIR> --d----- c:\program files\Crawler
2009-07-12 20:58 142,592 a------- c:\windows\system32\drivers\sp_rsdrv2.sys
2009-07-12 20:58 <DIR> --d----- c:\docume~1\raco\applic~1\Spyware Terminator
2009-07-12 20:58 <DIR> --d----- c:\program files\Spyware Terminator
2009-07-12 20:19 <DIR> --d----- c:\windows\pss
2009-07-12 18:07 36,400 a----r-- c:\windows\system32\drivers\SymIM.sys
2009-07-12 18:07 124,464 a------- c:\windows\system32\drivers\SYMEVENT.SYS
2009-07-12 18:07 60,808 a------- c:\windows\system32\S32EVNT1.DLL
2009-07-12 18:07 7,386 a------- c:\windows\system32\drivers\SYMEVENT.CAT
2009-07-12 18:07 805 a------- c:\windows\system32\drivers\SYMEVENT.INF
2009-07-12 18:07 <DIR> --d----- c:\program files\common files\Symantec Shared
2009-07-12 18:05 <DIR> --d----- c:\windows\system32\drivers\NIS
2009-07-12 18:05 <DIR> --d----- c:\program files\Norton Internet Security
2009-07-12 18:05 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Norton
2009-07-12 18:05 <DIR> --d----- c:\program files\NortonInstaller
2009-07-12 18:05 <DIR> --d----- c:\docume~1\alluse~1\applic~1\NortonInstaller
2009-07-12 16:47 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2009-07-12 16:47 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2009-07-12 09:09 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Kaspersky Lab Setup Files
2009-07-11 00:38 <DIR> --d----- c:\program files\MSXML 6.0
2009-07-11 00:29 <DIR> --d----- c:\program files\MSXML 4.0
2009-07-11 00:29 221,184 a------- c:\windows\system32\wmpns.dll
2009-07-11 00:29 26,144 a------- c:\windows\system32\spupdsvc.exe
2009-07-11 00:27 <DIR> --d-h--- c:\windows\$hf_mig$
2009-07-10 23:24 <DIR> --d----- c:\windows\system32\CatRoot_bak
2009-07-10 22:56 <DIR> --d----- c:\windows\system32\SoftwareDistribution
2009-07-10 22:50 272,128 -c------ c:\windows\system32\dllcache\bthport.sys
2009-07-10 22:50 272,128 -------- c:\windows\system32\drivers\bthport.sys
2009-07-10 22:48 2,142,720 -c------ c:\windows\system32\dllcache\ntkrnlmp.exe
2009-07-10 22:48 2,186,112 -c------ c:\windows\system32\dllcache\ntoskrnl.exe
2009-07-10 22:48 2,020,864 -c------ c:\windows\system32\dllcache\ntkrpamp.exe
2009-07-10 22:48 2,062,976 -c------ c:\windows\system32\dllcache\ntkrnlpa.exe
2009-07-10 22:34 455,936 -c------ c:\windows\system32\dllcache\mrxsmb.sys
2009-07-10 22:00 <DIR> --d----- c:\program files\ESET
2009-07-10 21:26 5,702 a---h--- c:\windows\nod32restoretemdono.reg
2009-07-10 20:27 <DIR> --d----- c:\windows\system32\URTTemp
2009-07-09 12:36 <DIR> --d----- c:\docume~1\raco\applic~1\IDM
2009-07-09 12:36 <DIR> --d----- c:\docume~1\raco\applic~1\DMCache
2009-07-09 12:36 <DIR> --d----- c:\program files\Internet Download Manager
2009-07-06 16:10 <DIR> --d----- c:\program files\Sony Ericsson
2009-07-06 16:10 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Sony Ericsson
2009-07-02 16:31 69 a------- c:\windows\NeroDigital.ini
2009-07-02 16:30 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Trymedia
2009-07-02 15:34 <DIR> --d----- c:\documents and settings\raco\Graphisoft
2009-07-02 15:34 <DIR> --d----- c:\docume~1\raco\applic~1\Graphisoft
2009-07-02 15:27 1,253,376 a------- c:\windows\system32\WibuKe32.cpl
2009-07-02 15:26 <DIR> --d----- c:\program files\WIBU-SYSTEMS
2009-07-02 15:25 7,310 a------- c:\windows\vpd.properties
2009-07-02 15:20 <DIR> --d----- c:\program files\Graphisoft
2009-07-02 15:18 69,632 a------- c:\windows\system32\javacpl.cpl
==================== Find3M ====================
2009-06-19 15:36 43,520 a------- c:\windows\system32\CmdLineExt03.dll
2009-05-30 13:40 685,816 a------- c:\windows\system32\drivers\sptd.sys
2009-05-13 07:15 915,456 a------- c:\windows\system32\wininet.dll
2009-05-07 17:44 344,064 a------- c:\windows\system32\localspl.dll
2009-03-14 22:50 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012009031420090315\index.dat
============= FINISH: 0:52:40,35 ===============
mycity.rs/must-login.png
|