@ Kristi
DDS (Ver_09-12-01.01) - NTFSx86
Run by Drazic at 10:07:43,64 on pon 04.01.2010
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_17
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.381.1033.18.2047.1427 [GMT 1:00]
AV: ESET NOD32 antivirus system 2.70 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Eset\nod32kui.exe
C:\Users\Drazic\AppData\Roaming\Google\Google Talk\googletalk.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\taskeng.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Drazic\Desktop\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~3\office12\GR469A~1.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
uRun: [googletalk] c:\users\drazic\appdata\roaming\google\google talk\googletalk.exe /autostart
uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe"
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
mRun: [nod32kui] "c:\program files\eset\nod32kui.exe" /WAITSERVICE
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {5067A26B-1337-4436-8AFE-EE169C2DA79F} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
LSP: c:\windows\system32\imon.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~3\office12\GRA32A~1.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~3\office12\GR469A~1.DLL
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
IFEO: PnkBstrA.exe - rundll32.exe
================= FIREFOX ===================
FF - ProfilePath - c:\users\drazic\appdata\roaming\mozilla\firefox\profiles\chsjddm6.default\
FF - prefs.js: browser.startup.homepage -
www.google.com
FF - plugin: c:\programdata\nexoneu\ngm\npNxGameeu.dll
FF - plugin: c:\users\drazic\appdata\roaming\mozilla\firefox\profiles\chsjddm6.default\extensions\{e2883e8f-472f-4fb0-9522-ac9bf37916a7}\plugins\np_gp.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
============= SERVICES / DRIVERS ===============
R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2009-9-28 15424]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2009-12-16 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-12-16 74480]
R1 VD_FileDisk;VD_FileDisk;c:\windows\system32\drivers\vd_filedisk.sys [2006-1-13 15872]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2009-12-17 235344]
R2 NOD32krn;NOD32 Kernel Service;c:\program files\eset\nod32krn.exe [2009-9-28 549256]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2009-9-27 240232]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2010\TuneUpUtilitiesService32.exe [2009-10-29 1021256]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\l160x86.sys [2009-6-22 48128]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2009-11-25 19160]
R3 nvoclock;NVIDIA Enthusiasts Platform KDM;c:\windows\system32\drivers\nvoclock.sys [2009-3-9 38304]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]
S3 3xHybrid;SAA713x TV Card Service;c:\windows\system32\drivers\3xHybrid.sys [2007-7-6 906368]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 GarenaPEngine;GarenaPEngine;c:\users\drazic\appdata\local\temp\SEL85F7.tmp [2009-12-23 25616]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-12-16 7408]
=============== Created Last 30 ================
2010-01-03 13:29:25 0 d-----w- C:\Fraps
2010-01-03 13:26:36 0 d-----w- c:\program files\IObit
2010-01-01 11:41:29 0 d-----w- c:\programdata\BioWare
2010-01-01 11:36:43 0 d-----w- c:\windows\1C4551A64743409391E41477CD655043.TMP
2009-12-30 20:54:38 0 d-----w- c:\programdata\Apple Computer
2009-12-30 20:53:59 0 d-----w- c:\programdata\Apple
2009-12-30 12:13:35 0 d-----w- c:\programdata\SUPERAntiSpyware.com
2009-12-30 12:13:24 0 d-----w- c:\users\drazic\appdata\roaming\SUPERAntiSpyware.com
2009-12-30 12:13:24 0 d-----w- c:\program files\SUPERAntiSpyware
2009-12-27 09:19:25 0 d-----w- c:\programdata\Google
2009-12-21 09:16:00 65536 --sha-w- c:\users\drazic\ntuser.dat{0a67949c-ee11-11de-b77b-806e6f6e6963}.TM.blf
2009-12-21 09:16:00 524288 --sha-w- c:\users\drazic\ntuser.dat{0a67949c-ee11-11de-b77b-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms
2009-12-21 09:16:00 524288 --sha-w- c:\users\drazic\ntuser.dat{0a67949c-ee11-11de-b77b-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms
2009-12-21 09:14:14 0 --sha-w- c:\users\drazic\NTUSER.DAT_tureg_new.LOG2
2009-12-21 09:14:14 0 --sha-w- c:\users\drazic\NTUSER.DAT_tureg_new.LOG1
2009-12-20 06:19:42 29512 ----a-w- c:\windows\system32\TURegOpt.exe
2009-12-20 06:19:39 30024 ----a-w- c:\windows\system32\uxtuneup.dll
2009-12-20 06:19:39 21320 ----a-w- c:\windows\system32\authuitu.dll
2009-12-20 06:19:21 0 d-----w- c:\program files\TuneUp Utilities 2010
2009-12-19 21:53:54 32592 ----a-w- c:\windows\system32\msonpmon.dll
2009-12-19 21:51:04 0 d-----w- c:\windows\PCHEALTH
2009-12-19 21:49:35 0 d-----w- c:\program files\Microsoft Visual Studio 8
2009-12-19 21:48:56 0 d-----w- c:\programdata\Microsoft Help
2009-12-17 09:37:37 0 d-----w- c:\program files\common files\BioWare
2009-12-11 14:51:44 0 d-----w- c:\program files\Ventrilo
2009-12-11 14:51:42 262 ----a-w- c:\windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
2009-12-09 17:43:45 0 d-----w- c:\users\drazic\appdata\roaming\Activision
2009-12-09 17:42:38 0 d-sh--w- c:\windows\ftpcache
2009-12-09 17:41:38 290 ----a-w- c:\windows\game.ini
2009-12-09 08:03:07 0 d-----w- c:\programdata\Media Center Programs
==================== Find3M ====================
2009-12-30 13:55:24 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-30 13:54:58 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-03 14:48:46 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2009-12-03 14:48:46 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2009-11-23 11:20:24 138064 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-11-23 11:20:15 189184 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-11-21 09:30:06 86016 ----a-w- c:\windows\system32\frapsvid.dll
2009-11-17 15:39:30 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-11-17 15:01:05 22328 ----a-w- c:\users\drazic\appdata\roaming\PnkBstrK.sys
2009-11-17 15:00:46 682280 ----a-w- c:\windows\system32\pbsvc.exe
2009-11-07 09:39:05 56 ---ha-w- c:\programdata\ezsidmv.dat
2009-11-06 09:59:54 15406728 ----a-w- c:\windows\system32\xlive.dll
2009-11-06 09:59:54 13642888 ----a-w- c:\windows\system32\xlivefnt.dll
2009-11-02 19:42:06 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-11-02 17:05:36 167064 ----a-w- c:\windows\system32\xliveinstall.dll
2009-11-02 17:05:34 71832 ----a-w- c:\windows\system32\xliveinstallhost.exe
2009-10-16 10:19:38 872448 ----a-w- c:\windows\system32\rapture3d_oal.dll
2009-10-15 11:44:20 809560 ----a-r- c:\windows\system32\tmpE56C.tmp
2009-10-15 11:44:20 809560 ----a-r- c:\windows\system32\tmpE52D.tmp
2009-10-14 07:42:17 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-10-11 03:17:27 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-07-14 04:56:42 31548 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2009-07-14 04:56:42 31548 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2009-07-14 04:56:42 291294 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2009-07-14 04:56:42 291294 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2009-07-14 04:41:57 174 --sha-w- c:\program files\desktop.ini
2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2009-06-10 21:26:35 9633792 --sha-r- c:\windows\fonts\StaticCache.dat
2009-09-28 14:18:40 245760 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\ietldcache\index.dat
2009-09-28 14:21:11 245760 --sha-w- c:\windows\system32\config\systemprofile\appdata\roaming\microsoft\windows\ietldcache\index.dat
2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
============= FINISH: 10:08:17,47 ===============
http://pastebin.com/m7f8cef4c
@ Valjan
Sad cu da pokusam pa cu javiti rezultate
[Ovu poruku je menjao dsteva dana 04.01.2010. u 10:23 GMT+1]