nije nasao nista (uplaoadovao neke sistemske fajlove koji su mu bili sumnjivi, ali nije nasao nista ni u njima)
Code:
DDS (Ver_09-12-01.01) - NTFSx86
Run by Bombonica at 16:48:57,28 on 07/02/2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1535.737 [GMT 1:00]
AV: BitDefender Antivirus *On-access scanning disabled* (Updated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
AV: Microsoft Security Essentials *On-access scanning enabled* (Updated) {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
FW: BitDefender Firewall *disabled* {4055920F-2E99-48A8-A270-4243D2B8F242}
FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
============== Running Processes ===============
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\Ati2evxx.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\PROGRA~1\CACHEM~1\CachemanXP.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Raxco\PerfectDisk2008\PDAgent.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Raxco\PerfectDisk2008\PDEngine.exe
C:\WINDOWS\TWAIN_32\Vivid\VIVID.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Startup Faster\sfagent.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
C:\Program Files\HDD Health\HDDHealth.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Documents and Settings\Bombonica\Application Data\Mozilla\Firefox\Profiles\v8o61p83.default\extensions\
[email protected]\platform\WINNT_x86-msvc\plugins\BFHUpdater.exe
C:\Program Files\Notepad++\notepad++.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Bombonica\Application Data\Mozilla\Firefox\Profiles\v8o61p83.default\extensions\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B}\components\afom.exe
D:\My Documents\Downloads\Firefox\dds.com
============== Pseudo HJT Report ===============
uStart Page = about:blank
uSearch Bar = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mWinlogon: SFCDisable=-99 (0xffffff9d)
uWindows: load=c:\windows\twain_32\vivid\VIVID.EXE
BHO: SnagIt Toolbar Loader: {00c6482d-c502-44c8-8409-fce54ad9c208} - c:\program files\techsmith\snagit 9\SnagItBHO.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: FG2CatchUrl: {1f364306-aa45-47b5-9f9d-39a8b94e7ef1} - c:\program files\flashget\comdlls\bhoCATCH.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~3\office14\GROOVEEX.DLL
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~3\office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: SnagIt: {8ff5e183-abde-46eb-b09e-d2aab95cabe3} - c:\program files\techsmith\snagit 9\SnagItIEAddin.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: QT Breadcrumbs Address Bar: {af83e43c-dd2b-4787-826b-31b17dee52ed} - mscoree.dll
TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
mRun: [StartupFaster] "c:\program files\startup faster\startuploader.exe" -run SFAURUN SFCURUN SFAUSTARTUP SFCUSTARTUP
mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe"
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\documents and settings\all users\application data\microsoft\shortcuts\startupfaster\StartupFaster.ini
uPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)
uPolicies-explorer: DisallowCpl = 1 (0x1)
uPolicies-explorer: DisallowRun = 0 (0x0)
uPolicies-explorer: StartMenuLogoff = 1 (0x1)
uPolicies-explorer: MaxRecentDocs = 11 (0xb)
uPolicies-explorer: HideClock = 0 (0x0)
mPolicies-explorer: NoResolveTrack = 0 (0x0)
mPolicies-explorer: NoFileAssociate = 0 (0x0)
mPolicies-system: NoDispSettingsPage = 0 (0x0)
IE: &Download All by FlashGet - c:\program files\flashget\comdlls\Bhoall.htm
IE: &Download by FlashGet - c:\program files\flashget\comdlls\Bholink.htm
IE: Add to Banner Ad Blocker
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office14\EXCEL.EXE/3000
IE: English<->Serbian - c:\program files\lingvosoft\lingvosoft talking dictionary 2007 (english-serbian) for windows\plugins\IE.htm
IE: Se&nd to OneNote - /105
IE: { - c:\program files\messenger\msmsgs.exe
IE: {D23AEFC7-3668-BC4B-AE09-AEE099CAF67B} - c:\program files\lingvosoft\lingvosoft talking dictionary 2007 (english-serbian) for windows\plugins\IE.htm
IE: {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - c:\progra~1\flashget\FlashGet.exe
IE: {E59EB121-F339-4851-A3BA-FE49C35617C2} - c:\program files\icq6\ICQ.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {17492023-c23a-453e-a040-c7c580bbf700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {215b8138-a3cf-44c5-803f-8226143cfc0a} - hxxp://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab
DPF: {5d86ddb5-bdf9-441b-9e9e-d4730f4ee499} - hxxp://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
DPF: {8ad9c840-044e-11d1-b3e9-00805f499d93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {cafeefac-0016-0000-0007-abcdeffedcba} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {cafeefac-0016-0000-0013-abcdeffedcba} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {cafeefac-ffff-ffff-ffff-abcdeffedcba} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: {543B5FE2-472F-46B2-8C16-69E9B805E3CB} = 212.200.191.166,212.200.190.166
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: qoMeDvUM - qoMeDvUM.dll
AppInit_DLLs: acaptuser32.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
STS: FencesShlExt Class: {1984dd45-52cf-49cd-ab77-18f378fea264} - c:\program files\stardock\fences\FencesMenu.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~3\office14\GROOVEEX.DLL
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
mASetup: {F8B9E5C0-4DCC-CFCF-ABA5-00401D608516} -
Hosts: 127.0.0.1 www.spywareinfo.com
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\bombon~1\applic~1\mozilla\firefox\profiles\v8o61p83.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.startup.homepage - about:blank
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=utf-8&fr=megaup&p=
FF - prefs.js: keyword.enabled - false
FF - component: c:\documents and settings\bombonica\application data\mozilla\firefox\profiles\v8o61p83.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\documents and settings\bombonica\application data\mozilla\firefox\profiles\v8o61p83.default\extensions\{340c2bbc-ce74-4362-90b5-7c26312808ef}\platform\winnt_x86-msvc\components\WeaveCrypto.dll
FF - component: c:\documents and settings\bombonica\application data\mozilla\firefox\profiles\v8o61p83.default\extensions\{6ff1d3c4-61bc-4021-89b7-af8a8f784ebb}\components\snagitmozextension.dll
FF - component: c:\documents and settings\bombonica\application data\mozilla\firefox\profiles\v8o61p83.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\winnt_x86-msvc\components\ipc.dll
FF - component: c:\documents and settings\bombonica\application data\mozilla\firefox\profiles\v8o61p83.default\extensions\{e173b749-db5b-4fd2-ba0e-94ecea0ca55b}\components\npAFOM.dll
FF - component: c:\documents and settings\bombonica\application data\mozilla\firefox\profiles\v8o61p83.default\extensions\{e3f6c2cc-d8db-498c-af6c-499fb211db97}\platform\winnt_x86-msvc\components\pagespeed.dll
FF - component: c:\program files\nokia\nokia pc suite 7\bkmrksync\components\BkMrkExt.dll
FF - plugin: c:\documents and settings\all users\application data\zylom\zylomgamesplayer\npzylomgamesplayer.dll
FF - plugin: c:\documents and settings\bombonica\application data\mozilla\firefox\profiles\v8o61p83.default\extensions\
[email protected]\platform\winnt_x86-msvc\plugins\npBFHUpdater.dll
FF - plugin: c:\documents and settings\bombonica\application data\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\bombonica\local settings\application data\google\update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\progra~1\micros~3\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~3\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\google\google earth plugin\npgeplugin.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.2.133.33\npGoogleOneClick7.dll
FF - plugin: c:\program files\java\j2re1.4.1_01\bin\NPJava11.dll
FF - plugin: c:\program files\java\j2re1.4.1_01\bin\NPJava12.dll
FF - plugin: c:\program files\java\j2re1.4.1_01\bin\NPJava13.dll
FF - plugin: c:\program files\java\j2re1.4.1_01\bin\NPJava32.dll
FF - plugin: c:\program files\java\j2re1.4.1_01\bin\NPJPI141_01.dll
FF - plugin: c:\program files\java\j2re1.4.1_01\bin\NPOJI610.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeploytk.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npnul32.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPOFF12.DLL
FF - plugin: c:\program files\mozilla firefox\plugins\nppl3260.dll
FF - plugin: c:\program files\mozilla firefox\plugins\nprjplug.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
---- FIREFOX POLICIES ----
user_pref('capability.policy.policynames', 'localfilelinks');user_pref('capability.policy.localfilelinks.sites', 'hxxp://www.webmynd.com http://www.google.com');user_pref('capability.policy.localfilelinks.checkloaduri.enabled', 'allAccess');
FF - user.js: capability.policy.policynames - localfilelinks
FF - user.js: capability.policy.localfilelinks.sites - hxxp://s1.travian.com http://s2.travian.com http://s3.travian.com
FF - user.js: capability.policy.localfilelinks.checkloaduri.enabled - allAccess
FF - user.js: network.prefetch-next - true
FF - user.js: nglayout.initialpaint.delay - 250
FF - user.js: layout.spellcheckDefault - 1
FF - user.js: browser.tabs.closeButtons - 1
FF - user.js: browser.tabs.opentabfor.middleclick - true
FF - user.js: browser.tabs.tabMinWidth - 100
FF - user.js: browser.urlbar.hideGoButton - false
i:\instalacije\portable apps\firefoxportable\app\firefox\greprefs\all.js - pref("ui.use_native_colors", true);
i:\instalacije\portable apps\firefoxportable\app\firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
i:\instalacije\portable apps\firefoxportable\app\firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
i:\instalacije\portable apps\firefoxportable\app\firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
i:\instalacije\portable apps\firefoxportable\app\firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
i:\instalacije\portable apps\firefoxportable\app\firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
i:\instalacije\portable apps\firefoxportable\app\firefox\greprefs\all.js - pref("svg.smil.enabled", false);
i:\instalacije\portable apps\firefoxportable\app\firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
i:\instalacije\portable apps\firefoxportable\app\firefox\greprefs\all.js - pref("browser.formfill.debug", false);
i:\instalacije\portable apps\firefoxportable\app\firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
i:\instalacije\portable apps\firefoxportable\app\firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
i:\instalacije\portable apps\firefoxportable\app\firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
i:\instalacije\portable apps\firefoxportable\app\firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
i:\instalacije\portable apps\firefoxportable\app\firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
i:\instalacije\portable apps\firefoxportable\app\firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
i:\instalacije\portable apps\firefoxportable\app\firefox\greprefs\all.js - pref("html5.enable", false);
i:\instalacije\portable apps\firefoxportable\app\firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
i:\instalacije\portable apps\firefoxportable\app\firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
i:\instalacije\portable apps\firefoxportable\app\firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
i:\instalacije\portable apps\firefoxportable\app\firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
i:\instalacije\portable apps\firefoxportable\app\firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
i:\instalacije\portable apps\firefoxportable\app\firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
i:\instalacije\portable apps\firefoxportable\app\firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
i:\instalacije\portable apps\firefoxportable\app\firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
i:\instalacije\portable apps\firefoxportable\app\firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
i:\instalacije\portable apps\firefoxportable\app\firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
i:\instalacije\portable apps\firefoxportable\app\firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
i:\instalacije\portable apps\firefoxportable\app\firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
i:\instalacije\portable apps\firefoxportable\app\firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
============= SERVICES / DRIVERS ===============
R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [2009-1-7 20744]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-8-5 64160]
R0 viasraid;viasraid;c:\windows\system32\drivers\viasraid.sys [2004-4-13 77312]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2009-6-18 142832]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-1-5 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-1-5 74480]
R1 VD_FileDisk;VD_FileDisk;c:\windows\system32\drivers\vd_filedisk.sys [2006-1-13 15872]
R1 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2010-1-29 486280]
R2 CachemanXPService;CachemanXP;c:\progra~1\cachem~1\CachemanXP.exe [2008-8-2 243200]
R2 cpuz132;cpuz132;c:\windows\system32\drivers\cpuz132_x32.sys [2009-5-31 12672]
R2 ppsio2;PPDevice;c:\windows\system32\drivers\PPSIO2.SYS [2008-8-2 22400]
R2 starwindserviceae;StarWind AE Service;c:\program files\alcohol soft\alcohol 120\starwind\StarWindServiceAE.exe [2007-5-28 275968]
R2 vsmon;TrueVector Internet Monitor;c:\windows\system32\zonelabs\vsmon.exe -service --> c:\windows\system32\zonelabs\vsmon.exe -service [?]
S1 2753509;2753509;c:\windows\system32\drivers\2753509.sys --> c:\windows\system32\drivers\2753509.sys [?]
S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [2008-12-7 30088]
S3 cpuz131;cpuz131;\??\c:\docume~1\bombon~1\locals~1\temp\cpuz131\cpuz_x32.sys --> c:\docume~1\bombon~1\locals~1\temp\cpuz131\cpuz_x32.sys [?]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [2008-7-2 26248]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-7-3 1029456]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2009-10-29 30603640]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2009-8-5 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2009-8-5 8320]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2009-9-26 4639136]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2009-6-17 12648]
S3 Roxio UPnP Renderer 11;Roxio UPnP Renderer 11;"c:\program files\roxio creator 2009 ultimate\digital home 11\roxioupnprenderer11.exe" --> c:\program files\roxio creator 2009 ultimate\digital home 11\RoxioUPnPRenderer11.exe [?]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2010-1-5 7408]
S3 vboxnetadp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [2009-7-5 91408]
S3 vboxnetflt;VBoxNetFlt Service;c:\windows\system32\drivers\vboxnetflt.sys --> c:\windows\system32\drivers\VBoxNetFlt.sys [?]
=============== Created Last 30 ================
2010-02-07 15:34:25 178 ----a-w- c:\windows\system32\bootdelete.lst
2010-02-07 15:34:25 12872 ----a-w- c:\windows\system32\bootdelete.exe
2010-02-07 14:59:15 15944 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2010-02-07 14:58:38 0 d-----w- c:\docume~1\alluse~1\applic~1\Hitman Pro
2010-02-07 14:57:50 0 d-----w- c:\program files\Hitman Pro 3.5
2010-01-29 18:19:04 0 d-----w- c:\program files\ODEON
2010-01-29 12:52:18 1238408 ----a-w- c:\windows\system32\zpeng25.dll
2010-01-29 12:52:15 0 d-----w- c:\windows\system32\ZoneLabs
2010-01-29 12:52:06 422437 ----a-w- c:\windows\system32\vsconfig.xml
2010-01-29 12:52:03 0 d-----w- c:\program files\Zone Labs
2010-01-29 12:51:25 0 d-----w- c:\windows\Internet Logs
2010-01-23 11:51:50 1266056 ----a-w- C:\WindowsXP-KB927891-v3-x86-ENU.exe
2010-01-23 11:48:01 3038 ----a-w- C:\fix_svchost.bat
2010-01-18 20:36:01 0 d-----w- c:\program files\iPod
2010-01-18 20:35:28 0 d-----w- c:\program files\iTunes
2010-01-18 20:26:09 40448 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2010-01-18 20:26:09 2065696 ----a-w- c:\windows\system32\usbaaplrc.dll
2010-01-12 00:39:59 552 ----a-w- c:\windows\system32\d3d8caps.dat
==================== Find3M ====================
2010-02-07 12:49:22 4212 ---ha-w- c:\windows\system32\zllictbl.dat
2010-01-14 10:12:06 181120 ------w- c:\windows\system32\MpSigStub.exe
2010-01-07 15:07:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 15:07:04 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-03 01:08:19 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2009-12-21 19:14:05 916480 ----a-w- c:\windows\system32\wininet.dll
2009-11-29 15:16:41 6656 ----a-w- c:\windows\system32\lpcio.dll
2009-09-24 18:59:33 25 ----a-w- c:\program files\popcinfot.dat
2008-06-13 20:01:24 237056 ----a-w- c:\program files\DocListUploader 1.0 for google docs.exe
============= FINISH: 17:04:40,67 ===============
Problem sa svchost.exe milioniti put
