Ajmo opet...

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Da probamo da spasimo ovaj sistem, trenutno mi stvara komplikaciju instalaqcija novog, na pola sam vaznog posla...

Dakle, sistem radi veoma sporo, koci i zaglavljuje, ne secam se da se nesto znacajno desilo sto bi moglo biti razlog, pretpostavljam da je nesto nepozvano sa neta upalo, takodje je i internet konekcija jako spora...



DDS (Ver_09-07-30.01) - NTFSx86
Run by Bojan at 12:02:43.21 on Thu 08/27/2009
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_14
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.3582.3005 [GMT 2:00]

AV: avast! antivirus 4.8.1335 [VPS 090826-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Mediafour\MacDrive 7\MacDriveD.exe
C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\program files\steam\steam.exe
C:\Documents and Settings\Bojan\Local Settings\Application Data\Google\Update\1.2.183.7\GoogleCrashHandler.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Digidesign\Drivers\MMERefresh.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Mediafour\MacDrive 7\MacDriveServiceD.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Documents and Settings\Bojan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Bojan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Bojan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Bojan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Bojan\Desktop\dds.pif

============== Pseudo HJT Report ===============

BHO: My Search BHO: {014da6c1-189f-421a-88cd-07cfe51cff10} - c:\program files\mysearch\bar\1.bin\S4BAR.DLL
BHO: MySearch Search Assistant BHO: {04079851-5845-4dea-848c-3ecd647aa554} - c:\program files\mysearch\srchastt\1.bin\MYSRCHAS.DLL
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: FGCatchUrl: {2f364306-aa45-47b5-9f9d-39a8b94e7ef7} - c:\program files\flashget\jccatch.dll
BHO: Ask.com Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\supertoolbar\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: FlashGet GetFlash Class: {f156768e-81ef-470c-9057-481ba8380dba} - c:\program files\flashget\getflash.dll
TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - c:\program files\daemon tools toolbar\DTToolbar.dll
TB: My Search Bar: {014da6c9-189f-421a-88cd-07cfe51cff10} - c:\program files\mysearch\bar\1.bin\S4BAR.DLL
TB: Ask.com Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\supertoolbar\GenericAskToolbar.dll
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
uRun: [Google Update] "c:\documents and settings\bojan\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [Steam] "c:\program files\steam\steam.exe" -silent
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [JMB36X IDE Setup] c:\windows\raidtool\xInsIDE.exe
mRun: [36X Raid Configurer] c:\windows\system32\xRaidSetup.exe boot
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe
mRun: [DigidesignMMERefresh] c:\program files\digidesign\drivers\MMERefresh.exe
mRun: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] c:\program files\google\gmail notifier\gnotify.exe
mRun: [MacDrive application for Digidesign] "c:\program files\mediafour\macdrive 7\MacDriveD.exe"
mRun: [H2O] c:\program files\syncrosoft\pos\h2o\cledx.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Start WingMan Profiler] c:\program files\logitech\gaming software\LWEMon.exe /noui
mRun: [saap] c:\program files\search-assistant\saap.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
StartupFolder: c:\docume~1\bojan\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\autoca~1.lnk - c:\program files\common files\autodesk shared\acstart17.exe
IE: &Download All with FlashGet - c:\progra~1\flashget\jc_all.htm
IE: &Download with FlashGet - c:\progra~1\flashget\jc_link.htm
IE: {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - c:\program files\flashget\FlashGet.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - [Link mogu videti samo ulogovani korisnici]
DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - [Link mogu videti samo ulogovani korisnici]
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - [Link mogu videti samo ulogovani korisnici]
TCP: {5C411463-E0E8-4419-889E-9ECEA2950DC2} = 10.10.2.69,10.10.2.79
Notify: AtiExtEvent - Ati2evxx.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\bojan\applic~1\mozilla\firefox\profiles\g84ixv71.default\
FF - prefs.js: browser.startup.homepage - [Link mogu videti samo ulogovani korisnici]
FF - plugin: c:\documents and settings\bojan\local settings\application data\google\update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.7\npGoogleOneClick8.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox 3 beta 5\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}

============= SERVICES / DRIVERS ===============

R0 MDFSYSNT;MacDrive file system driver;c:\windows\system32\drivers\MDFSYSNT.SYS [2009-3-9 284416]
R0 MDPMGRNT;MacDrive partition driver;c:\windows\system32\drivers\MDPMGRNT.SYS [2009-2-4 19456]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-4-30 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-4-30 20560]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2009-4-30 138680]
R2 DigiNet;Digidesign Ethernet Support;c:\windows\system32\drivers\diginet.sys [2009-4-30 16400]
R2 MacDriveServiceD;MacDrive service for Digidesign;c:\program files\mediafour\macdrive 7\MacDriveServiceD.exe [2008-9-18 152064]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2009-4-30 254040]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2009-4-30 352920]
R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [2009-4-30 33792]
S2 gupdate1ca086c971dc522;Google Update Service (gupdate1ca086c971dc522);c:\program files\google\update\GoogleUpdate.exe [2009-7-19 133104]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2009-4-30 1684736]
S3 dalwdmservice;dal service;c:\windows\system32\drivers\Dalwdm.sys [2009-4-30 97808]

=============== Created Last 30 ================

2009-08-27 12:02 <DIR> --d-h--- c:\windows\PIF
2009-08-24 10:14 <DIR> --d----- c:\program files\Spectrasonics
2009-08-14 00:48 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Tracktion 3
2009-08-13 19:01 <DIR> --d----- c:\program files\112dB
2009-08-13 06:59 54,156 a------- c:\windows\system32\QTFont.qfn
2009-08-13 06:59 1,409 a------- c:\windows\system32\QTFont.for
2009-08-12 23:46 <DIR> --d----- c:\program files\Massey
2009-08-12 23:34 <DIR> --d----- c:\docume~1\bojan\applic~1\Flux
2009-08-08 17:21 <DIR> --d----- c:\program files\Steam
2009-08-08 17:20 <DIR> --d----- c:\program files\Race - The WTCC Game
2009-08-08 10:36 <DIR> --d----- c:\program files\SimBin
2009-08-08 10:35 <DIR> --d----- c:\windows\Logs
2009-08-08 01:06 6,054,912 a------- c:\windows\system32\PSP oldTimer.dll
2009-08-07 23:27 <DIR> --d----- c:\program files\BlackBeanGames
2009-08-07 15:53 <DIR> --d----- c:\program files\rFactor
2009-08-07 11:45 <DIR> a-d-h--- C:\.TemporaryItems
2009-08-07 11:45 4,096 a---h--- C:\._.TemporaryItems

==================== Find3M ====================

2009-07-08 20:59 410,984 a------- c:\windows\system32\deploytk.dll
2009-06-25 17:49 37,736 a---h--- c:\windows\system32\mlfcache.dat
2009-06-07 16:24 180,224 a------- c:\windows\system32\xvidvfw.dll
2009-06-07 16:16 819,200 a------- c:\windows\system32\xvidcore.dll
2009-05-01 00:19 13,196 a------- c:\program files\INSTALL.LOG
2006-12-06 23:07 1,515 a------- c:\program files\readme.txt
2003-08-24 20:05 339,944 a------- c:\program files\UNWISE.EXE

============= FINISH: 12:03:29.58 ===============

[Link mogu videti samo ulogovani korisnici]

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Zdravo,

ima nesto u logu pa cemo skenirati sa tebi dobro poznatim CF-om.

Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop:


Bleeping Computer
Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu);
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save.



Kada preuzimanje programa bude završeno:
deaktiviraj zaštitni softver (uputstvo);
zatvori pokrenute programe;
dvoklikom pokreni program ComboFix.
U toku rada, ComboFix će:proveriti postoji li novija verzija programa:
klikni Yes ako bude ponuđeno preuzimanje iste. prikazati DISCLAIMER OF WARRANTY ON SOFTWARE:
klikni Yes kako bi proces bio nastavljen.ako Recovery Console nije instalirana, ponuditi instalaciju:
obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja:
prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta);
na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.

Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu:
klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All;
klikni desnim tasterom miša na obeleženi tekst i izaberi Copy;
klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste.

Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt);
Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Prilikom pokretanja Combo Fix-a prijavljuje gresku:

"Some installation files are corupt. Please download a fresh copy and retry installation."

Download-ovao sam dva puta, opet je isto...

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Ako promenis ime ComboFixu.

Probaj.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Promeni sam ime i dalje je isti problem...

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Skini program RSIT na Desktop:

[Link mogu videti samo ulogovani korisnici]


Pokreni ga dvoklikom a zatim klikni Continue.


Na kraju procesa će se otvoriti dva loga: prvi, log.txt će biti maksimizovan i njega je potrebno iskopirati u temu na forumu, te drugi, info.txt koji će biti minimizovan (koji nam za sada ne treba).


Postavi sadržaj file-a log.txt u iduću poruku (taj file će biti sačuvan kao C:\rsit\log.txt).

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Logfile of random's system information tool 1.06 (written by random/random)
Run by Bojan at 2009-08-27 17:13:02
Microsoft Windows XP Professional Service Pack 2
System drive C: has 4 GB (7%) free of 51 GB
Total RAM: 3582 MB (87% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:13:28, on 8/27/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Mediafour\MacDrive 7\MacDriveD.exe
C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Digidesign\Drivers\MMERefresh.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Mediafour\MacDrive 7\MacDriveServiceD.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\CleanMyPC\Registry Cleaner\RCHelper.exe
C:\Documents and Settings\Bojan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Bojan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Bojan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Bojan\Desktop\RSIT.exe
C:\Program Files\trend micro\Bojan.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = [Link mogu videti samo ulogovani korisnici]
O2 - BHO: My Search BHO - {014DA6C1-189F-421a-88CD-07CFE51CFF10} - (no file)
O2 - BHO: MySearch Search Assistant BHO - {04079851-5845-4dea-848C-3ECD647AA554} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: Ask.com Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - (no file)
O3 - Toolbar: My Search Bar - {014DA6C9-189F-421a-88CD-07CFE51CFF10} - (no file)
O3 - Toolbar: Ask.com Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [DigidesignMMERefresh] C:\Program Files\Digidesign\Drivers\MMERefresh.exe
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [MacDrive application for Digidesign] "C:\Program Files\Mediafour\MacDrive 7\MacDriveD.exe"
O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
O8 - Extra context menu item: &Download All with FlashGet - C:\PROGRA~1\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\PROGRA~1\FlashGet\jc_link.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{5C411463-E0E8-4419-889E-9ECEA2950DC2}: NameServer = 10.10.2.69,10.10.2.79
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Digidesign MME Refresh Service (DigiRefresh) - Digidesign, A Division of Avid Technology, Inc. - C:\Program Files\Digidesign\Drivers\MMERefresh.exe
O23 - Service: digiSPTIService - Digidesign, A Division of Avid Technology, Inc. - C:\Program Files\Digidesign\Pro Tools\digiSPTIService.exe
O23 - Service: Google Update Service (gupdate1ca086c971dc522) (gupdate1ca086c971dc522) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MacDrive service for Digidesign (MacDriveServiceD) - Mediafour Corporation - C:\Program Files\Mediafour\MacDrive 7\MacDriveServiceD.exe

--
End of file - 5772 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1645522239-796845957-682003330-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1645522239-796845957-682003330-1003UA.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{014DA6C1-189F-421a-88CD-07CFE51CFF10}]
My Search BHO

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{04079851-5845-4dea-848C-3ECD647AA554}]
MySearch Search Assistant BHO

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
FGCatchUrl - C:\Program Files\FlashGet\jccatch.dll [2007-08-06 94308]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask.com Toolbar

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-08 41368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-08 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F156768E-81EF-470C-9057-481BA8380DBA}]
FlashGet GetFlash Class - C:\Program Files\FlashGet\getflash.dll [2007-05-18 163840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - []
{014DA6C9-189F-421a-88CD-07CFE51CFF10} - []
{D4027C7F-154A-4066-A1AD-4243D8127440} - []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-03-27 17567744]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-08-17 81000]
"DigidesignMMERefresh"=C:\Program Files\Digidesign\Drivers\MMERefresh.exe [2008-12-03 77824]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"=C:\Program Files\Google\Gmail Notifier\gnotify.exe [2005-07-15 479232]
"MacDrive application for Digidesign"=C:\Program Files\Mediafour\MacDrive 7\MacDriveD.exe [2008-09-18 187904]
"H2O"=C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe [2005-10-23 385024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\36X Raid Configurer]
C:\WINDOWS\system32\xRaidSetup.exe [2007-11-19 1970176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2006-10-09 139264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\Bojan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-07-19 133104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JMB36X IDE Setup]
C:\WINDOWS\RaidTool\xInsIDE.exe [2007-03-20 36864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Registry Cleaner Scheduler]
C:\Program Files\CleanMyPC\Registry Cleaner\RCHelper.exe [2009-08-27 471650]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler]
C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2009-01-21 92168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-03-17 61440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
c:\program files\steam\steam.exe [2009-08-08 1217784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-08 148888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 29696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^AutoCAD Startup Accelerator.lnk]
C:\Program Files\Common Files\Autodesk Shared\acstart17.exe [2006-03-05 11000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Bojan^Start Menu^Programs^Startup^Adobe Gamma.lnk]
C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-03-16 155648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\FlashGet\flashget.exe"="C:\Program Files\FlashGet\flashget.exe:*:Enabled:Flashget"
"C:\Program Files\Ares\Ares.exe"="C:\Program Files\Ares\Ares.exe:*:Enabled:Ares p2p for windows"
"C:\Program Files\Codemasters\Operation Flashpoint\FLASHPOINTRESISTANCE.EXE"="C:\Program Files\Codemasters\Operation Flashpoint\FLASHPOINTRESISTANCE.EXE:*:Enabled:Operation Flashpoint"
"C:\Program Files\Trillian\trillian.exe"="C:\Program Files\Trillian\trillian.exe:*:Enabled:Trillian"
"C:\Program Files\Bohemia Interactive\ArmA\arma.exe"="C:\Program Files\Bohemia Interactive\ArmA\arma.exe:*:Enabled:ArmA"
"C:\Program Files\rFactor\rFactor.exe"="C:\Program Files\rFactor\rFactor.exe:*:Enabled:rFactor"
"C:\Program Files\Steam\SteamApps\bojan1979\race\Race_Steam.exe"="C:\Program Files\Steam\SteamApps\bojan1979\race\Race_Steam.exe:*:Enabled:Race"
"C:\Program Files\Steam\SteamApps\bojan1979\race07 demo\RaceDemo_Steam.exe"="C:\Program Files\Steam\SteamApps\bojan1979\race07 demo\RaceDemo_Steam.exe:*:Enabled:RACE 07"
"C:\Program Files\Steam\SteamApps\bojan1979\stcc demo\STCC_Demo_Steam.exe"="C:\Program Files\Steam\SteamApps\bojan1979\stcc demo\STCC_Demo_Steam.exe:*:Enabled:STCC - The Game - Demo"
"C:\Program Files\Steam\SteamApps\bojan1979\stcc demo\Config.exe"="C:\Program Files\Steam\SteamApps\bojan1979\stcc demo\Config.exe:*:Enabled:STCC - The Game - Demo"
"C:\Program Files\Steam\SteamApps\bojan1979\gtr evolution - demo\GtrEvo_Demo_Steam.exe"="C:\Program Files\Steam\SteamApps\bojan1979\gtr evolution - demo\GtrEvo_Demo_Steam.exe:*:Enabled:RACE 07"
"C:\Program Files\Steam\SteamApps\bojan1979\race07 demo dedicated server\RaceDemoDedicatedServer_Steam.exe"="C:\Program Files\Steam\SteamApps\bojan1979\race07 demo dedicated server\RaceDemoDedicatedServer_Steam.exe:*:Enabled:RACE 07"
"C:\Program Files\Steam\SteamApps\common\arma 2 demo\ArmA2Demo.exe"="C:\Program Files\Steam\SteamApps\common\arma 2 demo\ArmA2Demo.exe:*:Enabled:ARMA 2 Demo"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I]
shell\AutoRun\command - I:\autorun.exe


======File associations======

.scr - open - "C:\WINDOWS\system32\NOTEPAD.EXE" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2009-08-27 17:13:03 ----D---- C:\Program Files\trend micro
2009-08-27 17:13:02 ----D---- C:\rsit
2009-08-27 16:56:22 ----D---- C:\32788R22FWJFW
2009-08-27 12:57:53 ----D---- C:\WINDOWS\pss
2009-08-27 12:41:37 ----D---- C:\Program Files\CleanMyPC
2009-08-27 12:17:45 ----D---- C:\Program Files\East West
2009-08-27 12:02:17 ----HD---- C:\WINDOWS\PIF
2009-08-24 10:14:36 ----D---- C:\Program Files\Spectrasonics
2009-08-14 00:48:15 ----D---- C:\Documents and Settings\All Users\Application Data\Tracktion 3
2009-08-13 19:01:15 ----D---- C:\Program Files\112dB
2009-08-12 23:46:20 ----D---- C:\Program Files\Massey
2009-08-12 23:34:28 ----D---- C:\Documents and Settings\Bojan\Application Data\Flux
2009-08-08 17:21:50 ----D---- C:\Program Files\Steam
2009-08-08 17:20:55 ----D---- C:\Program Files\Race - The WTCC Game
2009-08-08 10:36:42 ----D---- C:\Program Files\SimBin
2009-08-08 10:36:39 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2009-08-08 10:36:39 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2009-08-08 10:36:38 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2009-08-08 10:36:38 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2009-08-08 10:36:38 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2009-08-08 10:36:37 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2009-08-08 10:36:37 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2009-08-08 10:36:36 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2009-08-08 10:36:36 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2009-08-08 10:36:35 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2009-08-08 10:36:34 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2009-08-08 10:36:34 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2009-08-08 10:36:32 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2009-08-08 10:36:32 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2009-08-08 10:36:31 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2009-08-08 10:36:31 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2009-08-08 10:36:30 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2009-08-08 10:36:29 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2009-08-08 10:36:29 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2009-08-08 10:36:29 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2009-08-08 10:36:27 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2009-08-08 10:36:27 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2009-08-08 10:36:27 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2009-08-08 10:36:26 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2009-08-08 10:36:25 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2009-08-08 10:36:25 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2009-08-08 10:36:25 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2009-08-08 10:36:24 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2009-08-08 10:36:24 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2009-08-08 10:36:23 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2009-08-08 10:36:23 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2009-08-08 10:36:23 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2009-08-08 10:36:21 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2009-08-08 10:36:21 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2009-08-08 10:36:19 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2009-08-08 10:36:19 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2009-08-08 10:36:18 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2009-08-08 10:36:17 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2009-08-08 10:36:17 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2009-08-08 10:36:17 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2009-08-08 10:36:16 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2009-08-08 10:36:15 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2009-08-08 10:36:15 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2009-08-08 10:36:15 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2009-08-08 10:36:15 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2009-08-08 10:36:14 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2009-08-08 10:36:12 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2009-08-08 10:36:08 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2009-08-08 10:36:08 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2009-08-08 10:36:06 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2009-08-08 10:36:06 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2009-08-08 10:35:38 ----D---- C:\WINDOWS\Logs
2009-08-08 01:06:35 ----A---- C:\WINDOWS\system32\PSP oldTimer.dll
2009-08-08 01:06:35 ----A---- C:\WINDOWS\PSP oldTimer Setup Log.txt
2009-08-07 23:27:51 ----D---- C:\Program Files\BlackBeanGames
2009-08-07 21:46:54 ----A---- C:\Program Files\readme.txt
2009-08-07 15:53:59 ----D---- C:\Program Files\rFactor
2009-08-07 11:45:57 ----AHD---- C:\.TemporaryItems

======List of files/folders modified in the last 1 months======

2009-08-27 17:13:07 ----D---- C:\WINDOWS\Prefetch
2009-08-27 17:13:03 ----RD---- C:\Program Files
2009-08-27 17:03:01 ----D---- C:\WINDOWS\Temp
2009-08-27 16:59:11 ----ASD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-08-27 15:43:26 ----D---- C:\Program Files\Mozilla Firefox 3 Beta 5
2009-08-27 15:11:08 ----D---- C:\Documents and Settings\Bojan\Application Data\Digidesign
2009-08-27 13:06:30 ----AD---- C:\Program Files\Outlook Express
2009-08-27 13:06:10 ----A---- C:\WINDOWS\system32\msvcsv60.dll
2009-08-27 13:02:04 ----D---- C:\WINDOWS
2009-08-27 13:01:51 ----D---- C:\WINDOWS\system32\CatRoot2
2009-08-27 12:59:53 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-08-27 12:59:42 ----D---- C:\WINDOWS\system32\config
2009-08-27 12:54:52 ----D---- C:\Program Files\FlashGet
2009-08-27 12:52:01 ----ASH---- C:\boot.ini
2009-08-27 12:48:32 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-08-27 12:48:21 ----D---- C:\WINDOWS\system32
2009-08-26 23:04:09 ----AHD---- C:\.Trashes
2009-08-24 14:24:45 ----D---- C:\WINDOWS\system32\drivers
2009-08-23 20:30:42 ----A---- C:\WINDOWS\NeroDigital.ini
2009-08-17 18:10:20 ----A---- C:\WINDOWS\system32\aswBoot.exe
2009-08-13 21:33:18 ----D---- C:\Program Files\Nomad Factory
2009-08-13 11:40:42 ----D---- C:\Documents and Settings\Bojan\Application Data\Trillium Lane
2009-08-13 11:12:04 ----D---- C:\Program Files\Common Files\Designer
2009-08-13 06:59:14 ----RSD---- C:\WINDOWS\Fonts
2009-08-13 06:59:10 ----D---- C:\Documents and Settings\Bojan\Application Data\Audio Ease
2009-08-13 06:59:09 ----D---- C:\Program Files\Audio Ease
2009-08-12 23:30:30 ----SHD---- C:\WINDOWS\Installer
2009-08-12 23:30:27 ----D---- C:\WINDOWS\WinSxS
2009-08-10 21:08:11 ----D---- C:\WINDOWS\system32\DirectX
2009-08-10 21:08:08 ----HD---- C:\WINDOWS\inf
2009-08-10 21:07:44 ----RSD---- C:\WINDOWS\assembly
2009-08-10 14:39:23 ----D---- C:\Documents and Settings\Bojan\Application Data\Apple Computer
2009-08-10 14:18:59 ----D---- C:\Program Files\Safari
2009-08-09 23:13:15 ----D---- C:\Program Files\LFS
2009-08-08 13:20:40 ----D---- C:\Program Files\QuickTime
2009-08-08 13:20:09 ----HD---- C:\Program Files\InstallShield Installation Information
2009-08-08 13:20:05 ----D---- C:\Program Files\IK Multimedia
2009-08-08 13:19:49 ----D---- C:\Program Files\Trillian
2009-08-08 11:14:32 ----D---- C:\Program Files\GTR-Evolution
2009-08-08 01:06:44 ----D---- C:\Program Files\PSPaudioware
2009-08-03 00:25:38 ----SD---- C:\WINDOWS\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-08-17 26944]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-08-17 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-08-17 51376]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-03 36096]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2008-07-07 56108]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-08-17 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-08-17 94160]
R2 DigiNet;Digidesign Ethernet Support; C:\WINDOWS\system32\DRIVERS\diginet.sys [2008-12-04 16400]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-04 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-08-17 23152]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-03-16 3597312]
R3 CLEDX;Team H2O CLEDX service; C:\WINDOWS\system32\DRIVERS\cledx.sys [2005-05-09 33792]
R3 dalwdmservice;dal service; C:\WINDOWS\system32\drivers\dalwdm.sys [2008-12-04 97808]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-03-30 5063168]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-04 61824]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-03-27 130816]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2009-01-13 19336]
R3 WmFilter;Logitech Gaming HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2009-01-13 29192]
R3 WmHidLo;Logitech Gaming USB Filter Driver; C:\WINDOWS\system32\drivers\WmHidLo.sys [2009-01-13 31240]
R3 WmXlCore;Logitech Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2009-01-13 49160]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848]
S2 sfcure01;StarForce Cure Driver (version 1.x); C:\WINDOWS\System32\drivers\sfcure01.sys [2005-10-01 3072]
S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2004-08-03 48128]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 anvb9299;anvb9299; C:\WINDOWS\system32\drivers\anvb9299.sys []
S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2004-08-03 38912]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2004-08-03 51328]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys [2009-01-13 14728]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-08-17 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-03-16 602112]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-08-17 138680]
R2 DigiRefresh;Digidesign MME Refresh Service; C:\Program Files\Digidesign\Drivers\MMERefresh.exe [2008-12-03 77824]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-08 152984]
R2 MacDriveServiceD;MacDrive service for Digidesign; C:\Program Files\Mediafour\MacDrive 7\MacDriveServiceD.exe [2008-09-18 152064]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-03-17 593920]
S2 gupdate1ca086c971dc522;Google Update Service (gupdate1ca086c971dc522); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-19 133104]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-05-22 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2009-06-25 77944]
S3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-08-17 254040]
S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-08-17 352920]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 digiSPTIService;digiSPTIService; C:\Program Files\Digidesign\Pro Tools\digiSPTIService.exe [2008-12-03 159744]

-----------------EOF-----------------

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Preuzmi gmer.zip sa ovog linka i sačuvaj na Desktopu.
Raspakuj ga u neki folder.

Dupli klik na gmer.exe za početak: Izaberi Rootkit/Malware Tab na vrhu.
Klikni na Scan.
Kada je skeniranje završeno, klik na Copy dugme ispod - ovo će sačuvati rezultate skeniranja u Clipboard.
Iskoristi opciju Paste u Notepad-u da bi to prebacio u tekst. Snimi taj tekst iz Notepada kao file1.txt.
Ponovi ovo isto sa Autostart Tab-om. Snimi taj tekst iz Notepada kao file2.txt.

Iskoristi opciju Prikači fajl ispod polja za pisanje poruke na forumu, i prikači nam ovde ta dva fajla koja smo malopre snimili.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Opet je problem, prilikom svakok Scan-a kompjuter se sam restartuje, tako je dva puta...

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Hmm:

Preuzmi SysProt AntiRootkit sa sledeće stranice:

SysProt downlaod

Na strani koja se otvori treba kliknuti "here" link.



Raspakuj arhivu u neki folder (uputstvo), a zatim:
dvoklikom pokreni program i pređi na Log karticu;

štikliraj svih osam stavki i klikni Create log;

nakon određenog vremena će se pojaviti upit u kome treba obeležiti
Scan root drive only i kliknuti Start;

po završetku skeniranja pojaviće se obaveštenje koje treba zatvoriti klikom na OK;

izveštaj (log) će biti sačuvan u istom folderu u kome se nalazi i sam program.


Priloži kreirani izveštaj uz poruku korišćenjem opcije Prikači fajl.