Razni problemi...virus?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Pozz
E ovako stoji stvar.Nisam imao tih problema i normalno mi je radio komp,sve do juce ujutru.Kad sam ga ukljucio,prvo sam primetio da mi sporije startuje,tj kod ulogovanja,i onda se pojavi desktop,samo pozadina,nakon 20-30 sek se pojave ikonice,a taskbar kao da je malo zavucen i kad minimiziram nesto,ne pojavljuje se dole nista,kao da nemam otvoren prozor.Search opcija mi ne radi,copy/paste takdoje,ne mogu da prevucem ikonice,fajlove,foldere,pri desnom kliku na iste mi zakoci.AVG firewall pise error,ne mogu da ga aktiviram.System restore mi ne radi(System restore is not able to protect your computer.Please restart your computer and then run System restore again).Malwarebytes ne mogu da pokrenem(Run time error 372;Failed to load control vbalGrid from vbalsgrid6.ocx.Your version of vbalsgrid6.ocx may be outdated...itd)U task manager-u pod "user name" nema nista.I mislim da su mi se mnogi servisi stopirali.Kad pokrenem service.msc,extended lista je prazna,dok standard lista je ok,ali ne mogu da udjem na properties,a kad startujem servis pojavi se(Error 1068:The dependency service or group failed to start)Zvuk nemam,na volume control kad kliknem pise(There are no active mixer devices available.To install mixer devices,go to control panel,click printers and hardware,and then click add hardware)No sound properties pise No Audio device...to je verovatno jer mi windows audio service stopiran?Tako jos neke programe ne mogu da pokrenem...skenirao sam sa Avg,spybot,dr web cureit,sdfix,sa mlawarebytes ne mogu,i nista nije naslo...ne znam sta je?ne znam da li ima veze s tim,ali u poslednje vreme kad startujem racunar pojavi mi se invalid.boot ini booting from windows c:/,mada radilo mi je bilo normalno do juce i s tim...ako moze neko da mi pomogne?

mycity.rs/must-login.png
mycity.rs/must-login.png
mycity.rs/must-login.png

A za DDS kad skeniram,pokaze mi na kraju da je stvorilo 2 loga,ali ih nema na dekstopu?
A ne znam ni kako bih iskopirao sadrzaj DDS.txt u temu,posto mi ne radi opcija paste?

Hvala.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Pozdrav fanste22!








fanste22 ::A za DDS kad skeniram,pokaze mi na kraju da je stvorilo 2 loga,ali ih nema na dekstopu?
A ne znam ni kako bih iskopirao sadrzaj DDS.txt u temu,posto mi ne radi opcija paste?

Hvala.



Kada skeniras DDS-om, obicno DDS.txt izvestaj bude otvoren u Notepad-u i bude prikazan; idi na File -> Save as -> snimi izvestaj na Desktop-u i okaci ga u sledecoj poruci; isto to uradi i za Attach.txt izvestaj. Kombinacijom tastera ALT + TAB potrazi izvestaj, ukoliko automatski ne bude prikazan.










goran9888 (AMF Tim)

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Pozz goran9888!
Hvala na odgovoru

Problem je sto mi ne otvara nista,ni DDS.txt ni Attach.txt,niti ih ima na desktopu da su snimljeni...Jel moze da bude problem u tome,sto mi ne otvara u notepad,jer mi se ranije izbrisao notepad,pa sam instalirao notepad++?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Ne bih znao; mozda. Trebalo bi DDS.txt izvestaj da bude maksimizovan i prikazan na ekranu u Notepad-u nakon zavrsenog skeniranja.



Pokusaj ovako ...



Preuzmi program RSIT na Desktop:

32-bit: http://images.malwareremoval.com/random/RSIT.exe
32-bit: http://randomsdomain.co.uk/downloads/RSIT.exe

64-bit: http://images.malwareremoval.com/random/RSITx64.exe
64-bit: http://randomsdomain.co.uk/downloads/RSITx64.exe

Pokreni ga dvoklikom a zatim klikni Continue.


Na kraju procesa će se otvoriti dva loga: prvi, log.txt će biti maksimizovan i njega je potrebno iskopirati u temu na forumu, te drugi, info.txt koji će biti minimizovan (koji nam za sada ne treba).


Postavi sadržaj file-a log.txt u iduću poruku (taj file će biti sačuvan kao C:\rsit\log.txt).











goran9888 (AMF Tim)

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Logfile of random's system information tool 1.09 (written by random/random)
Run by Admin at 2012-02-13 21:48:21
WIN_XP Service Pack 2
System drive C: has 30 GB (59%) free of 51 GB
Total RAM: 2046 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:48:46, on 13.2.2012
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21256)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\System32\svchost.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\Explorer.EXE
C:\Program Files\AVG\AVG2012\avgfws.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\WINDOWS\system32\imapi.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\windows\system32\taskmgr.exe
C:\Documents and Settings\Admin\Desktop\RSIT.exe
C:\Program Files\trend micro\Admin.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - AutorunsDisabled - (no file)
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {25BC7718-0BFA-40EA-B381-4B2D9732D686} - (no file)
O2 - BHO: (no name) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - (no file)
O2 - BHO: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start avg.com/ww.special-uninstallation-feedb.....=10.0.1187
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [Advanced SystemCare 5] "C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe" /Manual
O4 - HKUS\S-1-5-21-823518204-725345543-39375637-1004\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-823518204-725345543-39375637-1004\..\Run: [Advanced SystemCare 5] "C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe" /Manual (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-18\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O18 - Protocol: avgsecuritytoolbar - (no CLSID) - (no file)
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\windows\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\windows\system32\browseui.dll
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG zaštitni zid (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: DCOM Server Process Launcher (DcomLaunch) - Service & Quality Technology. - (no file)
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: vToolbarUpdater - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe

--
End of file - 9014 bytes

======Scheduled tasks folder======

C:\windows\tasks\ASCv5_AutoUpdateD.job
C:\windows\tasks\Driver Robot.job
C:\windows\tasks\MP Scheduled Scan.job
C:\windows\tasks\SmartDefrag_Startup.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\5ks9f56v.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.rs/"
prefs.js - "extensions.enabledItems" - "jqs@sun.com:1.0, mozilla_cc@internetdownloadmanager.com:7.1.2, {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.6, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29, {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:12.0.0.1894, avg@toolbar:9.0.0.21, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.25"
prefs.js - "keyword.URL" - "http://search.avg.com/route/?d=4ae5992b&v=6.011.025.001&i=23&tp=ab&iy=b&ychte=us&lng=en-GB&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{1E73965B-8B48-48be-9C8D-68B920ABC1C4}"=C:\Program Files\AVG\AVG2012\Firefox4\
"avg@toolbar"=C:\Documents and Settings\All Users\Application Data\AVG Secure Search\10.0.0.7\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6]
"Description"=Yahoo Messenger State Plugin
"Path"=C:\Program Files\Yahoo!\Shared\npYState.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.11.3088]
"Description"=RealMedia Plugin
"Path"=C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.11.3006]
"Description"=RealPlayer Version Plugin
"Path"=C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0]
"Description"=Rhapsody Control
"Path"=C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll

C:\Program Files\Mozilla Firefox\searchplugins\
amazon-en-GB.xml
answers.xml
avg-secure-search.xml
avg_igeared.xml
bing.xml
chambers-en-GB.xml
creativecommons.xml
eBay-en-GB.xml
fcmdSrchost.xml
google.xml
wikipedia.xml
yahoo-en-GB.xml

C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\5ks9f56v.default\extensions\
{20a82645-c095-46ed-80e3-08825760534b}
{e001c731-5e37-4538-a5cb-8168736a2360}

C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\5ks9f56v.default\searchplugins\
askcom.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDM integration (IDMIEHlprObj Class) - C:\Program Files\Internet Download Manager\IDMIECC.dll [2011-10-01 218544]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25BC7718-0BFA-40EA-B381-4B2D9732D686}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG2012\avgssie.dll [2011-11-11 1378144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre6\bin\ssv.dll [2011-11-10 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll [2012-02-11 1811296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-11-10 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-11-10 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll [2012-02-11 1811296]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG_TRAY"=C:\Program Files\AVG\AVG2012\avgtray.exe [2012-01-24 2416480]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"=cmd.exe /c start avg.com/ww.special-uninstallation-feedb.....=10.0.1187 []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\windows\system32\ctfmon.exe [2002-12-31 15360]
"Advanced SystemCare 5"=C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe [2011-12-29 620376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverScanner]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Internet Antivirus Pro]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ROC_roc_dec12]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedUpMyPC]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YSearchProtection]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Apple Mobile Device"=2
"TTFixerService"=2
"Bonjour Service"=2
"McComponentHostService"=3

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\windows\system32\Ati2evxx.dll [2011-07-08 188416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\windows\system32\WgaLogon.dll [2002-12-31 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\Windows Defender\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SynchronousMachineGroupPolicy"=0
"SynchronousUserGroupPolicy"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoSharedDocuments"=1
"NoSMConfigurePrograms"=1
"NoResolveTrack"=1
"NoThumbnailCache"=1
"link"=0x00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Disabled:Java(TM) Platform SE binary"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Disabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Disabled:Run a DLL as an App"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Disabled:EA Download Manager"
"D:\PES 2011\pes2011.exe"="D:\PES 2011\pes2011.exe:*:Enabled:Pro Evolution Soccer 2011"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Disabled:Microsoft Office Outlook"
"C:\WINDOWS\Network Diagnostic\xpnetdiag.exe"="C:\WINDOWS\Network Diagnostic\xpnetdiag.exe:*:Disabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Disabled:Messenger"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"D:\nba2k11\nba2k11.exe"="D:\nba2k11\nba2k11.exe:*:Enabled:NBA 2K11"
"C:\Program Files\AVG\AVG2012\avgmfapx.exe"="C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:AVG instalator"
"C:\Program Files\AVG\AVG2012\avgnsx.exe"="C:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Online Shield"
"C:\Program Files\AVG\AVG2012\avgdiagex.exe"="C:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:AVG Dijagnostika 2012"
"C:\Program Files\AVG\AVG2012\avgemcx.exe"="C:\Program Files\AVG\AVG2012\avgemcx.exe:*:Enabled:Skener lične e-pošte"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"msacm.vorbis"=vorbis.acm
"VIDC.WMV3"=wmv9vcm.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll

======File associations======

.bat - edit -
.cmd - edit -
.inf - open -
.ini - open - notepad.exe %1
.js - edit -
.reg - edit -
.txt - open - notepad.exe %1
.vbs - edit -

======List of files/folders created in the last 1 month======

2012-02-13 21:48:21 ----D---- C:\rsit
2012-02-13 21:48:21 ----D---- C:\Program Files\trend micro
2012-02-12 13:34:41 ----A---- C:\windows\ntbtlog.txt
2012-02-11 22:44:59 ----D---- C:\windows\system32\cache
2012-02-11 19:08:28 ----D---- C:\Documents and Settings\Admin\Application Data\QuickScan
2012-02-11 11:53:50 ----D---- C:\windows\ERUNT
2012-02-11 11:47:50 ----D---- C:\SDFix
2012-02-11 11:42:33 ----A---- C:\windows\system32\drivers\dwprot.sys
2012-02-11 01:04:04 ----D---- C:\Documents and Settings\Admin\Application Data\RegGenie
2012-02-11 00:59:06 ----A---- C:\windows\RegGenieOnUninstall.exe
2012-02-10 23:45:43 ----A---- C:\windows\system32\drivers\mbamswissarmy.sys
2012-02-06 14:51:49 ----HDC---- C:\Documents and Settings\All Users\Application Data\{00E0164B-B182-4800-96DA-F8D39B3A7189}
2012-02-06 12:57:37 ----HDC---- C:\Documents and Settings\All Users\Application Data\{A9158F4E-7914-4019-808A-D4D4993E9958}
2012-02-06 12:48:03 ----HDC---- C:\Documents and Settings\All Users\Application Data\{95B4F0ED-951F-4D36-B068-5EC1C4C19C14}
2012-02-06 12:47:37 ----D---- C:\Documents and Settings\All Users\Application Data\Native Instruments
2012-01-28 10:16:12 ----A---- C:\windows\system32\GuaD.dll

======List of files/folders modified in the last 1 month======

2012-02-13 21:48:21 ----D---- C:\Program Files
2012-02-13 21:34:07 ----D---- C:\windows\Temp
2012-02-13 19:22:47 ----D---- C:\windows\system32\drivers\AVG
2012-02-13 15:27:09 ----D---- C:\Documents and Settings\All Users\Application Data\MFAData
2012-02-12 19:56:26 ----D---- C:\Documents and Settings\Admin\Application Data\DMCache
2012-02-12 15:33:09 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2012-02-12 13:44:14 ----D---- C:\windows\system32\drivers
2012-02-12 13:34:41 ----D---- C:\WINDOWS
2012-02-12 13:26:24 ----D---- C:\Program Files\Mozilla Firefox
2012-02-11 22:45:03 ----D---- C:\Program Files\AVG Secure Search
2012-02-11 22:44:59 ----D---- C:\windows\system32
2012-02-11 21:10:27 ----HD---- C:\windows\inf
2012-02-11 20:59:49 ----RSHDC---- C:\windows\system32\dllcache
2012-02-11 20:37:30 ----D---- C:\windows\system32\config
2012-02-11 19:17:09 ----D---- C:\Program Files\WinMount
2012-02-11 15:09:24 ----D---- C:\windows\Minidump
2012-02-11 12:41:16 ----SD---- C:\windows\Tasks
2012-02-11 12:29:55 ----AC---- C:\windows\win.ini
2012-02-11 12:29:55 ----AC---- C:\windows\system.ini
2012-02-11 11:56:52 ----D---- C:\windows\system32\drivers\etc
2012-02-11 11:39:20 ----D---- C:\Documents and Settings\All Users\Application Data\AVG2012
2012-02-11 00:56:24 ----SHD---- C:\windows\CSC
2012-02-10 23:44:54 ----D---- C:\Documents and Settings\All Users\Application Data\SecTaskMan
2012-02-10 21:15:26 ----D---- C:\Program Files\Winamp
2012-02-10 20:51:07 ----D---- C:\windows\system32\CatRoot2
2012-02-10 20:46:23 ----D---- C:\windows\system32\NtmsData
2012-02-10 10:36:55 ----D---- C:\Documents and Settings\Admin\Application Data\Media Player Classic
2012-02-10 09:41:49 ----D---- C:\windows\Prefetch
2012-02-08 23:33:53 ----AC---- C:\windows\NeroDigital.ini
2012-02-08 09:28:19 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2012-02-06 14:51:49 ----SHD---- C:\windows\Installer
2012-02-06 12:51:27 ----D---- C:\Program Files\Common Files\Native Instruments
2012-02-02 19:03:06 ----D---- C:\Program Files\DivX
2012-02-02 09:43:17 ----D---- C:\Program Files\NeoSmart Technologies
2012-02-02 09:41:32 ----D---- C:\Program Files\Common Files
2012-02-02 09:41:25 ----RSD---- C:\windows\assembly
2012-01-27 16:46:29 ----HD---- C:\Program Files\InstallShield Installation Information
2012-01-27 15:13:41 ----D---- C:\windows\system32\DirectX
2012-01-16 22:23:20 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2012-01-16 19:41:49 ----D---- C:\Documents and Settings\Admin\Application Data\IDM

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSEH;AVGIDSEH; C:\windows\system32\DRIVERS\AVGIDSEH.Sys [2011-07-11 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\windows\system32\DRIVERS\avgrkx86.sys [2011-09-13 32592]
R0 DwProt;DrWeb Protection; C:\windows\system32\drivers\dwprot.sys [2012-02-11 149272]
R0 PxHelp20;PxHelp20; C:\windows\System32\Drivers\PxHelp20.sys [2008-08-20 44944]
R1 Avgldx86;AVG AVI Loader Driver; C:\windows\system32\DRIVERS\avgldx86.sys [2011-10-07 230608]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\windows\system32\DRIVERS\avgmfx86.sys [2011-08-08 40016]
R1 Avgtdix;AVG TDI Driver; C:\windows\system32\DRIVERS\avgtdix.sys [2011-07-11 295248]
R1 IDMTDI;IDMTDI; C:\windows\system32\DRIVERS\idmtdi.sys [2011-07-06 101616]
R1 intelppm;Intel Processor Driver; C:\windows\system32\DRIVERS\intelppm.sys [2002-12-31 36352]
R1 StarOpen;StarOpen; C:\windows\system32\drivers\StarOpen.sys [2010-03-03 5632]
R1 WMDrive;WMDrive; \??\C:\WINDOWS\system32\drivers\WMDrive.sys []
R2 Aspi32;Aspi32; C:\windows\system32\drivers\Aspi32.sys [2002-12-31 16877]
R2 ousbehci;OrangeWare USB Enhanced Host Controller Service; C:\windows\System32\Drivers\ousbehci.sys [2011-08-18 45696]
R2 rspndr;Link-Layer Topology Discovery Responder; C:\windows\system32\DRIVERS\rspndr.sys [2002-12-31 62336]
R2 thdudf;TOSHIBA UDF2.5 Reader File System Driver; C:\windows\system32\DRIVERS\thdudf.sys [2011-06-03 66944]
R3 ati2mtag;ati2mtag; C:\windows\system32\DRIVERS\ati2mtag.sys [2011-07-08 7023104]
R3 Avgfwdx;Avgfwdx; C:\windows\system32\DRIVERS\avgfwdx.sys [2011-05-23 30944]
R3 AVGIDSDriver;AVGIDSDriver; C:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-11 134608]
R3 AVGIDSFilter;AVGIDSFilter; C:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-11 24272]
R3 AVGIDSShim;AVGIDSShim; C:\windows\system32\DRIVERS\AVGIDSShim.Sys [2011-10-04 16720]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\windows\system32\DRIVERS\HDAudBus.sys [2002-12-31 138752]
R3 HidUsb;Microsoft HID Class Driver; C:\windows\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RtkHDAud.sys [2011-10-18 6439528]
R3 LHidFlt2;Logitech HID/USB Mouse Filter Driver; C:\windows\system32\DRIVERS\LHidFlt2.sys [2002-04-15 23328]
R3 LKbdFlt2;Logitech Keyboard Class Filter Driver; C:\windows\system32\DRIVERS\LKbdFlt2.sys [2002-04-15 5840]
R3 LMouFlt2;Logitech Mouse Class Filter Driver; C:\windows\system32\DRIVERS\LMouFlt2.sys [2002-04-15 68816]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 mouhid;Mouse HID Driver; C:\windows\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\windows\system32\DRIVERS\ASACPI.sys [2006-02-26 5810]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\windows\system32\DRIVERS\NVENETFD.sys [2010-03-04 70912]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\windows\system32\DRIVERS\nvnetbus.sys [2010-03-04 13824]
R3 ousb2hub;OrangeWare USB 2.0 Root Hub Support; C:\windows\system32\DRIVERS\ousb2hub.sys [2011-08-18 56960]
R3 RTHDMIAzAudService;Service for HDMI; C:\windows\system32\drivers\RtKHDMI.sys [2011-08-18 4090920]
R3 usbstor;USB Mass Storage Driver; C:\windows\system32\DRIVERS\USBSTOR.SYS [2002-12-31 26496]
S0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys []
S0 TfFsMon;TfFsMon; C:\windows\system32\drivers\TfFsMon.sys []
S0 TfSysMon;TfSysMon; C:\windows\system32\drivers\TfSysMon.sys []
S1 jptwivstiniwtrxe;jptwivstiniwtrxe; C:\windows\system32\drivers\jptwivstiniwtrxe.sys []
S1 kbdhid;Keyboard HID Driver; C:\windows\system32\DRIVERS\kbdhid.sys [2004-08-03 14848]
S2 Nsynas32;Nsynas32; C:\windows\system32\drivers\Nsynas32.sys []
S3 Ambfilt;Ambfilt; C:\windows\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\windows\system32\drivers\AtiHdmi.sys [2009-06-02 99856]
S3 Avgfwfd;AVG network filter service; C:\windows\system32\DRIVERS\avgfwdx.sys [2011-05-23 30944]
S3 catchme;catchme; C:\windows\system32\drivers\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\windows\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 DCamUSBSQTECH;Dual-Mode DSC(2770); C:\windows\System32\Drivers\SQcaptur.sys [2002-05-06 24511]
S3 DIRECTIO;DIRECTIO; \??\C:\Program Files\PerformanceTest\DirectIo.sys []
S3 dtscsi;dtscsi; C:\windows\System32\Drivers\dtscsi.sys [2008-12-13 223128]
S3 HdAudAddService;ATI Function Driver for High Definition Audio Service; C:\windows\system32\drivers\AtiHdAud.sys [2006-12-28 84992]
S3 hid7906;hid7906; C:\windows\system32\drivers\hid7906.sys [2007-12-12 34963]
S3 hid8101;hid8101; C:\windows\system32\drivers\hid8101.sys [2007-12-03 37024]
S3 hid8103;hid8103; C:\windows\system32\drivers\hid8103.sys [2007-11-28 34587]
S3 l8042pr2;Logitech PS/2 Mouse Filter Driver; C:\windows\system32\DRIVERS\L8042Pr2.sys [2002-04-15 52224]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\windows\system32\drivers\mbamswissarmy.sys []
S3 mbr;mbr; \??\C:\DOCUME~1\Admin\LOCALS~1\Temp\mbr.sys []
S3 Monfilt;Monfilt; C:\windows\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\windows\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\windows\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\windows\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 PROCEXP150;PROCEXP150; \??\C:\windows\system32\Drivers\PROCEXP150.SYS []
S3 SLIP;BDA Slip De-Framer; C:\windows\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\windows\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 TfNetMon;TfNetMon; C:\windows\system32\drivers\TfNetMon.sys []
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\windows\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Microsoft USB PRINTER Class; C:\windows\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;USB Scanner Driver; C:\windows\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 WSTCODEC;World Standard Teletext Codec; C:\windows\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S4 tmcomm;tmcomm; C:\windows\system32\drivers\tmcomm.sys []
S4 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\windows\System32\drivers\ws2ifsl.sys [2002-12-31 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\windows\system32\Ati2evxx.exe [2011-07-08 643072]
R2 avgfws;AVG zaštitni zid; C:\Program Files\AVG\AVG2012\avgfws.exe [2011-11-23 2391832]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
R2 IJPLMSVC;Inkjet Printer/Scanner Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2008-01-22 103808]
S2 AdvancedSystemCareService5;Advanced SystemCare Service 5; C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe [2011-12-29 497496]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-07-14 593920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 Fax;Fax; C:\windows\system32\fxssvc.exe [2002-12-31 267776]
S2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [2010-01-21 370792]
S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-11-10 153376]
S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
S2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
S2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [2010-01-21 167528]
S2 vToolbarUpdater;vToolbarUpdater; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe [2012-02-11 909152]
S2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MSSQL$SONY_MEDIAMGR;MSSQL$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [2002-12-17 7520337]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SQLAgent$SONY_MEDIAMGR;SQLAgent$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [2002-12-17 311872]
S3 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2002-12-31 38912]
S3 WMConnectCDS;Windows Media Connect Service; C:\Program Files\Windows Media Connect 2\wmccds.exe [2005-10-06 855552]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

Evo sadrzaj log.txt

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Da li si siguran da si prekopirao ceo izvestaj? Meni ne izgleda tako. Fali poslednja linija u izvestaju koja oznacava da je to kraj izvestaja.


Snimi izvestaj na Desktop i prikaci ga uz poruku kao sto si to uradio sa Gmer izvestajima.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Napisano: 13 Feb 2012 22:00

mycity.rs/must-login.png

Dopuna: 13 Feb 2012 22:02

jel sad ok?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

fanste22 ::jel sad ok?


Ok. Sacekaces dalje instrukcije. Mozda odgovor dobijes tek sutra ujutru ili kasno veceras. Moracu da proanaliziram izvestaje.












goran9888 (AMF Tim)

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Vazi,kad ti mozes.

Hvala jos jednom.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Preuzmi program CatchMe.

Dvoklikom pokreni catchme.exe i klikni na tab Script.
U (beli) prozor programa iskopiraj sledeći tekst:

files:
C:\windows\system32\drivers\jptwivstiniwtrxe.sys

Klikni na dugme Run.

Kada se pojavi poruka sa obaveštenjem, klikni na dugme OK.

Po završetku procesa, na Desktopu će se nalaziti datoteka catchme.zip.
Tu datoteku je neophodno postaviti (uploadovati) na forum preko sledeće forme:
http://www.mycity.rs/ambulanta-upload.php










Skini MiniToolBox na Desktop;
Pokreni ga dvoklikom, strikliraj sve ponudjene stavke i klikni na Go;
Nakon sto aplikacija zavrsi rad, izbacice izvestaj u Notepad-u; taj izvestaj okaci u sledecoj poruci da pogledamo.









goran9888 (AMF Tim)