Problem sa zarazama!

2

Problem sa zarazama!

offline
  • Pridružio: 29 Dec 2008
  • Poruke: 42
  • Gde živiš: Kragujevac

Nije mi izasla ta AVZ ikonica uopste na desktop!Gde je?

offline
  • Pridružio: 04 Jan 2009
  • Poruke: 2168

Kada preuzmeš Arhivu, raspakuješ je na Desktop i videćeš folder pod nazivom avz4.

Unutar tog foldera se nalazi ikonica koja je prikazana u uputstvu. ->

offline
  • Pridružio: 29 Dec 2008
  • Poruke: 42
  • Gde živiš: Kragujevac

Napisano: 09 Dec 2009 14:01

Skenirao ga je ali ne vidim fajl pod tim nazivom i daje mi samo mogucnost SAVE log(kako da ga uploadujem?)

Dopuna: 09 Dec 2009 14:05

Jel moze ovako?Sacuvao sam log na desktop-u pa ga iskopirao ovde na post!???

Attention !!! Database was last updated 8/21/2009 it is necessary to update the database (via File - Database update)
AVZ Antiviral Toolkit log; AVZ version is 4.32
Scanning started at 12/9/2009 13:42:42
Database loaded: signatures - 237871, NN profile(s) - 2, malware removal microprograms - 56, signature database released 21.08.2009 14:23
Heuristic microprograms loaded: 374
PVS microprograms loaded: 9
Digital signatures of system files loaded: 135524
Heuristic analyzer mode: Maximum heuristics mode
Malware removal mode: disabled
Windows version is: 5.1.2600, Service Pack 3 ; AVZ is run with administrator rights
System Restore: enabled
1. Searching for Rootkits and other software intercepting API functions
1.1 Searching for user-mode API hooks
Analysis: kernel32.dll, export table found in section .text
Function kernel32.dll:TerminateProcess (843) intercepted, method - CodeHijack (not defined)
Function kernel32.dll:TerminateThread (844) intercepted, method - CodeHijack (not defined)
Analysis: ntdll.dll, export table found in section .text
Analysis: user32.dll, export table found in section .text
Analysis: advapi32.dll, export table found in section .text
Analysis: ws2_32.dll, export table found in section .text
Analysis: wininet.dll, export table found in section .text
Analysis: rasapi32.dll, export table found in section .text
Analysis: urlmon.dll, export table found in section .text
Analysis: netapi32.dll, export table found in section .text
1.2 Searching for kernel-mode API hooks
Driver loaded successfully
SDT found (RVA=083220)
Kernel ntoskrnl.exe found in memory at address 804D7000
SDT = 8055A220
KiST = 804E26A8 (284)
Function NtCreateKey (29) intercepted (8057065D->F9A85B3A), hook C:\windows\system32\Drivers\sptd.sys
Function NtEnumerateKey (47) intercepted (80570D64->F9A85C7E), hook C:\windows\system32\Drivers\sptd.sys
Function NtEnumerateValueKey (49) intercepted (80590677->F9A85FF6), hook C:\windows\system32\Drivers\sptd.sys
Function NtOpenKey (77) intercepted (80568D59->F9A85A18-), hook C:\windows\system32\Drivers\sptd.sys
Function NtQueryKey (A0) intercepted (80570A6D->F9A860C0), hook C:\windows\system32\Drivers\sptd.sys
Function NtQueryValueKey (B1) intercepted (8056A1F2->F9A85F58-), hook C:\windows\system32\Drivers\sptd.sys
Function NtSetValueKey (F7) intercepted (80572889->F9A86148-), hook C:\windows\system32\Drivers\sptd.sys
Functions checked: 284, intercepted: 7, restored: 0
1.3 Checking IDT and SYSENTER
Analyzing CPU 1
Checking IDT and SYSENTER - complete
1.4 Searching for masking processes and drivers
Checking not performed: extended monitoring driver (AVZPM) is not installed
Driver loaded successfully
1.5 Checking IRP handlers
\FileSystem\ntfs[IRP_MJ_CREATE] = 82795BF8 -> hook not defined
\FileSystem\ntfs[IRP_MJ_CLOSE] = 82795BF8 -> hook not defined
\FileSystem\ntfs[IRP_MJ_WRITE] = 82795BF8 -> hook not defined
\FileSystem\ntfs[IRP_MJ_QUERY_INFORMATION] = 82795BF8 -> hook not defined
\FileSystem\ntfs[IRP_MJ_SET_INFORMATION] = 82795BF8 -> hook not defined
\FileSystem\ntfs[IRP_MJ_QUERY_EA] = 82795BF8 -> hook not defined
\FileSystem\ntfs[IRP_MJ_SET_EA] = 82795BF8 -> hook not defined
\FileSystem\ntfs[IRP_MJ_QUERY_VOLUME_INFORMATION] = 82795BF8 -> hook not defined
\FileSystem\ntfs[IRP_MJ_SET_VOLUME_INFORMATION] = 82795BF8 -> hook not defined
\FileSystem\ntfs[IRP_MJ_DIRECTORY_CONTROL] = 82795BF8 -> hook not defined
\FileSystem\ntfs[IRP_MJ_FILE_SYSTEM_CONTROL] = 82795BF8 -> hook not defined
\FileSystem\ntfs[IRP_MJ_DEVICE_CONTROL] = 82795BF8 -> hook not defined
\FileSystem\ntfs[IRP_MJ_LOCK_CONTROL] = 82795BF8 -> hook not defined
\FileSystem\ntfs[IRP_MJ_QUERY_SECURITY] = 82795BF8 -> hook not defined
\FileSystem\ntfs[IRP_MJ_SET_SECURITY] = 82795BF8 -> hook not defined
\FileSystem\ntfs[IRP_MJ_PNP] = 82795BF8 -> hook not defined
\FileSystem\FastFat[IRP_MJ_CREATE] = 825B4C98 -> hook not defined
\FileSystem\FastFat[IRP_MJ_CLOSE] = 825B4C98 -> hook not defined
\FileSystem\FastFat[IRP_MJ_WRITE] = 825B4C98 -> hook not defined
\FileSystem\FastFat[IRP_MJ_QUERY_INFORMATION] = 825B4C98 -> hook not defined
\FileSystem\FastFat[IRP_MJ_SET_INFORMATION] = 825B4C98 -> hook not defined
\FileSystem\FastFat[IRP_MJ_QUERY_EA] = 825B4C98 -> hook not defined
\FileSystem\FastFat[IRP_MJ_SET_EA] = 825B4C98 -> hook not defined
\FileSystem\FastFat[IRP_MJ_QUERY_VOLUME_INFORMATION] = 825B4C98 -> hook not defined
\FileSystem\FastFat[IRP_MJ_SET_VOLUME_INFORMATION] = 825B4C98 -> hook not defined
\FileSystem\FastFat[IRP_MJ_DIRECTORY_CONTROL] = 825B4C98 -> hook not defined
\FileSystem\FastFat[IRP_MJ_FILE_SYSTEM_CONTROL] = 825B4C98 -> hook not defined
\FileSystem\FastFat[IRP_MJ_DEVICE_CONTROL] = 825B4C98 -> hook not defined
\FileSystem\FastFat[IRP_MJ_LOCK_CONTROL] = 825B4C98 -> hook not defined
\FileSystem\FastFat[IRP_MJ_PNP] = 825B4C98 -> hook not defined
\driver\disk[IRP_MJ_CREATE] = 82795EB0 -> hook not defined
\driver\disk[IRP_MJ_CLOSE] = 82795EB0 -> hook not defined
\driver\disk[IRP_MJ_READ] = 82795EB0 -> hook not defined
\driver\disk[IRP_MJ_WRITE] = 82795EB0 -> hook not defined
\driver\disk[IRP_MJ_PNP] = 82795EB0 -> hook not defined
Checking - complete
2. Scanning RAM
Number of processes found: 36
Extended process analysis: 1712 C:\Program Files\AVG\AVG9\avgrsx.exe
[ES]:Application has no visible windows
Extended process analysis: 1828 C:\Program Files\AVG\AVG9\avgcsrvx.exe
[ES]:Application has no visible windows
Extended process analysis: 676 C:\Program Files\AVG\AVG9\avgwdsvc.exe
[ES]:Program code includes networking-related functionality
[ES]:Application has no visible windows
Extended process analysis: 792 C:\Program Files\Java\jre6\bin\jqs.exe
[ES]:Program code includes networking-related functionality
[ES]:Listens on TCP ports !
[ES]:Application has no visible windows
[ES]:Registered for automatic startup !!
Extended process analysis: 2028 C:\Program Files\AVG\AVG9\avgnsx.exe
[ES]:Program code includes networking-related functionality
[ES]:Application has no visible windows
Extended process analysis: 2060 C:\Program Files\HiYo\bin\HiYo.exe
[ES]:Program code includes networking-related functionality
[ES]:Application has no visible windows
[ES]:Registered for automatic startup !!
[ES]:Loads RASAPI DLL - may use dialing ?
Extended process analysis: 2108 C:\Program Files\Java\jre6\bin\jusched.exe
[ES]:Program code includes networking-related functionality
[ES]:Application has no visible windows
[ES]:Registered for automatic startup !!
Extended process analysis: 2216 C:\Documents and Settings\XxX\qlviis.exe
[ES]:Application has no visible windows
[ES]:Registered for automatic startup !!
Extended process analysis: 2328 C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
[ES]:Program code includes networking-related functionality
[ES]:Application has no visible windows
[ES]:Registered for automatic startup !!
[ES]:Loads RASAPI DLL - may use dialing ?
Number of modules loaded: 413
Scanning RAM - complete
3. Scanning disks
4. Checking Winsock Layered Service Provider (SPI/LSP)
LSP settings checked. No errors detected
5. Searching for keyboard/mouse/windows events hooks (Keyloggers, Trojan DLLs)
6. Searching for opened TCP/UDP ports used by malicious software
Checking - disabled by user
7. Heuristic system check
Checking - complete
8. Searching for vulnerabilities
>> Services: potentially dangerous service allowed: RemoteRegistry (Remote Registry)
>> Services: potentially dangerous service allowed: TermService (Terminal Services)
>> Services: potentially dangerous service allowed: Alerter (Alerter)
>> Services: potentially dangerous service allowed: Schedule (Task Scheduler)
>> Services: potentially dangerous service allowed: mnmsrvc (NetMeeting Remote Desktop Sharing)
>> Services: potentially dangerous service allowed: RDSessMgr (Remote Desktop Help Session Manager)
> Services: please bear in mind that the set of services depends on the use of the PC (home PC, office PC connected to corporate network, etc)!
>> Security: disk drives' autorun is enabled
>> Security: administrative shares (C$, D$ ...) are enabled
>> Security: anonymous user access is enabled
>> Security: sending Remote Assistant queries is enabled
Checking - complete
9. Troubleshooting wizard
>> HDD autorun is allowed
>> Network drives autorun is allowed
>> Removable media autorun is allowed
Checking - complete
Files scanned: 449, extracted from archives: 0, malicious software found 0, suspicions - 0
Scanning finished at 12/9/2009 13:44:03
Time of scanning: 00:01:24
If you have a suspicion on presence of viruses or questions on the suspected objects,
you can address virusinfo.info conference
System Analysis in progress
System Analysis - complete

offline
  • Pridružio: 04 Jan 2009
  • Poruke: 2168

Nisi ispratio uputstvo koje sam ti dao.


U folderu avz4 se nalazi folder LOG...

Otvori LOG folder i tamo ćeš videti da postoji arhiva virusinfo_syscheck.zip

Tu arhivu virusinfo_syscheck.zip mi postavi ovde u poruci opcijom Prikači fajl

offline
  • Pridružio: 29 Dec 2008
  • Poruke: 42
  • Gde živiš: Kragujevac

Izvini ,ja sam ,kao sto vidis malo operisan od ovih stvari!Kad otvorim log ima tri foldera sa ovim imenom a samo jedan je zip-ov!Jel ovo:


mycity.rs/must-login.png

offline
  • Pridružio: 04 Jan 2009
  • Poruke: 2168

Korak 2.

Pokreni AVZ Antiviral Toolkit

u meniju izaberi File > Custom Scripts;

u prozor koji se otvori iskopiraj sve što se nalazi unutar Kod polja:

begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
TerminateProcessByName('c:\documents and settings\xxx\qlviis.exe');
TerminateProcessByName('c:\documents and settings\xxx\boazu.exe');
DeleteService('jswmidin');
QuarantineFile('c:\documents and settings\xxx\qlviis.exe','');
QuarantineFile('c:\documents and settings\xxx\boazu.exe','');
QuarantineFile('c:\windows\system32\rdolib.dll','');
QuarantineFile('c:\docume~1\xxx\locals~1\temp\jswmidin.sys','');
QuarantineFile('C:\PROGRA~1\MYWEBS~1\bar\3.bin\MWSBAR.DLL','');
QuarantineFile('C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwsoemon.exe','');
QuarantineFile('C:\PROGRA~1\MYWEBS~1\bar\3.bin\M3PLUGIN.DLL','');
DeleteFile('c:\documents and settings\xxx\qlviis.exe');
DeleteFile('c:\documents and settings\xxx\boazu.exe');
DeleteFile('c:\windows\system32\rdolib.dll');
DeleteFile('c:\docume~1\xxx\locals~1\temp\jswmidin.sys');
DeleteFile('C:\PROGRA~1\MYWEBS~1\bar\3.bin\MWSBAR.DLL');
DeleteFile('C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwsoemon.exe');
DeleteFile('C:\PROGRA~1\MYWEBS~1\bar\3.bin\M3PLUGIN.DLL');
DeleteDirectory('C:\PROGRA~1\MYWEBS~1');
DelBHO('{1E796980-9CC5-11D1-A83F-00C04FC99D61}');
DelBHO('{710EB7A1-45ED-11D0-924A-0020AFC7AC4D}');
BC_DeleteReg('HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7c497080-ab3f-11de-aab1-001e6b244771}');
BC_ImportDeletedList;
BC_Activate;
ExecuteSysClean;
RebootWindows(true);
end.


klikni taster Run i sačekaj da se skripta izvrši.




Da bi videli rezultate obrade skripte neophodno je da ponoviš samo skeniranje AVZ alatom opisano u Koraku 1 i ponovo uploaduješ virusinfo_syscheck.zip.begin

offline
  • Pridružio: 29 Dec 2008
  • Poruke: 42
  • Gde živiš: Kragujevac

Napisano: 11 Dec 2009 0:27

Uradio i sta sad?
mycity.rs/must-login.png

Dopuna: 11 Dec 2009 0:29

Sta da radim sa ovim fajlovima i skenerima sto mi stoje na desktopu koje sam upotrebljavao od pocetka procesa(dds,combo...)?

offline
  • Pridružio: 04 Jan 2009
  • Poruke: 2168

Nemoj za sada dirati te programe.


Potreban mi je svež log od programa RSIT.


Ponovo pokreni RSIT i obrati pažnju na naziv, jer će se kreirati dva loga. ( log.txt i info.txt )


Potrebno je da iskopiraš ovde u poruci samo log file pod nazivom log.txt.

offline
  • Pridružio: 29 Dec 2008
  • Poruke: 42
  • Gde živiš: Kragujevac

Napisano: 11 Dec 2009 1:47

Opet mi je pravio probleme zato kasnim ,restartuje se non stop i shild mi registruje neke viruse ili sta ve,evo:

Logfile of random's system information tool 1.06 (written by random/random)
Run by XxX at 2009-12-11 01:42:32
Microsoft Windows XP Professional Service Pack 3
System drive C: has 2 GB (21%) free of 10 GB
Total RAM: 255 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:42:58, on 12/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\windows\Explorer.EXE
C:\windows\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\windows\system32\wuauclt.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HiYo\bin\HiYo.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Opera\opera.exe
C:\Documents and Settings\XxX\Desktop\RSIT.exe
C:\Program Files\trend micro\XxX.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = mystart.hiyo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - (no file)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Hiyo] C:\Program Files\HiYo\bin\HiYo.exe /RunFromStartup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file://C:\Program Files\Book of Legends\Images\stg_drm.ocx
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - upload.facebook.com/controls/2009.07.28_v5......ader55.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file://C:\Program Files\Book of Legends\Images\armhelper.ocx
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - C:\windows\SYSTEM32\avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\windows\System32\TuneUpDefragService.exe

--
End of file - 7895 bytes

======Scheduled tasks folder======

C:\windows\tasks\1-Click Maintenance.job
C:\windows\tasks\AppleSoftwareUpdate.job
C:\windows\tasks\EasyShare Registration Task.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2009-11-13 1475864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [2009-10-16 1119488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-11-18 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-11-18 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [2009-10-16 1119488]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-05-26 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-06-05 292136]
"Hiyo"=C:\Program Files\HiYo\bin\HiYo.exe [2009-11-10 206192]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2009-11-13 2020120]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-11-18 149280]
"KernelFaultCheck"=C:\windows\system32\dumprep 0 -k []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"ctfmon.exe"=C:\windows\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C-Media Mixer]
Mixer.exe /startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\egui]
C:\Program Files\ESET\ESET Smart Security\egui.exe /hide /waitservice []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\My Web Search Bar]
rundll32 C:\PROGRA~1\MYWEBS~1\bar\3.bin\MWSBAR.DLL,S []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Email Plugin]
C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwsoemon.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Plugin]
rundll32 C:\PROGRA~1\MYWEBS~1\bar\3.bin\M3PLUGIN.DLL,UPF []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Run]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]
C:\Program Files\SweetIM\Messenger\SweetIM.exe [2008-12-02 111928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrialReset]
C:\windows\fix.exe [2008-04-28 208353]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2008-08-04 36352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^XxX^Start Menu^Programs^Startup^PowerReg Scheduler V3.exe]
C:\Documents and Settings\XxX\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^XxX^Start Menu^Programs^Startup^PowerReg Scheduler.exe]
C:\Documents and Settings\XxX\Start Menu\Programs\Startup\PowerReg Scheduler.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"wuauserv"=2
"WmdmPmSp"=2
"usnjsvc"=3
"seclogon"=2
"Messenger"=3
"ImapiService"=3
"helpsvc"=2
"FastUserSwitchingCompatibility"=3
"wscsvc"=2
"WmdmPmSN"=3
"Bonjour Service"=2
"Apple Mobile Device"=2
"ekrn"=2
"EhttpSrv"=3
"srservice"=2

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Kodak EasyShare software.lnk - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
KODAK Software Updater.lnk - C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\windows\system32\avgrsstx.dll [2009-11-13 12464]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"NoDrives"=
"NoDriveAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe"="C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater"
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe"="C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Winamp Remote\bin\Orb.exe"="C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb"
"C:\Program Files\Winamp Remote\bin\OrbTray.exe"="C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray"
"C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"="C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
"E:\Kodak\Kodak EasyShare software\bin\EasyShare.exe"="E:\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"
"D:\Age of empires\Age of Empires II\EMPIRES2.EXE"="D:\Age of empires\Age of Empires II\EMPIRES2.EXE:*:Disabled:Age of Empires II"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7c497080-ab3f-11de-aab1-001e6b244771}]
shell\AutoRun\command - C:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Play.exe


======List of files/folders created in the last 1 months======

2009-12-11 01:32:23 ----D---- C:\windows\LastGood
2009-12-11 00:16:23 ----A---- C:\windows\system32\muweb.dll
2009-12-11 00:16:23 ----A---- C:\windows\system32\mucltui.dll.mui
2009-12-11 00:16:23 ----A---- C:\windows\system32\mucltui.dll
2009-12-10 00:59:58 ----D---- C:\Program Files\Common Files\Skype
2009-12-10 00:59:16 ----SHD---- C:\Config.Msi
2009-12-07 18:39:58 ----D---- C:\Program Files\trend micro
2009-12-07 18:39:54 ----D---- C:\rsit
2009-12-03 02:07:25 ----SD---- C:\ComboFix
2009-12-03 02:04:28 ----A---- C:\windows\ntbtlog.txt
2009-12-02 14:05:25 ----A---- C:\windows\system32\_uxtuneup.dll_.vir
2009-12-02 11:48:07 ----A---- C:\windows\NIRCMD.exe
2009-12-02 11:48:07 ----A---- C:\windows\MBR.exe
2009-12-02 11:48:02 ----A---- C:\windows\PEV.exe
2009-12-02 11:47:59 ----A---- C:\windows\zip.exe
2009-12-02 11:47:59 ----A---- C:\windows\SWREG.exe
2009-12-02 11:47:59 ----A---- C:\windows\sed.exe
2009-12-02 11:47:59 ----A---- C:\windows\grep.exe
2009-12-02 11:47:57 ----A---- C:\windows\SWSC.exe
2009-12-02 11:47:56 ----A---- C:\windows\SWXCACLS.exe
2009-12-02 11:40:27 ----D---- C:\Qoobox
2009-11-24 01:04:11 ----A---- C:\windows\system32\flags.ini
2009-11-18 22:24:14 ----A---- C:\windows\system32\javaws.exe
2009-11-18 22:24:14 ----A---- C:\windows\system32\javaw.exe
2009-11-18 22:24:13 ----A---- C:\windows\system32\java.exe
2009-11-18 22:23:08 ----D---- C:\Program Files\Java
2009-11-13 17:37:04 ----HD---- C:\$AVG
2009-11-13 17:32:54 ----D---- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
2009-11-13 17:31:53 ----D---- C:\Documents and Settings\All Users\Application Data\avg9
2009-11-13 17:30:25 ----D---- C:\windows\SxsCaPendDel

======List of files/folders modified in the last 1 months======

2009-12-11 01:38:33 ----HD---- C:\windows\inf
2009-12-11 01:36:59 ----HD---- C:\windows\$hf_mig$
2009-12-11 01:36:59 ----D---- C:\windows\Prefetch
2009-12-11 01:36:58 ----D---- C:\WINDOWS
2009-12-11 01:32:22 ----D---- C:\windows\system32\CatRoot2
2009-12-11 01:30:58 ----RD---- C:\Program Files
2009-12-11 00:59:20 ----D---- C:\windows\temp
2009-12-11 00:47:08 ----RSHDC---- C:\windows\system32\dllcache
2009-12-11 00:45:44 ----D---- C:\windows\system32
2009-12-11 00:19:19 ----D---- C:\windows\system32\drivers
2009-12-11 00:17:44 ----D---- C:\windows\system32\CatRoot
2009-12-11 00:16:00 ----D---- C:\windows\Help
2009-12-11 00:09:58 ----A---- C:\windows\SchedLgU.Txt
2009-12-10 19:50:46 ----D---- C:\windows\Minidump
2009-12-10 15:40:11 ----D---- C:\Documents and Settings\XxX\Application Data\Skype
2009-12-10 14:45:04 ----D---- C:\Documents and Settings\XxX\Application Data\skypePM
2009-12-10 01:00:57 ----SHD---- C:\windows\Installer
2009-12-10 01:00:30 ----RD---- C:\Program Files\Skype
2009-12-10 00:59:44 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2009-12-02 11:47:32 ----D---- C:\windows\ERDNT
2009-11-30 21:47:53 ----D---- C:\Program Files\Internet Explorer
2009-11-18 22:23:31 ----AC---- C:\windows\system32\deploytk.dll
2009-11-13 17:33:34 ----D---- C:\Documents and Settings
2009-11-13 17:32:58 ----A---- C:\windows\system32\avgrsstx.dll
2009-11-13 17:31:54 ----D---- C:\Program Files\AVG
2009-11-13 17:30:55 ----D---- C:\windows\WinSxS

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK7;AMD K7 Processor Driver; C:\windows\System32\DRIVERS\amdk7.sys [2008-04-13 37760]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\windows\System32\Drivers\avgldx86.sys [2009-11-13 333192]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\windows\System32\Drivers\avgmfx86.sys [2009-11-13 28424]
R1 AvgTdiX;AVG Free8 Network Redirector; C:\windows\System32\Drivers\avgtdix.sys [2009-11-13 360584]
R1 easdrv;easdrv; C:\windows\system32\DRIVERS\easdrv.sys [2008-06-10 53256]
R1 epfwtdi;epfwtdi; C:\windows\system32\DRIVERS\epfwtdi.sys [2008-06-10 54280]
R2 athsgt;athsgt; C:\windows\system32\DRIVERS\athsgt.sys [2008-10-21 164992]
R2 eamon;EAMON; C:\windows\system32\DRIVERS\eamon.sys [2008-06-10 39944]
R2 epfw;epfw; C:\windows\system32\DRIVERS\epfw.sys [2008-06-10 71688]
R2 limsgt;limsgt; C:\windows\system32\DRIVERS\limsgt.sys [2008-10-21 12544]
R3 cmpci;C-Media PCI Audio Driver (WDM); C:\windows\system32\drivers\cmaudio.sys [2002-11-18 377358]
R3 Epfwndis;Eset Personal Firewall; C:\windows\system32\DRIVERS\Epfwndis.sys [2008-06-10 30728]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 hidusb;Microsoft HID Class Driver; C:\windows\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ltmodem5;LT Modem Driver; C:\windows\System32\DRIVERS\ltmdmnt.sys [2008-04-13 606684]
R3 nv;nv; C:\windows\System32\DRIVERS\nv4_mini.sys [2008-04-13 1897408]
R3 QCDonner;Logitech QuickCam Express; C:\windows\system32\DRIVERS\OVCD.sys [2001-08-17 28032]
R3 USBCM;Scientific-Atlanta USB Cable Modem Driver; C:\windows\system32\DRIVERS\Sacm2A.sys [2004-06-10 15429]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\windows\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\windows\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 glaide32;glaide32; \??\C:\windows\system32\drivers\glaide32.sys []
S1 kbdhid;Keyboard HID Driver; C:\windows\System32\DRIVERS\kbdhid.sys [2008-04-13 14592]
S3 catchme;catchme; \??\C:\DOCUME~1\XxX\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\windows\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 dtscsi;dtscsi; C:\windows\System32\Drivers\dtscsi.sys [2008-07-27 223128]
S3 mouhid;Mouse HID Driver; C:\windows\System32\DRIVERS\mouhid.sys [2001-08-23 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\windows\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\windows\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\windows\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;BDA Slip De-Framer; C:\windows\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\windows\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\windows\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbscan;USB Scanner Driver; C:\windows\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\windows\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WSTCODEC;World Standard Teletext Codec; C:\windows\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\windows\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\windows\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\windows\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712]
R2 avg9wd;AVG Free WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2009-11-13 285392]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-11-18 153376]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 UxTuneUp;TuneUp Theme Extension; C:\windows\System32\svchost.exe [2008-04-14 14336]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-06-05 541992]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\windows\System32\TuneUpDefragService.exe [2009-06-10 307968]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\windows\system32\svchost.exe [2008-04-14 14336]

-----------------EOF-----------------

Dopuna: 11 Dec 2009 1:49

Samo ovaj log mi je izbacio

offline
  • Pridružio: 04 Jan 2009
  • Poruke: 2168

Preuzmi reg file sa linka dole i pokreni ga dvoklikom na ikonicu.

Kada se pojavi MsgBox klikni na Yes pa Ok.

https://www.mycity.rs/must-login.png



Restartuj računar i javi kakvo je stanje...

Ko je trenutno na forumu
 

Ukupno su 1205 korisnika na forumu :: 47 registrovanih, 3 sakrivenih i 1155 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 357magnum, 9k38, A.R.Chafee.Jr., Andrija357, Apok, Asparagus, babaroga, Battlehammer, Boris Bosiljčić, Boris90, Brana01, Bubimir, DonRumataEstorski, Duh sa sekirom, GenZee, goxin, GveX, havoc995, ikan, ILGromovnik, jaeger, Krusarac, Krvava Devetka, kybonacci, ladro, Lieutenant, ljuba, lord sir giga, Luka Blažević, manda87, mercedesamg, mikrimaus, mkukoleca, naki011, ostoja, samsung, Sančo, sasakrajina, Shinobi, sickmouse, sombrero, suponik, tubular, VJ, Vlada78, voja64, vukovi