Problem sa zarazama!

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Nije mi izasla ta AVZ ikonica uopste na desktop!Gde je?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Kada preuzmeš Arhivu, raspakuješ je na Desktop i videćeš folder pod nazivom avz4.

Unutar tog foldera se nalazi ikonica koja je prikazana u uputstvu. ->

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Napisano: 09 Dec 2009 14:01

Skenirao ga je ali ne vidim fajl pod tim nazivom i daje mi samo mogucnost SAVE log(kako da ga uploadujem?)

Dopuna: 09 Dec 2009 14:05

Jel moze ovako?Sacuvao sam log na desktop-u pa ga iskopirao ovde na post!???

Attention !!! Database was last updated 8/21/2009 it is necessary to update the database (via File - Database update)
AVZ Antiviral Toolkit log; AVZ version is 4.32
Scanning started at 12/9/2009 13:42:42
Database loaded: signatures - 237871, NN profile(s) - 2, malware removal microprograms - 56, signature database released 21.08.2009 14:23
Heuristic microprograms loaded: 374
PVS microprograms loaded: 9
Digital signatures of system files loaded: 135524
Heuristic analyzer mode: Maximum heuristics mode
Malware removal mode: disabled
Windows version is: 5.1.2600, Service Pack 3 ; AVZ is run with administrator rights
System Restore: enabled
1. Searching for Rootkits and other software intercepting API functions
1.1 Searching for user-mode API hooks
Analysis: kernel32.dll, export table found in section .text
Function kernel32.dll:TerminateProcess (843) intercepted, method - CodeHijack (not defined)
Function kernel32.dll:TerminateThread (844) intercepted, method - CodeHijack (not defined)
Analysis: ntdll.dll, export table found in section .text
Analysis: user32.dll, export table found in section .text
Analysis: advapi32.dll, export table found in section .text
Analysis: ws2_32.dll, export table found in section .text
Analysis: wininet.dll, export table found in section .text
Analysis: rasapi32.dll, export table found in section .text
Analysis: urlmon.dll, export table found in section .text
Analysis: netapi32.dll, export table found in section .text
1.2 Searching for kernel-mode API hooks
Driver loaded successfully
SDT found (RVA=083220)
Kernel ntoskrnl.exe found in memory at address 804D7000
SDT = 8055A220
KiST = 804E26A8 (284)
Function NtCreateKey (29) intercepted (8057065D->F9A85B3A), hook C:\windows\system32\Drivers\sptd.sys
Function NtEnumerateKey (47) intercepted (80570D64->F9A85C7E), hook C:\windows\system32\Drivers\sptd.sys
Function NtEnumerateValueKey (49) intercepted (80590677->F9A85FF6), hook C:\windows\system32\Drivers\sptd.sys
Function NtOpenKey (77) intercepted (80568D59->F9A85A18-), hook C:\windows\system32\Drivers\sptd.sys
Function NtQueryKey (A0) intercepted (80570A6D->F9A860C0), hook C:\windows\system32\Drivers\sptd.sys
Function NtQueryValueKey (B1) intercepted (8056A1F2->F9A85F58-), hook C:\windows\system32\Drivers\sptd.sys
Function NtSetValueKey (F7) intercepted (80572889->F9A86148-), hook C:\windows\system32\Drivers\sptd.sys
Functions checked: 284, intercepted: 7, restored: 0
1.3 Checking IDT and SYSENTER
Analyzing CPU 1
Checking IDT and SYSENTER - complete
1.4 Searching for masking processes and drivers
Checking not performed: extended monitoring driver (AVZPM) is not installed
Driver loaded successfully
1.5 Checking IRP handlers
\FileSystem\ntfs[IRP_MJ_CREATE] = 82795BF8 -> hook not defined
\FileSystem\ntfs[IRP_MJ_CLOSE] = 82795BF8 -> hook not defined
\FileSystem\ntfs[IRP_MJ_WRITE] = 82795BF8 -> hook not defined
\FileSystem\ntfs[IRP_MJ_QUERY_INFORMATION] = 82795BF8 -> hook not defined
\FileSystem\ntfs[IRP_MJ_SET_INFORMATION] = 82795BF8 -> hook not defined
\FileSystem\ntfs[IRP_MJ_QUERY_EA] = 82795BF8 -> hook not defined
\FileSystem\ntfs[IRP_MJ_SET_EA] = 82795BF8 -> hook not defined
\FileSystem\ntfs[IRP_MJ_QUERY_VOLUME_INFORMATION] = 82795BF8 -> hook not defined
\FileSystem\ntfs[IRP_MJ_SET_VOLUME_INFORMATION] = 82795BF8 -> hook not defined
\FileSystem\ntfs[IRP_MJ_DIRECTORY_CONTROL] = 82795BF8 -> hook not defined
\FileSystem\ntfs[IRP_MJ_FILE_SYSTEM_CONTROL] = 82795BF8 -> hook not defined
\FileSystem\ntfs[IRP_MJ_DEVICE_CONTROL] = 82795BF8 -> hook not defined
\FileSystem\ntfs[IRP_MJ_LOCK_CONTROL] = 82795BF8 -> hook not defined
\FileSystem\ntfs[IRP_MJ_QUERY_SECURITY] = 82795BF8 -> hook not defined
\FileSystem\ntfs[IRP_MJ_SET_SECURITY] = 82795BF8 -> hook not defined
\FileSystem\ntfs[IRP_MJ_PNP] = 82795BF8 -> hook not defined
\FileSystem\FastFat[IRP_MJ_CREATE] = 825B4C98 -> hook not defined
\FileSystem\FastFat[IRP_MJ_CLOSE] = 825B4C98 -> hook not defined
\FileSystem\FastFat[IRP_MJ_WRITE] = 825B4C98 -> hook not defined
\FileSystem\FastFat[IRP_MJ_QUERY_INFORMATION] = 825B4C98 -> hook not defined
\FileSystem\FastFat[IRP_MJ_SET_INFORMATION] = 825B4C98 -> hook not defined
\FileSystem\FastFat[IRP_MJ_QUERY_EA] = 825B4C98 -> hook not defined
\FileSystem\FastFat[IRP_MJ_SET_EA] = 825B4C98 -> hook not defined
\FileSystem\FastFat[IRP_MJ_QUERY_VOLUME_INFORMATION] = 825B4C98 -> hook not defined
\FileSystem\FastFat[IRP_MJ_SET_VOLUME_INFORMATION] = 825B4C98 -> hook not defined
\FileSystem\FastFat[IRP_MJ_DIRECTORY_CONTROL] = 825B4C98 -> hook not defined
\FileSystem\FastFat[IRP_MJ_FILE_SYSTEM_CONTROL] = 825B4C98 -> hook not defined
\FileSystem\FastFat[IRP_MJ_DEVICE_CONTROL] = 825B4C98 -> hook not defined
\FileSystem\FastFat[IRP_MJ_LOCK_CONTROL] = 825B4C98 -> hook not defined
\FileSystem\FastFat[IRP_MJ_PNP] = 825B4C98 -> hook not defined
\driver\disk[IRP_MJ_CREATE] = 82795EB0 -> hook not defined
\driver\disk[IRP_MJ_CLOSE] = 82795EB0 -> hook not defined
\driver\disk[IRP_MJ_READ] = 82795EB0 -> hook not defined
\driver\disk[IRP_MJ_WRITE] = 82795EB0 -> hook not defined
\driver\disk[IRP_MJ_PNP] = 82795EB0 -> hook not defined
Checking - complete
2. Scanning RAM
Number of processes found: 36
Extended process analysis: 1712 C:\Program Files\AVG\AVG9\avgrsx.exe
[ES]:Application has no visible windows
Extended process analysis: 1828 C:\Program Files\AVG\AVG9\avgcsrvx.exe
[ES]:Application has no visible windows
Extended process analysis: 676 C:\Program Files\AVG\AVG9\avgwdsvc.exe
[ES]:Program code includes networking-related functionality
[ES]:Application has no visible windows
Extended process analysis: 792 C:\Program Files\Java\jre6\bin\jqs.exe
[ES]:Program code includes networking-related functionality
[ES]:Listens on TCP ports !
[ES]:Application has no visible windows
[ES]:Registered for automatic startup !!
Extended process analysis: 2028 C:\Program Files\AVG\AVG9\avgnsx.exe
[ES]:Program code includes networking-related functionality
[ES]:Application has no visible windows
Extended process analysis: 2060 C:\Program Files\HiYo\bin\HiYo.exe
[ES]:Program code includes networking-related functionality
[ES]:Application has no visible windows
[ES]:Registered for automatic startup !!
[ES]:Loads RASAPI DLL - may use dialing ?
Extended process analysis: 2108 C:\Program Files\Java\jre6\bin\jusched.exe
[ES]:Program code includes networking-related functionality
[ES]:Application has no visible windows
[ES]:Registered for automatic startup !!
Extended process analysis: 2216 C:\Documents and Settings\XxX\qlviis.exe
[ES]:Application has no visible windows
[ES]:Registered for automatic startup !!
Extended process analysis: 2328 C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
[ES]:Program code includes networking-related functionality
[ES]:Application has no visible windows
[ES]:Registered for automatic startup !!
[ES]:Loads RASAPI DLL - may use dialing ?
Number of modules loaded: 413
Scanning RAM - complete
3. Scanning disks
4. Checking Winsock Layered Service Provider (SPI/LSP)
LSP settings checked. No errors detected
5. Searching for keyboard/mouse/windows events hooks (Keyloggers, Trojan DLLs)
6. Searching for opened TCP/UDP ports used by malicious software
Checking - disabled by user
7. Heuristic system check
Checking - complete
8. Searching for vulnerabilities
>> Services: potentially dangerous service allowed: RemoteRegistry (Remote Registry)
>> Services: potentially dangerous service allowed: TermService (Terminal Services)
>> Services: potentially dangerous service allowed: Alerter (Alerter)
>> Services: potentially dangerous service allowed: Schedule (Task Scheduler)
>> Services: potentially dangerous service allowed: mnmsrvc (NetMeeting Remote Desktop Sharing)
>> Services: potentially dangerous service allowed: RDSessMgr (Remote Desktop Help Session Manager)
> Services: please bear in mind that the set of services depends on the use of the PC (home PC, office PC connected to corporate network, etc)!
>> Security: disk drives' autorun is enabled
>> Security: administrative shares (C$, D$ ...) are enabled
>> Security: anonymous user access is enabled
>> Security: sending Remote Assistant queries is enabled
Checking - complete
9. Troubleshooting wizard
>> HDD autorun is allowed
>> Network drives autorun is allowed
>> Removable media autorun is allowed
Checking - complete
Files scanned: 449, extracted from archives: 0, malicious software found 0, suspicions - 0
Scanning finished at 12/9/2009 13:44:03
Time of scanning: 00:01:24
If you have a suspicion on presence of viruses or questions on the suspected objects,
you can address virusinfo.info conference
System Analysis in progress
System Analysis - complete

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Nisi ispratio uputstvo koje sam ti dao.


U folderu avz4 se nalazi folder LOG...

Otvori LOG folder i tamo ćeš videti da postoji arhiva virusinfo_syscheck.zip

Tu arhivu virusinfo_syscheck.zip mi postavi ovde u poruci opcijom Prikači fajl

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Izvini ,ja sam ,kao sto vidis malo operisan od ovih stvari!Kad otvorim log ima tri foldera sa ovim imenom a samo jedan je zip-ov!Jel ovo:


mycity.rs/must-login.png

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Korak 2.

Pokreni AVZ Antiviral Toolkit

u meniju izaberi File > Custom Scripts;

u prozor koji se otvori iskopiraj sve što se nalazi unutar Kod polja:

begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
TerminateProcessByName('c:\documents and settings\xxx\qlviis.exe');
TerminateProcessByName('c:\documents and settings\xxx\boazu.exe');
DeleteService('jswmidin');
QuarantineFile('c:\documents and settings\xxx\qlviis.exe','');
QuarantineFile('c:\documents and settings\xxx\boazu.exe','');
QuarantineFile('c:\windows\system32\rdolib.dll','');
QuarantineFile('c:\docume~1\xxx\locals~1\temp\jswmidin.sys','');
QuarantineFile('C:\PROGRA~1\MYWEBS~1\bar\3.bin\MWSBAR.DLL','');
QuarantineFile('C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwsoemon.exe','');
QuarantineFile('C:\PROGRA~1\MYWEBS~1\bar\3.bin\M3PLUGIN.DLL','');
DeleteFile('c:\documents and settings\xxx\qlviis.exe');
DeleteFile('c:\documents and settings\xxx\boazu.exe');
DeleteFile('c:\windows\system32\rdolib.dll');
DeleteFile('c:\docume~1\xxx\locals~1\temp\jswmidin.sys');
DeleteFile('C:\PROGRA~1\MYWEBS~1\bar\3.bin\MWSBAR.DLL');
DeleteFile('C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwsoemon.exe');
DeleteFile('C:\PROGRA~1\MYWEBS~1\bar\3.bin\M3PLUGIN.DLL');
DeleteDirectory('C:\PROGRA~1\MYWEBS~1');
DelBHO('{1E796980-9CC5-11D1-A83F-00C04FC99D61}');
DelBHO('{710EB7A1-45ED-11D0-924A-0020AFC7AC4D}');
BC_DeleteReg('HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7c497080-ab3f-11de-aab1-001e6b244771}');
BC_ImportDeletedList;
BC_Activate;
ExecuteSysClean;
RebootWindows(true);
end.

klikni taster Run i sačekaj da se skripta izvrši.



Da bi videli rezultate obrade skripte neophodno je da ponoviš samo skeniranje AVZ alatom opisano u Koraku 1 i ponovo uploaduješ virusinfo_syscheck.zip.begin

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Napisano: 11 Dec 2009 0:27

Uradio i sta sad?
mycity.rs/must-login.png

Dopuna: 11 Dec 2009 0:29

Sta da radim sa ovim fajlovima i skenerima sto mi stoje na desktopu koje sam upotrebljavao od pocetka procesa(dds,combo...)?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Nemoj za sada dirati te programe.


Potreban mi je svež log od programa RSIT.


Ponovo pokreni RSIT i obrati pažnju na naziv, jer će se kreirati dva loga. ( log.txt i info.txt )


Potrebno je da iskopiraš ovde u poruci samo log file pod nazivom log.txt.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Napisano: 11 Dec 2009 1:47

Opet mi je pravio probleme zato kasnim ,restartuje se non stop i shild mi registruje neke viruse ili sta ve,evo:

Logfile of random's system information tool 1.06 (written by random/random)
Run by XxX at 2009-12-11 01:42:32
Microsoft Windows XP Professional Service Pack 3
System drive C: has 2 GB (21%) free of 10 GB
Total RAM: 255 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:42:58, on 12/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\windows\Explorer.EXE
C:\windows\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\windows\system32\wuauclt.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HiYo\bin\HiYo.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Opera\opera.exe
C:\Documents and Settings\XxX\Desktop\RSIT.exe
C:\Program Files\trend micro\XxX.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = mystart.hiyo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - (no file)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Hiyo] C:\Program Files\HiYo\bin\HiYo.exe /RunFromStartup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file://C:\Program Files\Book of Legends\Images\stg_drm.ocx
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - upload.facebook.com/controls/2009.07.28_v5......ader55.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file://C:\Program Files\Book of Legends\Images\armhelper.ocx
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - C:\windows\SYSTEM32\avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\windows\System32\TuneUpDefragService.exe

--
End of file - 7895 bytes

======Scheduled tasks folder======

C:\windows\tasks\1-Click Maintenance.job
C:\windows\tasks\AppleSoftwareUpdate.job
C:\windows\tasks\EasyShare Registration Task.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2009-11-13 1475864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [2009-10-16 1119488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-11-18 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-11-18 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [2009-10-16 1119488]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-05-26 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-06-05 292136]
"Hiyo"=C:\Program Files\HiYo\bin\HiYo.exe [2009-11-10 206192]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2009-11-13 2020120]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-11-18 149280]
"KernelFaultCheck"=C:\windows\system32\dumprep 0 -k []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"ctfmon.exe"=C:\windows\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C-Media Mixer]
Mixer.exe /startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\egui]
C:\Program Files\ESET\ESET Smart Security\egui.exe /hide /waitservice []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\My Web Search Bar]
rundll32 C:\PROGRA~1\MYWEBS~1\bar\3.bin\MWSBAR.DLL,S []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Email Plugin]
C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwsoemon.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Plugin]
rundll32 C:\PROGRA~1\MYWEBS~1\bar\3.bin\M3PLUGIN.DLL,UPF []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Run]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]
C:\Program Files\SweetIM\Messenger\SweetIM.exe [2008-12-02 111928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrialReset]
C:\windows\fix.exe [2008-04-28 208353]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2008-08-04 36352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^XxX^Start Menu^Programs^Startup^PowerReg Scheduler V3.exe]
C:\Documents and Settings\XxX\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^XxX^Start Menu^Programs^Startup^PowerReg Scheduler.exe]
C:\Documents and Settings\XxX\Start Menu\Programs\Startup\PowerReg Scheduler.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"wuauserv"=2
"WmdmPmSp"=2
"usnjsvc"=3
"seclogon"=2
"Messenger"=3
"ImapiService"=3
"helpsvc"=2
"FastUserSwitchingCompatibility"=3
"wscsvc"=2
"WmdmPmSN"=3
"Bonjour Service"=2
"Apple Mobile Device"=2
"ekrn"=2
"EhttpSrv"=3
"srservice"=2

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Kodak EasyShare software.lnk - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
KODAK Software Updater.lnk - C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\windows\system32\avgrsstx.dll [2009-11-13 12464]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"NoDrives"=
"NoDriveAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe"="C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater"
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe"="C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Winamp Remote\bin\Orb.exe"="C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb"
"C:\Program Files\Winamp Remote\bin\OrbTray.exe"="C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray"
"C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"="C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
"E:\Kodak\Kodak EasyShare software\bin\EasyShare.exe"="E:\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"
"D:\Age of empires\Age of Empires II\EMPIRES2.EXE"="D:\Age of empires\Age of Empires II\EMPIRES2.EXE:*:Disabled:Age of Empires II"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7c497080-ab3f-11de-aab1-001e6b244771}]
shell\AutoRun\command - C:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Play.exe


======List of files/folders created in the last 1 months======

2009-12-11 01:32:23 ----D---- C:\windows\LastGood
2009-12-11 00:16:23 ----A---- C:\windows\system32\muweb.dll
2009-12-11 00:16:23 ----A---- C:\windows\system32\mucltui.dll.mui
2009-12-11 00:16:23 ----A---- C:\windows\system32\mucltui.dll
2009-12-10 00:59:58 ----D---- C:\Program Files\Common Files\Skype
2009-12-10 00:59:16 ----SHD---- C:\Config.Msi
2009-12-07 18:39:58 ----D---- C:\Program Files\trend micro
2009-12-07 18:39:54 ----D---- C:\rsit
2009-12-03 02:07:25 ----SD---- C:\ComboFix
2009-12-03 02:04:28 ----A---- C:\windows\ntbtlog.txt
2009-12-02 14:05:25 ----A---- C:\windows\system32\_uxtuneup.dll_.vir
2009-12-02 11:48:07 ----A---- C:\windows\NIRCMD.exe
2009-12-02 11:48:07 ----A---- C:\windows\MBR.exe
2009-12-02 11:48:02 ----A---- C:\windows\PEV.exe
2009-12-02 11:47:59 ----A---- C:\windows\zip.exe
2009-12-02 11:47:59 ----A---- C:\windows\SWREG.exe
2009-12-02 11:47:59 ----A---- C:\windows\sed.exe
2009-12-02 11:47:59 ----A---- C:\windows\grep.exe
2009-12-02 11:47:57 ----A---- C:\windows\SWSC.exe
2009-12-02 11:47:56 ----A---- C:\windows\SWXCACLS.exe
2009-12-02 11:40:27 ----D---- C:\Qoobox
2009-11-24 01:04:11 ----A---- C:\windows\system32\flags.ini
2009-11-18 22:24:14 ----A---- C:\windows\system32\javaws.exe
2009-11-18 22:24:14 ----A---- C:\windows\system32\javaw.exe
2009-11-18 22:24:13 ----A---- C:\windows\system32\java.exe
2009-11-18 22:23:08 ----D---- C:\Program Files\Java
2009-11-13 17:37:04 ----HD---- C:\$AVG
2009-11-13 17:32:54 ----D---- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
2009-11-13 17:31:53 ----D---- C:\Documents and Settings\All Users\Application Data\avg9
2009-11-13 17:30:25 ----D---- C:\windows\SxsCaPendDel

======List of files/folders modified in the last 1 months======

2009-12-11 01:38:33 ----HD---- C:\windows\inf
2009-12-11 01:36:59 ----HD---- C:\windows\$hf_mig$
2009-12-11 01:36:59 ----D---- C:\windows\Prefetch
2009-12-11 01:36:58 ----D---- C:\WINDOWS
2009-12-11 01:32:22 ----D---- C:\windows\system32\CatRoot2
2009-12-11 01:30:58 ----RD---- C:\Program Files
2009-12-11 00:59:20 ----D---- C:\windows\temp
2009-12-11 00:47:08 ----RSHDC---- C:\windows\system32\dllcache
2009-12-11 00:45:44 ----D---- C:\windows\system32
2009-12-11 00:19:19 ----D---- C:\windows\system32\drivers
2009-12-11 00:17:44 ----D---- C:\windows\system32\CatRoot
2009-12-11 00:16:00 ----D---- C:\windows\Help
2009-12-11 00:09:58 ----A---- C:\windows\SchedLgU.Txt
2009-12-10 19:50:46 ----D---- C:\windows\Minidump
2009-12-10 15:40:11 ----D---- C:\Documents and Settings\XxX\Application Data\Skype
2009-12-10 14:45:04 ----D---- C:\Documents and Settings\XxX\Application Data\skypePM
2009-12-10 01:00:57 ----SHD---- C:\windows\Installer
2009-12-10 01:00:30 ----RD---- C:\Program Files\Skype
2009-12-10 00:59:44 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2009-12-02 11:47:32 ----D---- C:\windows\ERDNT
2009-11-30 21:47:53 ----D---- C:\Program Files\Internet Explorer
2009-11-18 22:23:31 ----AC---- C:\windows\system32\deploytk.dll
2009-11-13 17:33:34 ----D---- C:\Documents and Settings
2009-11-13 17:32:58 ----A---- C:\windows\system32\avgrsstx.dll
2009-11-13 17:31:54 ----D---- C:\Program Files\AVG
2009-11-13 17:30:55 ----D---- C:\windows\WinSxS

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK7;AMD K7 Processor Driver; C:\windows\System32\DRIVERS\amdk7.sys [2008-04-13 37760]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\windows\System32\Drivers\avgldx86.sys [2009-11-13 333192]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\windows\System32\Drivers\avgmfx86.sys [2009-11-13 28424]
R1 AvgTdiX;AVG Free8 Network Redirector; C:\windows\System32\Drivers\avgtdix.sys [2009-11-13 360584]
R1 easdrv;easdrv; C:\windows\system32\DRIVERS\easdrv.sys [2008-06-10 53256]
R1 epfwtdi;epfwtdi; C:\windows\system32\DRIVERS\epfwtdi.sys [2008-06-10 54280]
R2 athsgt;athsgt; C:\windows\system32\DRIVERS\athsgt.sys [2008-10-21 164992]
R2 eamon;EAMON; C:\windows\system32\DRIVERS\eamon.sys [2008-06-10 39944]
R2 epfw;epfw; C:\windows\system32\DRIVERS\epfw.sys [2008-06-10 71688]
R2 limsgt;limsgt; C:\windows\system32\DRIVERS\limsgt.sys [2008-10-21 12544]
R3 cmpci;C-Media PCI Audio Driver (WDM); C:\windows\system32\drivers\cmaudio.sys [2002-11-18 377358]
R3 Epfwndis;Eset Personal Firewall; C:\windows\system32\DRIVERS\Epfwndis.sys [2008-06-10 30728]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 hidusb;Microsoft HID Class Driver; C:\windows\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ltmodem5;LT Modem Driver; C:\windows\System32\DRIVERS\ltmdmnt.sys [2008-04-13 606684]
R3 nv;nv; C:\windows\System32\DRIVERS\nv4_mini.sys [2008-04-13 1897408]
R3 QCDonner;Logitech QuickCam Express; C:\windows\system32\DRIVERS\OVCD.sys [2001-08-17 28032]
R3 USBCM;Scientific-Atlanta USB Cable Modem Driver; C:\windows\system32\DRIVERS\Sacm2A.sys [2004-06-10 15429]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\windows\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\windows\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 glaide32;glaide32; \??\C:\windows\system32\drivers\glaide32.sys []
S1 kbdhid;Keyboard HID Driver; C:\windows\System32\DRIVERS\kbdhid.sys [2008-04-13 14592]
S3 catchme;catchme; \??\C:\DOCUME~1\XxX\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\windows\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 dtscsi;dtscsi; C:\windows\System32\Drivers\dtscsi.sys [2008-07-27 223128]
S3 mouhid;Mouse HID Driver; C:\windows\System32\DRIVERS\mouhid.sys [2001-08-23 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\windows\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\windows\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\windows\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;BDA Slip De-Framer; C:\windows\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\windows\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\windows\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbscan;USB Scanner Driver; C:\windows\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\windows\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WSTCODEC;World Standard Teletext Codec; C:\windows\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\windows\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\windows\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\windows\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712]
R2 avg9wd;AVG Free WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2009-11-13 285392]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-11-18 153376]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 UxTuneUp;TuneUp Theme Extension; C:\windows\System32\svchost.exe [2008-04-14 14336]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-06-05 541992]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\windows\System32\TuneUpDefragService.exe [2009-06-10 307968]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\windows\system32\svchost.exe [2008-04-14 14336]

-----------------EOF-----------------

Dopuna: 11 Dec 2009 1:49

Samo ovaj log mi je izbacio

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Preuzmi reg file sa linka dole i pokreni ga dvoklikom na ikonicu.

Kada se pojavi MsgBox klikni na Yes pa Ok.

https://www.mycity.rs/must-login.png



Restartuj računar i javi kakvo je stanje...