blue screen, pokusao sa drajverima, bez uspeha

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Napisano: 19 Avg 2011 19:55

kada zaklopim ekran na laptopu (sleep), pa kada se startuje prijavi da je windows imao neku gresku.
kada se windows podigne izbaci da je bio blue screen.
vec sam pokusao kod vas, u delu windows, instalirao nove djajvere za wifi, i drzalo je par dana.
skenirao sa MS security essentials i sa spybot s&d, i eliminisao sweetim, ali nije resen problem.
win 7 ultimate sp1.
i jos jedno manifestovanje: rusi mi windows explorer kada koristim desni taster misa (tacpeda).
izbegao bih ponovnu instalaciju windowsa, pre svega jer sam ga aktivirao, a nisam siguran da ce uspeti ponovo, nakon oko pola godine.
OTL je kreirao 2 fajla a ne samo 1, pa oba stavljam u prilog.
mycity.rs/must-login.png


mycity.rs/must-login.png

Dopuna: 19 Avg 2011 19:57

jos da dodam: koristim wifi, preko ics na desktop racunaru

Dopuna: 19 Avg 2011 20:01

bios je flesovan, poslednji, a laptop star oko 6 meseci, poceo da z*za pre 3 sedmice

Dopuna: 19 Avg 2011 20:02

dell inspirion m5010

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Pozdrav zokce




U toku resavanja slucaja, zamolio bih te da se pridrzavas sledeceg:
Detaljno citati moja uputstva ( ili uputstva kolega koji ce me zamenjivati) i raditi iskljucivo po njima;
Ne traziti istovremeno pomoc na drugom mestu;
Nemoj koristiti druge programe za uklanjanje malware-a, osim onih za koje budes dobio uputstvo;
U toku intervencije ne koristiti USB memorijske uredjaje, dok to ne budem zatrazio;
Ukoliko ne odgovorim u roku od 48h, osvezi temu novim post-om;
Ukoliko se ne javis u roku od 5 dana, zatvoricemo slucaj.
Za vise informacija o pravilima Ambulante MyCity foruma: LINK

--------------------------------------------------------------


Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop:


Bleeping Computer
Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu);
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save.



Kada preuzimanje programa bude završeno:
deaktiviraj zaštitni softver (uputstvo);
zatvori pokrenute programe;
dvoklikom pokreni program ComboFix;
u prozoru koji se otvori klikni "I Agree".
U toku rada, ComboFix će:proveriti postoji li novija verzija programa:
klikni Yes ako bude ponuđeno preuzimanje iste.ako Recovery Console nije instalirana, ponuditi instalaciju:
obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja:
prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta);
na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.

Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu:
klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All;
klikni desnim tasterom miša na obeleženi tekst i izaberi Copy;
klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste.

Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt);
Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

NIx Car (AMF Tim)

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

урадио сам по упутству, и ево лога:

ComboFix 11-08-19.02 - ЗокиВале 20.08.2011 15:23:12.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1251.381.1033.18.3836.2435 [GMT 2:00]
Running from: c:\users\КЬЖУTЯвт\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\ClickPotatoLite
c:\program files (x86)\ClickPotatoLite\bin\10.0.728.0\ClickPotatoLiteSACB.exe
c:\program files (x86)\ClickPotatoLite\bin\10.0.728.0\ClickPotatoLiteUninstaller.exe
c:\program files (x86)\ClickPotatoLite\bin\10.0.728.0\copyright.txt
c:\program files (x86)\ClickPotatoLite\bin\10.0.728.0\firefox\extensions\install.rdf
c:\programdata\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
c:\programdata\ClickPotatoLiteSA
c:\programdata\ClickPotatoLiteSA\ClickPotatoLiteSA.dat
c:\programdata\ClickPotatoLiteSA\ClickPotatoLiteSAAbout.mht
c:\programdata\ClickPotatoLiteSA\ClickPotatoLiteSAEULA.mht
c:\programdata\Microsoft\Windows\Start Menu\Programs\ClickPotato
c:\programdata\Microsoft\Windows\Start Menu\Programs\ClickPotato\About Us.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\ClickPotato\ClickPotato Customer Support.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\ClickPotato\ClickPotato Uninstall Instructions.lnk
c:\windows\n.tmp
.
.
((((((((((((((((((((((((( Files Created from 2011-07-20 to 2011-08-20 )))))))))))))))))))))))))))))))
.
.
2011-08-20 13:27 . 2011-08-20 13:27 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-08-20 10:42 . 2011-08-20 10:42 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{4B1BD563-D553-42F8-BFC3-B62F88DF2492}
2011-08-20 10:42 . 2011-08-20 10:42 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{B4AFC355-D850-4DE8-A270-B1C6DFB979AF}
2011-08-19 18:40 . 2011-08-19 18:44 -------- d-----w- c:\users\ЗокиВале\AppData\Local\iFreeTV
2011-08-19 18:40 . 2011-08-19 18:40 -------- d-----w- c:\program files (x86)\iFreeTV
2011-08-19 16:05 . 2011-08-12 04:10 8862544 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7A80C70F-3243-474E-BBDF-4EBEA0155271}\mpengine.dll
2011-08-19 15:56 . 2011-08-19 15:57 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{51C4E9FA-0084-453D-820C-0BE01E0A00B7}
2011-08-19 15:56 . 2011-08-19 15:56 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{F473F68E-AACC-41B5-8463-0CB60D3D8441}
2011-08-18 19:11 . 2011-08-20 13:16 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2011-08-18 19:11 . 2011-08-18 19:14 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
2011-08-18 14:33 . 2011-08-18 14:33 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{D1100C80-8CAB-495A-8FD6-E98CA7FC9886}
2011-08-18 14:32 . 2011-08-18 14:33 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{DDD403B5-7B8E-41C4-9681-AD21957D4787}
2011-08-16 17:03 . 2011-08-16 17:03 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{5595C069-F9D2-4E3A-83AB-54665363AF71}
2011-08-16 17:03 . 2011-08-16 17:03 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{8E12FB42-2F74-470E-A7E7-22FF9EAD95AC}
2011-08-15 18:59 . 2011-08-15 18:59 -------- d-----w- c:\users\ЗокиВале\AppData\Roaming\Dell
2011-08-15 18:59 . 2011-08-15 18:59 -------- d-----w- c:\program files\Dell Support Center
2011-08-15 18:55 . 2011-08-15 18:55 -------- d-----w- c:\users\ЗокиВале\AppData\Roaming\PCDr
2011-08-15 17:37 . 2011-08-15 17:39 -------- d-----w- c:\users\ЗокиВале\AppData\Roaming\PC Suite
2011-08-15 17:37 . 2011-08-15 17:39 -------- d-----w- c:\users\ЗокиВале\AppData\Roaming\Nokia
2011-08-15 17:37 . 2011-08-15 17:39 -------- d-----w- c:\programdata\PC Suite
2011-08-15 17:37 . 2011-08-15 17:37 -------- d-----w- c:\program files (x86)\Common Files\PCSuite
2011-08-15 17:36 . 2011-08-15 17:37 -------- d-----w- c:\program files (x86)\Common Files\Nokia
2011-08-15 17:36 . 2011-08-15 17:37 -------- d-----w- c:\program files\DIFX
2011-08-15 17:36 . 2008-08-28 10:44 25600 ----a-w- c:\windows\system32\drivers\pccsmcfdx64.sys
2011-08-15 17:36 . 2011-08-15 17:36 -------- dc----w- c:\windows\system32\DRVSTORE
2011-08-15 17:36 . 2011-08-15 17:36 -------- d-----w- c:\program files (x86)\PC Connectivity Solution
2011-08-15 17:36 . 2011-08-15 17:37 -------- d-----w- c:\program files (x86)\Nokia
2011-08-15 17:36 . 2011-05-18 08:15 57856 ----a-w- c:\windows\system32\nmwcdclsX64.dll
2011-08-15 17:35 . 2011-08-15 17:35 -------- d-----w- c:\programdata\Installations
2011-08-15 17:22 . 2011-08-15 17:22 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{521A7CC9-2AE5-4CB7-B425-1E1B1B69C885}
2011-08-15 17:21 . 2011-08-15 17:22 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{E626C8B4-2E97-43FC-9931-600E7E9D05BC}
2011-08-14 18:33 . 2011-08-14 18:33 -------- d-----w- c:\program files (x86)\Common Files\xing shared
2011-08-14 18:32 . 2011-08-14 18:32 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2011-08-14 18:32 . 2011-08-14 18:32 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2011-08-14 18:32 . 2011-08-14 18:33 -------- d-----w- c:\program files (x86)\Real
2011-08-14 18:32 . 2011-08-14 18:47 -------- d-----w- c:\users\ЗокиВале\AppData\Roaming\Real
2011-08-14 16:19 . 2011-08-15 18:59 -------- d-----w- c:\programdata\PCDr
2011-08-14 14:37 . 2011-08-14 14:38 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{03D4C7EF-AA2D-4E33-B6C6-3E5D1229E63F}
2011-08-14 14:37 . 2011-08-14 14:37 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{69A1D898-4040-4AA7-9988-59CDE87DD7B5}
2011-08-14 14:08 . 2011-08-18 19:00 -------- d-----w- c:\programdata\iolo
2011-08-13 09:33 . 2011-08-13 09:33 -------- d-----w- c:\program files (x86)\Atheros
2011-08-13 09:32 . 2010-09-26 18:15 2374656 ----a-w- c:\windows\system32\drivers\athrx.sys
2011-08-13 09:32 . 2010-09-26 18:15 2374656 ----a-w- c:\windows\system32\athrx.sys
2011-08-13 03:14 . 2011-08-13 03:14 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{3974657D-7BAD-4976-BAF0-822E57B8E327}
2011-08-13 03:14 . 2011-08-13 03:14 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{BFC4A894-AFBB-4E5F-B59E-8000A8DD9501}
2011-08-12 16:35 . 2011-08-12 16:35 -------- d-----w- c:\windows\Options
2011-08-12 16:35 . 2011-08-12 16:40 -------- d-----w- c:\programdata\Atheros
2011-08-12 15:13 . 2011-08-12 15:13 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{1003E2E5-0814-44D0-B0D9-66214B998F4E}
2011-08-12 15:13 . 2011-08-12 15:13 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{00718267-A42A-4D7B-A6C3-249E30FFE584}
2011-08-11 18:01 . 2011-02-19 21:07 601424 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DA65EDDA-1BD8-42EC-A173-6F47EFF71F24}\gapaengine.dll
2011-08-11 17:42 . 2011-08-11 17:42 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{2D4331F6-FD87-4A30-A76D-5F47F6D8DE2F}
2011-08-11 17:42 . 2011-08-11 17:42 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{141CED6F-0E8B-429B-A870-C01ABD3A1D96}
2011-08-11 17:34 . 2011-08-11 17:34 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{40EC1C80-4F4B-4385-8369-0CFCD015F322}
2011-08-10 17:20 . 2011-08-18 18:32 -------- d-----w- c:\program files\WhoCrashed
2011-08-10 15:41 . 2011-07-16 05:41 243200 ----a-w- c:\windows\system32\wow64.dll
2011-08-10 15:36 . 2011-08-10 15:36 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{F1AADF37-16E4-4C2E-BC1C-E61BA4951B6B}
2011-08-10 15:36 . 2011-08-10 15:36 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{EFACA8B8-221A-4DAA-B9BE-459293FD4F80}
2011-08-09 15:21 . 2011-08-09 15:21 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{911EF321-AE74-4CA4-BCF4-3B0E6D178E7B}
2011-08-09 15:20 . 2011-08-09 15:21 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{DC34C6B9-3346-4B3D-9A4D-0815085453C7}
2011-08-08 17:51 . 2011-08-08 17:51 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{AB903D69-F7D0-40A0-92AD-546A7072B8F4}
2011-08-08 17:51 . 2011-08-08 17:51 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{7B4795A2-A7E9-4E6F-83C9-3DB807A4CBD3}
2011-08-07 19:53 . 2011-08-07 19:53 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{6CA93586-F568-477E-9B7C-4EF3D4347E19}
2011-08-07 19:53 . 2011-08-07 19:53 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{2195D17B-59A8-4E33-9C65-96B2E7CEBBF0}
2011-08-07 07:52 . 2011-08-07 07:52 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{FA961808-67FD-44AB-8729-1073E27ECD58}
2011-08-07 07:52 . 2011-08-07 07:52 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{30005A7B-CECA-4F32-9881-AE93C8A2AEA8}
2011-08-06 19:14 . 2011-08-06 19:14 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{DADC4598-6EB5-4CBA-BCA4-00FC4E02B74B}
2011-08-06 19:13 . 2011-08-06 19:14 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{58594B30-00D9-4436-9994-D13F6913CE6E}
2011-08-06 07:13 . 2011-08-06 07:13 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{DE6BE3CB-8DAE-4800-ABB1-02D386D82AA3}
2011-08-06 07:13 . 2011-08-06 07:13 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{DAFCDF9F-DFD4-4C5F-9F45-B9859313C908}
2011-08-05 17:57 . 2011-08-05 17:57 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{6C09DC47-085D-4AEE-994A-77456169C259}
2011-08-05 17:56 . 2011-08-05 17:57 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{0F1A7381-C4FE-4CB5-A1D4-FECCC16E65B6}
2011-08-05 17:52 . 2005-06-01 20:57 697884 ------w- c:\windows\~df394b.tmp
2011-08-05 17:30 . 2011-08-05 17:30 -------- d-----w- c:\windows\en
2011-08-05 17:28 . 2011-08-05 17:28 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-08-05 17:28 . 2011-08-05 17:28 -------- d-----w- c:\program files\Windows Live
2011-08-05 17:25 . 2011-08-05 17:26 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{381DB636-CC89-48B9-AC12-6DEFA80A3A7B}
2011-08-05 17:25 . 2011-08-05 17:25 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{BB390F6E-3728-4E6E-AF41-56D6D9B96C6B}
2011-08-05 06:04 . 2011-08-05 06:04 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{FE20F792-7DCB-41A6-9611-7AA2798FF525}
2011-08-05 06:04 . 2011-08-05 06:04 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{FF90CAEB-1B81-4544-BCB0-DC122588CB48}
2011-08-05 05:32 . 2011-08-05 05:33 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{9E73A347-EB95-4D61-9E67-96E6BE68DC1C}
2011-08-03 15:36 . 2011-08-03 15:37 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{D15B31B3-33CD-4D69-B254-AA468F23B7FE}
2011-08-02 18:59 . 2011-08-02 18:59 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2011-08-02 18:59 . 2011-07-13 04:53 8578896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpengine.dll
2011-08-02 16:04 . 2011-08-02 16:04 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{D402E544-BBA5-4282-A47C-750BE9A1D92E}
2011-08-01 19:23 . 2011-08-01 19:23 508472 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-08-01 19:23 . 2011-08-01 19:23 -------- d-----w- c:\program files (x86)\DAEMON Tools Pro
2011-08-01 19:22 . 2011-08-06 08:02 -------- d-----w- c:\users\ЗокиВале\AppData\Roaming\DAEMON Tools Pro
2011-08-01 19:22 . 2011-08-01 19:23 -------- d-----w- c:\programdata\DAEMON Tools Pro
2011-08-01 18:44 . 2011-08-01 18:44 -------- d-----w- c:\users\ЗокиВале\AppData\Roaming\Nero
2011-08-01 18:37 . 2011-08-01 18:40 -------- d-----w- c:\programdata\Nero
2011-08-01 18:36 . 2011-08-01 18:37 -------- d-----w- c:\program files (x86)\Common Files\Nero
2011-08-01 18:36 . 2011-08-01 18:40 -------- d-----w- c:\program files (x86)\Nero
2011-08-01 18:27 . 2009-09-04 15:29 1974616 ----a-w- c:\windows\SysWow64\D3DCompiler_42.dll
2011-08-01 18:27 . 2008-10-15 04:22 4379984 ----a-w- c:\windows\SysWow64\D3DX9_40.dll
2011-08-01 18:26 . 2007-07-19 16:14 3727720 ----a-w- c:\windows\SysWow64\d3dx9_35.dll
2011-08-01 18:26 . 2007-05-16 14:45 3497832 ----a-w- c:\windows\SysWow64\d3dx9_34.dll
2011-08-01 17:59 . 2011-08-01 17:59 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{7C867961-186C-46D4-891A-8DBD2222E0CE}
2011-08-01 04:14 . 2011-08-01 04:14 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{39C1F4E7-609D-4DE9-8722-26D91F219C7B}
2011-07-31 13:19 . 2011-07-31 13:19 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{D44D6608-6962-4F2D-9251-49E96EA67829}
2011-07-30 13:56 . 2011-07-30 13:56 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{5158C29B-B9DD-43B9-A84E-29F704BF24A7}
2011-07-29 15:43 . 2011-07-29 15:44 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{EB56C68F-C3DE-4017-8E01-CD758238ACF8}
2011-07-28 16:32 . 2011-07-28 16:33 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{F83C3E53-8619-4229-9D26-47506D98674F}
2011-07-27 17:27 . 2011-07-27 17:27 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{A8345C0E-A8E9-41C1-AE3B-842361188628}
2011-07-26 15:15 . 2011-07-26 15:15 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{A5314E0F-7C19-43A6-8B30-DAFA50435A73}
2011-07-25 16:46 . 2011-07-25 16:47 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{739E443E-87B9-4F69-85C9-55E9EAE65EC9}
2011-07-25 16:42 . 2011-07-25 16:42 -------- d-----w- c:\users\ЗокиВале\AppData\Local\Windows Live Writer
2011-07-25 16:42 . 2011-07-25 16:42 -------- d-----w- c:\users\ЗокиВале\AppData\Roaming\Windows Live Writer
2011-07-25 16:42 . 2011-07-25 16:42 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{6581587C-6079-47E3-AA0F-684B8369CF95}
2011-07-24 10:38 . 2011-07-24 10:39 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{4B7D42B9-FFB8-4EC1-B844-D7DFB98A66A9}
2011-07-23 20:48 . 2011-07-23 20:49 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{B511C5A9-80CF-410E-9491-E0715767E884}
2011-07-23 08:46 . 2011-07-23 08:46 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{AEEA9DB8-2075-449B-805D-AF4F30CD2C71}
2011-07-21 16:26 . 2011-07-21 16:27 -------- d-----w- c:\users\ЗокиВале\AppData\Local\{6F77D82F-3693-40F8-BD1E-4E2323105A39}
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-12 18:20 . 2011-05-19 20:21 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-08-12 04:10 . 2011-02-19 21:08 8862544 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-07-17 20:28 . 2011-05-26 19:27 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2011-07-16 04:26 . 2011-08-10 15:41 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2011-07-15 21:15 . 2011-06-16 13:22 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2011-06-11 03:07 . 2011-07-13 18:56 3137536 ----a-w- c:\windows\system32\win32k.sys
2011-05-24 11:42 . 2011-07-03 14:04 404480 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-05-24 10:40 . 2011-07-03 14:04 64512 ----a-w- c:\windows\SysWow64\devobj.dll
2011-05-24 10:40 . 2011-07-03 14:04 44544 ----a-w- c:\windows\SysWow64\devrtl.dll
2011-05-24 10:39 . 2011-07-03 14:04 145920 ----a-w- c:\windows\SysWow64\cfgmgr32.dll
2011-05-24 10:37 . 2011-07-03 14:04 252928 ----a-w- c:\windows\SysWow64\drvinst.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2011-05-13 4283256]
"DownloadAccelerator"="c:\program files (x86)\DAP\DAP.EXE" [2011-04-10 2918576]
"SpeedBitVideoAccelerator"="c:\program files (x86)\SpeedBit Video Accelerator\VideoAccelerator.exe" [2011-04-10 2098376]
"DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTAgent.exe" [2010-11-11 570688]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"PC Suite Tray"="c:\program files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" [2011-06-16 1500160]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-07-29 17361032]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-03-23 102400]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2010-04-02 1234216]
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\Update\realsched.exe" [2011-08-14 273544]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Услуга Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-19 136176]
R2 VideoAcceleratorService;VideoAcceleratorService;c:\progra~2\SPEEDB~1\VideoAcceleratorService.exe [2011-04-10 265928]
R3 appliand;Applian Network Service;c:\windows\system32\DRIVERS\appliand.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-19 136176]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-12-27 31124344]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
R3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 appliandMP;appliandMP;c:\windows\system32\DRIVERS\appliand.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms [2011-07-21 25072]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2011-08-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-19 22:24]
.
2011-08-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-19 22:24]
.
2011-08-15 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\Dell Support Center\uaclauncher.exe [2011-07-25 17:44]
.
2011-08-20 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\Dell Support Center\uaclauncher.exe [2011-07-25 17:44]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}]
2011-03-24 10:16 398000 ----a-w- c:\program files (x86)\DAP\DAPIELoader64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
LSP: c:\program files (x86)\SpeedBit Video Accelerator\SBLSP.dll
TCP: DhcpNameServer = 192.168.2.1
Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~2\DAP\dapie.dll
Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~2\DAP\dapie.dll
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{3706EE7C-3CAD-445D-8A43-03EBC3B75908} - c:\program files (x86)\Expat Shield\HssIE\ExpatIE_64.dll
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0]
"ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-08-20 15:29:49
ComboFix-quarantined-files.txt 2011-08-20 13:29
.
Pre-Run: 14.997.708.800 bytes free
Post-Run: 14.880.755.712 bytes free
.
- - End Of File - - 11CC6E7A660DA60A7B6779064C59D163

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Pregledah tvoje logove i nisam primetio tragove malwarea. Zamolio bih te da se vratis u temu
http://www.mycity.rs/Windows/plavi-ekran-12.html
i da nastavis da pratis uputsva kolege,posto potforum Ambulanta sluzi samo za probleme vezane za infekcije malicioznim programima (koje ti nemas). Ali pre toga odradi sledece:
Korak 1
Potrebno je deinstalirati ComboFix:
klikni start (ili ), a zatim RUN.

Na Visti koristiti Start Search polje ukoliko Run nije dostupan.

U liniju za unos teksta ukucaj (iskopiraj) sledeće:

ComboFix /Uninstall

Primeti da postoji razmak između "ComboFix" i "/Uninstall".



a zatim klikni OK (ili pritisni Enter).

Sačekaj da se proces deinstalacije završi.
----------------------------------------------------------
Korak 2
- Preporucujem da za zastitu USB memorijskih uredjaja koristis MCShield. Nema nikakve veze sa AntiVirus-om tj. nece ometati njegov rad a pokazao se kao jedan od najboljih vida zastite od malware-a koji se prenosi putem USB mem. uredjaja.

Skines, instaliras, ubodes USB mem. uredjaj, izvrsi se skeniranje nakon cega dobijes obavestenje da je uredjaj cist (ukoliko je stvarno tako); ili dobijes log u kome vidis informacije o malware-u koji je nadjen i obrisan.


Home Page MCShield-a: http://amf.mycity.rs/programs/mc/mcshield/

Vise o MCShield-u mozes saznati u ovoj temi: http://www.mycity.rs/Antispyware-programi/MCShield.html

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

хвала царе