problem sa drajverom

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Log combo fixa :

ComboFix 11-06-13.06 - petar 06/16/2011 20:10:28.4.2 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2047.1555 [GMT 2:00]
Running from: e:\documents and settings\petar\My Documents\Downloads\ComboFix.exe
Command switches used :: e:\documents and settings\petar\Desktop\CFScript.txt
AV: AntiVir Desktop *Disabled/Outdated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
FILE ::
"e:\program files\Movie Maker\wptpj.dll"
"e:\windows\system32\crssc.exe"
"e:\windows\system32\wptpj.dll"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_RVCGCBP
-------\Service_rvcgcbp
.
.
((((((((((((((((((((((((( Files Created from 2011-05-16 to 2011-06-16 )))))))))))))))))))))))))))))))
.
.
2011-06-13 18:25 . 2010-03-04 16:05 944640 ----a-r- e:\windows\system32\NEW24.tmp
2011-06-13 18:25 . 2010-03-04 16:05 944640 ----a-r- e:\windows\system32\fdco1.dll
2011-06-13 18:25 . 2010-03-04 16:02 70912 ----a-r- e:\windows\system32\drivers\NVENETFD.sys
2011-06-13 18:25 . 2010-03-04 16:05 11264 ----a-r- e:\windows\system32\NEW19.tmp
2011-06-13 18:25 . 2010-03-04 16:05 11264 ----a-r- e:\windows\system32\bdco1.dll
2011-06-13 18:25 . 2010-03-04 16:02 13824 ----a-r- e:\windows\system32\drivers\nvnetbus.sys
2011-06-13 18:25 . 2010-03-04 16:02 212224 ----a-r- e:\windows\system32\drivers\nvnrm.sys
2011-06-13 18:25 . 2010-03-03 23:49 207464 ----a-r- e:\windows\system32\nvconrm.dll
2011-06-13 18:24 . 2010-03-22 10:28 215656 ----a-r- e:\windows\system32\NVCOSMB.DLL
2011-06-13 18:02 . 2011-02-25 17:37 1284712 ------r- e:\windows\RtlExUpd.dll
2011-06-13 17:55 . 2011-06-13 17:55 -------- d-----w- e:\documents and settings\All Users\Application Data\ATI
2011-06-13 17:54 . 2011-06-13 17:54 -------- d-----w- e:\program files\AMD APP
2011-06-13 17:51 . 2011-06-13 17:51 -------- d-----w- E:\ATI
2011-06-10 16:44 . 2003-11-10 16:14 729088 ----a-w- e:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll
2011-06-10 16:44 . 2003-11-10 16:13 69715 ----a-w- e:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
2011-06-10 16:44 . 2003-11-10 16:12 266240 ----a-w- e:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll
2011-06-10 16:44 . 2003-11-10 16:12 192512 ----a-w- e:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
2011-06-10 16:44 . 2003-11-10 16:11 5632 ----a-w- e:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
2011-06-10 16:44 . 2011-06-10 16:44 311428 ----a-w- e:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll
2011-06-10 16:44 . 2011-06-10 16:44 188548 ----a-w- e:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll
2011-06-10 15:54 . 2011-06-10 15:54 -------- d-----w- e:\windows\system32\LogFiles
2011-06-10 15:20 . 2011-06-10 15:20 -------- d-----w- e:\program files\MSI
2011-06-10 15:19 . 2011-06-10 16:44 -------- d-----w- e:\program files\Setup Files
2011-06-10 15:18 . 2011-06-10 15:18 -------- d-sh--w- e:\documents and settings\petar\PrivacIE
2011-06-10 15:16 . 2011-06-10 15:16 -------- d-----w- e:\documents and settings\petar\Local Settings\Application Data\BitTorrentBar
2011-06-10 15:05 . 2011-06-10 15:05 -------- d-sh--w- e:\documents and settings\NetworkService\IETldCache
2011-06-10 15:04 . 2011-06-10 15:04 -------- d-sh--w- e:\documents and settings\petar\IETldCache
2011-06-10 15:01 . 2011-06-10 15:03 -------- dc-h--w- e:\windows\ie8
2011-06-10 14:50 . 1998-10-02 17:00 327168 ----a-w- e:\windows\IsUninst.exe
2011-06-09 15:38 . 2011-06-09 15:45 21840 ----atw- e:\windows\system32\SIntfNT.dll
2011-06-09 15:38 . 2011-06-09 15:45 17212 ----atw- e:\windows\system32\SIntf32.dll
2011-06-09 15:38 . 2011-06-09 15:45 12067 ----atw- e:\windows\system32\SIntf16.dll
2011-06-09 15:26 . 2011-06-09 15:26 94208 ----a-w- e:\windows\DIIUnin.exe
2011-06-09 15:26 . 2011-06-09 15:26 2829 ----a-w- e:\windows\DIIUnin.pif
2011-06-09 15:20 . 2011-06-09 15:20 218688 ----a-w- e:\windows\system32\drivers\dtsoftbus01.sys
2011-06-09 15:20 . 2011-06-09 15:20 -------- d-----w- e:\program files\DAEMON Tools Lite
2011-06-09 15:20 . 2011-06-09 15:21 -------- d-----w- e:\documents and settings\petar\Application Data\DAEMON Tools Lite
2011-06-09 15:20 . 2011-06-09 15:20 -------- d-----w- e:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2011-06-09 05:55 . 2011-06-09 05:55 -------- d-----w- e:\documents and settings\petar\Application Data\Soldat
2011-06-08 05:15 . 2011-06-16 11:47 -------- d-----w- e:\windows\system32\NtmsData
2011-06-07 20:02 . 2011-06-07 20:02 -------- d-----w- e:\documents and settings\petar\Application Data\Avira
2011-06-07 20:00 . 2011-06-07 20:00 -------- d-----w- e:\program files\Avira
2011-06-07 20:00 . 2011-06-07 20:00 -------- d-----w- e:\documents and settings\All Users\Application Data\Avira
2011-06-07 20:00 . 2011-04-01 15:07 61960 ----a-w- e:\windows\system32\drivers\avgntflt.sys
2011-06-07 20:00 . 2011-04-01 15:07 137656 ----a-w- e:\windows\system32\drivers\avipbb.sys
2011-06-07 20:00 . 2010-06-17 13:27 45416 ----a-w- e:\windows\system32\drivers\avgntdd.sys
2011-06-07 20:00 . 2010-06-17 13:27 22360 ----a-w- e:\windows\system32\drivers\avgntmgr.sys
2011-06-07 09:54 . 2011-06-07 09:54 -------- d-----w- e:\documents and settings\petar\Local Settings\Application Data\ESET
2011-06-07 08:58 . 2011-06-07 08:58 -------- d-----w- e:\documents and settings\LocalService\Local Settings\Application Data\ESET
2011-06-07 08:57 . 2011-06-07 08:57 -------- d-----w- e:\documents and settings\All Users\Application Data\ESET
2011-06-06 08:43 . 2006-10-26 17:56 33104 ----a-w- e:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
2011-06-06 08:43 . 2006-10-26 17:56 32592 ----a-w- e:\windows\system32\msonpmon.dll
2011-06-06 08:42 . 2011-06-06 08:42 -------- d-----w- e:\program files\Microsoft Works
2011-06-06 08:42 . 2011-06-06 08:42 -------- d-----w- e:\program files\MSBuild
2011-06-06 08:41 . 2011-06-06 08:41 -------- d-----w- e:\program files\Microsoft.NET
2011-06-06 08:40 . 2011-06-06 08:40 -------- d-----w- e:\program files\Microsoft Visual Studio 8
2011-06-06 08:39 . 2011-06-06 08:42 -------- d-----w- e:\windows\SHELLNEW
2011-06-06 08:39 . 2011-06-06 08:39 -------- d-----w- e:\documents and settings\petar\Local Settings\Application Data\Microsoft Help
2011-06-06 08:39 . 2011-06-06 08:43 -------- d-----w- e:\documents and settings\All Users\Application Data\Microsoft Help
2011-06-06 08:39 . 2011-06-06 08:39 -------- d-----r- E:\MSOCache
2011-06-06 08:37 . 2011-06-06 08:37 -------- d-----w- e:\program files\MagicDisc
2011-06-06 08:37 . 2009-02-24 16:42 116736 ----a-w- e:\windows\system32\drivers\mcdbus.sys
2011-06-05 19:06 . 2011-06-05 19:06 -------- d-----w- e:\program files\BitTorrent
2011-06-05 19:06 . 2011-06-13 17:56 -------- d-----w- e:\documents and settings\petar\Application Data\BitTorrent
2011-05-31 07:07 . 2011-06-07 05:47 404640 ----a-w- e:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-30 21:18 . 2004-08-03 22:56 159232 ----a-w- e:\windows\system32\ptpusd.dll
2011-05-30 21:18 . 2004-08-03 20:58 15104 -c--a-w- e:\windows\system32\dllcache\usbscan.sys
2011-05-30 21:18 . 2004-08-03 20:58 15104 ----a-w- e:\windows\system32\drivers\usbscan.sys
2011-05-30 21:18 . 2001-08-17 20:36 5632 ----a-w- e:\windows\system32\ptpusb.dll
2011-05-28 20:31 . 2011-06-15 06:31 -------- d-----w- e:\documents and settings\petar\Local Settings\Application Data\Temp
2011-05-23 20:31 . 2011-05-23 20:31 -------- d-----w- e:\documents and settings\NetworkService\Local Settings\Application Data\Google
2011-05-23 20:27 . 2011-05-23 20:27 -------- d-----w- e:\documents and settings\petar\Local Settings\Application Data\Real
2011-05-23 20:27 . 2011-05-23 20:27 -------- d-----w- e:\program files\Common Files\xing shared
2011-05-23 20:27 . 2011-05-23 20:27 -------- d-----w- e:\program files\Real
2011-05-23 20:26 . 2011-05-23 20:26 -------- d-----w- e:\documents and settings\LocalService\Local Settings\Application Data\Google
2011-05-23 20:26 . 2011-05-31 20:31 -------- d-----w- e:\documents and settings\petar\Local Settings\Application Data\Google
2011-05-23 20:26 . 2011-05-23 20:27 -------- d-----w- e:\program files\Google
2011-05-20 17:44 . 2004-08-03 21:08 26496 -c--a-w- e:\windows\system32\dllcache\usbstor.sys
2011-05-19 12:59 . 2011-05-19 12:59 -------- d-----w- e:\documents and settings\petar\Local Settings\Application Data\Identities
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-23 20:27 . 2007-07-03 14:40 499712 ----a-w- e:\windows\system32\msvcp71.dll
2011-05-09 11:58 . 2004-06-11 09:31 135168 ----a-w- e:\windows\UNDPX2A.exe
2011-05-09 11:58 . 2004-06-11 09:34 53693 ----a-w- e:\windows\UNDPX2A.sys
2011-05-09 11:58 . 2004-06-10 18:42 15429 ----a-w- e:\windows\system32\drivers\Sacm2A.sys
2011-04-20 02:41 . 2011-05-09 11:44 6537728 ----a-w- e:\windows\system32\drivers\ati2mtag.sys
2011-04-20 02:38 . 2011-05-09 11:44 311296 ----a-w- e:\windows\system32\atiiiexx.dll
2011-04-20 02:04 . 2011-05-09 11:44 462848 ----a-w- e:\windows\system32\ATIDEMGX.dll
2011-04-20 02:02 . 2011-05-09 11:44 302080 ----a-w- e:\windows\system32\ati2dvag.dll
2011-04-20 02:01 . 2011-05-09 11:44 4017408 ----a-w- e:\windows\system32\ati3duag.dll
2011-04-20 01:45 . 2011-05-09 11:44 3265920 ----a-w- e:\windows\system32\ativvaxx.dll
2011-04-20 01:28 . 2011-05-09 11:44 851968 ----a-w- e:\windows\system32\ati2cqag.dll
2011-04-19 20:10 . 2011-04-19 20:10 59904 ----a-w- e:\windows\system32\OVDecode.dll
2011-04-19 20:10 . 2011-04-19 20:10 51712 ----a-w- e:\windows\system32\OpenCL.dll
2011-04-19 20:10 . 2011-04-19 20:10 12385280 ----a-w- e:\windows\system32\amdocl.dll
2011-04-14 16:26 . 2011-05-09 11:24 142296 ----a-w- e:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2004-08-03 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . e:\windows\system32\dllcache\tcpip.sys
[-] 2004-08-03 . A3886230C2B22BF4D3C452B90B1C45CB . 359808 . . [5.1.2600.2892] . . e:\windows\system32\drivers\tcpip.sys
.
[-] 2007-08-24 . 6E266AAF4168B3569A330C61AB01F6B4 . 1580544 . . [5.1.2600.2180] . . e:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((( [Link mogu videti samo ulogovani korisnici] )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-06-16 18:02 . 2011-06-16 18:02 16384 e:\windows\Temp\Perflib_Perfdata_4e8.dat
+ 2011-06-14 15:41 . 2007-11-30 11:18 17272 e:\windows\system32\spmsg.dll
+ 2001-08-23 12:00 . 2011-06-16 18:06 58596 e:\windows\system32\perfc009.dat
- 2001-08-23 12:00 . 2011-06-14 04:13 58596 e:\windows\system32\perfc009.dat
+ 2001-08-23 12:00 . 2011-06-16 18:06 392296 e:\windows\system32\perfh009.dat
- 2001-08-23 12:00 . 2011-06-14 04:13 392296 e:\windows\system32\perfh009.dat
+ 2004-08-03 22:56 . 2008-10-15 16:57 332800 e:\windows\system32\netapi32.dll
+ 2004-08-03 22:56 . 2008-10-15 16:57 332800 e:\windows\system32\dllcache\netapi32.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVIDIA nTune"="e:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-09-04 81920]
"BitTorrent"="e:\documents and settings\petar\My Documents\Downloads\BitTorrent-7.2.1.exe" [2011-06-05 4771184]
"DAEMON Tools Lite"="e:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="e:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"TkBellExe"="e:\program files\Real\RealPlayer\update\realsched.exe" [2011-05-23 273544]
"GrooveMonitor"="e:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"avgnt"="e:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-03-28 281768]
"StartCCC"="e:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-04-19 98304]
.
e:\documents and settings\petar\Start Menu\Programs\Startup\
MagicDisc.lnk - e:\program files\MagicDisc\MagicDisc.exe [2011-6-6 576000]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"e:\\Program Files\\BitTorrent\\BitTorrent.exe"=
"e:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"e:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"e:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"e:\\Documents and Settings\\petar\\My Documents\\Downloads\\BitTorrent-7.2.1.exe"=
.
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;e:\windows\system32\drivers\dtsoftbus01.sys [6/9/2011 5:20 PM 218688]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;e:\program files\Avira\AntiVir Desktop\sched.exe [6/7/2011 10:00 PM 136360]
S2 gupdate;Google Update Service (gupdate);e:\program files\Google\Update\GoogleUpdate.exe [5/23/2011 10:26 PM 136176]
S3 Ambfilt;Ambfilt;e:\windows\system32\drivers\Ambfilt.sys [5/10/2011 6:20 PM 1691480]
S3 FLASHSYS;FLASHSYS;e:\program files\MSI\Live Update 4\LU4\FlashSys.sys [6/10/2011 5:20 PM 9216]
S3 NTIOLib_1_0_6;NTIOLib_1_0_6;e:\program files\Setup Files\Ms7309v270\NTIOLib.sys [1/6/2011 11:04 AM 7680]
.
Contents of the 'Scheduled Tasks' folder
.
2011-06-16 e:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- e:\program files\Google\Update\GoogleUpdate.exe [2011-05-23 20:26]
.
2011-06-16 e:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- e:\program files\Google\Update\GoogleUpdate.exe [2011-05-23 20:26]
.
2011-06-16 e:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1757981266-1532298954-839522115-1003.job
- e:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47]
.
2011-06-16 e:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1757981266-1532298954-839522115-1003.job
- e:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47]
.
.
------- Supplementary Scan -------
.
uStart Page = [Link mogu videti samo ulogovani korisnici]
IE: E&xport to Microsoft Excel - e:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 95.180.0.18 95.180.1.2
FF - ProfilePath - e:\documents and settings\petar\Application Data\Mozilla\Firefox\Profiles\nks6f2my.default\
FF - prefs.js: browser.search.defaulturl - [Link mogu videti samo ulogovani korisnici]{searchTerms}
FF - prefs.js: browser.startup.homepage - [Link mogu videti samo ulogovani korisnici]
FF - prefs.js: keyword.URL - [Link mogu videti samo ulogovani korisnici]
FF - prefs.js: network.proxy.type - 4
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici]
Rootkit scan 2011-06-16 20:13
Windows 5.1.2600 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1757981266-1532298954-839522115-1003\Software\G*e*n*i*e*"!\FM Genie Scout 11]
"GameDir"="e:\\Documents and Settings\\petar\\My Documents\\Sports Interactive\\Football Manager 2011\\games"
"ShortlistDir"="e:\\Documents and Settings\\petar\\My Documents\\Sports Interactive\\Football Manager 2011\\shortlists"
"FMPath"=""
"ScreenshotsDir"="e:\\Documents and Settings\\petar\\My Documents\\Sports Interactive\\Football Manager 2011"
"SaveDir"="e:\\Documents and Settings\\petar\\My Documents\\Sports Interactive\\Football Manager 2011\\"
"HistoryDir"="d:\\FM Genie Scout 11\\History Points"
"LangDB"="d:\\FM Genie Scout 11\\lang_db.dat"
"LastSaveGame"=""
"Language"="English"
"LoadLangDB"=dword:00000001
"CompressHistoryPoints"=dword:00000000
"HighlightedAttributes"=dword:00000000
"MinCondition"=dword:00000050
"GraphStep"=dword:00000000
"SkinName"="PSV Eindhoven"
"LastUpdateCheck"=dword:00009ee6
"HighQualityGUI"=dword:00000001
"AutomaticallyUpdateCheck"=dword:00000001
"AdvancedGeneration"=dword:00000000
"TranslateStaffSkills"=dword:00000001
"TranslatePlayerSkills"=dword:00000001
"TranslatePositions"=dword:00000001
"ShowHistory"=dword:00000001
"Version"=dword:00000080
"UniqueID"="34-F675-28D3"
"UseProxy"=dword:00000000
"ProxyHost"=""
"ProxyPort"=""
"UseAuthentication"=dword:00000000
"UserName"=""
"UserPassword"=""
"PlayerSearchFeatureNum"=dword:00000004
"StaffSearchFeatureNum"=dword:00000001
"ClubSearchFeatureNum"=dword:00000001
"FilterByClubFeatureNum"=dword:00000000
"CompareFeatureNum"=dword:00000000
"ShortlistFeatureNum"=dword:00000000
"ExportFeatureNum"=dword:00000000
"HistoryFeatureNum"=dword:00000000
"LanguageDBFeatureNum"=dword:00000003
"HintsFeatureNum"=dword:00000000
"GenieReportFeatureNum"=dword:00000000
"TopFormationFeatureNum"=dword:00000000
"ScreenshotFeatureNum"=dword:00000000
"Currency"=dword:00000056
.
[HKEY_USERS\S-1-5-21-1757981266-1532298954-839522115-1003\Software\G*e*n*i*e*"!\FM Genie Scout 11g]
"PicturesNumber"=dword:000001a6
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(668-)
e:\windows\system32\Ati2evxx.dll
e:\windows\system32\atiadlxx.dll
.
- - - - - - - > 'explorer.exe'(2024)
e:\windows\system32\msi.dll
e:\windows\system32\ieframe.dll
e:\windows\system32\webcheck.dll
e:\windows\system32\browselc.dll
e:\program files\Microsoft Office\Office12\1033\GrooveIntlResource.dll
e:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
.
Completion time: 2011-06-16 20:13:47
ComboFix-quarantined-files.txt 2011-06-16 18:13
ComboFix2.txt 2011-06-14 15:51
ComboFix3.txt 2011-06-14 12:50
.
Pre-Run: 138,183,950,336 bytes free
Post-Run: 138,172,674,048 bytes free
.
- - End Of File - - B3318419D03FD379E30F7C6235809E9F













Malwarebytes log

Malwarebytes' Anti-Malware 1.51.0.1200
[Link mogu videti samo ulogovani korisnici]

Database version: 6872

Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702

6/16/2011 8:22:04 PM
mbam-log-2011-06-16 (20-22-04).txt

Scan type: Quick scan
Objects scanned: 138158
Time elapsed: 1 minute(s), 12 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)



Nije pronasao infected fajlove pa nisam imao sta da obrisem.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Kakvo je sada stanje sistema? Pokusaj deinstalirati (u Add or Remove programs nadji sledece stavke i deinstaliraj: High Definition Audio Driver Package - KB835221, High Definition Audio Driver Package - KB888111, Realtek High Definition Audio Driver) pa opet instalirati drajvere za zvuk tj. isprati moje predloge iz ove teme: [Link mogu videti samo ulogovani korisnici]








- Preuzmi USBNoRisk na Desktop i pokreni ga duplim klikom na ikonicu programa.
- Sacekaj koji sekund dok program izvrsi inicijalno skeniranje.
- Ubacuj sve USB memorijske uredjaje redom u USB slot i svaki zadrzi u slotu po 10 sekundi.
- Ukoliko imas vise uredjaja za proveru, onda na parcetu papira zapisi kojim redom su ubacivani jer ce nam kasnije trebati taj podatak
- Kada zavrsis sa svim uredjajima, klikni desno dugme misa na sred prozora programa i odaberi opciju Save scrambled log. To ce automatski otvoriti log u Notepadu. Iskopiraj nam taj log iz Notepada na forum.

Objasnjenje: U USB memorijske uredjaje spadaju svi oni uredjaji koji po prikljucivanju na kompjuter dobijaju svoju oznaku particije. Tu spadaju USB flash drajvovi, eksterni hard-diskovi, memorijske kartice, MP3 i MP4 plejeri, neki mobilni telefoni, neki GPS (navigacioni) uredjaji itd.






goran9888 (AMF Tim)

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Napisano: 17 Jun 2011 19:10

Doco. Usporen mi je komp mnogo od kad sam instalirao Malwarebytes ... Mislim da je zato sto radi uporedo sa avirom... I ne otvara mi listu u add or remove programs tako da od deinstaliranja drajvera za sad nema nista...

Dopuna: 17 Jun 2011 19:12

Ma lozim te doco radi salim se sad je proradio add or remove programs. Evo sad cu da odradim ovo sa drajverima

Dopuna: 17 Jun 2011 19:47

Drajver ne radi. Jedini usb koj sam imao je eksterni hard disk... A evo i loga :

USBNoRisk 2.7 (28 December 2010) by bobby

Started at 6/17/2011 7:38:25 PM

Searching for connected USB Mass storage...
----------------------------------------
========================================

Searching for other storage...
----------------------------------------
C: {0f643433-79cf-11e0-9002-806d6172696f}
D: {0f643434-79cf-11e0-9002-806d6172696f}
E: {0f643437-79cf-11e0-9002-806d6172696f}
I: {e46edc44-8308-11e0-a97f-6c626d0ff7c1}
========================================


Scanning fixed storage...
----------------------------------------

No blocked files found on C:
No autorun.inf files found on C:
No mountpoint found for C:
No mountpoint found for 0f643433-79cf-11e0-9002-806d6172696f
No Desktop.ini files found on C:
----------------------------------------

No blocked files found on D:
No autorun.inf files found on D:
No mountpoint found for D:
No mountpoint found for 0f643434-79cf-11e0-9002-806d6172696f
No Desktop.ini files found on D:
----------------------------------------

No blocked files found on E:
No autorun.inf files found on E:
No mountpoint found for E:
No mountpoint found for 0f643437-79cf-11e0-9002-806d6172696f
No Desktop.ini files found on E:
----------------------------------------

No blocked files found on I:
No autorun.inf files found on I:
No mountpoint found for I:
No mountpoint found for e46edc44-8308-11e0-a97f-6c626d0ff7c1
No Desktop.ini files found on I:
----------------------------------------

========================================
Initial scan finished!
========================================


Da li mogu sad da deinstaliram malwarebytes? I kako da proverim da li mi je crkla zvucna kartica... Malo sam se raspitivao i svi koji su imali problema sa zvukom imali su slicnu situaciju kao i ja. Vecina su resili problem ubacivanjem druge zvucne kartice posto su na kraju odustali od ove misleci da je najverovatnije crkla...

• 1Ovo se svidja korisniku: ThePhilosopher
  
  Registruj se da bi pohvalio/la poruku!

Ovako ...


Kao prvo, koristis neazuriran operativni sistem.

- Preporucujem ti da instaliras Service Pack 3 za Windows XP tj. update-ujes svoj Operativni Sistem. Necu govoriti o njegovim prednostima u odnosu na Service Pack 2. Te informacije mozes naci na MS-ovom sajtu. Uglavnom, MS je 13.jula 2010 prekinuo podrsku za Service Pack 2 koji je instaliran na tvom racunaru.

Sta to znaci? Pogledaj link: [Link mogu videti samo ulogovani korisnici];

**** Ukoliko se odlucis na ovaj korak (instaliranje SP3), preporucujem ti da prethodno uradis backup svih bitnih podataka.





Takodje, dobro procitaj ovu temu (nadogradi dodatke na svim svojim pretrazivacima koje koristis): [Link mogu videti samo ulogovani korisnici]


- Koristis Adobe Reader 9 koji je stara a ujedno i kriticna verzija ovog PDF citaca zbog propusta u sigurnosti. Svakako ti predlazem da instaliras najnoviju verziju (Reader X) ili predjes na alternativu tipa Foxit Reader, Nitro PDF Reader, itd ...



Dalje ...

Ukoliko ti zvucna kartica radi na drugom operativnom sistemu (Windows 7) onda nije problem do nje najverovatnije.





Na racunaru imas instaliran NVIDIA ForceWare Network Access Manager (neka vrsta firewall-a). Moja preporuka je da ga deinstaliras. Ne vidim neku korist od njega (vise izaziva probleme).




Drajvere nemoj skidati uz pomoc programa tipa Driver Detective (imas ga instaliranog), jer je velika verovatnoca da ce ti ponuditi pogresan drajver i tako izazvati probleme. Najbolji nacin za skidanje najnovihijih drajvera je sa oficijelnih sajtova proizvodjaca komponenti. Prosto je, jednostavno, brzo i delotvorno.




-------------------------------------------------------

Tvoj racunar je cist sto se malware-a tice.




Koriscene programe mozes izbrisati (Malwarebytes mozes deinstalirati; mada, to je on-demand skener (nema real-time zastitu) i radi u kombinaciji sa svim AV software-om). Moja preporuka je da ostane instaliran na racunaru, i da povremeno proskeniras sistem njime.





Potrebno je deinstalirati ComboFix:
klikni start (ili ), a zatim RUN.

Na Visti koristiti Start Search polje ukoliko Run nije dostupan.

U liniju za unos teksta ukucaj (iskopiraj) sledeće:

ComboFix /Uninstall

Primeti da postoji razmak između "ComboFix" i "/Uninstall".



a zatim klikni OK (ili pritisni Enter).

Sačekaj da se proces deinstalacije završi.





- Preporucujem da za zastitu USB memorijskih uredjaja koristis MCShield. Nema nikakve veze sa AntiVirus-om tj. nece ometati njegov rad a pokazao se kao jedan od najboljih vida zastite od malware-a koji se prenosi putem USB mem. uredjaja.

Skines, instaliras, ubodes USB mem. uredjaj, izvrsi se skeniranje nakon cega dobijes obavestenje da je uredjaj cist (ukoliko je stvarno tako); ili dobijes log u kome vidis informacije o malware-u koji je nadjen i obrisan.


Home Page MCShield-a: [Link mogu videti samo ulogovani korisnici]

Vise o MCShield-u mozes saznati u ovoj temi: [Link mogu videti samo ulogovani korisnici]






Preuzmi program ATF Cleaner i sačuvaj ga na Desktop.

Štikliraj Select All i nakon toga klikni na Empty Selected.
Kada se pojavi poruka Done Cleaning, zatvori program.






Kada sve ovo odradis, resavanje slucaja mozemo nastaviti u ovoj temi: [Link mogu videti samo ulogovani korisnici]