Problem sa određenim aplikacijama - smrzavanje (Razni softverski problemi) @ Bug.hr Forum

panonski

16 godina

neaktivan

offline

čet 19.5.2011 10:07

Odgovori Citiraj

Problem sa određenim aplikacijama - smrzavanje

Drage kolege,

evo mene još jednom sa jednim čudnim problemom.

Na mojem laptopu HP ProBOOK 4320S na kojem je instalirana original sedmica 64 bitna

jučer se po prvi puta desilo nešto zaista čudno.

Pokušao sam otvoriti jedno desetak puta COREL file, dvoklikom, desnim klikom pa "open with", u safe modu također, i svaki puta kada sam pokrenuo otvaranje

KOMPJUTER SE SMRZNUO! SKROZ!

i to ne na način da se smrznuo vrteći u pozadini neki neverending proces, nego se smrznuo i onaj kružić koji se vrti kada se taj proces odvija.

dakle ekran i kompjuter su se smrznuli potpuno i doslovno.

Inače sad pišem sa njega, sve radi normalno, office otvara, CC cleaner otvara, sve otvara normalno, osim još jedne aplikacije

"advanced unistaler pro" kojeg imam instaliranog i na desk compu.

Budući da sam htio probati jel neki problem u te dvije aplikacije u ponovnoj instalaciji, to sam probao i napraviti.

Odinstalirao sam "advanced uninstaller" i krenuo ga ponovo instalirati.

No međutim , kada je proces gotovo dovršen i kada je trebalo stisnut finish,

komp se ponovo smrznuo do kraja.

NAGLAŠAVAM DA SU OBJE OVE APLIKACIJE NORMALNO RADILE DO PRED KOJI DAN,

A JA U MEĐUVREMENU NISAM NIŠTA SPECIJALNO PRČKAO DA BIH TO MOGAO POKVARITI.

dakle.... u čemu je do vraga ovdje riječ?

BALKANAC OD GLAVE DO OPANAKA

Poruka je uređivana zadnji put čet 19.5.2011 10:09 (panonski).

trajni link

0 0 hvala 0

panonski

16 godina

neaktivan

offline

čet 19.5.2011 20:52

Odgovori Citiraj

Re: Problem sa određenim aplikacijama - smrzavanje

volim kad niko ne zna odgovora

:)

BALKANAC OD GLAVE DO OPANAKA

trajni link nadporuka

0 0 hvala 0

luxxxfromhell

15 godina

neaktivan

offline

pet 20.5.2011 9:02

Odgovori Citiraj

Problem sa određenim aplikacijama - smrzavanje

probaj skenirat mbamom i sasp-om jer ti se možda neki virus zavuko u komp.

who does the army trust the most? airborne! who do the ladies love the most? airborne! who do the nazis fear the most? airborne! yaaargh!!!!

Moj PC

trajni link

1 0 hvala 0

panonski

16 godina

neaktivan

offline

pet 20.5.2011 14:14

Odgovori Citiraj

Re: Problem sa određenim aplikacijama - smrzavanje

hm.....

našao sam sa malware bytesom čak 7 virusa,

a jedan virus mi se pojavljuje preko security essentialsa,

i svaki puta ga uklonim, karantiniram, ali se on ponovo pojavljuje...Snimio sam sliku

također tu je izvještaj malware bytesa

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Verzija baze podataka: 6624

Windows 6.1.7601 Service Pack 1 (Safe Mode)
Internet Explorer 8.0.7601.17514

20.5.2011. 13:58:22
mbam-log-2011-05-20 (13-58-10).txt

Tip provjere: Kompletna provjera (C:\|D:\|E:\|)
Provjereni objekti: 266554
Vrijeme trajanja: 16 minuta, 11 sekundi

Zaraženi procesi u memoriji: 0
Zaraženi moduli u memoriji: 0
Zaraženi ključevi u registru: 1
Zaražene vrijednosti u registru: 0
Zaraženi podaci u registru: 0
Zaraženi direktoriji: 0
Zaražene datoteke: 6

Zaraženi procesi u memoriji:
(Zloćudne stavke nisu otkrivene)

Zaraženi moduli u memoriji:
(Zloćudne stavke nisu otkrivene)

Zaraženi ključevi u registru:
HKEY_CURRENT_USER\Software\VB and VBA Program Settings\SrvID (Malware.Trace) -> No action taken.

Zaražene vrijednosti u registru:
(Zloćudne stavke nisu otkrivene)

Zaraženi podaci u registru:
(Zloćudne stavke nisu otkrivene)

Zaraženi direktoriji:
(Zloćudne stavke nisu otkrivene)

Zaražene datoteke:
c:\program files (x86)\your uninstaller 2010\armaccess.dll (Malware.Packer) -> No action taken.
c:\Users\Antifriz\AppData\Local\Temp\%temp%.exe (RiskWare.Tool.CK) -> No action taken.
c:\Users\Antifriz\downloads\registry.first.aid.platinum.v8.1.0.2031.multilingual.incl.keymaker-core\CORE10k.EXE (Dont.Steal.Our.Software) -> No action taken.
c:\Users\Antifriz\AppData\Roaming\data.dat (Stolen.Data) -> No action taken.
c:\Windows\Temp\svhost.exe (Heuristics.Reserved.Word.Exploit) -> No action taken.
c:\Users\Antifriz\AppData\Roaming\10042011.exe (Trojan.Agent) -> No action taken.

slika virusa

BALKANAC OD GLAVE DO OPANAKA

trajni link nadporuka

0 0 hvala 0

panonski

16 godina

neaktivan

offline

pet 20.5.2011 14:48

Odgovori Citiraj

Re: Problem sa određenim aplikacijama - smrzavanje

a pazi ovo sad,

najnovija definicija malwarea - propustila još 5 komada.

anti spyware našao još 5 komada

- pa taj malware bytes je prije bio puno bolji

BALKANAC OD GLAVE DO OPANAKA

trajni link nadporuka

0 0 hvala 0

panonski

16 godina

neaktivan

offline

pet 20.5.2011 14:51

Odgovori Citiraj

Re: Problem sa određenim aplikacijama - smrzavanje

ne kužim,

opet se pojavljuje obavijest security essentialsa

sa istom slikom worma

zašto ga ne može do kraja ukloniti

BALKANAC OD GLAVE DO OPANAKA

trajni link nadporuka

0 0 hvala 0

panonski

16 godina

neaktivan

offline

pet 20.5.2011 15:17

Odgovori Citiraj

Re: Problem sa određenim aplikacijama - smrzavanje

Molim te, a pazi ovo sad....Idem na web po taj worm AIN.SLOT i nađem kao removal tool za njega

downloadam, program je scanner kao i ova prva dva.

sad ovaj nađe još 8 komada??!!

PA KO JE TU LUD

naravno, nije mi ništa uklinio prije nego ga kupim, a u izvještaju je našao neki worm, ali nije bio taj ain.slot

BALKANAC OD GLAVE DO OPANAKA

trajni link nadporuka

0 0 hvala 0

total

17 godina

neaktivan

offline

pet 20.5.2011 15:23

Odgovori Citiraj

Re: Problem sa određenim aplikacijama - smrzavanje

panonski kaže...

Molim te, a pazi ovo sad....Idem na web po taj worm AIN.SLOT i nađem kao removal tool za njega

downloadam, program je scanner kao i ova prva dva.

sad ovaj nađe još 8 komada??!!

PA KO JE TU LUD

naravno, nije mi ništa uklinio prije nego ga kupim, a u izvještaju je našao neki worm, ali nije bio taj ain.slot

ajd uradi ovako

-skini DDS.scr i spremi na desktop

-dvoklikom pokreni program i sačekaj dok ne izbaci dva loga DDS.txt i Attach.txt

-logove uploadaj na speedyshare a link kopiraj na svoju temu

trajni link nadporuka

1 0 hvala 0

panonski

16 godina

neaktivan

offline

pet 20.5.2011 18:09

Odgovori Citiraj

Re: Problem sa određenim aplikacijama - smrzavanje

.
DDS (Ver_11-05-19.01) - NTFSx86
Internet Explorer: 8.0.7601.17514
Run by Antifriz at 18:05:48 on 2011-05-20
Microsoft Windows 7 Ultimate   6.1.7601.1.1250.385.1033.18.3951.2502 [GMT 2:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\RFA 8\rfagent64.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\rundll32.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Windows\system32\locator.exe
C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Antifriz\Downloads\dds.scr
C:\Windows\SysWOW64\WSCRIPT.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://start.facemoods.com/?a=stonicla
uLocal Page = C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Blank.htm
mLocal Page = C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Blank.htm
mSearchAssistant = hxxp://start.facemoods.com/?a=stonicla&s={searchTerms}&f=4
uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
BHO: CescrtHlpr Object: {64182481-4f71-486b-a045-b233bd0da8fc} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.6\bh\facemoods.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
BHO: QuickNet BHO: {ea5ca8b6-9b9c-4994-a7a1-947b6c631be7} - C:\Program Files (x86)\RegTweaker\key.dll
TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
TB: facemoods Toolbar: {db4e9724-f518-4dfd-9c7c-78b52103cab9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.6\facemoodsTlbr.dll
uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [rundll32] C:\Users\Antifriz\AppData\Local\Temp\rundll32 .exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe
mRun: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
mRun: [facemoods] "C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.6\facemoodssrv.exe" /md I
StartupFolder: C:\Users\Antifriz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\rundll32 .exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
TB-X64: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
TB-X64: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll
TB-X64: {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File
mRun-x64: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
mRun-x64: [HPPowerAssistant] C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe /hidden
mRun-x64: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
mRun-x64: [rfagent] "C:\Program Files\RFA 8\rfagent64.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Antifriz\AppData\Roaming\Mozilla\Firefox\Profiles\wfxipze2.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.hr/firefox?client=firefox-a&rls=org.mozilla:hr:official
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&q=
FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordlegacyext.dll
FF - component: C:\Users\Antifriz\AppData\Roaming\Mozilla\Firefox\Profiles\wfxipze2.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko19.dll
FF - component: C:\Users\Antifriz\AppData\Roaming\Mozilla\Firefox\Profiles\wfxipze2.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll
FF - component: C:\Users\Antifriz\AppData\Roaming\Mozilla\Firefox\Profiles\wfxipze2.default\extensions\ffxtlbr@Facemoods.com\components\FFHst.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: Facemoods: ffxtlbr@Facemoods.com - %profile%\extensions\ffxtlbr@Facemoods.com
FF - Ext: Xmarks: foxmarks@kei.com - %profile%\extensions\foxmarks@kei.com
FF - Ext: Lazarus: Form Recovery: lazarus@interclue.com - %profile%\extensions\lazarus@interclue.com
FF - Ext: Full Flat: {6E1A2A2E-AE2A-4A26-A812-46F54288379E} - %profile%\extensions\{6E1A2A2E-AE2A-4A26-A812-46F54288379E}
FF - Ext: uTorrentBar Community Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - %profile%\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - Ext: avast! WebRep: wrc@avast.com - C:\Program Files\AVAST Software\Avast\WebRep\FF
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys - C:\Windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys - C:\Windows\system32\drivers\aswSP.sys [?]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys - C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys - C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R1 SASDIFSV;SASDIFSV;C:\Users\Antifriz\AppData\Local\Temp\SAS_SelfExtract\sasdifsv64.sys [2010-2-17 14920]
R1 SASKUTIL;SASKUTIL;C:\Users\Antifriz\AppData\Local\Temp\SAS_SelfExtract\saskutil64.sys [2010-2-17 12360]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys - C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe - C:\Windows\system32\atiesrxx.exe [?]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys - C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys - C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-3-29 42184]
R2 HP Power Assistant Service;HP Power Assistant Service;C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2010-8-23 103992]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-10-14 92216]
R2 hpHotkeyMonitor;HP Hotkey Monitor;C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-10-1 280120]
R2 hpsrv;HP Service;C:\Windows\system32\Hpservice.exe - C:\Windows\system32\Hpservice.exe [?]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys - C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys - C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2011-3-21 227896]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\system32\DRIVERS\netr28x.sys - C:\Windows\system32\DRIVERS\netr28x.sys [?]
R3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys - C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys - C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 epmntdrv;epmntdrv;C:\Windows\System32\epmntdrv.sys [2011-3-23 14216]
S3 EuGdiDrv;EuGdiDrv;C:\Windows\System32\EuGdiDrv.sys [2011-3-23 8456]
S3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys - C:\Windows\system32\DRIVERS\MpNWMon.sys [?]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys - C:\Windows\system32\drivers\rdpvideominiport.sys [?]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys - C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys - C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe - C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2011-05-20 13:20:26    --------    d-----w-    C:\Program Files (x86)\RegTweaker
2011-05-20 13:05:27    --------    d-----w-    C:\Users\Antifriz\AppData\Roaming\ScanSpyware
2011-05-20 13:05:25    8704    ----a-w-    C:\Windows\SysWow64\ssbtsr.exe
2011-05-20 13:05:24    --------    d-----w-    C:\Program Files (x86)\ScanSpyware
2011-05-20 12:15:08    --------    d-----w-    C:\Users\Antifriz\AppData\Roaming\SUPERAntiSpyware.com
2011-05-20 12:15:08    --------    d-----w-    C:\ProgramData\SUPERAntiSpyware.com
2011-05-20 12:04:28    1169224    ----a-w-    C:\Users\Antifriz\AppData\Roaming\10042011.exe
2011-05-20 09:41:09    --------    d-----w-    C:\Program Files (x86)\Your Uninstaller 2010
2011-05-20 09:40:43    --------    d-----w-    C:\Users\Antifriz\AppData\Roaming\URSoft
2011-05-20 09:40:32    --------    d-----w-    C:\Program Files (x86)\Your Uninstaller! 7
2011-05-19 09:34:35    --------    d-----w-    C:\ProgramData\RFA_Backups
2011-05-19 09:32:15    --------    d-----w-    C:\ProgramData\Registry First Aid
2011-05-19 09:32:14    --------    d-----w-    C:\Program Files\RFA 8
2011-05-19 09:29:54    976384    ----a-w-    C:\Users\Antifriz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\rundll32 .exe
2011-05-18 17:10:00    --------    d-----w-    C:\Program Files (x86)\Innovative Solutions
2011-05-15 12:54:26    8802128    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E52505AA-5F51-4753-B6F2-F6AA45C1A4D6}\mpengine.dll
2011-04-21 08:37:23    --------    d-----w-    C:\Users\Antifriz\AppData\Roaming\PhotoScape
2011-04-21 08:34:56    --------    d-----w-    C:\Program Files (x86)\PhotoScape
2011-04-21 08:34:25    --------    d-----w-    C:\Program Files (x86)\facemoods.com
.
==================== Find3M ====================
.
2011-04-13 22:40:10    4284416    ----a-w-    C:\Windows\SysWow64\GPhotos.scr
2011-04-02 12:58:09    254528    ----a-w-    C:\Windows\System32\drivers\dtsoftbus01.sys
2011-03-27 15:09:44    499712    ----a-w-    C:\Windows\SysWow64\msvcp71.dll
2011-03-27 15:09:44    348160    ----a-w-    C:\Windows\SysWow64\msvcr71.dll
2011-03-08 18:51:00    0    ----a-w-    C:\Windows\ativpsrm.bin
2011-03-08 18:14:50    175616    ----a-w-    C:\Windows\System32\msclmd.dll
2011-03-08 18:14:50    152576    ----a-w-    C:\Windows\SysWow64\msclmd.dll
2011-03-03 21:09:48    2913920    ----a-w-    C:\Windows\System32\BootMan.exe
2011-03-03 21:09:46    2336384    ----a-w-    C:\Windows\SysWow64\BootMan.exe
2011-02-23 14:04:21    40648    ----a-w-    C:\Windows\avastSS.scr
2011-02-23 13:57:01    505176    ----a-w-    C:\Windows\System32\drivers\aswSnx.sys
2011-02-23 13:55:05    64344    ----a-w-    C:\Windows\System32\drivers\aswMonFlt.sys
2010-11-05 01:58:15    1169224    --sh--w-    C:\Windows\Temp\svhost.exe
.
============= FINISH: 18:07:56,94 ===============

evo ovo je log

BALKANAC OD GLAVE DO OPANAKA

trajni link nadporuka

0 0 hvala 0

total

17 godina

neaktivan

offline

pet 20.5.2011 18:24

Odgovori Citiraj

Problem sa određenim aplikacijama - smrzavanje

skini combofix i spremi ga na desktop

-isključi antivirus

nakon toga; otvori notepad i ovo kopiraj u notepad

KillAll::

DDS::
uRun: [rundll32] C:\Users\Antifriz\AppData\Local\Temp\rundll32 .exe
StartupFolder: C:\Users\Antifriz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\rundll32 .exe

File::
C:\Users\Antifriz\AppData\Roaming\10042011.exe
C:\Users\Antifriz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\rundll32 .exe
C:\Windows\ativpsrm.bin
C:\Windows\Temp\svhost.exe

zatvori notepad i spremi kao CFScript na desktop

-skriptu sa mišem uvuci u combofix.exe

-combofix će se pokrenuti, na sve što combofix traži odgovori potvrdno

-log koji dobiješ kopiraj

trajni link

0 0 hvala 0

panonski

16 godina

neaktivan

offline

pet 20.5.2011 18:43

Odgovori Citiraj

Re: Problem sa određenim aplikacijama - smrzavanje

kako da naslovim taj txt file?

ja sam odzipao i sve je na desktopu, tj. cijeli folder sa tom .exe datotekom

BALKANAC OD GLAVE DO OPANAKA

trajni link nadporuka

0 0 hvala 0

total

17 godina

neaktivan

offline

pet 20.5.2011 18:51

Odgovori Citiraj

Re: Problem sa određenim aplikacijama - smrzavanje

panonski kaže...

kako da naslovim taj txt file?

ja sam odzipao i sve je na desktopu, tj. cijeli folder sa tom .exe datotekom

CFScript

http://slike.hr/slike/cfscriptb4_2c220.gif.html

combofix nije zipovan, treba biti samo jedan izvršni file>>combofix.exe

evo ti direktan link http://download.bleepingcomputer.com/protected/6ecf5f3b67e3b5b3e59cda3993b07597/4dd69b91/ComboFix.exe

link važi 8 minuta, tako da požuriš s downloadom :)

trajni link nadporuka

0 0 hvala 0

panonski

16 godina

neaktivan

offline

pet 20.5.2011 18:51

Odgovori Citiraj

Re: Problem sa određenim aplikacijama - smrzavanje

ok, sad vidim...

čini mi se da sam dobio van neke fileove, ali nijedan ne mogu otvoriti.

create02

create02.dat

whitedircreate00.dat

i ComboFix

jedino mogu otvoriti combofix, ali u tom fileu nema ništa

BALKANAC OD GLAVE DO OPANAKA

trajni link nadporuka

0 0 hvala 0

total

17 godina

neaktivan

offline

pet 20.5.2011 18:53

Odgovori Citiraj

Re: Problem sa određenim aplikacijama - smrzavanje

povuci taj combofix u smeće i skini sa linka kojeg sam postavio...požuri jer je link ograničen vremenski

trajni link nadporuka

0 0 hvala 0

panonski

16 godina

neaktivan

offline

pet 20.5.2011 18:59

Odgovori Citiraj

Re: Problem sa određenim aplikacijama - smrzavanje

mislim da sam pokapirao, ali nisam essintials isključio, pa pišti...

BALKANAC OD GLAVE DO OPANAKA

trajni link nadporuka

0 0 hvala 0

total

17 godina

neaktivan

offline

pet 20.5.2011 19:03

Odgovori Citiraj

Re: Problem sa određenim aplikacijama - smrzavanje

panonski kaže...

mislim da sam pokapirao, ali nisam essintials isključio, pa pišti...

pojasni malo...vidi, ako nisi siguran kako ide pametnije je da pitaš jer combofix nije igračka, kako može pomoći, isto tako ako se ne radi pravilno može i štetu učiniti..

ako se combofix pokrenio, ostavi ga da radi i ne diraj ništa, jedino što možeš je odgovarati na yes/ok za slučaj da combofix nešto pita i ništa drugo

trajni link nadporuka

0 0 hvala 0

panonski

16 godina

neaktivan

offline

pet 20.5.2011 19:09

Odgovori Citiraj

Re: Problem sa određenim aplikacijama - smrzavanje

nisam znao do kraja isključiti essentials,

mrzim te antiviruse koji nemaju jedan jednostavan klik za gašenje.

On je javio da essntials nisam do kraja isključio, ali da će on nastaviti i jel se slažem i da je sve na moju odgovornost.

reko, OK.

evo sad je završio, rebbot napravio, i sad će log report izaći...da vidimo...

BALKANAC OD GLAVE DO OPANAKA

trajni link nadporuka

0 0 hvala 0

panonski

16 godina

neaktivan

offline

pet 20.5.2011 19:14

Odgovori Citiraj

Re: Problem sa određenim aplikacijama - smrzavanje

ComboFix 11-05-19.01 - Antifriz 0.05.2011. 19:03:33.1.2 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1250.385.1033.18.3951.2501 [GMT 2:00]
Running from: c:\users\Antifriz\Downloads\ComboFix.exe
Command switches used :: c:\users\Antifriz\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\users\Antifriz\AppData\Roaming\10042011.exe"
"c:\users\Antifriz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\rundll32 .exe"
"c:\windows\ativpsrm.bin"
"c:\windows\Temp\svhost.exe"
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\facemoods.com
c:\program files (x86)\facemoods.com\facemoods\1.4.17.6\bh\facemoods.dll
c:\program files (x86)\facemoods.com\facemoods\1.4.17.6\facemoods.crx
c:\program files (x86)\facemoods.com\facemoods\1.4.17.6\facemoods.png
c:\program files (x86)\facemoods.com\facemoods\1.4.17.6\facemoodsApp.dll
c:\program files (x86)\facemoods.com\facemoods\1.4.17.6\facemoodsEng.dll
c:\program files (x86)\facemoods.com\facemoods\1.4.17.6\facemoodssrv.exe
c:\program files (x86)\facemoods.com\facemoods\1.4.17.6\facemoodsTlbr.dll
c:\program files (x86)\facemoods.com\facemoods\1.4.17.6\uninstall.exe
c:\users\Antifriz\AppData\Roaming\10042011.exe
c:\users\Antifriz\AppData\Roaming\data.dat
c:\users\Antifriz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\rundll32 .exe
c:\windows\ativpsrm.bin
c:\windows\Temp\svhost.exe
.
.
(((((((((((((((((((((((((   Files Created from 2011-04-20 to 2011-05-20 )))))))))))))))))))))))))))))))
.
.
2011-05-20 17:07 . 2011-05-20 17:07    --------    d-----w-    c:\users\Default\AppData\Local\temp
2011-05-20 13:20 . 2011-05-20 13:20    --------    d-----w-    c:\program files (x86)\RegTweaker
2011-05-20 13:05 . 2011-05-20 13:05    --------    d-----w-    c:\users\Antifriz\AppData\Roaming\ScanSpyware
2011-05-20 13:05 . 2008-09-07 15:22    8704    ----a-w-    c:\windows\SysWow64\ssbtsr.exe
2011-05-20 13:05 . 2011-05-20 13:05    --------    d-----w-    c:\program files (x86)\ScanSpyware
2011-05-20 12:15 . 2011-05-20 12:15    --------    d-----w-    c:\users\Antifriz\AppData\Roaming\SUPERAntiSpyware.com
2011-05-20 12:15 . 2011-05-20 12:15    --------    d-----w-    c:\programdata\SUPERAntiSpyware.com
2011-05-20 09:41 . 2011-05-20 11:59    --------    d-----w-    c:\program files (x86)\Your Uninstaller 2010
2011-05-20 09:40 . 2011-05-20 09:40    --------    d-----w-    c:\users\Antifriz\AppData\Roaming\URSoft
2011-05-20 09:40 . 2011-05-20 09:40    --------    d-----w-    c:\program files (x86)\Your Uninstaller! 7
2011-05-19 09:34 . 2011-05-19 09:43    --------    d-----w-    c:\programdata\RFA_Backups
2011-05-19 09:32 . 2011-05-19 09:32    --------    d-----w-    c:\programdata\Registry First Aid
2011-05-19 09:32 . 2011-05-19 09:48    --------    d-----w-    c:\program files\RFA 8
2011-05-18 17:10 . 2011-05-18 17:10    --------    d-----w-    c:\program files (x86)\Innovative Solutions
2011-05-15 12:54 . 2011-04-11 08:21    8802128    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E52505AA-5F51-4753-B6F2-F6AA45C1A4D6}\mpengine.dll
2011-04-21 08:37 . 2011-04-21 08:41    --------    d-----w-    c:\users\Antifriz\AppData\Roaming\PhotoScape
2011-04-21 08:34 . 2011-04-21 08:35    --------    d-----w-    c:\program files (x86)\PhotoScape
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-19 09:56 . 2011-03-27 14:31    48648    ----a-w-    c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2011-05-18 17:16 . 2011-03-31 15:39    164880    ---ha-w-    c:\users\Antifriz\AppData\Roaming\Microsoft\Virtual PC\VPCKeyboard.dll
2011-04-13 22:40 . 2011-04-13 22:40    4284416    ----a-w-    c:\windows\SysWow64\GPhotos.scr
2011-04-12 12:56 . 2011-04-12 12:56    48648    ----a-w-    c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2011-04-11 08:21 . 2011-03-08 19:14    8802128    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-04-02 12:58 . 2011-04-02 12:58    254528    ----a-w-    c:\windows\system32\drivers\dtsoftbus01.sys
2011-03-27 15:09 . 2003-03-18 19:14    499712    ----a-w-    c:\windows\SysWow64\msvcp71.dll
2011-03-27 15:09 . 2003-02-21 03:42    348160    ----a-w-    c:\windows\SysWow64\msvcr71.dll
2011-03-08 18:14 . 2009-07-14 02:36    175616    ----a-w-    c:\windows\system32\msclmd.dll
2011-03-08 18:14 . 2009-07-14 02:36    152576    ----a-w-    c:\windows\SysWow64\msclmd.dll
2011-03-03 21:09 . 2011-03-23 01:33    2913920    ----a-w-    c:\windows\system32\BootMan.exe
2011-03-03 21:09 . 2011-03-23 01:33    2336384    ----a-w-    c:\windows\SysWow64\BootMan.exe
2011-02-23 14:04 . 2011-03-29 09:24    40648    ----a-w-    c:\windows\avastSS.scr
2011-02-23 14:04 . 2011-03-29 09:24    190016    ----a-w-    c:\windows\SysWow64\aswBoot.exe
2011-02-23 14:04 . 2011-03-29 09:25    238968    ----a-w-    c:\windows\system32\aswBoot.exe
2011-02-23 13:57 . 2011-03-29 09:25    280408    ----a-w-    c:\windows\system32\drivers\aswSP.sys
2011-02-23 13:57 . 2011-03-29 09:25    505176    ----a-w-    c:\windows\system32\drivers\aswSnx.sys
2011-02-23 13:55 . 2011-03-29 09:25    53592    ----a-w-    c:\windows\system32\drivers\aswTdi.sys
2011-02-23 13:55 . 2011-03-29 09:25    31064    ----a-w-    c:\windows\system32\drivers\aswRdr.sys
2011-02-23 13:55 . 2011-03-29 09:25    64344    ----a-w-    c:\windows\system32\drivers\aswMonFlt.sys
2011-02-23 13:54 . 2011-03-29 09:25    22360    ----a-w-    c:\windows\system32\drivers\aswFsBlk.sys
2011-02-23 08:34 . 2011-03-07 23:44    7947600    ------w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{A03DF48E-00A6-4AAE-9628-88D205658810}\mpengine.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files (x86)\uTorrentBar\tbuTor.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-12-09 11:51    3911776    ----a-w-    c:\program files (x86)\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
2010-12-09 11:51    3911776    ----a-w-    c:\program files (x86)\uTorrentBar\tbuTor.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{EA5CA8B6-9B9C-4994-A7A1-947B6C631BE7}]
2011-05-20 05:36    243200    ----a-w-    c:\program files (x86)\RegTweaker\key.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files (x86)\uTorrentBar\tbuTor.dll" [2010-12-09 3911776]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2011-03-22 399736]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" [2010-10-01 256056]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-08-05 98304]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="c:\program files (x86)\Google\Gmail Notifier\gnotify.exe" [2005-07-15 479232]
"QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-11-11 287800]
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" [2011-03-27 273544]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-02-23 3451496]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2011-03-22 74752]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R1 SASDIFSV;SASDIFSV;c:\users\Antifriz\AppData\Local\Temp\SAS_SelfExtract\SASDIFSV64.SYS [x]
R1 SASKUTIL;SASKUTIL;c:\users\Antifriz\AppData\Local\Temp\SAS_SelfExtract\SASKUTIL64.SYS [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2010-08-23 103992]
R3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-01-12 227896]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2010-07-15 16776]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2010-07-15 9096]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-10-14 92216]
S2 hpHotkeyMonitor;HP Hotkey Monitor;c:\program files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-10-01 280120]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
wscsvc
.
Contents of the 'Scheduled Tasks' folder
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-02-23 14:04    134384    ----a-w-    c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"="c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" [2010-08-23 1691192]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 1436224]
"rfagent"="c:\program files\RFA 8\rfagent64.exe" [2011-04-09 3109672]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uStart Page = hxxp://start.facemoods.com/?a=stonicla
uLocal Page = c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Blank.htm
mLocal Page = c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Antifriz\AppData\Roaming\Mozilla\Firefox\Profiles\wfxipze2.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.hr/firefox?client=firefox-a&rls=org.mozilla:hr:official
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: Facemoods: ffxtlbr@Facemoods.com - %profile%\extensions\ffxtlbr@Facemoods.com
FF - Ext: Xmarks: foxmarks@kei.com - %profile%\extensions\foxmarks@kei.com
FF - Ext: Lazarus: Form Recovery: lazarus@interclue.com - %profile%\extensions\lazarus@interclue.com
FF - Ext: Full Flat: {6E1A2A2E-AE2A-4A26-A812-46F54288379E} - %profile%\extensions\{6E1A2A2E-AE2A-4A26-A812-46F54288379E}
FF - Ext: uTorrentBar Community Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - %profile%\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{64182481-4F71-486b-A045-B233BD0DA8FC} - c:\program files (x86)\facemoods.com\facemoods\1.4.17.6\bh\facemoods.dll
Toolbar-{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - c:\program files (x86)\facemoods.com\facemoods\1.4.17.6\facemoodsTlbr.dll
Wow6432Node-HKLM-Run-facemoods - c:\program files (x86)\facemoods.com\facemoods\1.4.17.6\facemoodssrv.exe
WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-facemoods - c:\program files (x86)\facemoods.com\facemoods\1.4.17.6\uninstall.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
.
**************************************************************************
.
Completion time: 2011-05-20 19:11:42 - machine was rebooted
ComboFix-quarantined-files.txt 2011-05-20 17:11
.
Pre-Run: 64.027.979.776 bytes free
Post-Run: 63.731.367.936 bytes free
.
- - End Of File - - 95C46C4F4EB6E93772591F16AE66B356

BALKANAC OD GLAVE DO OPANAKA

trajni link nadporuka

0 0 hvala 0

total

17 godina

neaktivan

offline

pet 20.5.2011 19:19

Odgovori Citiraj

Problem sa određenim aplikacijama - smrzavanje

izbriši avast antivirus preko add/remove , isto tako izbriši i ovo c:\users\Antifriz\AppData\Roaming\ScanSpyware

dok ti to pobrišeš, ja ću pogledat log i vidit kako dalje

trajni link

0 0 hvala 0

panonski

16 godina

neaktivan

offline

pet 20.5.2011 19:26

Odgovori Citiraj

Re: Problem sa određenim aplikacijama - smrzavanje

Ok, avast i spyware sam deinstalirao, taj drugi je mislim onaj koji me tražio da ga kupim

BALKANAC OD GLAVE DO OPANAKA

Poruka je uređivana zadnji put pet 20.5.2011 19:27 (panonski).

trajni link nadporuka

0 0 hvala 0

total

17 godina

neaktivan

offline

pet 20.5.2011 19:32

Odgovori Citiraj

Re: Problem sa određenim aplikacijama - smrzavanje

panonski kaže...

Ok, avast i spyware sam deinstalirao, taj drugi je mislim onaj koji me tražio da ga kupim

ok...log se čini sad ok

javlja li se sad Microsoft Security Essentials ?

koristiš li usb stikove ?...ako jesi , treba i njih provjeriti

combofix možeš izbrisati

start> run> u run polje kopiraj ovo boldano combofix /uninstall

potvrdi i sačekaj dok se combofix ne deinstalira

2. pokreni malwarebytes >>update/nadogradnja>>quick scan/brza provjera

-log kopiraj

trajni link nadporuka

0 0 hvala 0

panonski

16 godina

neaktivan

offline

pet 20.5.2011 19:35

Odgovori Citiraj

Re: Problem sa određenim aplikacijama - smrzavanje

ne, essentials se ne javlja, ali još je isključen

čini mi se da je bio neki facemoods u pitanju kao nositelj zaraze

stik imam jedan i gurao sam ga naizmjenično u lap i u stolni komp.

kako da njega skeniram?

BALKANAC OD GLAVE DO OPANAKA

Poruka je uređivana zadnji put pet 20.5.2011 19:36 (panonski).

trajni link nadporuka

0 0 hvala 0

total

17 godina

neaktivan

offline

pet 20.5.2011 19:38

Odgovori Citiraj

Problem sa određenim aplikacijama - smrzavanje

-skini ovaj program i spremi ga na desktop
-pokreni usbnorisk i sačekaj desetak sekundi
-ubaci stik u računalo (ako imaš više stikova, ubacuj jedan po jedan i zapamti ili zapiši koji je prvi drugi itd.
-sačekaj desetak sekundi
-desni klik mišem na sred prozora i odaberi opciju save scrambled log
-log kopiraj

trajni link

0 0 hvala 0

total

17 godina

neaktivan

offline

pet 20.5.2011 19:40

Odgovori Citiraj

Re: Problem sa određenim aplikacijama - smrzavanje

panonski kaže...

ne, essentials se ne javlja, ali još je isključen

čini mi se da je bio neki facemoods u pitanju kao nositelj zaraze

stik imam jedan i gurao sam ga naizmjenično u lap i u stolni komp.

kako da njega skeniram?

nije facemod nositelj zaraze, to je običan adware, drugo je bilo u pitanju...možeš sad uključiti essentials

trajni link nadporuka

0 0 hvala 0

carduelis spinus

14 godina

protjeran

offline

pet 20.5.2011 19:41

Odgovori Citiraj

Problem sa određenim aplikacijama - smrzavanje

Ako mu baš ne ide sa Combofixom (zahtjevniji korisnik), bilo bi dobro isprobati ( a korisno za vježbu i sakupljanje iskustva u čišćenju tvrdokornog rogue malwarea)

http://www.surfright.nl/en/downloads/ (jako koristan tool)

Te uvijek pouzdano rješenje Rescue CD. Za ovu priliku Avira, premda CD Kasperskog odlično odrađuje posao.

(Uvjet prazan medij za prženje)

http://www.avira.com/en/support-download-avira-antivir-rescue-system

Dosadilo mi čitati forum 3 godine onako na OFF,pa sam se pridružio. :)

Poruka je uređivana zadnji put pet 20.5.2011 19:42 (carduelis spinus).

Moj PC

trajni link

0 0 hvala 0

panonski

16 godina

neaktivan

offline

pet 20.5.2011 19:55

Odgovori Citiraj

Re: Problem sa određenim aplikacijama - smrzavanje

essentials uključen i ne javlja ništa

ovo je log sa USB-a

USBNoRisk 2.7 (28 December 2010) by bobby

Started at 20.5.2011. 19:52:07

Searching for connected USB Mass storage...
----------------------------------------
========================================

Searching for other storage...
----------------------------------------
C: {8c3d25c3-d1a3-11df-bfa7-806e6f6e6963}
D: {8c3d25c4-d1a3-11df-bfa7-806e6f6e6963}
E: {8c3d25c5-d1a3-11df-bfa7-806e6f6e6963}
F: {8c3d25c6-d1a3-11df-bfa7-806e6f6e6963}
G: {8c3d25c7-d1a3-11df-bfa7-806e6f6e6963}
H: {8c3d25c8-d1a3-11df-bfa7-806e6f6e6963}
I: {8c3d25c9-d1a3-11df-bfa7-806e6f6e6963}
J: {8c3d25ca-d1a3-11df-bfa7-806e6f6e6963}
========================================

Scanning fixed storage...
----------------------------------------

No blocked files found on C:
No aut[b][/b]orun.inf files found on C:
No mountpoint found for C:
No mountpoint found for 8c3d25c3-d1a3-11df-bfa7-806e6f6e6963
No Desktop.ini files found on C:
----------------------------------------

No blocked files found on D:
No aut[b][/b]orun.inf files found on D:
No mountpoint found for D:
No mountpoint found for 8c3d25c4-d1a3-11df-bfa7-806e6f6e6963
No Desktop.ini files found on D:
----------------------------------------

No blocked files found on E:
No aut[b][/b]orun.inf files found on E:
No mountpoint found for E:
No mountpoint found for 8c3d25c5-d1a3-11df-bfa7-806e6f6e6963
No Desktop.ini files found on E:
----------------------------------------

No blocked files found on F:
No aut[b][/b]orun.inf files found on F:
No mountpoint found for F:
No mountpoint found for 8c3d25c6-d1a3-11df-bfa7-806e6f6e6963
No Desktop.ini files found on F:
----------------------------------------

No blocked files found on G:
No aut[b][/b]orun.inf files found on G:
No mountpoint found for G:
No mountpoint found for 8c3d25c7-d1a3-11df-bfa7-806e6f6e6963
No Desktop.ini files found on G:
----------------------------------------

No blocked files found on H:
No aut[b][/b]orun.inf files found on H:
No mountpoint found for H:
No mountpoint found for 8c3d25c8-d1a3-11df-bfa7-806e6f6e6963
No Desktop.ini files found on H:
----------------------------------------

No blocked files found on I:
No aut[b][/b]orun.inf files found on I:
No mountpoint found for I:
No mountpoint found for 8c3d25c9-d1a3-11df-bfa7-806e6f6e6963
No Desktop.ini files found on I:
----------------------------------------

No blocked files found on J:
No aut[b][/b]orun.inf files found on J:
No mountpoint found for J:
No mountpoint found for 8c3d25ca-d1a3-11df-bfa7-806e6f6e6963
No Desktop.ini files found on J:
----------------------------------------

========================================
Initial scan finished!
========================================

[b]New device connected at[/b] 20.5.2011. 19:52:46

Scanning for connected USB mass storage...
----------------------------------------
L: {a0ab0105-f677-11de-bafc-00241ddb787f}
Added L:
========================================

Scanning USB mass storage for files...
----------------------------------------

[b]New device connected at[/b] 20.5.2011. 19:52:57

Scanning for connected USB mass storage...
----------------------------------------
M: {a0ab0109-f677-11de-bafc-00241ddb787f}
Added M:
========================================

Scanning USB mass storage for files...
----------------------------------------
No blocked files found on M:
----------------------------------------
No aut[b][/b]orun.inf files found on M:
Sanitized mountpoint for a0ab0109-f677-11de-bafc-00241ddb787f
----------------------------------------

No Desktop.ini files found on M:
----------------------------------------

No mimics found on drive M:
----------------------------------------

No .lnk/.pif/.com/.scr files found on drive M:
========================================

No blocked files found on L:
----------------------------------------
No aut[b][/b]orun.inf files found on M:
No mountpoint found for a0ab0109-f677-11de-bafc-00241ddb787f
----------------------------------------

No Desktop.ini files found on M:
----------------------------------------

No mimics found on drive M:
----------------------------------------

No .lnk/.pif/.com/.scr files found on drive M:
========================================

BALKANAC OD GLAVE DO OPANAKA

trajni link nadporuka

0 0 hvala 0

total

17 godina

neaktivan

offline

pet 20.5.2011 20:04

Odgovori Citiraj

Problem sa određenim aplikacijama - smrzavanje

pokreni usbnorisk i sačekaj desetak sekundi

-nakon toga ubaci usbstik u računalo

-klik na karticu Script i u prazno polje kopiraj ovo

{a0ab0105-f677-11de-bafc-00241ddb787f}
folder_list:%DRIVE%
no_sh:

-klik na Run Script

kad se izvrši skripta, opet klik na sred prozora i odaberi Save Scrambled Log

-log kopiraj

trajni link

0 0 hvala 0

panonski

16 godina

neaktivan

offline

pet 20.5.2011 20:28

Odgovori Citiraj

Re: Problem sa određenim aplikacijama - smrzavanje

ne mogu logat ovaj izvještaj, ali čini se da je sve sa "NO"...nema autorun-a i slično.

s druge strane, Corel i dalje ne mogu niti pokrenuti, niti odinstalirati

smrzne se svaki put

BALKANAC OD GLAVE DO OPANAKA

trajni link nadporuka

0 0 hvala 0

total

17 godina

neaktivan

offline

pet 20.5.2011 20:59

Odgovori Citiraj

Re: Problem sa određenim aplikacijama - smrzavanje

dobro kad kažeš da je ok ...

za corel

probaj sa Windows Installer CleanUp Utility

trajni link nadporuka

1 0 hvala 0

panonski

16 godina

neaktivan

offline

pon 23.5.2011 14:40

Odgovori Citiraj

Re: Problem sa određenim aplikacijama - smrzavanje

Drago mi je da smo se potrudili oko svega, ali ipak sam morao pregaziti windowse.

Corel je, naravno, nakon instalacije odmah proradio

Pokušao sam prije friške instalacije winsa, prisilno ukloniti Corel sa REVO uninstalerom,koji ga je uspio pobrisati, ali očito su ostale neke greške u registriju, i pri novoj instalciji se smrzavao.

Nije bilo druge, nego zgazit C:

hvala svima

BALKANAC OD GLAVE DO OPANAKA

trajni link nadporuka

0 0 hvala 0