Antivirus security pro

1

Antivirus security pro

offline
  • Pridružio: 11 Okt 2013
  • Poruke: 12

Pozdrav,imam problem ,na laptopu se zakacio lazni antivirus Antivirus security pro kome ne mogu da nadjem gde je instaliran.Citajuci ovde na f ,probala sam da udjem u safe mode with networking,medjutim cim se podigne sistem u safe modu,ohmah se gasi i startuje normalan windows,tako da nije moguce uci u safe mode.
Ima li ko ideju sta bih mogla da uradim ?Inace,internet sada na laptopu ne mogu da koristim jer ne dozvoljava.

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6102

Pozdrav,

Potrebno je da nam dostavis izvestaje DDS alata. Uputstvo za pokretanje, opis i download link nalaze se u ovoj top temi.

Kako otvoriti temu u Ambulanti?

DDS alat mozes preuzeti na zdrav racunar i prebaciti ga na inficiran koristeci USB mem uredjaj...

offline
  • Pridružio: 11 Okt 2013
  • Poruke: 12

Napisano: 11 Okt 2013 23:01

Sada sam skinula to,i prebacila na laptop,ali kada sam htela da pokrenem izlazi mi upozorenje od tog laznog antivirusa i nista nece da se ucita kao sto bi trebalo.

Dopuna: 11 Okt 2013 23:12

Pise :dds.scr Destroys and infects system files.
Nece da otvori ni druge programe,probala sam total comander,nece ni njega.

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6102

Nema problema, resicemo ovo.
Probaj da ispratis ovo uputstvo za pokretanje programa koji se zove RogueKiller.
Takodje, RK mozes preneti na isti nacin kao i DDS ...
RK koristi tehnologiju nasilnog pokretanja, maliciozni rogue program (tako se zove tvoja varijanta malware-a) ne bi trebala uspeti da ga blokira. Slobodno probaj vise puta ...



Ukoliko uspes da pokrenes RogueKiller:
isprati uputstvo i dozvoli mu da ukloni sav malware koji detektuje. => ukoliko i dalje ne uspevas, pokusaj jos jednom ali ovaj put pristupi u Safe Mode with Network modu.





Ukoliko RogueKiller ne uspe da se pokrene:
preuzmi program RKill.exe sa ovog linka:
http://www.bleepingcomputer.com/download/rkill/
Preporuka: Preuzmi vise kopija i preuzmi kopije koje u sebi nose sledece nazive:
iExplore.exe
uSeRiNiT.exe
WiNlOgOn.exe


Dvoklikom ga pokreni na bilo koju kopiju koju uspes da pokrenes i alat ce pokusati da ugasi svaki aktivan malware, ukljucujuci i lazni "Antivirus security pro".
=> i ovo mozes probati iz "Safe Mode with Network" ukoliko odbija da radi iz normal moda..
Sad pokusaj da pokrenes RogueKiller i ako se RK pokrene dozvoli mu uklanjanje.





=> Ako i dalje ne uspevas da pokrenes RogueKiller (ili se nesto ne snalazis), reci nam tacno koji operativni sistem Windows koristis.
Koristicemo neki drugi alat i ubicemo taj malware iz stanja dok Windows jos nije aktivan.



-------------------------------------------------------------------



Uputstvo za preuzimanje i pokretanje RogueKiller programa:

Arrow Preuzmi RogueKiller i sačuvaj ga na Desktop
Napomena: Potrebno je preuzeti onu verziju koja je kompatibilna sa tvojim sistemom.
32bit verzija: http://tigzy.geekstogo.com/Tools/RogueKiller.exe
64bit verzija: http://tigzy.geekstogo.com/Tools/RogueKillerX64.exe


Privremeno zatvori sve aktivne programe.
Dvoklikom pokreni RogueKiller i pričekaj da se inicijalno skeniranje završi.



Klikni na dugme Scan



Po završenom skeniranju, biće kreiran izveštaj na desktopu pod nazivom RKreport.txt


Klikni na dugme Delete



Po završetku, biće kreiran izveštaj na desktopu pod nazivom RKreport.txt


Klikni na dugme ShortcutsFix



Takođe, po završetku, biće kreiran izveštaj na desktopu pod nazivom RKreport.txt


Potrebno je priloziti sve RK report.txt izvestaje na uvid (koristeći opciju Prikači fajl).

offline
  • Pridružio: 11 Okt 2013
  • Poruke: 12

Napisano: 12 Okt 2013 18:50

mycity.rs/must-login.png



RogueKiller V8.7.2 _x64_ [Oct 3 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : adlice.com/forum/
Website : adlice.com/softwares/roguekiller/
Blog : tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Milutin [Admin rights]
Mode : Shortcuts HJfix -- Date : 10/12/2013 18:44:06
| ARK || FAK || MBR |

¤¤¤ Bad processes : 1 ¤¤¤
[ZeroAccess][SERVICE] ???etadpug -- "C:\Program Files (x86)\Google\Desktop\Install\{3ea1e311-49bc-aa64-6e1a-f431db902c28}\ \...\???ﯹ๛\{3ea1e311-49bc-aa64-6e1a-f431db902c28}\GoogleUpdate.exe" < [x] -> STOPPED

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ File attributes restored: ¤¤¤
Desktop: Success 0 / Fail 0
Quick launch: Success 0 / Fail 0
Programs: Success 0 / Fail 0
Start menu: Success 0 / Fail 0
User folder: Success 4 / Fail 0
My documents: Success 0 / Fail 0
My favorites: Success 0 / Fail 0
My pictures: Success 0 / Fail 0
My music: Success 0 / Fail 0
My videos: Success 0 / Fail 0
Local drives: Success 0 / Fail 0
Backup: [NOT FOUND]

Drives:
[C:] \Device\HarddiskVolume2 -- 0x3 --> Restored
[D:] \Device\HarddiskVolume3 -- 0x3 --> Restored
[E:] \Device\CdRom0 -- 0x5 --> Skipped
[F:] \Device\HarddiskVolume4 -- 0x2 --> Restored

¤¤¤ Infection : ZeroAccess ¤¤¤

Finished : << RKreport[0]_SC_10122013_184406.txt >>
RKreport[0]_D_10122013_184307.txt;RKreport[0]_S_10122013_184159.txt








Dopuna: 12 Okt 2013 18:53

Evo,uradila sam to,ne znam da li je slika okacena kako treba.Ali ,ja sada mogu da koristim laptop ,mogu net sto inace nisam mogla,a ikonica od Antivirus Security pro i dalje stoji na desktopu.....sta treba i jel treba jos nesto da uradim?

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6102

Bravo. Postavljeni RK izvestaj ukazuje da ti imas vise aktivnih infekcija. Moramo sve to proveriti i pocistiti. Idemo redom ...

Prvo, okaci mi sve RK izvestaje koje imas.



Arrow Pokreni DDS i postavi mi njegove logove.



Arrow Preuzmi Farbar Recovery Scan Tool i sacuvaj ga na Desktop

Napomena: Potrebno je preuzeti onu verziju koja je kompatibilna sa tvojim sistemom.
Ukoliko nisi sigurna koju verziju je potrebno korisiti, preuzmi obe. Samo jedna ce raditi


Dvoklikom pokreni FRST;
Kada se alat startuje, klikni Yes na disclaimer.
Klikni na dugme Scan;
Alat ce kreirati izvestaj (FRST.txt) u isti direktorijum gde je i FRST.exe sacuvan.
Iskopiraj sadrzaj tog loga u poruku.
Alat bi takodje pri prvom pokretanju trebao da kreira i dodatni izvestaj (Addition.txt). Taj izvestaj okaci u poruku koristeci opciju "Prikaci file".

offline
  • Pridružio: 11 Okt 2013
  • Poruke: 12

Napisano: 12 Okt 2013 19:06

mycity.rs/must-login.png

mycity.rs/must-login.png

Dopuna: 12 Okt 2013 19:14

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 8.0.7601.17514
Run by Milutin at 19:06:19 on 2013-10-12
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.1643.783 [GMT 2:00]
.
AV: ESET Smart Security 6.0 *Disabled/Outdated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET Smart Security 6.0 *Enabled/Outdated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\Dwm.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\WUDFHost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uURLSearchHooks: BitTorrentControl_v12 Toolbar: {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBit2.dll
mURLSearchHooks: BitTorrentControl_v12 Toolbar: {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBit2.dll
mWinlogon: Userinit = userinit.exe
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
BHO: Shopping Assistant Plugin: {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.6.4\PriceGongIE.dll
BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO: BitTorrentControl_v12 Toolbar: {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBit2.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: BitTorrentControl_v12 Toolbar: {B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBit2.dll
TB: BitTorrentControl_v12 Toolbar: {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBit2.dll
uRun: [BitTorrent] "C:\Program Files (x86)\BitTorrent\BitTorrent.exe" /MINIMIZED
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
dRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
uPolicies-Explorer: HideSCAHealth = dword:1
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: EnableVirtualization = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{9FE47B72-FDAA-4D17-ACF3-5AA87866E16A} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{9FE47B72-FDAA-4D17-ACF3-5AA87866E16A}\6596070234572656D243641323 : DHCPNameServer = 192.168.1.1 192.168.1.1
SSODL: WebCheck - <orphaned>
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
x64-Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
x64-Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Milutin\AppData\Roaming\Mozilla\Firefox\Profiles\17h5nd56.default\
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMSS.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60129.0\npctrlui.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
FF - plugin: D:\PICASA\Picasa3\npPicasa3.dll
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2011-4-16 79488]
R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2011-4-16 40064]
R0 epfwwfp;epfwwfp;C:\Windows\System32\drivers\epfwwfp.sys [2012-6-14 62536]
R1 eamonm;eamonm;C:\Windows\System32\drivers\eamonm.sys [2012-6-14 211344]
R1 EpfwLWF;Epfw NDIS LightWeight Filter;C:\Windows\System32\drivers\EpfwLWF.sys [2012-6-14 38328]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2012-5-27 98208]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-7-5 204288]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-7-5 365568]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-3-1 138400]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2011-3-1 76448]
R2 ekrn;ESET Service;C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2012-6-14 1288104]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-5-27 1817088]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2012-5-27 46136]
R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2011-3-1 36000]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2011-7-14 114704]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2011-3-1 298656]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2011-3-1 28832]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2011-3-1 201376]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2011-3-1 55456]
R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2011-3-1 154272]
R3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2011-3-1 280224]
R3 BthMtpEnum;Bluetooth MTP Device Enumerator;C:\Windows\System32\drivers\BthMtpEnum.sys [2009-7-14 64512]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2012-5-27 335464]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-5-27 436840]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2012-5-27 47232]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-2-5 235216]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2010-11-21 34816]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-3-9 1255736]
S4 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-3-25 490280]
.
=============== Created Last 30 ================
.
2013-10-10 16:52:51 -------- d-----w- C:\ProgramData\3Vg9gVrn
.
==================== Find3M ====================
.
2013-10-09 17:48:17 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-09 17:48:17 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
.
============= FINISH: 19:07:07,74 ===============

Dopuna: 12 Okt 2013 19:15

mycity.rs/must-login.png

Dopuna: 12 Okt 2013 19:23

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2013
Ran by Milutin at 2013-10-12 19:21:06
Running from C:\Users\Milutin\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: ESET Smart Security 6.0 (Disabled - Out of date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET Smart Security 6.0 (Enabled - Out of date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal firewall (Enabled) {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}

==================== Installed Programs ======================

7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Reader X (10.1.8) (x32 Version: 10.1.8)
Adobe Shockwave Player 11.5 (x32 Version: 11.5.7.609)
AMD APP SDK Runtime (Version: 2.4.650.9)
AMD Fuel (Version: 2011.0705.1115.18310)
AMD Media Foundation Decoders (Version: 1.0.60705.1113)
AMD VISION Engine Control Center (x32 Version: 2011.0705.1115.18310)
Atheros Driver Installation Program (x32 Version: 9.2)
ATI Catalyst Install Manager (Version: 3.0.829.0)
BitTorrentControl_v12 Toolbar (x32 Version: 6.14.0.28)
Bluetooth Win7 Suite (64) (Version: 7.2.0.60)
BurnInTest v5.3 Pro (x32 Version: 5.3)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0705.1115.18310)
Catalyst Control Center InstallProxy (x32 Version: 2011.0705.1115.18310)
Catalyst Control Center Localization All (x32 Version: 2011.0705.1115.18310)
CCC Help Chinese Standard (x32 Version: 2011.0705.1114.18310)
CCC Help Chinese Traditional (x32 Version: 2011.0705.1114.18310)
CCC Help Czech (x32 Version: 2011.0705.1114.18310)
CCC Help Danish (x32 Version: 2011.0705.1114.18310)
CCC Help Dutch (x32 Version: 2011.0705.1114.18310)
CCC Help English (x32 Version: 2011.0705.1114.18310)
CCC Help Finnish (x32 Version: 2011.0705.1114.18310)
CCC Help French (x32 Version: 2011.0705.1114.18310)
CCC Help German (x32 Version: 2011.0705.1114.18310)
CCC Help Greek (x32 Version: 2011.0705.1114.18310)
CCC Help Hungarian (x32 Version: 2011.0705.1114.18310)
CCC Help Italian (x32 Version: 2011.0705.1114.18310)
CCC Help Japanese (x32 Version: 2011.0705.1114.18310)
CCC Help Korean (x32 Version: 2011.0705.1114.18310)
CCC Help Norwegian (x32 Version: 2011.0705.1114.18310)
CCC Help Polish (x32 Version: 2011.0705.1114.18310)
CCC Help Portuguese (x32 Version: 2011.0705.1114.18310)
CCC Help Russian (x32 Version: 2011.0705.1114.18310)
CCC Help Spanish (x32 Version: 2011.0705.1114.18310)
CCC Help Swedish (x32 Version: 2011.0705.1114.18310)
CCC Help Thai (x32 Version: 2011.0705.1114.18310)
CCC Help Turkish (x32 Version: 2011.0705.1114.18310)
ccc-utility64 (Version: 2011.0705.1115.18310)
Cisco EAP-FAST Module (x32 Version: 2.2.14)
Cisco LEAP Module (x32 Version: 1.0.19)
Cisco PEAP Module (x32 Version: 1.1.6)
dm-Fotosvet (x32)
ESET Smart Security (Version: 6.0.115.0)
High-Definition Video Playback 10 (x32 Version: 7.0.11400.29.0)
Java(TM) 6 Update 21 (64-bit) (Version: 6.0.210)
Java(TM) 6 Update 21 (x32 Version: 6.0.210)
K-Lite Mega Codec Pack 7.0.0 (x32 Version: 7.0.0)
Live Security Platinum (HKCU)
McAfee Security Scan Plus (x32 Version: 3.0.318.3)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Primary Interoperability Assemblies 2005 (x32 Version: 8.0.50727.42)
Microsoft Silverlight (x32 Version: 4.0.60129.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319)
Mozilla Firefox 24.0 (x86 en-US) (x32 Version: 24.0)
Mozilla Maintenance Service (x32 Version: 24.0)
Nero 10 Menu TemplatePack Basic (x32 Version: 10.0.10600.6.0)
Nero 10 Movie ThemePack Basic (x32 Version: 10.0.10600.6.0)
Nero BackItUp 10 (x32 Version: 5.4.11600.19.100)
Nero BackItUp 10 Help (CHM) (x32 Version: 1.0.10700)
Nero Burning ROM 10 (x32 Version: 10.0.11100.10.100)
Nero BurningROM 10 Help (CHM) (x32 Version: 1.0.10700)
Nero BurnRights 10 (x32 Version: 4.0.11000.12.100)
Nero BurnRights 10 Help (CHM) (x32 Version: 1.0.10600)
Nero Control Center 10 (x32 Version: 10.0.12000.1.4)
Nero ControlCenter 10 Help (CHM) (x32 Version: 1.0.10700)
Nero Core Components 10 (x32 Version: 2.0.13700.0.1)
Nero CoverDesigner 10 Help (CHM) (x32 Version: 1.0.10600)
Nero DiscSpeed 10 (x32 Version: 6.0.10800.7.100)
Nero DiscSpeed 10 Help (CHM) (x32 Version: 1.0.10600)
Nero Dolby Files 10 (x32 Version: 2.0.11000.0.10)
Nero Express 10 (x32 Version: 10.0.11000.10.100)
Nero Express 10 Help (CHM) (x32 Version: 1.0.10700)
Nero InfoTool 10 (x32 Version: 7.0.10800.8.100)
Nero InfoTool 10 Help (CHM) (x32 Version: 1.0.10600)
Nero MediaHub 10 (x32 Version: 1.0.13400.11.100)
Nero MediaHub 10 Help (CHM) (x32 Version: 1.0.10700)
Nero Multimedia Suite 10 (x32 Version: 10.0.13100)
Nero Recode 10 (x32 Version: 4.6.10900.4.100)
Nero Recode 10 Help (CHM) (x32 Version: 1.0.10600)
Nero RescueAgent 10 (x32 Version: 3.0.10900.9.100)
Nero RescueAgent 10 Help (CHM) (x32 Version: 1.0.10700)
Nero SoundTrax 10 (x32 Version: 4.6.10600.2.100)
Nero SoundTrax 10 Help (CHM) (x32 Version: 1.0.10600)
Nero StartSmart 10 (x32 Version: 10.0.11200.12.100)
Nero StartSmart 10 Help (CHM) (x32 Version: 1.0.10700)
Nero Update (x32 Version: 1.0.0017)
Nero Vision 10 (x32 Version: 7.0.11100.8.100)
Nero Vision 10 Help (CHM) (x32 Version: 1.0.10600)
Nero WaveEditor 10 (x32 Version: 5.6.10600.2.100)
Nero WaveEditor 10 Help (CHM) (x32 Version: 1.0.10600)
Picasa 3 (x32 Version: 3.9)
PriceGong 2.6.4 (x32 Version: 2.6.4)
Realtek Ethernet Controller Driver (x32 Version: 7.42.304.2011)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6461)
Realtek PCIE Card Reader (x32 Version: 6.1.7600.77)
Skype™ 4.2 (x32 Version: 4.2.169)
Synaptics TouchPad Driver (Version: 15.3.21.0)
WBFS Manager 2.5 (x32 Version: 2.5)
Winamp (x32 Version: 5.601 )
WinRAR archiver

==================== Restore Points =========================


==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1C334280-801C-48F5-BFDD-22C16368F0D8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2013-09-30 21:40 - 2013-09-30 21:41 - 03279768 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-10-09 19:48 - 2013-10-09 19:48 - 16233864 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/12/2013 06:42:37 PM) (Source: Application Error) (User: )
Description: Faulting application name: firefox.exe, version: 24.0.0.5001, time stamp: 0x522fd29f
Faulting module name: xul.dll, version: 24.0.0.5001, time stamp: 0x522fd1a4
Exception code: 0xc0000005
Fault offset: 0x001b72a8
Faulting process id: 0x498
Faulting application start time: 0xfirefox.exe0
Faulting application path: firefox.exe1
Faulting module path: firefox.exe2
Report Id: firefox.exe3

Error: (10/12/2013 06:33:40 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/11/2013 10:32:53 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/11/2013 09:33:10 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/11/2013 07:58:52 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/11/2013 00:28:40 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/10/2013 07:03:05 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/10/2013 02:41:23 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/09/2013 08:45:19 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/08/2013 04:58:53 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.


System errors:
=============
Error: (10/12/2013 06:32:12 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (10/12/2013 06:32:09 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (10/12/2013 06:31:52 PM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Error: (10/12/2013 06:31:44 PM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Error: (10/11/2013 11:38:53 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (10/11/2013 11:08:34 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR2.

Error: (10/11/2013 11:08:33 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR2.

Error: (10/11/2013 10:31:27 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (10/11/2013 10:31:22 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (10/11/2013 10:31:06 PM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!


Microsoft Office Sessions:
=========================
Error: (10/12/2013 06:42:37 PM) (Source: Application Error)(User: )
Description: firefox.exe24.0.0.5001522fd29fxul.dll24.0.0.5001522fd1a4c0000005001b72a849801cec769f8988880C:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\xul.dll4ca9c9c5-335d-11e3-a824-9cb70d07ba07

Error: (10/12/2013 06:33:40 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/11/2013 10:32:53 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/11/2013 09:33:10 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/11/2013 07:58:52 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/11/2013 00:28:40 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/10/2013 07:03:05 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/10/2013 02:41:23 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/09/2013 08:45:19 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/08/2013 04:58:53 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: download.windowsupdate.com/msdownload/u.....otstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.


==================== Memory info ===========================

Percentage of memory in use: 56%
Total physical RAM: 1642.91 MB
Available physical RAM: 716.9 MB
Total Pagefile: 3285.81 MB
Available Pagefile: 2108.53 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:104.33 GB) (Free:80.07 GB) NTFS
Drive d: () (Fixed) (Total:361.33 GB) (Free:345.04 GB) NTFS
Drive f: (KINGSTON) (Removable) (Total:7.45 GB) (Free:0.25 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 5E233283)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=104 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=361 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 7 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=7 GB) - (Type=0C)

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6102

Kod FRST-a, iskopirala si mi samo Addition.txt log.

Potreban mi je i njegov primarni log, FRST.txt da bih mogao nastaviti. Taj log bi trebao da se nalazi takodje na Desktopu.

offline
  • Pridružio: 11 Okt 2013
  • Poruke: 12

LastRegBack: 2013-09-16 00:17

==================== End Of Log ============================

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6102

Nije dobro. Smile
Zatvori sve pokrenute programe ( notepad i slicno ... )

Hajde jos jednom pokreni FRST, samo klikni na Scan dugme i alat ce generisati svez FRST.txt izvestaj, upravo onaj koji mi treba.

Kopija loga ce takodje biti sacuvana na Desktop-u.

Ko je trenutno na forumu
 

Ukupno su 969 korisnika na forumu :: 51 registrovanih, 12 sakrivenih i 906 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: _Petar, _Rade, aljosa7, alkatraz080, amonsrb, Atomski čoban, babaroga, bankulen, Belac91, Bogoslov, branko7, celik, Ctrl x, dane007, darcaud, DARKMEN22, darkstar101, djboj, dragon986, Faki-Valjevo, goxin, h8propaganda, ivan1973, jaeger, Jovan Nenad, Kiki2004, Koca Popovic, KUZMAR, Leonardo, LUDI, MB120mm, milekNS, milos.cbr, miodrag, Miskohd, mnn2, nebkv, nidzasrb, Ognjen D., Panter, pein, rodoljub, Sale.S, Simon simonović, strela, Toni, VJ, Vl veliki, vobo, zajcev1, Zi0mek