Avira se ne pokreće sa Windowsom, greška procedure entry point...

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Ovako...
Prilikom intervencije na jednom kompu zaraženom virusom zakačio sam neki malware preko fleške i eksternog hard diska. Na kraju sam formatirao i svoj hard i instalirao novi Windows.
Nakon toga sam skenirao eksterni disk Avirom i MBAM-om, logove šaljem u prilogu.
https://www.mycity.rs/must-login.png
https://www.mycity.rs/must-login.png

Međutim, danas mi se po pokretanju Windowsa ne podiže i Avira, izbacuje sledeći ekran:



OS: Windows XP SP3, ADSL 1536/256 Kb/s
Logovi:

.
DDS (Ver_2011-06-23.01) - NTFSx86
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_26
Run by Sloba at 16:54:09 on 2011-08-06
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.511.129 [GMT 2:00]
.
AV: AntiVir Desktop *Enabled/Outdated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
============== Running Processes ===============
.
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\TP-LINK\TP-LINK 54M Wireless Client Utility\TWCU.exe
C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
C:\Program Files\Total Commander\TOTALCMD.EXE
C:\Program Files\Mozilla Firefox\plugin-container.exe
.
============== Pseudo HJT Report ===============
.
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [SandboxieControl] "c:\program files\sandboxie\SbieCtrl.exe"
mRun: [TWCU] "c:\program files\tp-link\tp-link 54m wireless client utility\TWCU.exe" -nogui
mRun: [BtTray] "c:\program files\ivt corporation\bluesoleil\BtTray.exe"
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
uPolicies-explorer: ForceClassicControlPanel = 1 (0x1)
uPolicies-explorer: NoInstrumentation = 1 (0x1)
dPolicies-explorer: ForceClassicControlPanel = 1 (0x1)
dPolicies-explorer: NoInstrumentation = 1 (0x1)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Send by Bluetooth - c:\program files\ivt corporation\bluesoleil\transsend\ie\tsinfo.htm
IE: Send via &Message... - c:\program files\ivt corporation\bluesoleil\transsend\ie\tssms.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{F1ACC862-3680-488E-8A31-4D3750E89036} : DhcpNameServer = 192.168.1.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\windows\system32\skype4com.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\sloba\application data\mozilla\firefox\profiles\s7q3109w.default\
FF - plugin: c:\documents and settings\sloba\application data\mozilla\firefox\profiles\s7q3109w.default\extensions\{1bc9ba34-1eed-42ca-a505-6d2f1a935bbb}\plugins\npietab2.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
.
============= SERVICES / DRIVERS ===============
.
R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [2009-1-7 20744]
R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2011-8-6 11608]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2011-8-6 136360]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2011-8-6 269480]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2011-8-6 61960]
R2 BsMobileCS;BsMobileCS;c:\program files\ivt corporation\bluesoleil\BsMobileCS.exe [2009-2-27 143467]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [2008-12-7 30088]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [2008-7-2 26248]
R3 SbieDrv;SbieDrv;c:\program files\sandboxie\SbieDrv.sys [2011-6-17 128272]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\usb\pstart\adawareportable\app\adaware\AAWService.exe [2010-2-4 1228208]
S3 AIDA32Driver;AIDA32Driver;c:\usb\pstart\aida32\AIDA32.SYS [2011-8-5 3584]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2011-8-3 41272]
.
=============== Created Last 30 ================
.
2011-08-06 14:02:42 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-08-06 14:02:41 -------- d-----w- c:\program files\Avira
2011-08-06 14:02:41 -------- d-----w- c:\documents and settings\all users\application data\Avira
2011-08-06 01:20:45 -------- d-----w- c:\documents and settings\sloba\application data\Thinstall
2011-08-06 01:16:53 -------- d-----w- c:\documents and settings\sloba\local settings\application data\Help
2011-08-06 00:48:34 -------- d-----w- c:\documents and settings\sloba\application data\BatteryCare
2011-08-05 23:00:21 -------- d-----w- c:\program files\PSMKorea
2011-08-05 22:27:40 -------- d-----w- c:\documents and settings\sloba\local settings\application data\Identities
2011-08-05 21:49:32 209408 ----a-w- c:\windows\system32\Tabctl32.ocx
2011-08-05 21:41:11 -------- d-----w- c:\documents and settings\sloba\application data\hm8platform
2011-08-05 21:39:45 -------- d-----w- c:\program files\HelpMaker
2011-08-05 21:20:07 -------- d-----w- C:\USB
2011-08-05 13:50:57 -------- d-----w- c:\program files\Paint.NET
2011-08-05 13:50:43 -------- d-----w- c:\documents and settings\sloba\local settings\application data\Paint.NET
2011-08-05 13:37:27 -------- d-----w- c:\windows\SxsCaPendDel
2011-08-05 13:03:27 3717344 ----a-w- c:\temp\install\Paint.NET.3.5.8.Install.exe
2011-08-05 13:01:26 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-08-05 13:01:26 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-08-05 09:22:50 -------- d-----w- c:\documents and settings\sloba\local settings\application data\CutePDF Writer
2011-08-05 09:12:59 18944 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\mdippr.dll
2011-08-05 09:12:59 17920 ----a-w- c:\windows\system32\mdimon.dll
2011-08-05 09:11:25 -------- d-----w- c:\program files\Microsoft ActiveSync
2011-08-05 09:10:17 -------- d-----w- c:\windows\SHELLNEW
2011-08-05 02:30:36 -------- d-----w- c:\program files\Foxit Software
2011-08-05 02:28:23 -------- d-----w- c:\program files\GPLGS
2011-08-05 02:27:46 87552 ----a-w- c:\windows\system32\cpwmon2k.dll
2011-08-05 02:27:37 -------- d-----w- c:\program files\Acro Software
2011-08-05 02:17:19 12557104 ----a-w- c:\temp\install\FoxitReader502.0718_enu_Setup.exe
2011-08-05 02:12:44 -------- d-----w- C:\Temp
2011-08-05 02:09:59 1110476 ----a-w- c:\temp\install\7z920.exe
2011-08-03 17:21:09 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2011-08-03 17:21:07 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll
2011-08-03 17:20:55 -------- d-----w- c:\windows\Logs
2011-08-03 17:20:38 819200 ----a-w- c:\program files\windows media player\wmsetsdk.exe
2011-08-03 17:20:38 47616 ----a-w- c:\program files\windows media player\msoobci.dll
2011-08-03 17:20:02 -------- d-----w- c:\windows\RegisteredPackages
2011-08-03 17:14:01 16537808 ----a-w- c:\temp\install\winamp5621_full_emusic-7plus_all.exe
2011-08-03 17:09:32 -------- d--h--w- c:\windows\system32\GroupPolicy
2011-08-03 16:45:35 -------- d-----w- c:\windows\pss
2011-08-03 16:41:47 241152 ----a-w- c:\temp\drivers\ivt.bluesoleil.v6.4.249.0\keygen.exe
2011-08-03 16:32:40 -------- d-----w- c:\documents and settings\sloba\local settings\application data\bluesoleil
2011-08-03 16:25:49 543712 ----a-w- c:\windows\system32\drivers\ar5211.sys
2011-08-03 16:25:49 543712 ----a-w- c:\windows\system32\ar5211.sys
2011-08-03 16:24:43 -------- d-----w- c:\documents and settings\all users\application data\TP-LINK
2011-08-03 16:24:41 757760 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iKernel.dll
2011-08-03 16:24:41 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\ctor.dll
2011-08-03 16:24:41 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\DotNetInstaller.exe
2011-08-03 16:24:41 32768 ----a-w- c:\program files\common files\installshield\professional\runtime\Objectps.dll
2011-08-03 16:24:41 274432 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iscript.dll
2011-08-03 16:24:41 204800 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iuser.dll
2011-08-03 16:24:41 200836 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iGdi.dll
2011-08-03 16:24:40 331908 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\setup.dll
2011-08-03 16:22:35 -------- d-----w- c:\windows\system32\URTTEMP
2011-08-03 16:18:16 6272 -c--a-w- c:\windows\system32\dllcache\splitter.sys
2011-08-03 16:18:16 6272 ----a-w- c:\windows\system32\drivers\splitter.sys
2011-08-03 16:18:13 83072 -c--a-w- c:\windows\system32\dllcache\wdmaud.sys
2011-08-03 16:18:13 83072 ----a-w- c:\windows\system32\drivers\wdmaud.sys
2011-08-03 16:18:07 52864 -c--a-w- c:\windows\system32\dllcache\dmusic.sys
2011-08-03 16:18:07 52864 ----a-w- c:\windows\system32\drivers\DMusic.sys
2011-08-03 16:18:04 56576 -c--a-w- c:\windows\system32\dllcache\swmidi.sys
2011-08-03 16:18:04 56576 ----a-w- c:\windows\system32\drivers\swmidi.sys
2011-08-03 16:18:00 142592 -c--a-w- c:\windows\system32\dllcache\aec.sys
2011-08-03 16:18:00 142592 ----a-w- c:\windows\system32\drivers\aec.sys
2011-08-03 16:15:41 61440 ----a-r- c:\temp\drivers\soundmax\RemADI.exe
2011-08-03 16:14:59 73728 ----a-w- c:\temp\drivers\pci_install_xp_2k_5719_10202010\win2000\RtNicprop32.DLL
2011-08-03 16:14:59 176128 ----a-w- c:\temp\drivers\pci_install_xp_2k_5719_10202010\tool\RTInstaller64.dat
2011-08-03 16:14:59 157696 ----a-w- c:\temp\drivers\pci_install_xp_2k_5719_10202010\winxp\Rtnic64.sys
2011-08-03 16:14:59 143360 ----a-w- c:\temp\drivers\pci_install_xp_2k_5719_10202010\tool\RTInstaller32.dat
2011-08-03 16:14:59 143360 ----a-w- c:\temp\drivers\pci_install_xp_2k_5719_10202010\tool\RTInstaller2K.dat
2011-08-03 16:14:59 128128 ----a-w- c:\temp\drivers\pci_install_xp_2k_5719_10202010\winxp\Rtnic.sys
2011-08-03 16:14:59 128128 ----a-w- c:\temp\drivers\pci_install_xp_2k_5719_10202010\win2000\Rtnic.sys
2011-08-03 16:14:57 311296 ----a-w- c:\temp\drivers\ivt.bluesoleil.v6.4.249.0\ActivationTool.exe
2011-08-03 16:14:57 253952 ----a-w- c:\temp\drivers\ivt.bluesoleil.v6.4.249.0\install\setup.exe
2011-08-03 16:14:53 2569171 ----a-w- c:\temp\drivers\intel chipset software installation utility\infinst_autol.exe
2011-08-03 16:14:50 14048 ------w- c:\windows\system32\spmsg2.dll
2011-08-03 16:14:46 26488 ----a-w- c:\windows\system32\spupdsvc.exe
2011-08-03 16:01:53 2869264 ----a-w- c:\temp\install\dotNetFx35setup.exe
2011-08-03 16:00:35 24265736 ----a-w- c:\temp\install\dotnetfx.exe
2011-08-03 15:58:29 -------- d-----w- c:\program files\XnView
2011-08-03 15:56:31 4523163 ----a-w- c:\temp\install\XnView-win.exe
2011-08-03 15:54:02 175616 ----a-w- c:\windows\system32\unrar.dll
2011-08-03 15:53:58 839680 ----a-w- c:\windows\system32\lameACM.acm
2011-08-03 15:53:57 650752 ----a-w- c:\windows\system32\xvidcore.dll
2011-08-03 15:53:57 630784 ----a-w- c:\windows\system32\vp7vfw.dll
2011-08-03 15:53:57 243200 ----a-w- c:\windows\system32\xvidvfw.dll
2011-08-03 15:53:57 237568 ----a-w- c:\windows\system32\yv12vfw.dll
2011-08-03 15:53:57 216064 ----a-w- c:\windows\system32\lagarith.dll
2011-08-03 15:53:57 151552 ----a-w- c:\windows\system32\ac3acm.acm
2011-08-03 15:53:56 74752 ----a-w- c:\windows\system32\ff_vfw.dll
2011-08-03 15:53:51 -------- d-----w- c:\program files\K-Lite Codec Pack
2011-08-03 15:48:59 15847587 ----a-w- c:\temp\install\K-Lite_Codec_Pack_750_Full.exe
2011-08-03 13:36:21 -------- d-----w- c:\program files\Total Commander
2011-08-03 13:25:08 26368 -c--a-w- c:\windows\system32\dllcache\usbstor.sys
2011-08-03 07:55:32 -------- d-----r- C:\Sandbox
2011-08-03 07:54:34 -------- d-----w- c:\program files\Sandboxie
2011-08-03 07:54:03 1982224 ----a-w- c:\temp\install\SandboxieInstall.exe
2011-08-03 07:51:31 -------- d-----w- c:\documents and settings\sloba\application data\Malwarebytes
2011-08-03 07:51:18 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-08-03 07:51:16 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2011-08-03 07:51:13 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-03 07:51:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-08-03 07:49:47 9466208 ----a-w- c:\temp\install\mbam-setup-1.51.1.1800.exe
.
==================== Find3M ====================
.
2011-08-03 16:16:42 44 ----a-w- c:\windows\system32\msssc.dll
2011-08-03 03:39:33 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
============= FINISH: 16:55:37.98 ===============






https://www.mycity.rs/must-login.png

Gmer pokrenem, i u toku skeniranja pojavi se BSOD sa sledećom porukom:
IRQL NOT LESS OR EQUAL
Stop 0x0000000a (0x00000008, 0x00000002, 0x00000000, 0x804ea78a)
Zato ću sada poslati nepotpunu poruku, pa ako Gmer prođe, nastavljam

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Pozdrav...

http://www.microsoft.com/download/en/details.aspx?id=5555

Instaliraj i restartuj PC, trebalo bi da pomogne oko Avire.

DDS log izgleda ok. Postoji li još neki problem sem već pomenutog?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Napisano: 06 Avg 2011 21:57

Dakle, opet BSOD...

Evo izveštaja RootRepeal-a:

https://www.mycity.rs/must-login.png

Dopuna: 06 Avg 2011 21:58

Nema drugih problema, sad ću da probam ovo što si mi preporučio.

Dopuna: 06 Avg 2011 22:08

Opet isto...
Inače, zaboravih da napomenem u prvom postu, radio sam deinstalaciju i novu instalaciju Avire, još pre nego što sam se javio u Ambulantu, i opet se pojavljivala ova poruka.

• 2Ovo se svidja korisnicima: ThePhilosopher, Springfield
  
  Registruj se da bi pohvalio/la poruku!

Izgleda da Avira ipak koristi stariju verziju... Probaj ovo:

http://www.microsoft.com/download/en/details.aspx?id=5582

• 3Ovo se svidja korisnicima: ThePhilosopher, Springfield, NIx Car
  
  Registruj se da bi pohvalio/la poruku!

Radi!

Hvala mnogo, najbolji ste!

• 2Ovo se svidja korisnicima: ThePhilosopher, Springfield
  
  Registruj se da bi pohvalio/la poruku!

Odlično. RootRepeal log je takođe ok, tako da...