Kaspersky pure 3 ne radi dobro?

Kaspersky pure 3 ne radi dobro?

offline
  • Pridružio: 24 Jun 2012
  • Poruke: 626

Hteo sam da instaliram jedan program i znao sam da tu nesto ne valja.I ja lepo skeniram kasperskijem ali on ne nalazi nista!
Ali kada sam skenirao malwarebytes-om
Pronasao mi je 15 problema.Pa me zanima da li su to lazne uzbune ili kaspersky jednostavno to ne pronalazi?Evo i izvestaja:
alwarebytes Anti-Malware (Proba) 1.75.0.1300
www.malwarebytes.org

Verzija baze: v2013.08.21.07

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16540
56777 :: 123 [administrator]

Zaštita: Omogućena

22.8.2013. 0:08:55
mbam-log-2013-08-22 (00-08-55).txt

Način skeniranja: Brzo skeniranje
Omogućene opcije skeniranja: Memorija | Automatsko pokretanje | Registar | Datotečni sistem | Heuristika/Dodatno | Heuristika/Shuriken | PUP | PUM
Onemogućene opcije skeniranja: P2P
Skeniranih objekata 304965
Proteklo vreme 7 minuta(e), 28 sekundi

Detektovani procesi u memoriji: 1
C:\Users\56777\AppData\Roaming\DEFAULTTAB\DEFAULTTAB\DTUpdate.exe (PUP.Optional.DefaultTab) -> 2020 -> Nikakva akcija nije poduzeta.

Detektovani moduli u memoriji: 0
(Maliciozne stavke nisu pronađene)

Detektovani ključevi u registru: 10
HKCR\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> Nikakva akcija nije poduzeta.
HKCR\TypeLib\{FEB62B15-CC00-4736-AAEC-BA046C9DFF73} (PUP.Optional.DefaultTab) -> Nikakva akcija nije poduzeta.
HKCR\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60} (PUP.Optional.DefaultTab) -> Nikakva akcija nije poduzeta.
HKCR\DefaultTabBHO.DefaultTabBrowser.1 (PUP.Optional.DefaultTab) -> Nikakva akcija nije poduzeta.
HKCR\DefaultTabBHO.DefaultTabBrowser (PUP.Optional.DefaultTab) -> Nikakva akcija nije poduzeta.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> Nikakva akcija nije poduzeta.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> Nikakva akcija nije poduzeta.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> Nikakva akcija nije poduzeta.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CF190686-9E72-403C-B99D-682ABDB63C5B} (PUP.Optional.TopArcadeHits.A) -> Nikakva akcija nije poduzeta.
HKLM\SYSTEM\CurrentControlSet\Services\DefaultTabUpdate (PUP.Optional.DefaultTab) -> Nikakva akcija nije poduzeta.

Detektovane vrednosti u registru: 0
(Maliciozne stavke nisu pronađene)

Detektovani podaci u registru: 0
(Maliciozne stavke nisu pronađene)

Detektovane fascikle: 0
(Maliciozne stavke nisu pronađene)

Detektovane datoteke: 9
C:\Users\56777\AppData\Roaming\DEFAULTTAB\DEFAULTTAB\DEFAULTTABBHO.DLL (PUP.Optional.DefaultTab) -> Nikakva akcija nije poduzeta.
C:\Users\56777\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabStart.exe (PUP.Optional.DefaultTab) -> Nikakva akcija nije poduzeta.
C:\Users\56777\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabStart64.exe (PUP.Optional.DefaultTab) -> Nikakva akcija nije poduzeta.
C:\Users\56777\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabWrap.dll (PUP.Optional.DefaultTab) -> Nikakva akcija nije poduzeta.
C:\Users\56777\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabWrap64.dll (PUP.Optional.DefaultTab) -> Nikakva akcija nije poduzeta.
C:\Users\56777\AppData\Local\Temp\PIPInstaller_PTV_.exe (PUP.Optional.BundledToolBar.A) -> Nikakva akcija nije poduzeta.
C:\Users\56777\downloads\PowerISO5.exe (PUP.Optional.OpenCandy) -> Nikakva akcija nije poduzeta.
C:\Users\56777\downloads\SoftonicDownloader_for_simple-shutdown-timer.exe (PUP.Optional.Softonic) -> Nikakva akcija nije poduzeta.
C:\Users\56777\AppData\Roaming\DEFAULTTAB\DEFAULTTAB\DTUpdate.exe (PUP.Optional.DefaultTab) -> Nikakva akcija nije poduzeta.

(kraj)
----------------------------------------------------------------------------------------------------------------
Ovo je DDS:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16537 BrowserJavaVersion: 10.21.2
Run by dragunov at 1:01:11 on 2013-08-22
Reckons International Team® Windows® 8 Evolution™ 2014 x64 6.2.9200.0.1250.381.1033.18.4095.2289 [GMT 2:00]
.
AV: Kaspersky PURE 3.0 *Enabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Kaspersky PURE 3.0 *Enabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky PURE 3.0 *Enabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\dwm.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\atieclxx.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
C:\Windows\system32\taskhostex.exe
C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe
C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\stpass.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe
C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe
C:\Users\dragunov\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\explorer.exe
C:\Windows\notepad.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe,
BHO: Kaspersky Passsword Manager Toolbar: {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll
BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\dragunov\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll
BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll
BHO: Hotspot Shield Class: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll
TB: Kaspersky Passsword Manager Toolbar: {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\runner_avp.exe"
mRun: [HDD Regenerator] D:\Programi\HDD Regenerator 2011\(zabranjeno)\HDD Regenerator.exe
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
uPolicies-Explorer: ConfirmFileDelete = dword:1
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: MemCheckBoxInRunDlg = dword:1
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:0
mPolicies-System: EnableFirstLogonAnimation = dword:0
mPolicies-Windows\System: EnableSmartScreen = dword:0
IE: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ie_banner_deny.htm
IE: Kaspersky PURE - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll/616
IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll
TCP: Interfaces\{8C4942C8-D144-41B9-81BE-D523FA43D53B} : DHCPNameServer = 8.8.8.8
TCP: Interfaces\{CB9F1FF1-CFA6-4909-B939-7D0B8728EFB3} : NameServer = 8.8.8.8
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
x64-BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll
x64-BHO: Hotspot Shield Class: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll
x64-mPolicies-Explorer: MemCheckBoxInRunDlg = dword:1
x64-mPolicies-System: PromptOnSecureDesktop = dword:0
x64-mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
x64-mPolicies-System: ConsentPromptBehaviorUser = dword:0
x64-mPolicies-System: EnableFirstLogonAnimation = dword:0
x64-IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 amdkmpfd;AMD PCI Root Bus Lower Filter;C:\Windows\System32\Drivers\amdkmpfd.sys [2012-9-13 36520]
R0 CSCrySec;InfoWatch Encrypt Sector Library driver;C:\Windows\System32\Drivers\CSCrySec.sys [2013-8-2 98064]
R1 CSVirtualDiskDrv;InfoWatch Virtual Disk driver;C:\Windows\System32\Drivers\CSVirtualDiskDrv.sys [2013-8-2 67344]
R1 HssDRV6;Hotspot Shield Routing Driver 6;C:\Windows\System32\Drivers\hssdrv6.sys [2013-8-16 46792]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\Drivers\klim6.sys [2012-8-3 28504]
R1 klwfp;klwfp;C:\Windows\System32\Drivers\klwfp.sys [2013-8-3 50448]
R1 kneps;kneps;C:\Windows\System32\Drivers\kneps.sys [2013-8-3 178448]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-12-19 240640]
R2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [2012-12-21 356968]
R2 CSObjectsSrv;CryptoStorage control service;C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [2012-12-21 819040]
R2 DefaultTabUpdate;DefaultTabUpdate;C:\Users\dragunov\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe [2013-8-21 107520]
R2 hshld;Hotspot Shield Service;C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2013-7-25 853800]
R2 HssWd;Hotspot Shield Monitoring Service;C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [2013-7-25 548136]
R2 PanService;PandoraService;C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe [2013-8-1 1922600]
R3 amdkmafd;AMD Audio Bus Lower Filter;C:\Windows\System32\Drivers\amdkmafd.sys [2012-12-19 21752]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\Drivers\AtihdW86.sys [2012-12-21 104184]
R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\Windows\System32\Drivers\klkbdflt.sys [2012-9-4 29016]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\Drivers\klmouflt.sys [2012-9-4 29528]
R3 RTL8023x64;Realtek 10/100 NIC Family NDIS x64 Driver;C:\Windows\System32\Drivers\Rtnic64.sys [2012-6-2 51712]
R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2012-6-2 589824]
R3 taphss6;Anchorfree HSS VPN Adapter;C:\Windows\System32\Drivers\taphss6.sys [2013-6-21 42184]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-26 198656]
S?3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2013-8-22 25928]
S0 klelam;klelam;C:\Windows\System32\Drivers\klelam.sys [2012-7-28 29616]
S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-8-22 418376]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-8-22 701512]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent;C:\Windows\System32\Drivers\nmwcdnsux64.sys [2011-8-17 171008]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\Windows\System32\Drivers\nvstusb.sys [2013-5-8 448288]
S3 vmbusr;Virtual Machine Bus Provider;C:\Windows\System32\Drivers\vmbusr.sys [2012-7-26 117248]
.
=============== Created Last 30 ================
.
2013-08-21 22:03:26 -------- d-----w- C:\Users\dragunov\AppData\Roaming\Malwarebytes
2013-08-21 22:03:22 -------- d-----w- C:\ProgramData\Malwarebytes
2013-08-21 22:03:21 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-08-21 22:03:21 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-21 21:20:08 -------- d-----w- C:\Program Files (x86)\MyPC Backup
2013-08-21 21:17:56 -------- d-----w- C:\Users\dragunov\AppData\Roaming\DefaultTab
2013-08-21 02:42:05 -------- d-----w- C:\Windows\Simple Shutdown Timer
2013-08-21 02:42:05 -------- d-----w- C:\Program Files (x86)\Simple Shutdown Timer
2013-08-20 02:16:40 240304 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10214.bin
2013-08-16 04:07:07 46792 ----a-w- C:\Windows\System32\drivers\hssdrv6.sys
2013-08-15 22:38:33 -------- d-----w- C:\ProgramData\Hotspot Shield
2013-08-15 22:38:17 -------- d-----w- C:\Program Files (x86)\Hotspot Shield
2013-08-15 22:38:07 -------- d-----w- C:\Users\dragunov\AppData\Roaming\Hotspot Shield
2013-08-15 13:31:15 -------- d-----w- C:\Program Files (x86)\HDD Regenerator
2013-08-15 13:30:44 -------- d-----w- C:\Users\dragunov\AppData\Local\Downloaded Installations
2013-08-13 19:29:06 144384 ----a-w- C:\Windows\System32\tssdisai.dll
2013-08-12 16:01:39 -------- d-----w- C:\Users\dragunov\AppData\Roaming\tor
2013-08-12 12:38:12 -------- d-----w- C:\Users\dragunov\AppData\Local\arw
2013-08-12 01:55:47 -------- d-----w- C:\Users\dragunov\AppData\Local\TeknoGods
2013-08-12 00:57:05 -------- d-----w- C:\Users\dragunov\MW3Download
2013-08-10 15:42:28 -------- d-----w- C:\Users\dragunov\AppData\Roaming\PowerISO
2013-08-10 15:41:43 126872 ----a-w- C:\Windows\System32\drivers\scdemu.sys
2013-08-10 15:41:42 -------- d-----w- C:\Program Files (x86)\PowerISO
2013-08-07 23:26:37 -------- d-----w- C:\Windows\SysWow64\Hotspot Shield
2013-08-07 10:15:25 -------- d-----w- C:\Users\dragunov\AppData\Local\Diagnostics
2013-08-02 22:34:45 90208 ----a-w- C:\Windows\System32\drivers\klflt.sys
2013-08-02 22:34:45 50448 ----a-w- C:\Windows\System32\drivers\klwfp.sys
2013-08-02 22:34:45 178448 ----a-w- C:\Windows\System32\drivers\kneps.sys
2013-08-02 21:38:57 -------- d-----w- C:\Users\dragunov\AppData\Local\GHISLER
2013-08-02 17:12:35 64856 ----a-w- C:\Windows\System32\klfphc.dll
2013-08-02 17:12:19 67344 ----a-w- C:\Windows\System32\drivers\CSVirtualDiskDrv.sys
2013-08-02 17:12:18 98064 ----a-w- C:\Windows\System32\drivers\CSCrySec.sys
2013-08-02 17:11:40 -------- d-----w- C:\Program Files (x86)\Common Files\InfoWatch
2013-08-02 17:11:31 -------- d-----w- C:\ProgramData\Kaspersky Lab
2013-08-02 17:11:31 -------- d-----w- C:\Program Files (x86)\Kaspersky Lab
2013-08-02 10:56:47 9013136 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BBC1518B-EC58-4E25-93AF-18AC5FF88644}\mpengine.dll
2013-08-02 09:50:00 545 ----a-w- C:\Windows\UC.PIF
2013-08-02 09:50:00 545 ----a-w- C:\Windows\RAR.PIF
2013-08-02 09:50:00 545 ----a-w- C:\Windows\PKZIP.PIF
2013-08-02 09:50:00 545 ----a-w- C:\Windows\PKUNZIP.PIF
2013-08-02 09:50:00 545 ----a-w- C:\Windows\LHA.PIF
2013-08-02 09:50:00 545 ----a-w- C:\Windows\ARJ.PIF
2013-08-02 09:49:59 -------- d-----w- C:\Users\dragunov\AppData\Roaming\GHISLER
2013-08-01 23:43:38 -------- d-----w- C:\Windows\sr-Cyrl-CS
2013-08-01 23:43:34 -------- d-----w- C:\Windows\SysWow64\wbem\sr-Cyrl-CS
2013-08-01 23:43:34 -------- d-----w- C:\Windows\SysWow64\sr-Cyrl-CS
2013-08-01 23:43:29 -------- d-----w- C:\Windows\System32\wbem\sr-Cyrl-CS
2013-08-01 23:43:29 -------- d-----w- C:\Windows\System32\sr-Cyrl-CS
2013-08-01 22:39:05 16114176 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-08-01 22:39:05 15541248 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-08-01 22:25:59 804352 ----a-w- C:\Windows\System32\RecoveryDrive.exe
2013-08-01 22:18:25 1913344 ----a-w- C:\Windows\System32\crypt32.dll
2013-08-01 22:18:24 68096 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-08-01 22:18:24 1592832 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-08-01 22:18:24 141312 ----a-w- C:\Windows\System32\cryptnet.dll
2013-08-01 22:18:24 1255936 ----a-w- C:\Windows\System32\certutil.exe
2013-08-01 22:18:24 109056 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-08-01 22:18:24 1013248 ----a-w- C:\Windows\SysWow64\certutil.exe
2013-08-01 22:18:14 2893824 ----a-w- C:\Windows\System32\msmpeg2vdec.dll
2013-08-01 22:18:14 2400256 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll
2013-08-01 22:17:08 2035200 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\InkObj.dll
2013-08-01 22:17:08 1617920 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2013-08-01 22:17:08 1318912 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2013-08-01 22:17:08 1306112 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2013-08-01 22:17:08 1272320 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2013-08-01 22:17:07 1413632 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\InkObj.dll
2013-08-01 22:17:07 1029632 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\journal.dll
2013-08-01 22:15:48 1300992 ----a-w- C:\Windows\System32\gdi32.dll
2013-08-01 22:09:14 -------- d-----w- C:\Users\dragunov\AppData\Roaming\AIMP3
2013-08-01 20:17:30 -------- d-----w- C:\Users\dragunov\AppData\Local\Microsoft Games
2013-08-01 19:27:59 -------- d-----w- C:\Users\dragunov\AppData\Local\VirtualStore
2013-08-01 12:00:18 -------- d-----w- C:\ProgramData\APN
2013-08-01 12:00:03 -------- d-----w- C:\Program Files (x86)\PANDORA.TV
2013-08-01 11:00:42 50784 ----a-w- C:\ProgramData\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin
2013-08-01 11:00:33 17536 ----a-w- C:\ProgramData\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2013-08-01 09:51:43 -------- d-----w- C:\Windows\Panther
2013-08-01 09:44:35 -------- d-----w- C:\Users\dragunov\AppData\Local\Google
2013-08-01 09:43:07 -------- d-----w- C:\Users\dragunov\AppData\Local\Macromedia
2013-08-01 09:37:01 -------- d-----w- C:\Users\dragunov\AppData\Local\Mozilla
2013-08-01 09:33:59 53248 ----a-w- C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\MCESidebarCtrl.dll
2013-08-01 09:02:59 529424 ----a-w- C:\Windows\System32\d3dx10_37.dll
2013-08-01 09:01:36 -------- d-----w- C:\Users\dragunov\AppData\Local\Packages
2013-08-01 08:57:26 -------- d-sh--w- C:\Recovery
2013-08-01 08:55:24 0 ----a-w- C:\Windows\ativpsrm.bin
2013-08-01 08:55:16 -------- d-----w- C:\Program Files\Common Files\ATI Technologies
.
==================== Find3M ====================
.
2013-08-01 09:04:10 108448 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2013-08-01 09:04:09 971680 ----a-w- C:\Windows\System32\deployJava1.dll
2013-08-01 09:04:09 1092512 ----a-w- C:\Windows\System32\npDeployJava1.dll
2013-08-01 09:04:01 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-08-01 09:03:59 866720 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-08-01 09:03:59 788896 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-06-21 01:09:44 42184 ----a-w- C:\Windows\System32\drivers\taphss6.sys
2013-06-01 09:25:03 496640 ----a-w- C:\Windows\SysWow64\qedit.dll
2013-06-01 09:21:34 595968 ----a-w- C:\Windows\System32\qedit.dll
2013-05-30 23:14:23 4036096 ----a-w- C:\Windows\System32\win32k.sys
.
============= FINISH: 1:01:23,47 ===============

https://www.mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Arrow Korak 1

Ukloni sa MBAM-om pronađene stavke.



Arrow Korak 2

Preuzmi "Xplode"-ov AdwCleaner i sačuvaj ga na Desktop
Dvoklikom pokreni program.
Klikni na dugme Scan i sačekaj da se završi skeniranje.
Klikni na dugme Clean i pričekaj da program završi.
Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu.
Na sljedeća dva prozora koja se otvore (Informations i Restart required ) klikni OK

Računar će se restartovati, a potom otvoriti Notepad (C:\AdwCleaner[S1].txt) sa izvještajem.
Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl"

Napomena: Izvještaj ce takođe biti sačuvan na C:\Adwcleaner\AdwCleaner[0].txt



Arrow Korak 3

Preuzmite program GMER sa donjeg linka na Desktop:


GMER download
Kliknite dati link;
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberite Desktop i kliknite Save.



Dvoklikom pokrenite GMER.
Sačekajte da se završi uvodno skeniranje - ukoliko se pojavi bilo kakav upit, kliknite No;

kliknite Scan i sačekajte da skeniranje bude završeno;

kliknite Save ... - izveštaj sačuvajte na Desktop (pod nazivom Gmer1);

kliknite desnim tasterom u prozor programa Gmer i odaberite Options > 3rd party - kliknite Scan;

po završetku skeniranja kliknite Save ... - izveštaj sačuvajte na Desktop (pod nazivom Gmer2);

kliknite taster >>> i odaberite Autostart karticu;

po završetku kratkotrajnog skeniranja, kliknite Copy;

otvorite Notepad i u njega postavite kopirani tekst - izveštaj sačuvajte na Desktop (pod nazivom Gmer3);


Slikoviti prikaz postupka

Priložite sva tri izveštaja uz poruku korišćenjem opcije Prikači fajl.

offline
  • Pridružio: 24 Jun 2012
  • Poruke: 626

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

U postavljenim izvještajima ne vidim tragove aktivnog malware-a.


Arrow

Ponovo pokreni AdwCleaner
Klikni na dugme Uninstall i pričekaj da se postupak deinstalacije završi.




Arrow

Posjeti temu Testirajte da li vam je pretraživač ranjiv, pročitaj i isprati link koji stoji u njoj.



Arrow

Preporučujem da za zaštitu USB memorijskih uređaja koristiš MCShield.
Nema nikakve veze sa antivirus-om tj. neće ometati njegov rad, a pokazao se kao jedan od najboljih vida zaštite od malware-a koji se prenosi putem USB mem. uređaja.


Home Page MCShield-a: http://www.mcshield.net

Više o MCShield-u možeš saznati u ovoj temi: http://www.mycity.rs/MyCity-Laboratorija/MCShield-v2.html

Facebook stranica MCShield-a: http://www.facebook.com/MCShield

offline
  • Pridružio: 24 Jun 2012
  • Poruke: 626

Ali zbog cega Kaspersky pure nije reagovao?Meni je MBAM odamh uklonio probleme ali Kaspersky se nije odazvao.

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

daksi990 ::Ali zbog cega Kaspersky pure nije reagovao?Meni je MBAM odamh uklonio probleme ali Kaspersky se nije odazvao.

Zato što je Malwarebytes započeo inkviziciju protiv PUA, a Kaspersky ubacuje detekciju za PUA samo ako utvrde da se dotični uglavnom instalira bez saglasnosti korisnika. To što je MBAM detektovao nije bio malware.

offline
  • Pridružio: 24 Jun 2012
  • Poruke: 626

Pa mozes li da ovako uprosceno objasnis posto se u to ne razumem a admin moze tek krajem meseca da me primi u skoli amf-a Smile

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

U Ambulanti se isključivo bavimo malware-om, a što se tiče tvojih nedoumica prelsitaj teme u Zaštiti.

Ko je trenutno na forumu
 

Ukupno su 505 korisnika na forumu :: 18 registrovanih, 1 sakriven i 486 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., aramis s, Dorcolac, dragon986, Drug pukovnik, Džordžino, HrcAk47, kuntalo, Marko Marković, MB120mm, miodrag, Neutral-M, raykan, RecA, shaja1, virked, Wisdomseeker, yoshich