Jump to content

maki

Member
  • Posts

    132
  • Joined

  • Last visited

Posts posted by maki

  1. C:\Program Files (x86)\Aml Pages\uninst.exe

    Malware.Win32.Gen.2E9D.sm!ff

    AppData\Local\JDownloader v2.0\tools\Windows\elevate\Elevate64.exe

    Malware.Win64.Gen.sm!s1

    AppData\Roaming\Internet Download Accelerator\Plugins\videoserv.dll

    Malware.Win32.Gen.2A4D.sm!ff

    Documents\ReplacePL\ReplacePL.exe

    Trojan.Win32.Gen.bot!i

    AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\ReplacePL.lnk

    Trojan.Win32.Gen.bot!i

    CrUpd2015R04.exe

    Malware.Win32.Gen.sm!s1

    Programs\smpro_dm.exe

    Malware.Win32.Gen.sm!s1

    updater_cc.exe

    Malware.Win32.Gen.1A70.sm!ff

  2. Windows 7 64-bit
    Vers. EEK 9.0.0.4523
     
    After completing the scan, the program has stopped responding...
     
    Closing the application causes loss of information.
    I do not want to repeat the scan, which takes a long time!!!
    Where is option "Recover previous sessions if an application crashes"?
    How to unfreeze the application unstable?


    Emsisoft Emergency Kit - wersja 9.0
    Ostatnia aktualizacja: 2014-10-19 20:57:12
    Nazwa użytkownika:

    Ustawienia skanera:

    Typ skanu: Użytkownika
    Obiekty: Rootkity, Pamięć, Ślady, C:\

    Wykrywanie PNP: Włączone
    Skanowanie plików skompresowanych: Włączone
    Skanowanie ADS: Włączone
    Filtr rozszerzeń plików: Wyłączone
    Zaawansowana pamięć podręczna: Włączone
    Dezpośredni dostęp do dysku: Wyłączone

    Skanowanie uruchomiono: 2014-11-27 22:12:13
    Key: HKEY_USERS\S-1-5-21-2526565877-3954789630-2661102657-1000\SOFTWARE\FOXY Wykryto: Adware.Win32.AdBundle (A)
    Value: HKEY_USERS\S-1-5-21-2526565877-3954789630-2661102657-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN -> FOXY Wykryto: Adware.Win32.AdBundle (A)
    C:\Users\****\Downloads\ipla_downloader (1).exe Wykryto: Trojan.GenericKD.1884343 (B) FALSE http://support.emsisoft.com/topic/15906-false-detection/
    C:\Users\****\Downloads\MI PONY 2.2.1\uninst.exe Wykryto: Trojan.Generic.11942355 (B) http://www.mipony.net/en/
    C:\Users\****\Pictures\DLL.dll Wykryto: Gen:Variant.Symmi.19493 (B) FALSE http://support.emsisoft.com/topic/15934-eurekalab-dll-level-of-risk-high/
    C:\Users\****\Pictures\ipla_downloader.exe Wykryto: Trojan.GenericKD.1884343 (B) FALSE http://support.emsisoft.com/topic/15906-false-detection/
    C:\Users\****\Pictures\ipla_downloader.exe.dat Wykryto: Trojan.GenericKD.1884343 (B) FALSE http://support.emsisoft.com/topic/15906-false-detection/
    C:\Users\****\Pictures\ipla_downloader.zip -> ipla_downloader.exe Wykryto: Trojan.GenericKD.1884343 (B) FALSE http://support.emsisoft.com/topic/15906-false-detection/
    C:\Users\****\Pictures\rsload.net. Wykryto: Trojan.Generic.11714828 (B)

    Przeskanowano: 239535
    Wykryto: 9

    Koniec skanu: 2014-11-27 22:42:59
    Skan trwał: 0:30:46

     
    csdcsdcdcdcdcdc.jpg
     Screen%20Shot%2011-27-14%20at%2011.05%20

  3. 
    

    Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64Copyright (c)

    Microsoft Corporation. All rights reserved.

    Loading Dump File [C:\LocalDumps\checkDisk.exe.10852.dmp]User Mini

    Dump File: Only registers, stack and portions of memory are available

    Symbol search path is:

    SRV*C:\Symbols*http://msdl.microsoft.com/download/symbolsExecutable search

    path is:Windows 7 Version 7601 (Service Pack 1) MP (4 procs) Free

    x64Product: WinNt, suite: SingleUserTSMachine Name:Debug session

    time: Thu Oct 30 12:15:28.000 2014 (UTC + 1:00)System Uptime: not

    availableProcess Uptime: 0 days

    0:00:15.000.....................................................Loading

    unloaded module list..This dump file has an exception of interest stored

    in it.The stored exception information can be accessed via

    .ecxr.(2a64.2a6c): Unknown exception - code 0eedfade (first/second chance

    not available)KERNELBASE!RaiseException+0x39:000007fe`fd8b940d

    4881c4c8000000  add     rsp,0C8h0:000>

  4. I can not use Emsisoft because my EXPLORER.EXE is randomly crashes when the application is installed:

     

     

     

     

    Nazwa aplikacji powodującej błąd: Explorer.EXE, wersja: 6.1.7601.17567, 
    sygnatura czasowa: 0x4d672ee4Nazwa modułu powodującego błąd: a2start.exe, 
    wersja: 0.0.0.0, sygnatura czasowa: 0x00000000Kod wyjątku: 
    0xc0000005Przesunięcie błędu: 0x00000000089e0fd8Identyfikator procesu 
    powodującego błąd: 0xfccGodzina uruchomienia aplikacji powodującej błąd: 
    0x01cfee76d20f4f19Ścieżka aplikacji powodującej błąd: 
    C:\Windows\Explorer.EXE
    Ścieżka modułu powodującego błąd: a2start.exe
  5. Program always Crash...
     
     
    Emsisoft Anti-Malware - eurekalog:

     
     

    Version : 7.0.6.0Date : Fri, 24 Oct 2014 12:17:48 +0200OS : Microsoft 
    Windows 7 (64 bit)RAD : BDS 7.0Dump : $89 $3C $B0 $FF $43 $08 $85 $FF 
    $74 $17 $8B $13 $89 $D0 $3B $05 $50 $CB $44 $00 $74 $0B $33 $C9 $8B $D7 $8B $C3 
    $8B $18 $FF $53Section : ExceptionHandlerHookDescr :Address : 
    $004585D8 - [00400000] a2start.exe - - - - 0[0]Module : 
    a2start.exeException : EAccessViolationMessage : Access violation at 
    address 004585D8 in module 'a2start.exe'. Write of address 21B216E8Call 
    Stack : 00 $004585D8 - [00400000] a2start.exe01 $004585D8 - [00400000] 
    a2start.exeLastAddr :LastModule :LastException 
    :LastMessage :Call Stack :ActiveObj : (Non-Delphi exception) 
    External exception C0000005 00000008 00000000ActiveAddr : $00000000 - 
    [00000000] a2start.exe - - - - 0[0]Bug report file is located 
    here:C:\Users\ADMINISTRATOR\AppData\Roaming\EurekaLab s.a.s\EurekaLog\Bug 
    Reports\a2start.exe\a2start.logLearn more about internal errors (for 
    developers):http://www.eurekalog.com/help/eurekalog/internal_errors.php
  6. Hmmm.. I installed the system on Tuesday in July 2014 - and I have to install the new system?
    This is completely nonsense...

     

    I proved once that security software F-Secure causes a similar problem 0x124 and released the appropriate patch, so why do you think that your software is free from defects and does not cause a BSOD? Because 99% of users did not have such problems? I'm the 1% super-advanced user;)

  7. Emsisoft Anti-Malware Blue Screen

     

    I installed a NEW-FRESH system Win7 64-bit and installed your software Emsisoft Anti-Malware Blue Screen (after installation)

     

     

     

     

    DUMP file:

    http://speedy.sh/GY6KM/080514-26052-01.dmp

    CMD:
    C:\Windows\system32>sfc /SCANFILE=C:\Windows\system32\ntoskrnl.exe

     

    CMD:
    C:\Windows\system32>sfc /SCANFILE=C:\Windows\system32\hal.dll

    The Windows Resource Protection not found integrity violations.

     

  8. Farbar Recovery Scan Tool

    I clicked the "Scan" button
    and to reset the computer, crash...
    "Black Screen of Death" with a blinking cursor.
    Safe Mode - does not work.

    The disk shows the RAW file (all data has been erased)

    and completely destroyed the system and data ?
     

  9. Program of the Polish Emsisoft Anti-Malware

     

     - Rootkity nie mogą być automatycznie usunięte.Proszę skontaktować się z ekspertami na forum online Emsisoftu by ręcznie usunąć to złośliwe oprogramowanie: http://support.emsisoft.com

     

    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{7AAA03A1-F50C-44DD-9C04-FFC6153581B2}  Wykryto: Rogue.Win32.FakeSpy (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{9DB2D6CE-4190-45CD-A229-92D0D5E1432E}  Wykryto: Rogue.Win32.FakeSpy (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{D283321C-786E-4492-805D-871455241A85}  Wykryto: Rogue.Win32.FakeSpy (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{DA818347-ABC4-4795-B451-CFDF75095421}  Wykryto: Rogue.Win32.FakeSpy (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{DC22EAC4-E272-41CE-A90C-3045917B08D3}  Wykryto: Rogue.Win32.FakeSpy (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{DD31AEA7-41B4-4E29-B49D-040D63C3B508}  Wykryto: Rogue.Win32.FakeSpy (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{E660977E-5E00-45BC-8BA1-D51BD55E5B5D}  Wykryto: Rogue.Win32.FakeSpy (A)

     

    Please help. Thanks.
     

×
×
  • Create New...