|
Poslao: 08 Apr 2011 19:36
|
offline
- Pridružio: 03 Nov 2007
- Poruke: 42
|
Problem se javlja pri prenosu podataka na flash memoriju ili mp3 , na flash memoriju se prenosi program (virus) autorun koji kasnije stvara probleme sa podacima na memoriji i samom flashu na koji ne mogu vise da se prenose podaci.Desava se i da flash ne moze da se formatira.
Antivirus nod 32 ne detektuje ovaj virus.
Konekcija ADSL 1,5 mbps..Unapred hvala 
.
DDS (Ver_11-03-05.01) - NTFSx86
Run by jovana at 0:59:59,82 on uto 15.03.2011
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_20
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.446.145 [GMT 1:00]
.
AV: ESET NOD32 Antivirus 3.0 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
============== Running Processes ===============
.
D:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
D:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
D:\WINDOWS\system32\spoolsv.exe
svchost.exe
D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\WINDOWS\system32\svchost.exe -k imgsvc
D:\WINDOWS\system32\wuauclt.exe
D:\WINDOWS\Explorer.EXE
svchost.exe
D:\WINDOWS\system32\VTTimer.exe
D:\WINDOWS\system32\S3trayp.exe
D:\WINDOWS\SOUNDMAN.EXE
D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
D:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
D:\Program Files\Conexant\Adsl\dslstat.exe
D:\Program Files\Conexant\Adsl\dslagent.exe
D:\Program Files\Common Files\Java\Java Update\jusched.exe
D:\WINDOWS\FixCamera.exe
D:\WINDOWS\vsnpstd3.exe
D:\WINDOWS\tsnpstd3.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Windows Live\Messenger\msnmsgr.exe
D:\Program Files\Windows Live\Contacts\wlcomm.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Mozilla Firefox\plugin-container.exe
D:\Documents and Settings\jovana\Desktop\dds.scr
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://mn.iamwired.net/
uSearch Page = hxxp://search.live.com
mDefault_Search_URL = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=
uInternet Connection Wizard,ShellNext = hxxp://www.ask.com/?o=13928&l=dis
uSearchURL,(Default) = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=%s
mSearchAssistant = hxxp://search.live.com/sphome.aspx
uURLSearchHooks: DefaultSearchHook Class: {c94e154b-1459-4a47-966b-4b843befc7db} - d:\program files\asksearch\bin\DefaultSearch.dll
mWinlogon: Taskman=d:\documents and settings\jovana\fswagz.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - d:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Windows Live pomagac za prijavljivanje: {9030d464-4c02-4abf-8ecc-5164760863c6} - d:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - d:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - d:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [ctfmon.exe] d:\windows\system32\ctfmon.exe
uRun: [Skype] "d:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [msnmsgr] "d:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [King_ar] d:\windows\system32\arking.exe
uRun: [api32] d:\docume~1\jovana\locals~1\temp\apiqq.exe
mRun: [VTTimer] VTTimer.exe
mRun: [S3Trayp] S3trayp.exe
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [Adobe Reader Speed Launcher] "d:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [NeroFilterCheck] d:\windows\system32\NeroCheck.exe
mRun: [egui] "d:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice
mRun: [ISUSPM Startup] "d:\program files\common files\installshield\updateservice\isuspm.exe" -startup
mRun: [ISUSScheduler] "d:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [DSLSTATEXE] d:\program files\conexant\adsl\dslstat.exe icon
mRun: [DSLAGENTEXE] d:\program files\conexant\adsl\dslagent.exe
mRun: [SunJavaUpdateSched] "d:\program files\common files\java\java update\jusched.exe"
mRun: [FixCamera] d:\windows\FixCamera.exe
mRun: [snpstd3] d:\windows\vsnpstd3.exe
mRun: [tsnpstd3] d:\windows\tsnpstd3.exe
StartupFolder: d:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - d:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
IE: E&xport to Microsoft Excel - d:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - d:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - d:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: {E832A8A0-D18F-421D-9DC5-CEAE9E4CE9ED} = 77.105.0.19 77.105.0.18
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -
Notify: cryptnet32 - cryptnet32.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - d:\docume~1\jovana\applic~1\mozilla\firefox\profiles\7dfta64z.default\
FF - prefs.js: browser.search.defaulturl - hxxp://mn.iamwired.net/websearch.php?src=tops&search=
FF - prefs.js: browser.search.selectedEngine - Search
FF - prefs.js: browser.startup.homepage - hxxp://mn.iamwired.net/
FF - prefs.js: keyword.URL - hxxp://mn.iamwired.net/websearch.php?src=tops&search=
FF - plugin: d:\documents and settings\jovana\application data\facebook\npfbplugin_1_0_3.dll
FF - plugin: d:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - d:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype extension for Firefox: {B13721C7-F507-4982-B2E5-502A71474FED} - d:\program files\mozilla firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - d:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - d:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - d:\program files\java\jre6\lib\deploy\jqs\ff
.
============= SERVICES / DRIVERS ===============
.
R1 epfwtdir;epfwtdir;d:\windows\system32\drivers\epfwtdir.sys [2007-12-21 33800]
R3 S3GIGP;S3GIGP;d:\windows\system32\drivers\S3gIGPm.sys [2009-5-20 808448]
S3 qcusbser;Modem Interface USB Device for Legacy Serial Communication;d:\windows\system32\drivers\qcusbser.sys [2010-11-3 103552]
.
=============== Created Last 30 ================
.
2011-03-28 14:00:58 174592 --sh--r- D:\albkpq3.exe
2011-02-14 08:56:37 78848 --sh--r- d:\documents and settings\jovana\fswagz.exe
2011-02-13 12:29:31 -------- d-----w- d:\docume~1\alluse~1\applic~1\MumboJumbo
.
==================== Find3M ====================
.
2011-03-14 23:53:38 131584 --sh--r- d:\windows\system32\arking0.dll
2011-03-14 18:32:09 130048 --sh--r- d:\windows\system32\arking1.dll
2011-03-08 18:07:40 298477 ----a-w- d:\windows\system32\shimg.dll
2011-03-08 14:11:46 198144 --sh--r- d:\windows\system32\arking.exe
2011-02-16 09:19:45 2516 --sha-w- d:\windows\system32\KGyGaAvL.sys
2011-01-28 08:20:55 49152 ----a-w- d:\windows\system32\cryptnet32.dll
2011-01-11 13:08:09 115712 --sh--r- d:\windows\system32\mgking0.dll
.
============= FINISH: 1:01:05,42 ===============
GMER 1.0.15.15570 - gmer.net
Rootkit quick scan 2011-03-15 19:20:50
Windows 5.1.2600 Service Pack 2 Harddisk1\DR1 -> \Device\Ide\IdeDeviceP2T0L0-13 Maxtor_6E030L0 rev.NAR61590
Running: q3lldlwz.exe; Driver: D:\DOCUME~1\jovana\LOCALS~1\Temp\pxtdqpoc.sys
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET)
AttachedDevice \Driver\Tcpip \Device\Tcp epfwtdir.sys
---- EOF - GMER 1.0.15 ----
GMER 1.0.15.15570 - gmer.net
Rootkit scan 2011-03-15 19:21:14
Windows 5.1.2600 Service Pack 2
Running: q3lldlwz.exe; Driver: D:\DOCUME~1\jovana\LOCALS~1\Temp\pxtdqpoc.sys
---- Modules - GMER 1.0.15 ----
Module viaide.sys (Generic PCI IDE Bus Driver/Microsoft Corporation) F7B60000-F7B62000 (8192 bytes)
Module viamraid.sys (VIA AHCI RAID DRIVER FOR WIN 2000/XP/VIA Technologies inc,.ltd) F74A6000-F74BF000 (102400 bytes)
Module PxHelp20.sys (Px Engine Device Driver for Windows 2000/XP/Sonic Solutions) F78EC000-F78F1000 (20480 bytes)
Module \SystemRoot\system32\DRIVERS\S3gIGPm.sys (S3 Graphics 86c700-series Miniport/S3 Graphics Co., Ltd.) F725D000-F7329000 (835584 bytes)
Module \SystemRoot\system32\DRIVERS\RTL8139.SYS (Realtek RTL8139 NDIS 5.0 Driver/Realtek Semiconductor Corporation) F798C000-F7992000 (24576 bytes)
Module \SystemRoot\system32\drivers\ALCXWDM.SYS (Realtek AC'97 Audio Driver (WDM)/Realtek Semiconductor Corp.) F6E2C000-F7203000 (4026368 bytes)
Module \SystemRoot\system32\DRIVERS\ptilink.sys (Parallel Technologies DirectParallel IO Library/Parallel Technologies, Inc.) F79DC000-F79E1000 (20480 bytes)
Module \SystemRoot\system32\DRIVERS\epfwtdir.sys F775C000-F7768000 (49152 bytes)
Module \SystemRoot\system32\DRIVERS\easdrv.sys (Eset AntiStealth driver/ESET) F779C000-F77A7000 (45056 bytes)
Module \SystemRoot\system32\DRIVERS\gwausb.sys (USB ADSL Driver/Conexant Systems Inc.) F4DA7000-F4DCE000 (159744 bytes)
Module \SystemRoot\System32\S3gIGP.dll (S3 Graphics 86c700-series Display Driver/S3 Graphics Co., Ltd.) BF012000-BF0D7000 (806912 bytes)
Module \SystemRoot\System32\s3gcil_inv.dll BF0D7000-BF3C1000 (3055616 bytes)
Module \SystemRoot\system32\DRIVERS\eamon.sys (Amon monitor/ESET) EFA05000-EFA52000 (315392 bytes)
Module \??\D:\DOCUME~1\jovana\LOCALS~1\Temp\pxtdqpoc.sys (GMER) EEF18000-EEF31000 (102400 bytes)
---- Processes - GMER 1.0.15 ----
Process D:\WINDOWS\Explorer.EXE (Windows Explorer/Microsoft Corporation) 412
Library D:\DOCUME~1\jovana\LOCALS~1\Temp\apiqq0.dll 0x10000000
Library D:\WINDOWS\system32\arking0.dll 0x01CD0000
Process D:\WINDOWS\system32\winlogon.exe (Windows NT Logon Application/Microsoft Corporation) 536
Library D:\WINDOWS\system32\cryptnet32.dll 0x01140000
Process D:\Program Files\Common Files\Java\Java Update\jusched.exe (Java(TM) Update Scheduler/Sun Microsystems, Inc.) 680
Library D:\Program Files\Common Files\Java\Java Update\jusched.exe (Java(TM) Update Scheduler/Sun Microsystems, Inc.) 0x00400000
Process D:\WINDOWS\system32\VTTimer.exe (S3 Graphics, Inc.) 688
Library D:\WINDOWS\system32\VTTimer.exe (S3 Graphics, Inc.) 0x00400000
Process D:\WINDOWS\system32\S3trayp.exe (s3contrl (32-bit)/S3 Graphics Co., Ltd.) 780
Library D:\WINDOWS\system32\S3trayp.exe (s3contrl (32-bit)/S3 Graphics Co., Ltd.) 0x00400000
Library D:\WINDOWS\system32\S3Cfg3d.dll (S3Config3D Utility/S3 Graphics Co., Ltd.) 0x6B600000
Library D:\WINDOWS\system32\S3Disply.dll (S3 multi-chip display switch utility (32-bit)/S3 Graphics Co., Ltd.) 0x6BB00000
Library D:\WINDOWS\system32\S3Gamma2.dll (S3Gamma Plus (32-bit)/S3 Graphics Co., Ltd.) 0x6BE00000
Library D:\WINDOWS\system32\S3Info2.dll (S3 Graphics Display Adapter Information Utility (32-bit)/S3 Graphics Co., Ltd.) 0x6C000000
Library D:\WINDOWS\system32\S3Ovrlay.dll (S3ColorPus/S3Overlay Utility/S3 Graphics Co., Ltd.) 0x6C200000
Process D:\WINDOWS\SOUNDMAN.EXE (Realtek Sound Manager/Realtek Semiconductor Corp.) 860
Library D:\WINDOWS\SOUNDMAN.EXE (Realtek Sound Manager/Realtek Semiconductor Corp.) 0x00400000
Process D:\WINDOWS\system32\spoolsv.exe (Spooler SubSystem App/Microsoft Corporation) 1112
Library D:\WINDOWS\system32\mdimon.dll (Microsoft® Document Imaging/Microsoft Corporation) 0x00980000
Library D:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll (Microsoft® Document Imaging/Microsoft Corporation) 0x00990000
Process D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (Eset GUI/ESET) 1160
Library D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (Eset GUI/ESET) 0x00400000
Library D:\Program Files\ESET\ESET NOD32 Antivirus\eguiScan.dll (Eset On-demmand Scanner GUI/ESET) 0x21C00000
Library D:\Program Files\ESET\ESET NOD32 Antivirus\eguiAmon.dll (Eset Amon GUI/ESET) 0x21400000
Library D:\Program Files\ESET\ESET NOD32 Antivirus\eguiUpdate.dll (Eset Update GUI/ESET) 0x21200000
Library D:\Program Files\ESET\ESET NOD32 Antivirus\eguiMailPlugins.dll (Eset MailPlugins GUI/ESET) 0x22B00000
Library D:\WINDOWS\system32\arking0.dll 0x10000000
Library D:\DOCUME~1\jovana\LOCALS~1\Temp\apiqq0.dll 0x01470000
Process D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (Eset Service/ESET) 1228
Library D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (Eset Service/ESET) 0x00400000
Library D:\Program Files\ESET\ESET NOD32 Antivirus\ekrnScan.dll (Eset On-demmand Scanner Kernel/ESET) 0x21E00000
Library D:\Program Files\ESET\ESET NOD32 Antivirus\ekrnAmon.dll (Eset Amon Service/ESET) 0x21300000
Library D:\Program Files\ESET\ESET NOD32 Antivirus\ekrnMailPlugins.dll (Eset MailPlugins Service/ESET) 0x22900000
Process D:\Program Files\Java\jre6\bin\jqs.exe (Java(TM) Quick Starter Service/Sun Microsystems, Inc.) 1252
Library D:\Program Files\Java\jre6\bin\jqs.exe (Java(TM) Quick Starter Service/Sun Microsystems, Inc.) 0x00400000
Process D:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Update Service Scheduler/Macrovision Corporation) 1292
Library D:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Update Service Scheduler/Macrovision Corporation) 0x00400000
Process D:\Program Files\Conexant\Adsl\dslstat.exe (DSL Status Executable/Conexant Systems, Inc.) 1300
Library D:\Program Files\Conexant\Adsl\dslstat.exe (DSL Status Executable/Conexant Systems, Inc.) 0x00400000
Library D:\Program Files\Conexant\Adsl\DbgMode.dll 0x10000000
Library D:\Program Files\Conexant\Adsl\CplEng.dll (DSL Status Language DLL/Conexant) 0x1C000000
Process D:\Program Files\Conexant\Adsl\dslagent.exe 1364
Library D:\Program Files\Conexant\Adsl\dslagent.exe 0x00400000
Process D:\WINDOWS\vsnpstd3.exe 1496
Library D:\WINDOWS\vsnpstd3.exe 0x00400000
Process D:\WINDOWS\FixCamera.exe 1556
Library D:\WINDOWS\FixCamera.exe 0x00400000
Process D:\WINDOWS\tsnpstd3.exe 1700
Library D:\WINDOWS\tsnpstd3.exe 0x00400000
Library D:\WINDOWS\system32\arking0.dll 0x10000000
Library D:\DOCUME~1\jovana\LOCALS~1\Temp\apiqq0.dll 0x00A70000
Process D:\Program Files\Windows Live\Messenger\msnmsgr.exe (Windows Live Messenger/Microsoft Corporation) 1780
Library D:\WINDOWS\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x74D90000
Library D:\WINDOWS\system32\arking0.dll 0x10000000
Library D:\DOCUME~1\jovana\LOCALS~1\Temp\apiqq0.dll 0x01980000
Library D:\WINDOWS\system32\devenum.dll 0x75F40000
Library D:\WINDOWS\system32\msdmo.dll 0x736B0000
Library D:\WINDOWS\system32\quartz.dll 0x74810000
Process D:\Documents and Settings\jovana\Desktop\q3lldlwz.exe 2296
Library D:\Documents and Settings\jovana\Desktop\q3lldlwz.exe 0x00400000
Library D:\WINDOWS\system32\arking0.dll 0x10000000
Library D:\DOCUME~1\jovana\LOCALS~1\Temp\apiqq0.dll 0x00B60000
---- Services - GMER 1.0.15 ----
Service D:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek AC'97 Audio Driver (WDM)/Realtek Semiconductor Corp.) [MANUAL] ALCXWDM
Service D:\WINDOWS\system32\DRIVERS\eamon.sys (Amon monitor/ESET) [AUTO] eamon
Service D:\WINDOWS\system32\DRIVERS\easdrv.sys (Eset AntiStealth driver/ESET) [SYSTEM] easdrv
Service D:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (Eset HTTP Server Service/ESET) [MANUAL] EhttpSrv
Service D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (Eset Service/ESET) [AUTO] ekrn
Service D:\WINDOWS\system32\DRIVERS\epfwtdir.sys [SYSTEM] epfwtdir
Service D:\Program Files\Java\jre6\bin\jqs.exe (Java(TM) Quick Starter Service/Sun Microsystems, Inc.) [AUTO] JavaQuickStarterService
Service Outlook
Service D:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies DirectParallel IO Library/Parallel Technologies, Inc.) [MANUAL] Ptilink
Service D:\WINDOWS\system32\DRIVERS\PxHelp20.sys (Px Engine Device Driver for Windows 2000/XP/Sonic Solutions) [BOOT] PxHelp20
Service D:\WINDOWS\system32\DRIVERS\qcusbser.sys (USB Modem/Serial Device Driver/TCT International Mobile Ltd) [MANUAL] qcusbser
Service D:\WINDOWS\system32\DRIVERS\RTL8139.SYS (Realtek RTL8139 NDIS 5.0 Driver/Realtek Semiconductor Corporation) [MANUAL] rtl8139
Service S3G700
Service D:\WINDOWS\system32\DRIVERS\S3gIGPm.sys (S3 Graphics 86c700-series Miniport/S3 Graphics Co., Ltd.) [MANUAL] S3GIGP
Service D:\WINDOWS\system32\DRIVERS\secdrv.sys [MANUAL] Secdrv
Service D:\WINDOWS\system32\DRIVERS\snpstd3.sys (USB PC Camera driver/Sonix Co. Ltd.) [MANUAL] SNPSTD3
Service D:\WINDOWS\system32\DRIVERS\StreamIP.sys (Microsoft IP Test Driver/Microsoft Corporation) [MANUAL] streamip
Service D:\WINDOWS\system32\DRIVERS\viaide.sys (Generic PCI IDE Bus Driver/Microsoft Corporation) [BOOT] ViaIde
Service (VIA AHCI RAID DRIVER FOR WIN 2000/XP/VIA Technologies inc,.ltd) [BOOT] viamraid
Service D:\WINDOWS\system32\DRIVERS\gwausb.sys (USB ADSL Driver/Conexant Systems Inc.) [MANUAL] wanusb
---- EOF - GMER 1.0.15 ----
GMER 1.0.15.15570 - gmer.net
Autostart scan 2011-03-15 19:36:29
Windows 5.1.2600 Service Pack 2
HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems@Windows = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon >>>
@UserinitD:\WINDOWS\system32\userinit.exe, = D:\WINDOWS\system32\userinit.exe,
@TaskmanD:\Documents and Settings\jovana\fswagz.exe = D:\Documents and Settings\jovana\fswagz.exe
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet32@DLLName = cryptnet32.dll
HKLM\SYSTEM\CurrentControlSet\Services\ >>>
ekrn@ = "D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe"
JavaQuickStarterService@ = "D:\Program Files\Java\jre6\bin\jqs.exe" -service -config "D:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"
HKLM\Software\Microsoft\Windows\CurrentVersion\Run >>>
@VTTimerVTTimer.exe = VTTimer.exe
@S3TraypS3trayp.exe = S3trayp.exe
@SoundManSOUNDMAN.EXE = SOUNDMAN.EXE
@Adobe Reader Speed Launcher"D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" = "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
@NeroFilterCheckD:\WINDOWS\system32\NeroCheck.exe = D:\WINDOWS\system32\NeroCheck.exe
@egui"D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice = "D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
@ISUSPM Startup"D:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup = "D:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
@ISUSScheduler"D:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start = "D:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
@DSLSTATEXED:\Program Files\Conexant\Adsl\dslstat.exe icon /*file not found*/ = D:\Program Files\Conexant\Adsl\dslstat.exe icon /*file not found*/
@DSLAGENTEXED:\Program Files\Conexant\Adsl\dslagent.exe = D:\Program Files\Conexant\Adsl\dslagent.exe
@SunJavaUpdateSched"D:\Program Files\Common Files\Java\Java Update\jusched.exe" = "D:\Program Files\Common Files\Java\Java Update\jusched.exe"
@FixCameraD:\WINDOWS\FixCamera.exe = D:\WINDOWS\FixCamera.exe
@snpstd3D:\WINDOWS\vsnpstd3.exe = D:\WINDOWS\vsnpstd3.exe
@tsnpstd3D:\WINDOWS\tsnpstd3.exe = D:\WINDOWS\tsnpstd3.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run >>>
@ctfmon.exeD:\WINDOWS\system32\ctfmon.exe = D:\WINDOWS\system32\ctfmon.exe
@Skype"D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized /*file not found*/ = "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized /*file not found*/
@msnmsgr"D:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background = "D:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
@King_arD:\WINDOWS\system32\arking.exe = D:\WINDOWS\system32\arking.exe
@api32D:\DOCUME~1\jovana\LOCALS~1\Temp\apiqq.exe = D:\DOCUME~1\jovana\LOCALS~1\Temp\apiqq.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved >>>
@{42071714-76d4-11d1-8b24-00a0c9068ff3} /*Display Panning CPL Extension*/deskpan.dll /*file not found*/ = deskpan.dll /*file not found*/
@{596AB062-B4D2-4215-9F74-E9109B0A8153} /*Previous Versions Property Page*/%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll
@{9DB7A13C-F208-4981-8353-73CC61AE2783} /*Previous Versions*/%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll
@{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} /*Autoplay for SlideShow*/(null) =
@{692F0339-CBAA-47e6-B5B5-3B84DB604E87} /*Extensions Manager Folder*/%SystemRoot%\system32\extmgr.dll = %SystemRoot%\system32\extmgr.dll
@{B41DB860-8EE4-11D2-9906-E49FADC173CA} /*WinRAR shell extension*/D:\Program Files\WinRAR\rarext.dll = D:\Program Files\WinRAR\rarext.dll
@{BDEADF00-C265-11D0-BCED-00A0C90AB50F} /*Web Folders*/D:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL = D:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
@{00020D75-0000-0000-C000-000000000046} /*Microsoft Office Outlook Desktop Icon Handler*/D:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL = D:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL
@{0006F045-0000-0000-C000-000000000046} /*Microsoft Office Outlook Custom Icon Handler*/D:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL = D:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL
@{42042206-2D85-11D3-8CFF-005004838597} /*Microsoft Office HTML Icon Handler*/D:\Program Files\Microsoft Office\OFFICE11\msohev.dll = D:\Program Files\Microsoft Office\OFFICE11\msohev.dll
@{B089FE88-FB52-11D3-BDF1-0050DA34150D} /*Eset Smart Security - Context Menu Shell Extension*/D:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll = D:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll
@CorelDRAW Shell Extension Component /*CorelDRAW Shell Extension Component*/(null) =
@{1F77B17B-F531-44DB-ACA4-76ABB5010A28} /*AIMP2: Shell Extention*/D:\PROGRA~1\AIMP2\System\AIMP_S~1.DLL = D:\PROGRA~1\AIMP2\System\AIMP_S~1.DLL
HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ >>>
AIMPClassic@{1F77B17B-F531-44DB-ACA4-76ABB5010A28} = D:\PROGRA~1\AIMP2\System\AIMP_S~1.DLL
Eset Smart Security - Context Menu Shell Extension@{B089FE88-FB52-11D3-BDF1-0050DA34150D} = D:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = D:\Program Files\WinRAR\rarext.dll
HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ >>>
AIMPClassic@{1F77B17B-F531-44DB-ACA4-76ABB5010A28} = D:\PROGRA~1\AIMP2\System\AIMP_S~1.DLL
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = D:\Program Files\WinRAR\rarext.dll
HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ >>>
Eset Smart Security - Context Menu Shell Extension@{B089FE88-FB52-11D3-BDF1-0050DA34150D} = D:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = D:\Program Files\WinRAR\rarext.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects >>>
@{18DF081C-E8AD-4283-A596-FA578C2EBDC3}D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll = D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
@{9030D464-4C02-4ABF-8ECC-5164760863C6}D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll = D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
@{DBC80044-A445-435b-BC74-9C25C1C588A9}D:\Program Files\Java\jre6\bin\jp2ssv.dll = D:\Program Files\Java\jre6\bin\jp2ssv.dll
@{E7E6F031-17CE-4C07-BC86-EABFE594F69C}D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll = D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
HKCU\Control Panel\Desktop@SCRNSAVE.EXE = D:\WINDOWS\system32\scrnsave.scr
HKLM\Software\Microsoft\Internet Explorer\Main >>>
@Default_Page_URLhttp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome = microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
@Start Pagehttp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home = microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
@Local Page%SystemRoot%\system32\blank.htm = %SystemRoot%\system32\blank.htm
HKCU\Software\Microsoft\Internet Explorer\Main >>>
@Start Pagehttp://mn.iamwired.net/ = mn.iamwired.net/
@Local PageD:\WINDOWS\system32\blank.htm = D:\WINDOWS\system32\blank.htm
HKLM\Software\Classes\PROTOCOLS\Filter\text/xml@CLSID = D:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
HKLM\Software\Classes\PROTOCOLS\Handler\ >>>
dvd@CLSID = D:\WINDOWS\system32\msvidctl.dll
its@CLSID = D:\WINDOWS\system32\itss.dll
livecall@CLSID = D:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
mhtml@CLSID = %SystemRoot%\system32\inetcomm.dll
ms-its@CLSID = D:\WINDOWS\system32\itss.dll
msnim@CLSID = D:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
mso-offdap@CLSID = D:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
mso-offdap11@CLSID = D:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
skype4com@CLSID = D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL /*file not found*/
tv@CLSID = D:\WINDOWS\system32\msvidctl.dll
HKLM\Software\Classes\PROTOCOLS\Handler\wia@CLSID = D:\WINDOWS\system32\wiascr.dll
D:\Documents and Settings\All Users\Start Menu\Programs\Startup = Adobe Gamma Loader.lnk
---- EOF - GMER 1.0.15 ----
mycity.rs/must-login.png
|
|
|
|
|
|
|
|
|
Poslao: 09 Apr 2011 22:18
|
offline
- Pridružio: 03 Nov 2007
- Poruke: 42
|
Probala sam vise puta danas i uvek mi se pojavljauje isti log.Ne znam u cemu je problem..
|
|
|
|
|
|
|
Poslao: 10 Apr 2011 03:28
|
offline
- Fil
- Legendarni građanin
- Pridružio: 11 Jun 2009
- Poruke: 16586
|
Pozdrav,
Preuzmi The Avenger na Desktop.
Raspakuj arhivu u neki folder
Dvoklikom pokreni avenger.exe
Iskopiraj tekst koji se nalazi unutar Kod polja u (beli) prozor programa:
Files to delete:
d:\documents and settings\jovana\fswagz.exe
d:\windows\system32\arking.exe
d:\docume~1\jovana\locals~1\temp\apiqq.exe
D:\albkpq3.exe
d:\windows\system32\arking0.dll
d:\windows\system32\arking1.dll
d:\windows\system32\shimg.dll
d:\windows\system32\cryptnet32.dll
d:\windows\system32\mgking0.dll
D:\DOCUME~1\jovana\LOCALS~1\Temp\apiqq0.dll
Registry values to delete:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon | Taskman
Registry keys to delete:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet32
Klikni Execute, a zatim Yes u sledeća dva prozora koji će se otvoriti
Računar će se restartovati (u određenim slučajevima: dva puta) i započeti će proces čišćenja/skeniranja
Kada proces bude završen, logfile C:\avenger.txt će se otvoriti u Notepad-u
Iskopiraj sadržaj dobijenog loga u temu na forumu.
|
|
|
|
|
|
|
Poslao: 10 Apr 2011 11:09
|
offline
- Pridružio: 03 Nov 2007
- Poruke: 42
|
Logfile of The Avenger Version 2.0, (c) by Swandog46
swandog46.geekstogo.com
Platform: Windows XP
*******************
Script file opened successfully.
Script file read successfully.
Backups directory opened successfully at D:\Avenger
*******************
Beginning to process script file:
Rootkit scan active.
No rootkits found!
File "d:\documents and settings\jovana\fswagz.exe" deleted successfully.
File "d:\windows\system32\arking.exe" deleted successfully.
File "d:\docume~1\jovana\locals~1\temp\apiqq.exe" deleted successfully.
File "D:\albkpq3.exe" deleted successfully.
File "d:\windows\system32\arking0.dll" deleted successfully.
File "d:\windows\system32\arking1.dll" deleted successfully.
File "d:\windows\system32\shimg.dll" deleted successfully.
File "d:\windows\system32\cryptnet32.dll" deleted successfully.
File "d:\windows\system32\mgking0.dll" deleted successfully.
File "D:\DOCUME~1\jovana\LOCALS~1\Temp\apiqq0.dll" deleted successfully.
Registry value "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon|Taskman" deleted successfully.
Registry key "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet32" deleted successfully.
Completed script processing.
*******************
Finished! Terminate.
|
|
|
|
|
|
|
Poslao: 10 Apr 2011 11:55
|
offline
- Fil
- Legendarni građanin
- Pridružio: 11 Jun 2009
- Poruke: 16586
|
Preuzmi datoteku sa sledećeg linka na Desktop:
https://www.mycity.rs/must-login.png
Dakle, klikni desnim tasterom miša na ovaj link i biraj: Save Target As ili Saved Linked Content As (opcija zavisi od browsera).
Pošto preuzmeš datoteku, sa dvostrukim klikom pokreni datoteku. Ukoliko se nakon toga bude pojavio neki dijalog prozor, klikni na dugme OK.
- Preuzmi USBNoRisk na Desktop i pokreni ga dvostrukim klikom na ikonicu programa.
- Sačekaj koji sekund dok program izvrši inicijalno skeniranje.
- Ubacuj sve USB memorijske uređaje redom u USB slot i svaki zadrži u slotu po 10 sekundi.
- Ukoliko imaš više uređaja za proveru, onda na parčetu papira zapiši kojim redom su ubacivani, jer će nam kasnije trebati taj podatak
- Kada završiš sa svim uređajima, klikni desni taster miša na sred prozora programa i odaberi opciju Save scrambled log. To će automatski otvoriti log u Notepadu. Iskopiraj nam taj log iz Notepada na forum.
Podsetimo se još jednom: U USB memorijske uređaje spadaju svi oni uređaji koji po priključivanju na računar dobijaju svoju oznaku particije. Tu spadaju USB flash drajvovi, eksterni hard-diskovi, memorijske kartice, MP3 i MP4 plejeri, neki mobilni telefoni, neki GPS (navigacioni) uređaji itd.
|
|
|
|
|
|
|
Poslao: 13 Apr 2011 18:11
|
offline
- Pridružio: 03 Nov 2007
- Poruke: 42
|
Napisano: 13 Apr 2011 17:44
I dalje imam velikih problema sa virusima i bukvalno ne mogu ni na internet da se konektujem (ovo pisem sa drugog kompjutera) jer kompjuter ne detektuje adsl modem.Sistem se dize 3 puta sporije nego inace i na kompjuteru ne moze da se radi skoro nista, sve se otvara jako sporo.Da li mozda postoji neko resenje, da skinem program na drugi komp pa da ga prebacim da onaj problematican?
stvarno ne znam sta bih drugo mogla da uradim..
Dopuna: 13 Apr 2011 17:45
zato i nisam odgovarala 
Dopuna: 13 Apr 2011 18:08
mycity.rs/must-login.png
Dopuna: 13 Apr 2011 18:09
uspela sam iz desetog puta
Dopuna: 13 Apr 2011 18:11
samo napominjem da komp i dalje radi usporeno i adsl se jedva konektovao..
|
|
|
|
|
|
|
Poslao: 13 Apr 2011 21:30
|
offline
- Fil
- Legendarni građanin
- Pridružio: 11 Jun 2009
- Poruke: 16586
|
Pozdrav Jovana,
- Pokreni USBNoRisk i sačekaj da izvrši inicijalno skeniranje.
- Po završetku inicijalnog skeniranja priključi USB memorijske uređaje po redosledu kako si ih priključivala.
- Kliknuti na karticu Script;
U beli okvir prozora iskopirati sledeći tekst:
{1b13654f-458c-11de-a247-806d6172696f}
delete_blocked:
f_delete:%DRIVE%albkpq3.exe
{1b13654d-458c-11de-a247-806d6172696f}
delete_blocked:
f_delete:%DRIVE%albkpq3.exe
{1b13654e-458c-11de-a247-806d6172696f}
delete_blocked:
f_delete:%DRIVE%albkpq3.exe
{67824d00-5457-11df-a7a1-00064f300101}
delete_blocked:
f_delete:%DRIVE%siljo/kramponja.exe
folder_delete:%DRIVE%siljo
folder_list:%DRIVE%
no_sh:%DRIVE%
{b1a4a6d1-23dc-11e0-a90d-00064f300101}
delete_blocked:
f_delete:%DRIVE%sminkom/krijebol.exe
folder_delete:%DRIVE%sminkom
folder_list:%DRIVE%
no_sh:%DRIVE%
{c35ba4fa-493a-11de-a595-001558a6d62b}
delete_blocked:
f_delete:%DRIVE%albkpq3.exe
no_sh:%DRIVE%
Izvršiti komandu klikom na taster Run Script;
Po izvršenju komande USBNoRisk će se automatski vratiti na karticu Monitor;
- Uraditi desni klik unutar belog okvira prozora i odabrati opciju Save Scrambled Log;
Otvoriće se prozor Notepada sa tekstom koji je potrebno iskopirati ovde u poruci.
|
|
|
|
|
|
|
Poslao: 15 Apr 2011 17:00
|
offline
- Pridružio: 03 Nov 2007
- Poruke: 42
|
USBNoRisk 2.7 (28 December 2010) by bobby
Started at 22.3.2011 16:55:06
Searching for connected USB Mass storage...
----------------------------------------
========================================
Searching for other storage...
----------------------------------------
D: {1b13654d-458c-11de-a247-806d6172696f}
E: {1b13654e-458c-11de-a247-806d6172696f}
C: {1b13654f-458c-11de-a247-806d6172696f}
========================================
Scanning fixed storage...
----------------------------------------
Blocked file found: C:\autorun.inf.blocked
----------------------------------------
Content of C:\autorun.inf.blocked
----------------------------------------
[autorun]
open=albkpq3.exe
shell\open\command=albkpq3.exe
----------------------------------------
No autorun.inf files found on C:
No mountpoint found for C:
No mountpoint found for 1b13654f-458c-11de-a247-806d6172696f
No Desktop.ini files found on C:
----------------------------------------
Blocked file found: D:\autorun.inf.blocked
----------------------------------------
Content of D:\autorun.inf.blocked
----------------------------------------
[autorun]
open=albkpq3.exe
shell\open\command=albkpq3.exe
----------------------------------------
No autorun.inf files found on D:
No mountpoint found for D:
No mountpoint found for 1b13654d-458c-11de-a247-806d6172696f
No Desktop.ini files found on D:
----------------------------------------
Blocked file found: E:\autorun.inf.blocked
----------------------------------------
Content of E:\autorun.inf.blocked
----------------------------------------
[autorun]
open=albkpq3.exe
shell\open\command=albkpq3.exe
----------------------------------------
No autorun.inf files found on E:
No mountpoint found for E:
No mountpoint found for 1b13654e-458c-11de-a247-806d6172696f
No Desktop.ini files found on E:
----------------------------------------
========================================
Initial scan finished!
========================================
New device connected at 22.3.2011 16:55:28
Scanning for connected USB mass storage...
----------------------------------------
G: {67824d00-5457-11df-a7a1-00064f300101}
Added G:
========================================
Scanning USB mass storage for files...
----------------------------------------
Blocked file found: G:\autorun.inf.blocked
----------------------------------------
Content of G:\autorun.inf.blocked
----------------------------------------
[autorun]
USEAUTOPLAY=1
shellexcute=siljo/kramponja.exe
Shellbretoje=
icon=siljo/kramponja.exe
action=open folderto view files usingWindowsExplorer
----------------------------------------
Files referenced from G:\autorun.inf.blocked
----------------------------------------
None
----------------------------------------
----------------------------------------
No autorun.inf files found on G:
Sanitized mountpoint for 67824d00-5457-11df-a7a1-00064f300101
----------------------------------------
No Desktop.ini files found on G:
----------------------------------------
No mimics found on drive G:
----------------------------------------
No .lnk/.pif/.com/.scr files found on drive G:
========================================
========================================
Removed G:
========================================
New device connected at 22.3.2011 16:56:07
Scanning for connected USB mass storage...
----------------------------------------
G: {b1a4a6d1-23dc-11e0-a90d-00064f300101}
Added G:
========================================
Scanning USB mass storage for files...
----------------------------------------
Blocked file found: G:\autorun.inf.blocked
----------------------------------------
Content of G:\autorun.inf.blocked
----------------------------------------
[autorun]
USEAUTOPLAY=1
shellexcute=sminkom/krijebol.exe
Shellgori
shell\\explore\\command=sminkom/krijebol.exe
shell\open\\command=sminkom/krijebol.exe
icon=sminkom/krijebol.exe
open=sminkom/krijebol.exe
action=open folder to view files using Windows Explorer
----------------------------------------
Files referenced from G:\autorun.inf.blocked
----------------------------------------
None
----------------------------------------
----------------------------------------
No autorun.inf files found on G:
Sanitized mountpoint for b1a4a6d1-23dc-11e0-a90d-00064f300101
----------------------------------------
No Desktop.ini files found on G:
----------------------------------------
No mimics found on drive G:
----------------------------------------
No .lnk/.pif/.com/.scr files found on drive G:
========================================
========================================
Removed G:
========================================
New device connected at 22.3.2011 16:57:02
Scanning for connected USB mass storage...
----------------------------------------
========================================
New drive connected, but USBNoRisk can't find it
========================================
New device connected at 22.3.2011 16:57:03
Scanning for connected USB mass storage...
----------------------------------------
H: {c35ba4fa-493a-11de-a595-001558a6d62b}
Added H:
========================================
Scanning USB mass storage for files...
----------------------------------------
Blocked file found: H:\autorun.inf.blocked
----------------------------------------
Content of H:\autorun.inf.blocked
----------------------------------------
[autorun]
open=albkpq3.exe
shell\open\command=albkpq3.exe
----------------------------------------
Files referenced from H:\autorun.inf.blocked
----------------------------------------
H:\albkpq3.exe -r-hs 174592
----------------------------------------
----------------------------------------
No autorun.inf files found on H:
Sanitized mountpoint for c35ba4fa-493a-11de-a595-001558a6d62b
----------------------------------------
No Desktop.ini files found on H:
----------------------------------------
No mimics found on drive H:
----------------------------------------
No .lnk/.pif/.com/.scr files found on drive H:
========================================
========================================
Removed H:
========================================
Processing script
----------------------------------------
1b13654d-458c-11de-a247-806d6172696f
Drive letter for GUID: D:
SectionStart = 4
SectionEnd = 7
----------------------------------------
Deleting blocked files:
----------------------------------------
|
|
|
|
|
|
|
|
