Ima li pomoci ?

Ima li pomoci ?

offline
  • Pridružio: 19 Dec 2008
  • Poruke: 89

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:16:17 AM, on 5/29/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS.0\System32\smss.exe
C:\WINDOWS.0\system32\winlogon.exe
C:\WINDOWS.0\system32\services.exe
C:\WINDOWS.0\system32\lsass.exe
C:\WINDOWS.0\system32\svchost.exe
C:\WINDOWS.0\System32\svchost.exe
C:\WINDOWS.0\system32\spoolsv.exe
C:\WINDOWS.0\Explorer.EXE
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Win\lsass.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS.0\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\MSI\BToes Bluetooth Software\bin\btwdins.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS.0\twain_32\fjscan32\FJTWMKSV.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS.0\system32\nvsvc32.exe
C:\WINDOWS.0\system32\svchost.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\Admin.PAL\Desktop\111\TR3.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = cg.rs/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = home.sweetim.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS.0\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [PAC7311_Monitor] C:\WINDOWS.0\PixArt\PAC7311\Monitor.exe
O4 - HKLM\..\Run: [run32] C:\Win\lsass.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users.WINDOWS.0\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.15\AMVConverter\grab.html
O8 - Extra context menu item: Add to Media Manager... - C:\Program Files\MP3 Player Utilities 4.15\MediaManager\grab.html
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Download with GetRight Pro - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Pro Browser - C:\Program Files\GetRight\GRbrowse.htm
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\MSI\BToes Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\MSI\BToes Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\MSI\BToes Bluetooth Software\btsendto_ie.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS.0\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS.0\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5483.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - javadl.sun.com/webapps/download/AutoDL?BundleId=29223
O16 - DPF: {CAFECAFE-0013-0001-0026-ABCDEFABCDEF} (JInitiator 1.3.1.26) - 192.168.101.31:7777/forms/jinitiator/jinit.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\MSI\BToes Bluetooth Software\bin\btwdins.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: FJTWMKSV - PFU LIMITED - C:\WINDOWS.0\twain_32\fjscan32\FJTWMKSV.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS.0\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 10646 bytes


PS:Ovo mi je sa posla tako da mi je bitann .

offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Pozdrav...




Arrow Preuzmi USBNoRisk na Desktop i pokreni ga duplim klikom na ikonicu programa.
- Sacekaj koji sekund dok program izvrsi inicijalno skeniranje.
- Ubacuj sve USB memorijske uredjaje redom u USB slot i svaki zadrzi u slotu po 10 sekundi.
- Ukoliko imas vise uredjaja za proveru, onda na parcetu papira zapisi kojim redom su ubacivani jer ce nam kasnije trebati taj podatak
- Kada zavrsis sa svim uredjajima, klikni desno dugme misa na sred prozora programa i odaberi opciju Save log. To ce automatski otvoriti log u Notepadu. Iskopiraj nam taj log iz Notepada na forum.

Objasnjenje: U USB memorijske uredjaje spadaju svi oni uredjaji koji po prikljucivanju na kompjuter dobijaju svoju oznaku particije. Tu spadaju USB flash drajvovi, eksterni hard-diskovi, memorijske kartice, MP3 i MP4 plejeri, neki mobilni telefoni, neki GPS (navigacioni) uredjaji itd.

offline
  • Pridružio: 19 Dec 2008
  • Poruke: 89

USBNoRisk 2.2 09 May 2009 by bobby

Started at 5/30/2009 9:33:01 AM

Searching for connected USB Mass storage...
----------------------------------------
========================================

Searching for other storage...
----------------------------------------
C: {319e3655-fe0c-11d5-8023-806d6172696f}
D: {319e3656-fe0c-11d5-8023-806d6172696f}
========================================


Scanning fixed storage...
----------------------------------------

No blocked files found on C:
No Autorun.inf files found on C:
No mountpoint found for C:
No mountpoint found for 319e3655-fe0c-11d5-8023-806d6172696f
No Desktop.ini files found on C:
----------------------------------------

No blocked files found on D:
No Autorun.inf files found on D:
No mountpoint found for D:
No mountpoint found for 319e3656-fe0c-11d5-8023-806d6172696f
No Desktop.ini files found on D:
----------------------------------------

========================================
Initial scan finished!
========================================


New device connected at 5/30/2009 9:33:17 AM

Scanning for connected USB mass storage...
----------------------------------------
F: {2ee7c37a-41ee-11de-9a01-0018f36d4f63}
Added F:
========================================

Scanning USB mass storage for files...
----------------------------------------
No blocked files found on F:
----------------------------------------
No Autorun.inf files found on F:
No mountpoint found for 2ee7c37a-41ee-11de-9a01-0018f36d4f63
----------------------------------------

No Desktop.ini files found on F:
----------------------------------------

Mimics found on drive F:
========================================

========================================
Removed F:
========================================


New device connected at 5/30/2009 9:34:42 AM

Scanning for connected USB mass storage...
----------------------------------------
F: {1ef49a4a-2995-11de-99e2-0018f36d4f63}
Added F:
========================================

Scanning USB mass storage for files...
----------------------------------------
No blocked files found on F:
----------------------------------------
No Autorun.inf files found on F:
No mountpoint found for 1ef49a4a-2995-11de-99e2-0018f36d4f63
----------------------------------------

No Desktop.ini files found on F:
----------------------------------------

No mimics found on drive F:
========================================

========================================
Removed F:
========================================

PS:To su samo dvije fleske koje koristim i redovno ih formatiram ali mi i dalje duplira podatke na flesku .

offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Ponovo pokreni USBNoRisk, pređi na Script tab i tamo iskopiraj sve što se nalazi unutar Kod polja:



{2ee7c37a-41ee-11de-9a01-0018f36d4f63}
delete_mimics:



Zatim ponovi postupak sa priključivanjem flash drive-ova (ukoliko su već priključeni, samo klikni Run Script).

Na kraju sačuvaj log i restartuj kompjuter.


Iskopiraj u temu sadržaj file-a C:\USBNoRisk\USBNoRisk.txt.

offline
  • Pridružio: 19 Dec 2008
  • Poruke: 89

USBNoRisk 2.2 09 May 2009 by bobby

Started at 6/1/2009 8:55:21 AM

Searching for connected USB Mass storage...
----------------------------------------
========================================

Searching for other storage...
----------------------------------------
C: {319e3655-fe0c-11d5-8023-806d6172696f}
D: {319e3656-fe0c-11d5-8023-806d6172696f}
========================================


Scanning fixed storage...
----------------------------------------

No blocked files found on C:
No Autorun.inf files found on C:
No mountpoint found for C:
No mountpoint found for 319e3655-fe0c-11d5-8023-806d6172696f
No Desktop.ini files found on C:
----------------------------------------

No blocked files found on D:
No Autorun.inf files found on D:
No mountpoint found for D:
No mountpoint found for 319e3656-fe0c-11d5-8023-806d6172696f
No Desktop.ini files found on D:
----------------------------------------

========================================
Initial scan finished!
========================================


New device connected at 6/1/2009 8:56:14 AM

Scanning for connected USB mass storage...
----------------------------------------
F: {1ef49a4a-2995-11de-99e2-0018f36d4f63}
Added F:
========================================

Scanning USB mass storage for files...
----------------------------------------
No blocked files found on F:
----------------------------------------
No Autorun.inf files found on F:
No mountpoint found for 1ef49a4a-2995-11de-99e2-0018f36d4f63
----------------------------------------

No Desktop.ini files found on F:
----------------------------------------

No mimics found on drive F:
========================================

Processing script
----------------------------------------
========================================
Scan finished!
========================================


Processing script
----------------------------------------

Processing script
----------------------------------------
========================================
Removed F:
========================================


New device connected at 6/1/2009 8:57:06 AM

Scanning for connected USB mass storage...
----------------------------------------
F: {2ee7c37a-41ee-11de-9a01-0018f36d4f63}
Added F:
========================================

Scanning USB mass storage for files...
----------------------------------------
No blocked files found on F:
----------------------------------------
No Autorun.inf files found on F:
No mountpoint found for 2ee7c37a-41ee-11de-9a01-0018f36d4f63
----------------------------------------

No Desktop.ini files found on F:
----------------------------------------

Mimics found on drive F:
========================================

Processing script
----------------------------------------
2ee7c37a-41ee-11de-9a01-0018f36d4f63
Drive letter for GUID: F:
SectionStart = 0
SectionEnd = 1
----------------------------------------
Deleting mimics:
----------------------------------------
f_delete:
file "C:\Win\lsass.exe" deleted successfully
Mimics found: F:\Eset smart security 32 bit.exe
f_delete:
delete file error: F:\Eset, The system cannot find the file specified.
Mimics found: F:\fontovii.exe
f_delete:
file "F:\fontovii.exe" deleted successfully
Mimics found: F:\golmani.exe
f_delete:
file "F:\golmani.exe" deleted successfully
Mimics found: F:\opera bookmemers.exe
f_delete:
delete file error: F:\opera, The system cannot find the file specified.
Mimics found: F:\pervod xp.exe
f_delete:
delete file error: F:\pervod, The system cannot find the file specified.
Mimics found: F:\pivo-meni.exe
f_delete:
file "F:\pivo-meni.exe" deleted successfully
Mimics found: F:\serviss.exe
f_delete:
file "F:\serviss.exe" deleted successfully
Mimics found: F:\share.exe
f_delete:
file "F:\share.exe" deleted successfully
Mimics found: F:\svashta.exe
f_delete:
file "F:\svashta.exe" deleted successfully
----------------------------------------

========================================
Scan finished!
========================================


Processing script
----------------------------------------
2ee7c37a-41ee-11de-9a01-0018f36d4f63
Drive letter for GUID: F:
SectionStart = 0
SectionEnd = 1
----------------------------------------
Deleting mimics:
----------------------------------------
f_delete: C:\Win\lsass.exe > File does not exist!
Mimics found: F:\Eset smart security 32 bit.exe
f_delete:
delete file error: F:\Eset, The system cannot find the file specified.
Mimics found: F:\opera bookmemers.exe
f_delete:
delete file error: F:\opera, The system cannot find the file specified.
Mimics found: F:\pervod xp.exe
f_delete:
delete file error: F:\pervod, The system cannot find the file specified.
----------------------------------------

offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Obriši verziju USBNoRiska-a koju sada imaš i skini najnoviju: http://amf.mycity.rs/personal/bobby/USBNoRisk/usbnorisk.exe


Ponovi prethodni postupak sa sledećom skriptom:


{2ee7c37a-41ee-11de-9a01-0018f36d4f63}
delete_mimics:
no_sh:
folder_delete: C:\Win



Sačuvaj log i postavi ga u temu.

offline
  • Pridružio: 19 Dec 2008
  • Poruke: 89

USBNoRisk 2.4 (1 June 2009) by bobby

Started at 6/2/2009 12:28:25 PM

Searching for connected USB Mass storage...
----------------------------------------
F: {2ee7c37a-41ee-11de-9a01-0018f36d4f63}
========================================

Searching for other storage...
----------------------------------------
C: {319e3655-fe0c-11d5-8023-806d6172696f}
D: {319e3656-fe0c-11d5-8023-806d6172696f}
========================================

Scanning removable storage...
----------------------------------------

No blocked files found on F:
No Autorun.inf files found on F:
No mountpoint found for 2ee7c37a-41ee-11de-9a01-0018f36d4f63
No Desktop.ini files found on F:
Mimics found on drive F:
----------------------------------------


Scanning fixed storage...
----------------------------------------

No blocked files found on C:
No Autorun.inf files found on C:
No mountpoint found for C:
No mountpoint found for 319e3655-fe0c-11d5-8023-806d6172696f
No Desktop.ini files found on C:
----------------------------------------

No blocked files found on D:
No Autorun.inf files found on D:
No mountpoint found for D:
No mountpoint found for 319e3656-fe0c-11d5-8023-806d6172696f
No Desktop.ini files found on D:
----------------------------------------

========================================
Initial scan finished!
========================================

Processing script
----------------------------------------
2ee7c37a-41ee-11de-9a01-0018f36d4f63
Drive letter for GUID: F:
SectionStart = 0
SectionEnd = 3
----------------------------------------
Deleting mimics:
----------------------------------------
f_delete: C:\Win\lsass.exe > File does not exist!
Mimics found: F:\HD clip.exe
f_delete:
file "F:\HD clip.exe" deleted successfully
----------------------------------------
Unhide superhidden for F:\
----------------------------------------
dra-- F:\HD clip > unhidden
----------------------------------------
Delete folder tree C:\Win:
----------------------------------------
Delete: C:\Win\names.txt > Done!
Delete: C:\Win\1.exe > Done!
Delete: C:\Win > Error!
Delete: C:\Win > Error!
----------------------------------------

========================================
Removed F:
========================================


New device connected at 6/2/2009 12:29:45 PM

Scanning for connected USB mass storage...
----------------------------------------
F: {1ef49a4a-2995-11de-99e2-0018f36d4f63}
Added F:
========================================

Scanning USB mass storage for files...
----------------------------------------
No blocked files found on F:
----------------------------------------
No Autorun.inf files found on F:
No mountpoint found for 1ef49a4a-2995-11de-99e2-0018f36d4f63
----------------------------------------

No Desktop.ini files found on F:
----------------------------------------

No mimics found on drive F:
========================================

Processing script
----------------------------------------
========================================
Scan finished!
========================================


Processing script
----------------------------------------

offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Jesi li možda dva puta odradio ovaj postupak? Ili si sam brisao neke file-ove sa flash-a?


Pokreni HijackThis, skeniraj i čekiraj sledeću liniju:

O4 - HKLM\..\Run: [run32] C:\Win\lsass.exe

Klikni Fix checked.



Obriši folder C:\Win



Kakvo je sada stanje?

offline
  • Pridružio: 19 Dec 2008
  • Poruke: 89

dr_Bora ::Jesi li možda dva puta odradio ovaj postupak? Ili si sam brisao neke file-ove sa flash-a?


Pokreni HijackThis, skeniraj i čekiraj sledeću liniju:

O4 - HKLM\..\Run: [run32] C:\Win\lsass.exe

Klikni Fix checked.



Obriši folder C:\Win



Kakvo je sada stanje?


E ovakopobrisao sam dva fajla sa fleske posto su mi blokirali ostale fajlove a kad preskeniram sa HijackThis nema mi u listi O4 -HKLM\..\Run: [run32] C:\Win\lsass.exe i C:\Win .

A i cini mi se da je sad malo bolje stanje sad cu proverit sve ostalo .

Ko je trenutno na forumu
 

Ukupno su 586 korisnika na forumu :: 37 registrovanih, 5 sakrivenih i 544 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 1567 - dana 15 Jul 2016 19:18

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: _Sale, A.R.Chafee.Jr., aramis s, asknoone84 2, Botovac, Dannyboy, Dicus, Djole, dragoljub11987, Duh sa sekirom, duskovuk63, FOX, gorval, goxin, ivance95, Kristian_KG, Kubovac, lord sir giga, lovac12, ltcolonel, Metanoja, Milos1977, nuke92, pericailic82, rkekoke, S-lash, Sr.Stat., tomigun, Toni, vathra, Vlada1389, vladetije, vlvl, wolverined4, zixmix, zodiac94, zoranlik