Možda tražite i:
Internet konekcija, sumnja > virus ?
virus,virusi ili....

MyCity » Ambulanta -> Arhiva Ambulante » Napali virusi, jedva sam se konektovao na internet - pomoć

Napali virusi, jedva sam se konektovao na internet - pomoć

Napisano na dan: 8.6.2010

Strana:
1
2

Napali virusi, jedva sam se konektovao na internet - pomoć

Pagination

Prethodna strana

Odgovori

Strana:
1
2

draganela Poslao: 11 Jun 2010 23:37 Idi na vrh
offline draganela Građanin Dragan Đurašinović Pridružio: 20 Dec 2008 Poruke: 82	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 11 Jun 2010 23:13 Logfile of random's system information tool 1.07 (written by random/random) Run by Sassa at 2010-06-11 23:01:43 Microsoft Windows XP Professional Service Pack 2 System drive C: has 2 GB (10%) free of 19 GB Total RAM: 502 MB (16% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 23:04:20, on 11/06/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\ibmpmsvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\AVG\AVG9\avgchsvx.exe C:\Program Files\AVG\AVG9\avgrsx.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe C:\WINDOWS\system32\TpScrLk.exe C:\WINDOWS\system32\RunDll32.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\system32\TpShocks.exe C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\Program Files\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\Program Files\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\PROGRA~1\AVG\AVG9\avgtray.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\uTorrent\uTorrent.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe C:\Program Files\AVG\AVG9\avgwdsvc.exe C:\Program Files\AVG\AVG9\avgfws9.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\TPHDEXLG.EXE C:\Program Files\AVG\AVG9\avgam.exe C:\Program Files\AVG\AVG9\avgnsx.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\MODEM Mobile Connection\MODEM Mobile Connection.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\WINDOWS\explorer.exe C:\Documents and Settings\Sassa\Desktop\RSIT.exe C:\Program Files\trend micro\Sassa.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q= R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q= R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=%s R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file) R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll (file missing) O4 - HKLM\..\Run: [TPKBDLED] C:\WINDOWS\system32\TpScrLk.exe O4 - HKLM\..\Run: [BMMGAG] RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor O4 - HKLM\..\Run: [BMMLREF] C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE O4 - HKLM\..\Run: [BMMMONWND] rundll32.exe C:\PROGRA~1\ThinkPad\UTILIT~1\BatInfEx.dll,BMMAutonomicMonitor O4 - HKLM\..\Run: [BLOG] rundll32.exe C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [TpShocks] TpShocks.exe O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [PRONoMgrWired] C:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user') O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Startup: PowerReg Scheduler.exe O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe O4 - Global Startup: Digital Line Detect.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra button: Software Installer - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Program Files\Lenovo\PkgMgr\\PkgMgr.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file://C:\Program Files\Texas Holdem Poker\Images\stg_drm.ocx O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file://C:\Program Files\Texas Holdem Poker\Images\armhelper.ocx O17 - HKLM\System\CCS\Services\Tcpip\..\{F43DAAD4-5BFC-40AD-88DD-DC99178B7CC5}: NameServer = 195.178.38.3 195.178.38.8 O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll (file missing) O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing) O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: AVG Firewall (avgfws9) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgfws9.exe O23 - Service: AVG9IDSAgent (AVGIDSAgent) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.EXE -- End of file - 9480 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\1-Click Maintenance.job C:\WINDOWS\tasks\BMMTask.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "TPKBDLED"=C:\WINDOWS\system32\TpScrLk.exe [2002-10-08 40960] "BMMGAG"=RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor [] "BMMLREF"=C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE [2005-04-20 20480] "BMMMONWND"=C:\PROGRA~1\ThinkPad\UTILIT~1\BatInfEx.dll [2005-04-20 396288] "BLOG"=C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL [2005-04-20 208896] "SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2006-02-14 110592] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-02-14 512000] "TpShocks"=C:\WINDOWS\system32\TpShocks.exe [2005-11-07 106496] "TPHOTKEY"=C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe [2006-07-25 94208] "SoundMAXPnP"=C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe [2004-10-14 1388544] "SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2004-09-23 860160] "IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2004-11-02 155648] "HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2004-11-02 126976] "PRONoMgrWired"=C:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe [2003-08-06 86016] "GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016] "NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648] "DAEMON Tools"=C:\Program Files\DAEMON Tools\daemon.exe [2005-11-09 128920] "PCSuiteTrayApplication"=C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe [2007-06-18 271360] "WinampAgent"=C:\Program Files\Winamp\winampa.exe [2009-07-01 37888] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2010-01-13 149280] "AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-06-10 2065248] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360] "NBJ"=C:\Program Files\Ahead\Nero BackItUp\NBJ.exe [2005-07-14 1961984] "uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2009-10-09 288560] C:\Documents and Settings\All Users\Start Menu\Programs\Startup AutoCAD Startup Accelerator.lnk - C:\Program Files\Common Files\Autodesk Shared\acstart17.exe Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe C:\Documents and Settings\Sassa\Start Menu\Programs\Startup OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE PowerReg Scheduler.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter] C:\WINDOWS\system32\avgrsstx.dll [2010-06-09 12464] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxsrvc.dll [2004-11-02 348160] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tpfnf2] C:\WINDOWS\system32\notifyf2.dll [2005-07-05 28672] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tphotkey] C:\WINDOWS\system32\tphklock.dll [2005-11-30 24576] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2004-08-04 239616] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019" "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE::Enabled:Microsoft Office Outlook" "C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE::Enabled:Microsoft Office Groove" "C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE::Enabled:Microsoft Office OneNote" "C:\Documents and Settings\Sassa\Desktop\utorrent.exe"="C:\Documents and Settings\Sassa\Desktop\utorrent.exe::Enabled:µTorrent" "C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe::Enabled:µTorrent" "C:\Program Files\AVG\AVG9\avgam.exe"="C:\Program Files\AVG\AVG9\avgam.exe::Enabled:avgam.exe" "C:\Program Files\AVG\AVG9\avgdiagex.exe"="C:\Program Files\AVG\AVG9\avgdiagex.exe::Enabled:avgdiagex.exe" "C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe::Enabled:avgupd.exe" "C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe::Enabled:avgnsx.exe" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" ======File associations====== .scr - open - "C:\WINDOWS\system32\NOTEPAD.EXE" "%1" .scr - install - .scr - config - ======List of files/folders created in the last 1 months====== 2010-06-11 21:43:01 ----A---- C:\avenger.txt 2010-06-11 16:50:29 ----D---- C:\Documents and Settings\Sassa\Application Data\AVG9 2010-06-10 22:29:56 ----A---- C:\log.txt 2010-06-09 14:58:03 ----HD---- C:\$AVG 2010-06-09 14:15:25 ----A---- C:\WINDOWS\system32\avgrsstx.dll 2010-06-09 14:14:55 ----D---- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar 2010-06-09 14:09:44 ----D---- C:\Program Files\AVG 2010-06-09 14:08:48 ----D---- C:\Documents and Settings\All Users\Application Data\avg9 2010-06-08 15:33:04 ----D---- C:\Program Files\trend micro 2010-06-08 15:33:02 ----D---- C:\rsit 2010-06-06 19:41:44 ----A---- C:\WINDOWS\system32\avgfwdx.dll 2010-06-05 00:27:10 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$ 2010-06-05 00:22:49 ----SHD---- C:\Config.Msi 2010-06-03 23:34:33 ----D---- C:\Avenger 2010-06-03 23:16:28 ----SHD---- C:\WINDOWS\CSC 2010-06-03 22:36:21 ----A---- C:\WINDOWS\ntbtlog.txt 2010-06-03 00:50:51 ----HDC---- C:\WINDOWS\$NtUninstallKB899587$ 2010-06-03 00:50:38 ----HDC---- C:\WINDOWS\$NtUninstallKB927779$ 2010-06-03 00:50:26 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$ 2010-06-03 00:50:14 ----HDC---- C:\WINDOWS\$NtUninstallKB927802$ 2010-06-03 00:50:01 ----HDC---- C:\WINDOWS\$NtUninstallKB885835$ 2010-06-03 00:49:48 ----HDC---- C:\WINDOWS\$NtUninstallKB885836$ 2010-06-03 00:49:35 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$ 2010-06-03 00:49:01 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$ 2010-06-03 00:48:41 ----HDC---- C:\WINDOWS\$NtUninstallKB928255$ 2010-06-03 00:48:27 ----HDC---- C:\WINDOWS\$NtUninstallKB911927$ 2010-06-03 00:48:16 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$ 2010-06-03 00:48:05 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$ 2010-06-03 00:47:55 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$ 2010-06-03 00:47:43 ----HDC---- C:\WINDOWS\$NtUninstallKB981350$ 2010-06-03 00:47:31 ----HDC---- C:\WINDOWS\$NtUninstallKB893756$ 2010-06-03 00:47:15 ----HDC---- C:\WINDOWS\$NtUninstallKB923980$ 2010-06-03 00:47:03 ----HDC---- C:\WINDOWS\$NtUninstallKB911280$ 2010-06-03 00:46:51 ----HDC---- C:\WINDOWS\$NtUninstallKB911562$ 2010-06-03 00:46:36 ----HDC---- C:\WINDOWS\$NtUninstallKB924667$ 2010-06-03 00:46:21 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$ 2010-06-03 00:46:09 ----HDC---- C:\WINDOWS\$NtUninstallKB896423$ 2010-06-03 00:45:53 ----HDC---- C:\WINDOWS\$NtUninstallKB900485$ 2010-06-03 00:45:38 ----HDC---- C:\WINDOWS\$NtUninstallKB931261$ 2010-06-03 00:45:25 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$ 2010-06-03 00:45:11 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$ 2010-06-03 00:44:59 ----HDC---- C:\WINDOWS\$NtUninstallKB873339$ 2010-06-03 00:44:46 ----HDC---- C:\WINDOWS\$NtUninstallKB927891$ 2010-06-03 00:44:28 ----HDC---- C:\WINDOWS\$NtUninstallKB936357$ 2010-06-03 00:44:16 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$ 2010-06-03 00:44:04 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$ 2010-06-03 00:43:41 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$ 2010-06-03 00:43:29 ----HDC---- C:\WINDOWS\$NtUninstallKB887472$ 2010-06-03 00:43:14 ----HDC---- C:\WINDOWS\$NtUninstallKB946026$ 2010-06-03 00:43:02 ----HDC---- C:\WINDOWS\$NtUninstallKB925398_WMP64$ 2010-06-03 00:42:29 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$ 2010-06-03 00:42:16 ----HDC---- C:\WINDOWS\$NtUninstallKB910437$ 2010-06-03 00:42:02 ----HDC---- C:\WINDOWS\$NtUninstallKB911564$ 2010-06-03 00:41:27 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$ 2010-06-03 00:41:04 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$ 2010-06-03 00:40:51 ----HDC---- C:\WINDOWS\$NtUninstallKB929123$ 2010-06-03 00:40:32 ----HDC---- C:\WINDOWS\$NtUninstallKB920670$ 2010-06-03 00:40:18 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$ 2010-06-03 00:40:02 ----HDC---- C:\WINDOWS\$NtUninstallKB918439$ 2010-06-03 00:39:51 ----HDC---- C:\WINDOWS\$NtUninstallKB926436$ 2010-06-03 00:39:40 ----HDC---- C:\WINDOWS\$NtUninstallKB930178$ 2010-06-03 00:39:30 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$ 2010-06-03 00:38:39 ----HDC---- C:\WINDOWS\$NtUninstallKB914388$ 2010-06-03 00:38:27 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$ 2010-06-03 00:38:14 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$ 2010-06-03 00:38:01 ----HDC---- C:\WINDOWS\$NtUninstallKB905414$ 2010-06-03 00:37:50 ----HDC---- C:\WINDOWS\$NtUninstallKB932168$ 2010-06-03 00:36:36 ----HDC---- C:\WINDOWS\$NtUninstallKB980182$ 2010-06-03 00:36:16 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$ 2010-06-03 00:36:06 ----HDC---- C:\WINDOWS\$NtUninstallKB901214$ 2010-06-03 00:35:53 ----HDC---- C:\WINDOWS\$NtUninstallKB923191$ 2010-06-03 00:35:41 ----HDC---- C:\WINDOWS\$NtUninstallKB922582$ 2010-06-03 00:35:26 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$ 2010-06-03 00:35:14 ----HDC---- C:\WINDOWS\$NtUninstallKB918118$ 2010-06-03 00:35:02 ----HDC---- C:\WINDOWS\$NtUninstallKB926255$ 2010-06-03 00:34:51 ----HDC---- C:\WINDOWS\$NtUninstallKB888302$ 2010-06-03 00:34:38 ----HDC---- C:\WINDOWS\$NtUninstallKB900725$ 2010-06-03 00:34:24 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$ 2010-06-03 00:33:51 ----HDC---- C:\WINDOWS\$NtUninstallKB938127$ 2010-06-03 00:33:38 ----HDC---- C:\WINDOWS\$NtUninstallKB920213$ 2010-06-03 00:33:25 ----HDC---- C:\WINDOWS\$NtUninstallKB945553$ 2010-06-03 00:33:15 ----HDC---- C:\WINDOWS\$NtUninstallKB886185$ 2010-06-03 00:33:04 ----HDC---- C:\WINDOWS\$NtUninstallKB916595$ 2010-06-03 00:32:46 ----HDC---- C:\WINDOWS\$NtUninstallKB930916$ 2010-06-03 00:32:31 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$ 2010-06-03 00:32:15 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$ 2010-06-03 00:31:57 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$ 2010-06-03 00:31:26 ----HDC---- C:\WINDOWS\$NtUninstallKB950749$ 2010-06-03 00:31:06 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$ 2010-06-03 00:30:49 ----HDC---- C:\WINDOWS\$NtUninstallKB908531$ 2010-06-03 00:30:14 ----HDC---- C:\WINDOWS\$NtUninstallKB943055$ 2010-06-03 00:30:00 ----HDC---- C:\WINDOWS\$NtUninstallKB894391$ 2010-06-03 00:29:49 ----HDC---- C:\WINDOWS\$NtUninstallKB920683$ 2010-06-03 00:29:34 ----HDC---- C:\WINDOWS\$NtUninstallKB914389$ 2010-06-03 00:29:22 ----HDC---- C:\WINDOWS\$NtUninstallKB944653$ 2010-06-03 00:29:06 ----HDC---- C:\WINDOWS\$NtUninstallKB890859$ 2010-06-03 00:28:51 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$ 2010-06-03 00:28:36 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$ 2010-06-03 00:28:06 ----HDC---- C:\WINDOWS\$NtUninstallKB928843$ 2010-06-02 21:45:32 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$ 2010-06-02 21:44:10 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$ 2010-06-02 21:42:47 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$ 2010-06-02 21:41:27 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$ 2010-06-02 21:40:09 ----A---- C:\WINDOWS\system32\wmpns.dll 2010-06-02 21:39:53 ----HDC---- C:\WINDOWS\$NtUninstallKB979402_WM9L$ 2010-05-31 12:55:50 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$ 2010-05-31 09:57:08 ----HD---- C:\WINDOWS\$hf_mig$ ======List of files/folders modified in the last 1 months====== 2010-06-11 23:04:11 ----D---- C:\Documents and Settings\Sassa\Application Data\uTorrent 2010-06-11 23:04:00 ----A---- C:\WINDOWS\ModemLog_ZTE Proprietary USB Modem.txt 2010-06-11 23:02:03 ----AD---- C:\WINDOWS\Temp 2010-06-11 23:00:46 ----D---- C:\WINDOWS\Prefetch 2010-06-11 21:46:04 ----D---- C:\WINDOWS\system32 2010-06-11 21:45:59 ----D---- C:\WINDOWS\system32\CatRoot2 2010-06-11 21:43:03 ----D---- C:\WINDOWS\system32\drivers 2010-06-11 21:43:02 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-06-11 21:42:18 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-06-11 16:54:41 ----D---- C:\Program Files\MODEM Mobile Connection 2010-06-10 15:00:29 ----D---- C:\WINDOWS 2010-06-10 15:00:28 ----D---- C:\Program Files 2010-06-09 14:16:09 ----D---- C:\Documents and Settings\Sassa\Application Data\The Bat! 2010-06-09 14:06:09 ----SHD---- C:\WINDOWS\Installer 2010-06-08 19:32:11 ----D---- C:\Documents and Settings\Sassa\Application Data\Winamp 2010-06-08 18:23:46 ----D---- C:\WINDOWS\Minidump 2010-06-08 16:41:17 ----D---- C:\zakon 2010-06-06 19:41:54 ----HD---- C:\WINDOWS\inf 2010-06-06 19:38:28 ----D---- C:\WINDOWS\WinSxS 2010-06-06 19:38:28 ----D---- C:\Program Files\Common Files\Microsoft Shared 2010-06-06 19:29:20 ----SD---- C:\Documents and Settings\Sassa\Application Data\Microsoft 2010-06-05 09:14:21 ----D---- C:\WINDOWS\Microsoft.NET 2010-06-05 09:13:45 ----RSD---- C:\WINDOWS\assembly 2010-06-05 00:25:26 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2010-06-04 22:13:02 ----A---- C:\WINDOWS\ModemLog_ZTE Proprietary USB Modem #2.txt 2010-06-03 23:34:33 ----RD---- C:\WINDOWS\Offline Web Pages 2010-06-03 11:25:48 ----D---- C:\WINDOWS\AppPatch 2010-06-03 11:25:47 ----D---- C:\WINDOWS\msagent 2010-06-03 00:50:56 ----A---- C:\WINDOWS\imsins.BAK 2010-06-03 00:43:31 ----D---- C:\Program Files\Messenger 2010-06-03 00:42:04 ----D---- C:\Program Files\Windows Media Player 2010-06-03 00:41:29 ----D---- C:\Program Files\Movie Maker 2010-06-03 00:41:19 ----D---- C:\WINDOWS\system32\CatRoot 2010-06-03 00:40:54 ----D---- C:\Program Files\Outlook Express 2010-06-03 00:40:53 ----D---- C:\Program Files\Common Files\System 2010-06-03 00:36:58 ----D---- C:\Program Files\Internet Explorer 2010-05-31 09:41:43 ----D---- C:\WINDOWS\Help 2010-05-25 23:37:20 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help 2010-05-20 23:46:39 ----D---- C:\Documents and Settings\Sassa\Application Data\Nokia Multimedia Player 2010-05-17 16:45:28 ----A---- C:\WINDOWS\win.ini 2010-05-12 20:34:07 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem #2.txt ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2010-06-09 216200] R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2010-06-10 29584] R1 AvgTdiX;AVG Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2010-06-10 242896] R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-04 36096] R1 ShockMgr;ShockMgr; C:\WINDOWS\system32\drivers\ShockMgr.sys [2005-06-20 4736] R1 Smapint;Smapint; C:\WINDOWS\System32\drivers\Smapint.sys [2006-04-24 14848] R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632] R1 TDSMAPI;TDSMAPI; C:\WINDOWS\System32\drivers\TDSMAPI.SYS [2006-04-24 9343] R1 TPHKDRV;TPHKDRV; C:\WINDOWS\system32\drivers\TPHKDRV.sys [2005-07-05 17699] R1 TPPWR;TPPWR; C:\WINDOWS\System32\drivers\Tppwr.sys [2005-04-20 16384] R1 TSMAPIP;TSMAPIP; C:\WINDOWS\System32\drivers\TSMAPIP.SYS [2006-07-21 7168] R2 irda;IrDA Protocol; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-04 87424] R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-10-05 12544] R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2005-03-04 127872] R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-04 60800] R3 Avgfwdx;Avgfwdx; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2010-06-09 30104] R3 AVGIDSDriverxpx;AVG9IDSDriver; \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys [] R3 AVGIDSFilterxpx;AVG9IDSFilter; \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys [] R3 AVGIDSShimxpx;AVG9IDSShim; \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys [] R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-04 14080] R3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2008-01-04 223128] R3 E1000;Intel(R) PRO/1000 Adapter Driver; C:\WINDOWS\system32\DRIVERS\e1000325.sys [2004-10-26 125952] R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-10-18 998656] R3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2005-10-18 242304] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2004-11-02 773565] R3 IBMPMDRV;IBMPMDRV; C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys [2005-11-11 10112] R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-04 61824] R3 NSCIRDA;NSC Infrared Device Driver; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2004-08-04 28672] R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584] R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2005-03-28 220992] R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-02-14 177664] R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616] R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624] R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600] R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496] R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-04 20480] R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-10-18 721280] R3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys [2008-07-15 104960] R3 ZTEusbnmea;ZTE NMEA Port; C:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys [2008-07-15 104960] R3 ZTEusbser6k;ZTE Diagnostic Port; C:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys [2008-07-15 104960] S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848] S3 Avgfwfd;AVG network filter service; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2010-06-09 30104] S3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-23 9600] S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2009-08-19 102528] S3 hwusbdev;Huawei DataCard USB PNP Device; C:\WINDOWS\system32\DRIVERS\ewusbdev.sys [2009-08-19 100480] S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12160] S3 MSIRCOMM;Microsoft IR Communications Driver; C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys [2004-08-04 22016] S3 ndiscm;Motorola SURFboard USB Cable Modem Windows Driver; C:\WINDOWS\system32\DRIVERS\NetMotCM.sys [2004-09-29 15360] S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2007-02-22 137216] S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2007-02-22 8320] S3 nmwcdcj;Nokia USB Port; C:\WINDOWS\system32\drivers\nmwcdcj.sys [2007-02-22 12288] S3 nmwcdcm;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2007-02-22 12288] S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320] S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336] S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000] S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\drivers\UIUSys.sys [] S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104] S4 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-23 12032] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 avg9wd;AVG WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-06-09 308064] R2 avgfws9;AVG Firewall; C:\Program Files\AVG\AVG9\avgfws9.exe [2010-06-10 2331544] R2 AVGIDSAgent;AVG9IDSAgent; C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2010-06-09 5888008] R2 IBMPMSVC;ThinkPad PM Service; C:\WINDOWS\system32\ibmpmsvc.exe [2005-11-11 73782] R2 Irmon;Infrared Monitor; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-01-13 153376] R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056] R2 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\WINDOWS\System32\TPHDEXLG.EXE [2005-06-20 77824] R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912] R2 UxTuneUp;TuneUp Design Expansion; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336] R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-06-15 300544] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-04-13 33632] S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2009-09-29 77944] S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe [2010-04-19 430152] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-04-13 68952] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824] S3 NetSvc;Intel NCS NetService; C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe [2003-07-16 143360] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] -----------------EOF----------------- Imam dva USB uređaja, a često i koristim i od druga jos dva, a i internet mi je 3G. Na jednom flesu mi je zadnjih dana neke foldere postavi kao nevidljive i tek kad idem na opciju da odčekiram Hide protected operating system files onda ih prikaže, a kad sam nesto stampao sa njih u kopirnici prikaže da ima virus, kod mene nekad prikaže da je zaražen autorun fajl. Dopuna: 11 Jun 2010 23:37 Komp je i dalje po malo usporen, ali trenutno ne prjavljuje nikakve viruse. Sutra najverovatnije neću biti tu do 23h, pa onda možemo prečistiti USB memorije.

Profil

dr_Bora Poslao: 12 Jun 2010 01:14 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Preuzmi USBNoRisk na Desktop i pokreni ga duplim klikom na ikonicu programa. - Sacekaj koji sekund dok program izvrsi inicijalno skeniranje. - Ubacuj sve USB memorijske uredjaje redom u USB slot i svaki zadrzi u slotu po 10 sekundi. - Ukoliko imas vise uredjaja za proveru, onda na parcetu papira zapisi kojim redom su ubacivani jer ce nam kasnije trebati taj podatak - Kada zavrsis sa svim uredjajima, klikni desno dugme misa na sred prozora programa i odaberi opciju Save log. To ce automatski otvoriti log u Notepadu. Iskopiraj nam taj log iz Notepada na forum. Objasnjenje: U USB memorijske uredjaje spadaju svi oni uredjaji koji po prikljucivanju na kompjuter dobijaju svoju oznaku particije. Tu spadaju USB flash drajvovi, eksterni hard-diskovi, memorijske kartice, MP3 i MP4 plejeri, neki mobilni telefoni, neki GPS (navigacioni) uredjaji itd.

Profil

draganela Poslao: 14 Jun 2010 21:28 Idi na vrh
offline draganela Građanin Dragan Đurašinović Pridružio: 20 Dec 2008 Poruke: 82	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav, izvinjavam se što se nisam pre javio, bio sam zauzet tokom vikenda. Skenirao sam sve četiri USB-a i dva mts3g internet modema. Kad sam ubacivao modeme, kao da ih USBblocker nije prepoznao, a za tri USB-a, antivirus mi je prijavljivao autorun virus. Tu je pa pogledaj. USBNoRisk 2.5 (26 July 2009) by bobby Started at 14.6.2010 21:18:17 Searching for connected USB Mass storage... ---------------------------------------- ======================================== Searching for other storage... ---------------------------------------- D: {56bbb064-01bd-11de-8788-806d6172696f} C: {56bbb066-01bd-11de-8788-806d6172696f} ======================================== Scanning fixed storage... ---------------------------------------- No blocked files found on C: No Autorun.inf files found on C: No mountpoint found for C: No mountpoint found for 56bbb066-01bd-11de-8788-806d6172696f No Desktop.ini files found on C: ---------------------------------------- No blocked files found on D: No Autorun.inf files found on D: No mountpoint found for D: No mountpoint found for 56bbb064-01bd-11de-8788-806d6172696f No Desktop.ini files found on D: ---------------------------------------- ======================================== Initial scan finished! ======================================== New device connected at 14.6.2010 21:18:33 Scanning for connected USB mass storage... ---------------------------------------- ======================================== New drive connected, but USBNoRisk can't find it ======================================== ======================================== ======================================== New device connected at 14.6.2010 21:18:38 Scanning for connected USB mass storage... ---------------------------------------- ======================================== New drive connected, but USBNoRisk can't find it ======================================== ======================================== ======================================== ======================================== ======================================== New device connected at 14.6.2010 21:19:12 Scanning for connected USB mass storage... ---------------------------------------- ======================================== New drive connected, but USBNoRisk can't find it ======================================== New device connected at 14.6.2010 21:19:20 Scanning for connected USB mass storage... ---------------------------------------- ======================================== New drive connected, but USBNoRisk can't find it ======================================== New device connected at 14.6.2010 21:19:20 Scanning for connected USB mass storage... ---------------------------------------- ======================================== New drive connected, but USBNoRisk can't find it ======================================== New device connected at 14.6.2010 21:19:21 Scanning for connected removable storage... ---------------------------------------- ======================================== New drive connected, but USBNoRisk can't find it ======================================== ======================================== ======================================== ======================================== ======================================== ======================================== ======================================== ======================================== ======================================== New device connected at 14.6.2010 21:19:41 Scanning for connected USB mass storage... ---------------------------------------- F: {f1ffbca6-5a9f-11de-b78b-001b385469e0} Added F: ======================================== Scanning USB mass storage for files... ---------------------------------------- No blocked files found on F: ---------------------------------------- autorun.inf found on F: ---------------------------------------- File F:\autorun.inf renamed successfully Content of F:\autorun.inf.blocked ---------------------------------------- ---------------------------------------- Files referenced from F:\autorun.inf.blocked ---------------------------------------- None ---------------------------------------- No mountpoint found for f1ffbca6-5a9f-11de-b78b-001b385469e0 ---------------------------------------- ---------------------------------------- Desktop.ini found at F:\ipak\ contains interesting CLSID string ---------------------------------------- [.ShellClassInfo] CLSID={645FF040-5081-101B-9F08-00AA002F954E} ---------------------------------------- HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll ---------------------------------------- Desktop.ini found at F:\POSTEPENO\ contains interesting CLSID string ---------------------------------------- [.ShellClassInfo] CLSID={645FF040-5081-101B-9F08-00AA002F954E} ---------------------------------------- HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll ---------------------------------------- No mimics found on drive F: ======================================== ======================================== Removed F: ======================================== New device connected at 14.6.2010 21:20:30 Scanning for connected USB mass storage... ---------------------------------------- F: {39838bb6-dac3-11de-b89b-001c269e1cdf} Added F: ======================================== Scanning USB mass storage for files... ---------------------------------------- No blocked files found on F: ---------------------------------------- autorun.inf found on F: ---------------------------------------- File F:\autorun.inf renamed successfully Content of F:\autorun.inf.blocked ---------------------------------------- ---------------------------------------- Files referenced from F:\autorun.inf.blocked ---------------------------------------- None ---------------------------------------- No mountpoint found for 39838bb6-dac3-11de-b89b-001c269e1cdf ---------------------------------------- ---------------------------------------- Desktop.ini found at F:\POSTEPENO\ contains interesting CLSID string ---------------------------------------- [.ShellClassInfo] CLSID={645FF040-5081-101B-9F08-00AA002F954E} ---------------------------------------- HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll ---------------------------------------- No mimics found on drive F: ======================================== ======================================== Removed F: ======================================== New device connected at 14.6.2010 21:20:59 Scanning for connected USB mass storage... ---------------------------------------- H: {987aaca8-2772-11de-b6dc-001b385469e0} Added H: ======================================== Scanning USB mass storage for files... ---------------------------------------- No blocked files found on H: ---------------------------------------- No Autorun.inf files found on H: No mountpoint found for 987aaca8-2772-11de-b6dc-001b385469e0 ---------------------------------------- ---------------------------------------- Desktop.ini found at H:\POSTEPENO\ contains interesting CLSID string ---------------------------------------- [.ShellClassInfo] CLSID={645FF040-5081-101B-9F08-00AA002F954E} ---------------------------------------- HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll ---------------------------------------- No mimics found on drive H: ======================================== ======================================== Removed H: ======================================== New device connected at 14.6.2010 21:21:26 Scanning for connected USB mass storage... ---------------------------------------- F: {bf23d0ba-0a77-11de-b67f-001b385469e0} Added F: ======================================== Scanning USB mass storage for files... ---------------------------------------- No blocked files found on F: ---------------------------------------- autorun.inf found on F: ---------------------------------------- File F:\autorun.inf renamed successfully Content of F:\autorun.inf.blocked ---------------------------------------- ---------------------------------------- Files referenced from F:\autorun.inf.blocked ---------------------------------------- None ---------------------------------------- No mountpoint found for bf23d0ba-0a77-11de-b67f-001b385469e0 ---------------------------------------- ---------------------------------------- Desktop.ini found at F:\MALASE\ contains interesting CLSID string ---------------------------------------- [.ShellClassInfo] CLSID={645FF040-5081-101B-9F08-00AA002F954E} ---------------------------------------- HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll ---------------------------------------- Desktop.ini found at F:\CRNAPLAVA\ contains interesting CLSID string ---------------------------------------- [.ShellClassInfo] CLSID={645FF040-5081-101B-9F08-00AA002F954E} ---------------------------------------- HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll ---------------------------------------- Desktop.ini found at F:\CAROBNJAK\ contains interesting CLSID string ---------------------------------------- [.ShellClassInfo] CLSID={645FF040-5081-101B-9F08-00AA002F954E} ---------------------------------------- HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll ---------------------------------------- Desktop.ini found at F:\POSTEPENO\ contains interesting CLSID string ---------------------------------------- [.ShellClassInfo] CLSID={645FF040-5081-101B-9F08-00AA002F954E} ---------------------------------------- HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll ---------------------------------------- No mimics found on drive F: ======================================== ======================================== Removed F: ========================================

Profil

dr_Bora Poslao: 25 Jun 2010 13:09 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav još jednom... Kolega me upravo obavestio da sam zaboravio na ovu temu. Izvinjavam se. Ukoliko ti je pomoć još uvek potrebna, reci mi kakvo je sada stanje i; ukoliko je sve OK, onda postavi svež USBNoRisk log; ukoliko nije, postavi svež RSIT log.

Profil

draganela Poslao: 26 Jun 2010 23:54 Idi na vrh
offline draganela Građanin Dragan Đurašinović Pridružio: 20 Dec 2008 Poruke: 82	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Komp radi dobro, samo prijavljuje mi virus kad ubacim USB. Na predzadnjem USB-u mi neke foldere postavi kao nevidljive i tek kad idem na opciju da odčekiram Hide protected operating system files onda ih prikaže, a kad sam nesto stampao sa njih u kopirnici prikaže da ima virus, kod mene nekad prikaže da je zaražen autorun fajl. USBNoRisk 2.5 (26 July 2009) by bobby Started at 26.6.2010 23:41:58 Searching for connected USB Mass storage... ---------------------------------------- ======================================== Searching for other storage... ---------------------------------------- D: {56bbb064-01bd-11de-8788-806d6172696f} C: {56bbb066-01bd-11de-8788-806d6172696f} ======================================== Scanning fixed storage... ---------------------------------------- No blocked files found on C: No Autorun.inf files found on C: No mountpoint found for C: No mountpoint found for 56bbb066-01bd-11de-8788-806d6172696f No Desktop.ini files found on C: ---------------------------------------- No blocked files found on D: No Autorun.inf files found on D: No mountpoint found for D: No mountpoint found for 56bbb064-01bd-11de-8788-806d6172696f No Desktop.ini files found on D: ---------------------------------------- ======================================== Initial scan finished! ======================================== New device connected at 26.6.2010 23:43:55 Scanning for connected USB mass storage... ---------------------------------------- ======================================== New drive connected, but USBNoRisk can't find it ======================================== New device connected at 26.6.2010 23:44:00 Scanning for connected USB mass storage... ---------------------------------------- ======================================== New drive connected, but USBNoRisk can't find it ======================================== New device connected at 26.6.2010 23:44:02 Scanning for connected removable storage... ---------------------------------------- ======================================== New drive connected, but USBNoRisk can't find it ======================================== ======================================== ======================================== ======================================== ======================================== New device connected at 26.6.2010 23:44:42 Scanning for connected USB mass storage... ---------------------------------------- ======================================== New drive connected, but USBNoRisk can't find it ======================================== New device connected at 26.6.2010 23:44:43 Scanning for connected USB mass storage... ---------------------------------------- ======================================== New drive connected, but USBNoRisk can't find it ======================================== New device connected at 26.6.2010 23:44:49 Scanning for connected USB mass storage... ---------------------------------------- ======================================== New drive connected, but USBNoRisk can't find it ======================================== New device connected at 26.6.2010 23:44:49 Scanning for connected removable storage... ---------------------------------------- ======================================== New drive connected, but USBNoRisk can't find it ======================================== ======================================== ======================================== ======================================== ======================================== ======================================== ======================================== ======================================== ======================================== New device connected at 26.6.2010 23:45:35 Scanning for connected USB mass storage... ---------------------------------------- F: {39838bb6-dac3-11de-b89b-001c269e1cdf} Added F: ======================================== Scanning USB mass storage for files... ---------------------------------------- No blocked files found on F: ---------------------------------------- No Autorun.inf files found on F: No mountpoint found for 39838bb6-dac3-11de-b89b-001c269e1cdf ---------------------------------------- No Desktop.ini files found on F: ---------------------------------------- No mimics found on drive F: ======================================== ======================================== Removed F: ======================================== New device connected at 26.6.2010 23:46:23 Scanning for connected USB mass storage... ---------------------------------------- F: {987aaca8-2772-11de-b6dc-001b385469e0} Added F: ======================================== Scanning USB mass storage for files... ---------------------------------------- No blocked files found on F: ---------------------------------------- No Autorun.inf files found on F: No mountpoint found for 987aaca8-2772-11de-b6dc-001b385469e0 ---------------------------------------- ---------------------------------------- Desktop.ini found at F:\POSTEPENO\ contains interesting CLSID string ---------------------------------------- [.ShellClassInfo] CLSID={645FF040-5081-101B-9F08-00AA002F954E} ---------------------------------------- HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll ---------------------------------------- No mimics found on drive F: ======================================== ======================================== Removed F: ======================================== New device connected at 26.6.2010 23:47:12 Scanning for connected USB mass storage... ---------------------------------------- F: {bf23d0ba-0a77-11de-b67f-001b385469e0} Added F: ======================================== Scanning USB mass storage for files... ---------------------------------------- No blocked files found on F: ---------------------------------------- autorun.inf found on F: ---------------------------------------- File F:\autorun.inf renamed successfully ---------------------------------------- Could not open F:\autorun.inf.blocked to read the content File lock detected: USBNoRisk cannot find what locked the file ---------------------------------------- No mountpoint found for bf23d0ba-0a77-11de-b67f-001b385469e0 ---------------------------------------- ---------------------------------------- Desktop.ini found at F:\MALASE\ contains interesting CLSID string ---------------------------------------- [.ShellClassInfo] CLSID={645FF040-5081-101B-9F08-00AA002F954E} ---------------------------------------- HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll ---------------------------------------- Desktop.ini found at F:\CRNAPLAVA\ contains interesting CLSID string ---------------------------------------- [.ShellClassInfo] CLSID={645FF040-5081-101B-9F08-00AA002F954E} ---------------------------------------- HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll ---------------------------------------- Desktop.ini found at F:\CAROBNJAK\ contains interesting CLSID string ---------------------------------------- [.ShellClassInfo] CLSID={645FF040-5081-101B-9F08-00AA002F954E} ---------------------------------------- HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll ---------------------------------------- Desktop.ini found at F:\POSTEPENO\ contains interesting CLSID string ---------------------------------------- [.ShellClassInfo] CLSID={645FF040-5081-101B-9F08-00AA002F954E} ---------------------------------------- HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll ---------------------------------------- No mimics found on drive F: ======================================== ======================================== Removed F: ========================================

Profil

dr_Bora Poslao: 27 Jun 2010 00:34 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pokreni USBNoRisk, sačekaj da završi početno skeniranje, pređi na Script karticu i tamo iskopiraj sledeći tekst: `{987aaca8-2772-11de-b6dc-001b385469e0} folder_delete: %DRIVE%POSTEPENO no_sh: {bf23d0ba-0a77-11de-b67f-001b385469e0} delete_blocked: folder_delete: %DRIVE%MALASE folder_delete: %DRIVE%CRNAPLAVA folder_delete: %DRIVE%CAROBNJAK folder_delete: %DRIVE%POSTEPENO no_sh:` Sada ponovi prethodni postupak (priključuj diskove). Svaki disk zadrži priključen bar 30 sekundi. Na kraju postupka sačuvaj log i kopiraj ga ovde. Nakon ovoga bi trebalo da vidiš sve pomenute foldere.

Profil

draganela Poslao: 28 Jun 2010 00:56 Idi na vrh
offline draganela Građanin Dragan Đurašinović Pridružio: 20 Dec 2008 Poruke: 82	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Sad mi prikazuje sve fajlove. USBNoRisk 2.5 (26 July 2009) by bobby Started at 28.6.2010 0:46:16 Searching for connected USB Mass storage... ---------------------------------------- ======================================== Searching for other storage... ---------------------------------------- D: {56bbb064-01bd-11de-8788-806d6172696f} C: {56bbb066-01bd-11de-8788-806d6172696f} ======================================== Scanning fixed storage... ---------------------------------------- No blocked files found on C: No Autorun.inf files found on C: No mountpoint found for C: No mountpoint found for 56bbb066-01bd-11de-8788-806d6172696f No Desktop.ini files found on C: ---------------------------------------- No blocked files found on D: No Autorun.inf files found on D: No mountpoint found for D: No mountpoint found for 56bbb064-01bd-11de-8788-806d6172696f No Desktop.ini files found on D: ---------------------------------------- ======================================== Initial scan finished! ======================================== New device connected at 28.6.2010 0:46:50 Scanning for connected USB mass storage... ---------------------------------------- ======================================== New drive connected, but USBNoRisk can't find it ======================================== New device connected at 28.6.2010 0:46:56 Scanning for connected USB mass storage... ---------------------------------------- ======================================== New drive connected, but USBNoRisk can't find it ======================================== New device connected at 28.6.2010 0:46:58 Scanning for connected removable storage... ---------------------------------------- ======================================== New drive connected, but USBNoRisk can't find it ======================================== ======================================== ======================================== ======================================== ======================================== New device connected at 28.6.2010 0:47:55 Scanning for connected USB mass storage... ---------------------------------------- ======================================== New drive connected, but USBNoRisk can't find it ======================================== New device connected at 28.6.2010 0:47:59 Scanning for connected USB mass storage... ---------------------------------------- ======================================== New drive connected, but USBNoRisk can't find it ======================================== New device connected at 28.6.2010 0:48:02 Scanning for connected USB mass storage... ---------------------------------------- ======================================== New drive connected, but USBNoRisk can't find it ======================================== New device connected at 28.6.2010 0:48:03 Scanning for connected removable storage... ---------------------------------------- ======================================== New drive connected, but USBNoRisk can't find it ======================================== ======================================== ======================================== ======================================== ======================================== ======================================== ======================================== ======================================== ======================================== New device connected at 28.6.2010 0:48:46 Scanning for connected USB mass storage... ---------------------------------------- F: {39838bb6-dac3-11de-b89b-001c269e1cdf} Added F: ======================================== Scanning USB mass storage for files... ---------------------------------------- No blocked files found on F: ---------------------------------------- No Autorun.inf files found on F: No mountpoint found for 39838bb6-dac3-11de-b89b-001c269e1cdf ---------------------------------------- No Desktop.ini files found on F: ---------------------------------------- No mimics found on drive F: ======================================== Processing script ---------------------------------------- ======================================== Scan finished! ======================================== ======================================== Removed F: ======================================== New device connected at 28.6.2010 0:49:32 Scanning for connected USB mass storage... ---------------------------------------- F: {987aaca8-2772-11de-b6dc-001b385469e0} Added F: ======================================== Scanning USB mass storage for files... ---------------------------------------- No blocked files found on F: ---------------------------------------- No Autorun.inf files found on F: No mountpoint found for 987aaca8-2772-11de-b6dc-001b385469e0 ---------------------------------------- ---------------------------------------- Desktop.ini found at F:\POSTEPENO\ contains interesting CLSID string ---------------------------------------- [.ShellClassInfo] CLSID={645FF040-5081-101B-9F08-00AA002F954E} ---------------------------------------- HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll ---------------------------------------- No mimics found on drive F: ======================================== Processing script ---------------------------------------- 987aaca8-2772-11de-b6dc-001b385469e0 Drive letter for GUID: F: SectionStart = 0 SectionEnd = 3 ---------------------------------------- Delete folder tree F:\POSTEPENO: ---------------------------------------- File lock detected: USBNoRisk cannot find what locked the file Delete: F:\POSTEPENO\morasti.exe > Error! Delete: F:\POSTEPENO\Desktop.ini > Done! Delete: F:\POSTEPENO > Error! Delete: F:\POSTEPENO > Error! ---------------------------------------- Unhide superhidden for F:\ ---------------------------------------- dra-- F:\MP3CUTER > unhidden dra-- F:\uporedna > unhidden d-a-- F:\FOUND.000 > unhidden dra-- F:\JUN-Stampa > unhidden dra-- F:\мај > unhidden dra-- F:\seminarski > unhidden dra-- F:\POSTEPENO > unhidden -ra-- F:\POSTEPENO\morasti.exe > unhidden dra-- F:\Analiza diskursa za studente > unhidden dra-- F:\sociologija i metodika > unhidden ---------------------------------------- ======================================== Scan finished! ======================================== ======================================== Removed F: ======================================== New device connected at 28.6.2010 0:50:38 Scanning for connected USB mass storage... ---------------------------------------- F: {bf23d0ba-0a77-11de-b67f-001b385469e0} Added F: ======================================== Scanning USB mass storage for files... ---------------------------------------- Blocked file found: F:\autorun.inf.blocked ---------------------------------------- ---------------------------------------- Could not open F:\autorun.inf.blocked to read the content File lock detected: USBNoRisk cannot find what locked the file ---------------------------------------- ---------------------------------------- No Autorun.inf files found on F: No mountpoint found for bf23d0ba-0a77-11de-b67f-001b385469e0 ---------------------------------------- ---------------------------------------- Desktop.ini found at F:\MALASE\ contains interesting CLSID string ---------------------------------------- [.ShellClassInfo] CLSID={645FF040-5081-101B-9F08-00AA002F954E} ---------------------------------------- HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll ---------------------------------------- Desktop.ini found at F:\CRNAPLAVA\ contains interesting CLSID string ---------------------------------------- [.ShellClassInfo] CLSID={645FF040-5081-101B-9F08-00AA002F954E} ---------------------------------------- HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll ---------------------------------------- Desktop.ini found at F:\CAROBNJAK\ contains interesting CLSID string ---------------------------------------- [.ShellClassInfo] CLSID={645FF040-5081-101B-9F08-00AA002F954E} ---------------------------------------- HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll ---------------------------------------- Desktop.ini found at F:\POSTEPENO\ contains interesting CLSID string ---------------------------------------- [.ShellClassInfo] CLSID={645FF040-5081-101B-9F08-00AA002F954E} ---------------------------------------- HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll ---------------------------------------- No mimics found on drive F: ======================================== Processing script ---------------------------------------- bf23d0ba-0a77-11de-b67f-001b385469e0 Drive letter for GUID: F: SectionStart = 4 SectionEnd = 10 ---------------------------------------- Deleting blocked files: ---------------------------------------- Delete: F:\autorun.inf.blocked > Done! ---------------------------------------- Delete folder tree F:\MALASE: ---------------------------------------- Delete: F:\MALASE\Desktop.ini > Done! Delete: F:\MALASE > Error! Delete: F:\MALASE > Error! ---------------------------------------- Delete folder tree F:\CRNAPLAVA: ---------------------------------------- Delete: F:\CRNAPLAVA\Desktop.ini > Done! Delete: F:\CRNAPLAVA > Error! Delete: F:\CRNAPLAVA > Error! ---------------------------------------- Delete folder tree F:\CAROBNJAK: ---------------------------------------- Delete: F:\CAROBNJAK\Desktop.ini > Done! Delete: F:\CAROBNJAK > Error! Delete: F:\CAROBNJAK > Error! ---------------------------------------- Delete folder tree F:\POSTEPENO: ---------------------------------------- File lock detected: USBNoRisk cannot find what locked the file Delete: F:\POSTEPENO\morasti.exe > Error! Delete: F:\POSTEPENO\Desktop.ini > Done! Delete: F:\POSTEPENO > Error! Delete: F:\POSTEPENO > Error! ---------------------------------------- Unhide superhidden for F:\ ---------------------------------------- dra-- F:\MALASE > unhidden dra-- F:\CRNAPLAVA > unhidden --a-- F:\svadba\100DICAM\SIV52.tmp > unhidden dra-- F:\CAROBNJAK > unhidden dra-- F:\driver > unhidden dra-- F:\driver\usb > unhidden --a-- F:\driver\usb\Desktop.ini > unhidden dra-- F:\POSTEPENO > unhidden -ra-- F:\POSTEPENO\morasti.exe > unhidden -ra-- F:\killVBS.vbs > unhidden ---------------------------------------- ======================================== Scan finished! ======================================== ======================================== Removed F: ========================================

Profil

dr_Bora Poslao: 28 Jun 2010 17:06 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Na poslednja dva diska se nalaže sledeći folderi (nisu svi na oba). POSTEPENO MALASE CRNAPLAVA CAROBNJAK driver Obriši ih. Takođe, obriši i sledeće file-ove: autorun.inf.blocked killVBS.vbs <--------- pre no što ga obrišeš, uploaduj ga preko ovog linka: http://www.mycity.rs/ambulanta-upload.php Sem ako postoji neki konkretan problem, to bi bilo sve. Potrebno je još samo da isključiš i zatim ponovo uključiš System Restore: http://www.mycity.rs/Uputstva/Kako-iskljuciti-uklj.....Vista.html

Profil

draganela Poslao: 29 Jun 2010 00:16 Idi na vrh
offline draganela Građanin Dragan Đurašinović Pridružio: 20 Dec 2008 Poruke: 82	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uradio sam sve i sad je dobro, ovaj fajl autorun.inf.blocked killVBS.vbs nisam uploadovao pošto je NOD prebacio ga u karantin. Hvala i pozdrav!

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Napali virusi, jedva sam se konektovao na internet - pomoć

Ko je trenutno na forumu

Ukupno su 1147 korisnika na forumu :: 42 registrovanih, 4 sakrivenih i 1101 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., ajo baba, anta, Battlehammer, Ben Roj, CikaKURE, deimos25, DonRumataEstorski, dushan, FOX, HogarStrashni, ikan, kubura91, kybonacci, laurusri, Marko Marković, mercedesamg, Mercury, Milenaaa, milutin134, Miroljub1979, Mlav, Motocar, pein, Pikac-47, procesor, Shinobi, Sir Budimir, Sirius, Srle993, suton, TheBeastOfMG, Tvrtko I, Vlad000, vladaa012, vladetije, W123, wizzardone, wolverined4, zillbg, žeks62, 125

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by