POMOĆ. Javili mi se cudni vurusi

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Otvoriti Notepad i iskopirati sledeci tekst:

Snapshot::

Folder::
c:\windows\update.7.1
c:\windows\ufa
c:\windows\update.tray-12-0-lnk
c:\windows\av_ico
c:\windows\update.tray-12-0

File::
c:\windows\unrar.exe

RegNull::
[HKEY_USERS\S-1-5-21-220523388-1177238915-839522115-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

Snimiti na Desktop fajl iz Notepada kao "CFScript"




Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici.
Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

evo:

ComboFix 11-08-23.03 - kris 23.08.2011 17:49:27.6.1 - x86
Microsoft Windows XP Professional 5.1.2600.2.1251.381.1033.18.512.139 [GMT 2:00]
Running from: c:\documents and settings\kris\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\kris\Desktop\CFScript.txt
AV: AVG Internet Security 2011 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Firewall *Enabled* {8decf618-9569-4340-b34a-d78d28969b66}
.
FILE ::
"c:\windows\unrar.exe"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\av_ico
c:\windows\ufa
c:\windows\unrar.exe
c:\windows\update.7.1
c:\windows\update.tray-12-0-lnk
c:\windows\update.tray-12-0
.
.
((((((((((((((((((((((((( Files Created from 2011-07-23 to 2011-08-23 )))))))))))))))))))))))))))))))
.
.
2011-08-23 13:33 . 2011-08-23 13:33 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar
2011-08-23 13:29 . 2011-08-23 13:47 -------- d-----w- c:\windows\system32\drivers\AVG
2011-08-23 13:29 . 2011-08-23 13:35 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG10
2011-08-23 08:00 . 2011-08-23 08:00 -------- d-----w- c:\program files\AVG
2011-08-23 01:34 . 2011-08-23 07:51 -------- d-----w- C:\USBNoRisk
2011-08-23 01:13 . 2011-08-23 01:13 -------- d-----w- c:\documents and settings\kris\Application Data\Malwarebytes
2011-08-23 01:13 . 2011-08-23 01:13 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2011-08-22 23:27 . 2011-08-22 23:27 -------- d-----w- c:\program files\Conduit
2011-08-22 23:27 . 2011-08-22 23:37 -------- d-----w- c:\documents and settings\kris\Local Settings\Application Data\CyberDefender-TB
2011-08-22 23:27 . 2011-08-22 23:27 -------- d-----w- c:\documents and settings\kris\Local Settings\Application Data\Conduit
2011-08-22 23:27 . 2011-08-22 23:27 -------- d-----w- c:\documents and settings\kris\Local Settings\Application Data\Temp
2011-08-22 23:27 . 2011-08-22 23:27 -------- d-----w- c:\program files\CyberDefender-TB
2011-08-22 23:26 . 2011-08-22 23:25 96200 ----a-w- c:\windows\system32\drivers\CDAVFS.sys
2011-08-22 11:24 . 2011-08-22 11:24 -------- d-----w- c:\windows\ServicePackFiles
2011-08-22 11:22 . 2011-08-22 11:22 -------- d-----w- c:\program files\MSXML 4.0
2011-08-22 07:31 . 2010-02-24 12:31 454016 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2011-08-22 07:29 . 2010-02-16 13:17 2137088 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2011-08-22 07:29 . 2010-02-16 13:19 2181376 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2011-08-22 07:29 . 2010-02-16 12:39 2016768 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2011-08-22 07:29 . 2010-02-16 12:39 2058368 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2011-08-22 07:10 . 2008-07-09 07:38 26488 ----a-w- c:\windows\system32\spupdsvc.exe
2011-08-22 07:10 . 2011-08-23 07:12 -------- d--h--w- c:\windows\$hf_mig$
2011-08-17 18:57 . 2011-08-18 17:13 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-17 18:53 . 2011-08-17 18:58 -------- d-----w- c:\documents and settings\kris\Local Settings\Application Data\Google
2011-08-17 18:53 . 2011-08-17 18:56 -------- d-----w- c:\program files\Google
2011-08-17 18:37 . 2011-08-17 18:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Autorun Eater
2011-08-17 18:37 . 2011-08-18 17:09 -------- d-----w- c:\program files\Autorun Eater
2011-08-17 18:22 . 2011-08-17 18:22 -------- d-----w- c:\program files\CCleaner
2011-08-17 18:12 . 2011-08-17 18:12 -------- d-----w- c:\documents and settings\kris\Local Settings\Application Data\Opera
2011-08-17 18:12 . 2011-08-17 18:12 -------- d-----w- c:\program files\Opera
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG10\Toolbar\IEToolbar.dll" [2011-07-26 2532680]
"{ffb11c0c-da90-4969-a995-8dca2e0fc10a}"= "c:\program files\CyberDefender-TB\prxtbCybe.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]
.
[HKEY_CLASSES_ROOT\clsid\{ffb11c0c-da90-4969-a995-8dca2e0fc10a}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2011-07-26 08:15 2532680 ----a-w- c:\program files\AVG\AVG10\Toolbar\IEToolbar.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ffb11c0c-da90-4969-a995-8dca2e0fc10a}]
2011-05-09 09:49 176936 ----a-w- c:\program files\CyberDefender-TB\prxtbCybe.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ffb11c0c-da90-4969-a995-8dca2e0fc10a}"= "c:\program files\CyberDefender-TB\prxtbCybe.dll" [2011-05-09 176936]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG10\Toolbar\IEToolbar.dll" [2011-07-26 2532680]
.
[HKEY_CLASSES_ROOT\clsid\{ffb11c0c-da90-4969-a995-8dca2e0fc10a}]
.
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{FFB11C0C-DA90-4969-A995-8DCA2E0FC10A}"= "c:\program files\CyberDefender-TB\prxtbCybe.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{ffb11c0c-da90-4969-a995-8dca2e0fc10a}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2003-04-02 4616192]
"nwiz"="nwiz.exe" [2003-04-02 323584]
"Autorun Eater"="c:\program files\Autorun Eater\oldmcdonald.exe" [2010-05-06 516216]
"AVG_TRAY"="c:\program files\AVG\AVG10\avgtray.exe" [2011-04-18 2334560]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]
.
c:\documents and settings\kris\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableSecureUIAPaths"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^BlueSoleil.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\BlueSoleil.lnk
backup=c:\windows\pss\BlueSoleil.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-05-16 07:27 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
2004-08-03 22:56 110592 ----a-w- c:\windows\system32\bthprops.cpl
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-01 13:57 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2004-11-02 18:24 32768 ----a-w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Smapp]
2003-05-05 06:57 143360 ----a-w- c:\program files\Analog Devices\SoundMAX\SMTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2006-06-21 17:14 35328 ----a-w- c:\program files\Winamp\winampa.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"DisableThumbnailCache"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\AVG\\AVG10\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG10\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG10\\avgmfapx.exe"=
"c:\\Program Files\\AVG\\AVG10\\avgam.exe"=
"c:\\Program Files\\AVG\\AVG10\\avgemcx.exe"=
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [22.2.2011 8:13 22992]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [16.3.2011 16:03 32592]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [7.1.2011 6:41 248656]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [5.4.2011 0:59 297168]
R2 avgfws;AVG zastitni zid;c:\program files\AVG\AVG10\avgfws.exe [9.3.2011 19:24 2708024]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG10\avgwdsvc.exe [8.2.2011 5:33 269520]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [14.4.2011 21:28 134480]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [10.2.2011 7:53 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [10.2.2011 7:53 27216]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [18.4.2011 17:39 7398752]
S2 gupdate;Google ажурирање услуга (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [17.8.2011 20:54 136176]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG10\Toolbar\ToolbarBroker.exe [23.8.2011 15:33 1025352]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwdx.sys --> c:\windows\system32\DRIVERS\avgfwdx.sys [?]
S3 gupdatem;Google ажурирање услуга (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [17.8.2011 20:54 136176]
.
Contents of the 'Scheduled Tasks' folder
.
2011-08-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-08-17 18:53]
.
2011-08-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-08-17 18:53]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2953735
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\AVG\AVG10\Toolbar\IEToolbar.dll
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2011-08-23 17:56
Windows 5.1.2600 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-220523388-1177238915-839522115-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
Completion time: 2011-08-23 17:59:11
ComboFix-quarantined-files.txt 2011-08-23 15:59
ComboFix2.txt 2011-08-23 11:39
ComboFix3.txt 2011-08-22 13:22
ComboFix4.txt 2011-08-22 07:58
ComboFix5.txt 2011-08-23 15:48
.
Pre-Run: 738.111.488 bytes free
Post-Run: 728.965.120 bytes free
.
- - End Of File - - 10125460FF6A905D46661D56309C7C87

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Ok, hajde da proverimo USB uredjaje.

Pokreni USBNoRisk i sacekaj koji sekund dok program izvrsi inicijalno skeniranje.
Sada ubodi problematicni USB stick u komp, prebaci se na karticu Script i tamo unesi sledeci tekst:

{d10bf286-9f8f-11dd-84a8-c3b95f1e3869}
no_sh:
folder_list: %DRIVE%

{72179072-3f30-11df-893f-001167c5c534}
no_sh:
folder_list: %DRIVE%

{2a5a1a16-8689-11df-89d1-001167c5c534}
no_sh:
folder_list: %DRIVE%

Ubadaj redom uredjaje.

Klikni na Run Script i sacekaj da USBNoRisk obavi svoje.
Na kartici monitor klikni desno dugme misa na sred prozora programa i odaberi opciju Save log.
Iskopiraj mi taj log iz Notepada na forum.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

nisam sigurna da sam to obavila kako treba:

USBNoRisk 2.7 (28 December 2010) by bobby

Started at 23.8.2011 20:27:04

Searching for connected USB Mass storage...
----------------------------------------
========================================

Searching for other storage...
----------------------------------------
C: {8da874df-fec5-11d5-a4d0-806d6172696f}
D: {8da874e0-fec5-11d5-a4d0-806d6172696f}
E: {8da874e1-fec5-11d5-a4d0-806d6172696f}
========================================


Scanning fixed storage...
----------------------------------------

No blocked files found on C:
No Autorun.inf files found on C:
No mountpoint found for C:
No mountpoint found for 8da874df-fec5-11d5-a4d0-806d6172696f
No Desktop.ini files found on C:
----------------------------------------

No blocked files found on D:
No Autorun.inf files found on D:
No mountpoint found for D:
No mountpoint found for 8da874e0-fec5-11d5-a4d0-806d6172696f
----------------------------------------
Desktop.ini found at D:\Recycled\ contains interesting CLSID string
----------------------------------------
[.ShellClassInfo]
CLSID={645FF040-5081-101B-9F08-00AA002F954E}
----------------------------------------
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\Otvori CCleaner...\command,@ = C:\Program Files\CCleaner\ccleaner.exe
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\Pokreni CCleaner\command,@ = C:\Program Files\CCleaner\ccleaner.exe /AUTO
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\Otvori CCleaner...\command,@ = C:\Program Files\CCleaner\ccleaner.exe
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\Pokreni CCleaner\command,@ = C:\Program Files\CCleaner\ccleaner.exe /AUTO
----------------------------------------

No blocked files found on E:
No Autorun.inf files found on E:
No mountpoint found for E:
No mountpoint found for 8da874e1-fec5-11d5-a4d0-806d6172696f
----------------------------------------
Desktop.ini found at E:\Recycled\ contains interesting CLSID string
----------------------------------------
[.ShellClassInfo]
CLSID={645FF040-5081-101B-9F08-00AA002F954E}
----------------------------------------
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\Otvori CCleaner...\command,@ = C:\Program Files\CCleaner\ccleaner.exe
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\Pokreni CCleaner\command,@ = C:\Program Files\CCleaner\ccleaner.exe /AUTO
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\Otvori CCleaner...\command,@ = C:\Program Files\CCleaner\ccleaner.exe
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\Pokreni CCleaner\command,@ = C:\Program Files\CCleaner\ccleaner.exe /AUTO
----------------------------------------

========================================
Initial scan finished!
========================================


New device connected at 23.8.2011 20:27:31

Scanning for connected USB mass storage...
----------------------------------------
H: {d10bf286-9f8f-11dd-84a8-c3b95f1e3869}
Added H:
========================================

Scanning USB mass storage for files...
----------------------------------------
No blocked files found on H:
----------------------------------------
No Autorun.inf files found on H:
No mountpoint found for d10bf286-9f8f-11dd-84a8-c3b95f1e3869
----------------------------------------

No Desktop.ini files found on H:
----------------------------------------

No mimics found on drive H:
----------------------------------------

No .lnk/.pif/.com/.scr files found on drive H:
========================================


Processing script
----------------------------------------
d10bf286-9f8f-11dd-84a8-c3b95f1e3869
Drive letter for GUID: H:
SectionStart = 0
SectionEnd = 3
----------------------------------------
Unhide superhidden for H:\
----------------------------------------
----------------------------------------
Folder list for H:\:
----------------------------------------

--a--   7097243   H:\ZDRAVK~1.MP3   H:\Zdravko Colic - Idem da odmorim.mp3
--a--   3258827   H:\ZDRAVK~2.MP3   H:\Zdravko Colic - Jedina.mp3
--a--   3636754   H:\ZDRAVK~3.MP3   H:\Zdravko Colic - Pusti pusti modu.mp3
--a--   8811961   H:\ZDRAVK~4.MP3   H:\Zdravko Colic- Megamix.mp3
--a--   2850609   H:\ZD094B~1.MP3   H:\Zdravko Colic-Ajde, ajde, Jasmina.mp3
--a--   4005430   H:\ZD748F~1.MP3   H:\Zdravko Colic-Jako, jako slabo srce zavodis.mp3
--a--   1878019   H:\SASAKO~1.MP3   H:\ Sasa Kovacevic i Nikolina Pisek - Idemo do mene 2011.mp3
--a--   4532767   H:\02PADA~1.MP3   H:\02 Padaju Zvijezde.mp3
--a--   3037275   H:\03BOJA~1.MP3   H:\03. Bojan Tomovic - Kad budes htela.mp3
d----   0   H:\SPOTOVI   H:\SPOTOVI
--a--   4136124   H:\04ZAES~1.MP3   H:\04 Za Esmu.mp3
--a--   6699136   H:\07ZDRA~1.MP3   H:\07. Zdravko Colic - Sto Puta.mp3
--a--   1690648   H:\09-TRA~1.MP3   H:\09 - Track  9.mp3
--a--   3477822   H:\11-LUI~1.MP3   H:\11 - luis 2005-11-opa,opa.mp3
--a--   1608330   H:\16-ROC~1.MP3   H:\16 - Rocky 3.mp3
--a--   5256253   H:\ACALUK~1.MP3   H:\Aca Lukas - Civas 2008.mp3
--a--   10887406   H:\ADIL2O~1.MP3   H:\Adil 2oo8 Ne Mogu Bez Tebe Ja.mp3
--a--   5841060   H:\ANABEL~1.MP3   H:\Anabela - Anabela i Mladen - 150 stepeni 2010.mp3
--a--   3817477   H:\ANNAOX~1.MP3   H:\Anna Oxa - Donna con te.mp3
--a--   8626838   H:\IVANZA~1.MP3   H:\Ivan Zak - 2010 - Decko sa Balkana.mp3
--a--   276992   H:\Trziste.doc   H:\Trziste.doc
--a--   277504   H:\??????~1.DOC   H:\Тржиште аграрних производ1.doc
--a--   4517776   H:\BAJAGA~1.MP3   H:\Bajaga - Kad Hodas.mp3
--a--   3198388   H:\BAJAGA~2.MP3   H:\Bajaga - Montenegro.mp3
--a--   3492374   H:\BAJAGA~3.MP3   H:\Bajaga - Na Vrhovima Prstiju.mp3
--a--   5053126   H:\BAJAGA~4.MP3   H:\BAJAGA - Ni Na Nebu Ni Na Zemlji.mp3
--a--   4663310   H:\BA4BAA~1.MP3   H:\Bajaga - Plavi Safir.mp3
--a--   2819752   H:\BAE14F~1.MP3   H:\Bajaga - S Druge Strane Jastuka.mp3
--a--   3252182   H:\BA6A9A~1.MP3   H:\Bajaga - Tamara.mp3
--a--   2847274   H:\BAA06F~1.MP3   H:\Bajaga - Ti Se Ljubis Na Tako Dobar Nacin.mp3
--a--   6915134   H:\BA62B8~1.MP3   H:\Bajaga - Tisina.mp3
--a--   3673320   H:\BAAFA9~1.MP3   H:\Bajaga - To.mp3
--a--   3991899   H:\BLACK-~1.MP3   H:\Black - Wonderful life.mp3
--a--   4616487   H:\BRAYAN~1.MP3   H:\Brayan Adams - Have you ever really loved a woman.mp3
--a--   8841915   H:\BYMIGA~1.MP3   H:\By Migavci - Nemanja Stevanovic-Daleki grad Spot official.mp3
--a--   5731255   H:\CECA-S~1.MP3   H:\Ceca - Steta za Mene.mp3
--a--   6101774   H:\CECA-S~2.MP3   H:\Ceca - sve sto imam i nemam ja [ 2011 ].mp3
--a--   5568000   H:\CECA20~1.MP3   H:\Ceca 2011 - Ljubav Zivi.mp3
--a--   4668604   H:\COLONI~1.MP3   H:\Colonia - 2010 - 03 - Stranac (Eric Destler alternative version) - domaci.de.mp3
--a--   3226772   H:\DLZ-KA~1.MP3   H:\D.L.Z.- Kada sanjas.mp3
--a--   3297697   H:\DARABU~1.MP3   H:\Dara Bubamara - 2010 - 04 - Ne planiram - domaci.de.mp3
--a--   3777515   H:\DARABU~2.MP3   H:\Dara Bubamara - 2010 - 05 - Izadji sam - domaci.de.mp3
--a--   3293348   H:\DOBRIV~1.MP3   H:\Dobrivoje Topalovic - 04 - Malena.mp3
--a--   4505600   H:\DRIGGY~1.MP3   H:\DR IGGY - PLASIM SE.mp3
--a--   3264267   H:\DRAGAN~1.MP3   H:\Dragana Mirkovic - Milo Moje, Sto Te Nema.mp3
--a--   2998272   H:\DRAGAN~2.MP3   H:\Dragana Mirkovic - O,da li znas.mp3
--a--   4245504   H:\DRAGAN~3.MP3   H:\Dragana Mirkovic - Oprosti sto ti smetam.mp3
--a--   3207168   H:\DRAGAN~4.MP3   H:\Dragana Mirkovic - Sama.mp3
--a--   2934784   H:\DR569A~1.MP3   H:\Dragana Mirkovic - To nije tvoja stvar.mp3
--a--   9686027   H:\DUNJAI~1.MP3   H:\Dunja Ilic - 2010 - Sefica Podzemlja [Promo].mp3
--a--   3925132   H:\DZEJ-1~1.MP3   H:\Dzej - 16 - Slazes Li Se Ti.mp3
--a--   2548007   H:\DZEJ-A~1.MP3   H:\Dzej - Ala Bi Te Okitio Mala.mp3
--a--   3945534   H:\DZEJ-I~1.MP3   H:\Dzej - Iznajmicu sobu s pogledom na te.mp3
--a--   3059043   H:\DZEJ-M~1.MP3   H:\Dzej - Mrak,mrak.mp3
--a--   6761325   H:\DZEJ-S~1.MP3   H:\Dzej - Slavija.mp3
--a--   4533174   H:\DZENAN~1.MP3   H:\Dzenan Loncarevic - Ana Ne Budi Luda 2011 + Tekst pesme.mp3
--a--   5635330   H:\DZENAN~2.MP3   H:\Dzenan Loncarevic - Losa.mp3
--a--   3867376   H:\ELAMSI~1.MP3   H:\ELAM SINANOVIC - KAKVO JE TO LUDILO.MP3
--a--   4849664   H:\ELENA-~1.MP3   H:\Elena - Obrati paznju.mp3
--a--   4618994   H:\EROS&T~1.MP3   H:\Eros & Tina Turner - Cose de la vitta.mp3
--a--   4895265   H:\EROS-S~1.MP3   H:\Eros - Se Bastasse una canzone.mp3
--a--   1489891   H:\I'MSOO~1.MP3   H:\i'm soo excited.mp3
--a--   3436170   H:\INDY20~1.MP3   H:\Indy 2006 - 04 - Relativno.mp3
--a--   3752064   H:\IRENEC~1.MP3   H:\Irene Cara - What A Feeling.Mp3
--a--   2938880   H:\JASARA~1.MP3   H:\Jasar Ahmedovski - Rastasmo se ko dve reke.mp3
--a--   3362816   H:\JASARA~2.MP3   H:\Jasar Ahmedovski - Umoran sam od zivota.mp3
--a--   4315266   H:\JEAN-R~1.MP3   H:\JEAN-ROCH - Can You Feel It.mp3
--a--   1609088   H:\JELENA~1.MP3   H:\Jelena Karleusa  - Nova religija [Plava Seherezada].mp3
--a--   4353172   H:\KAOMA-~1.MP3   H:\Kaoma - Lambada.mp3
--a--   5686157   H:\MARTAS~1.MP3   H:\MARTA SAVIC - Nisi tu.mp3
--a--   5005929   H:\MARTAS~2.MP3   H:\MARTA SAVIC - Papuce.mp3
--a--   4224086   H:\MIABOR~1.MP3   H:\Mia Borisavljevic - Ja Bih Se S' Tobom Topila 2011.mp3
--a--   5267456   H:\MILANT~1.MP3   H:\Milan Topalovic - Milan Topalovic - O svemu mi pricaj ti 2010.mp3
--a--   1864386   H:\MILICA~1.MP3   H:\Milica Todorovic 2011 - Sve je uzalud (Novo).mp3
--a--   4959608   H:\NEDELJ~1.MP3   H:\Nedelja popodne.mp3
--a--   5406720   H:\NENADJ~1.MP3   H:\Nena Djurovic - Daj joj moje haljine.mp3
--a--   4042752   H:\OLIVER~1.MP3   H:\Oliver Dragojevic - Tesko te zaboravljam.mp3
--a--   3328361   H:\OLIVER~1.WMA   H:\Oliver Dragojevic-Bez tebe.wma
--a--   4466688   H:\OLIVER~2.MP3   H:\Oliver Mandic - odlazim, a volim te.mp3
--a--   3055434   H:\ORUZJE~1.MP3   H:\Oruzjem protiv Otmicara - Mladicu moj.mp3
--a--   2463031   H:\OTOMIX~1.MP3   H:\otomix cale oco.mp3
--a--   1219054   H:\ottomix.mp3   H:\ottomix.mp3
--a--   3736769   H:\QUEEN-~1.MP3   H:\Queen - You Don't Fool Me.mp3
--a--   5528503   H:\R36DUX~1.MP3   H:\R36duXMrwvk.mp3
--a--   3572919   H:\ROXETT~1.MP3   H:\Roxette - It Must Have Been Love.mp3
--a--   4670865   H:\SAKOPO~1.MP3   H:\Sako Polumenta - 2004 - Nisi nisi ti.mp3
--a--   4792769   H:\SANJAM~1.MP3   H:\Sanja Maletic - 2006 - 02 - Mladji.mp3
--a--   5319925   H:\SAVAGE~1.MP3   H:\Savage Garden - To The Moon & Back.mp3
--a--   3013067   H:\SEKAAL~1.MP3   H:\Seka Aleksic - 2009 - I u vatru, i u vodu - domaci.de.mp3
--a--   3469897   H:\SEKAAL~2.MP3   H:\Seka Aleksic - 2009 - Sto je bilo moje njeno je - domaci.de.mp3
--a--   4319762   H:\SEKAAL~3.MP3   H:\Seka Aleksic - 2010 - Tamo Gde Si Ti [Promo].mp3
--a--   5293654   H:\SEKAAL~4.MP3   H:\Seka Aleksic _ First TV Premiere of Soba 22.mp3
--a--   4978298   H:\SEVERI~1.MP3   H:\Severina - Brad Pitt (Kollex Remix).mp3
--a--   8403615   H:\SEVERI~2.MP3   H:\SEVERINA - BRAD PITT.mp3
--a--   3276844   H:\SEXION~1.MP3   H:\sexion d'assaut - desole.mp3
--a--   3579948   H:\STAMIR~1.MP3   H:\Sta mi radis.mp3
--a--   4607710   H:\STING-~1.MP3   H:\Sting - Desert rose.mp3
--a--   1981962   H:\STOBOM~1.MP3   H:\Stobom našao sam srecu.mp3
--a--   4233834   H:\STRANE~1.MP3   H:\Strane Lagane - 10.mp3
--a--   5730304   H:\STRANE~2.MP3   H:\Strane Lagane - 15.mp3
--a--   4779897   H:\STRANE~3.MP3   H:\Strane Lagane - 9.mp3
--a--   6719309   H:\SVETLA~1.MP3   H:\Svetlana Ceca Raznatovic - IGRACKA SAMOCE - Cela Pesma - 2011.mp3
--a--   3966526   H:\TINAIV~1.MP3   H:\Tina Ivanovic ft. MC Stojan - 2010 - Sexy - domaci.de.mp3
--a--   5074101   H:\TOTOCU~1.MP3   H:\Toto Cutugno - L'Italiano.mp3
--a--   3226702   H:\VERUJE~1.MP3   H:\Verujem-Ne Verujem.MP3
--a--   7377279   H:\ZD70B8~1.MP3   H:\Zdravko Colic - Hotel Balkan.mp3
--a--   274432   H:\87C6~1.DOC   H:\Тржиште аграрних производа.doc
--a--   32768   H:\DIPLOM~1.DOC   H:\DIPLOMSKI POČETAK.doc
--a--   27648   H:\77BD~1.DOC   H:\упутства.doc
--a--   1712100   H:\_SLAVI~1.MP3   H:\[ SLAVICA CUKTERAS - Lomljiva u struku 2011 ].mp3
--a--   1545440   H:\ELVIR&~1.MP3   H:\Elvir & Sladja - Jos uvek smo na vi (2011).mp3
--a--   6147504   H:\ELVIRM~1.MP3   H:\Elvir Mekic ft Juice - Taj ti ne lici (official video).mp3
--a--   7219984   H:\MILENA~1.MP3   H:\Milena Ceranic - Kabriolet (2011).mp3
--a--   6842984   H:\MVPCEL~1.MP3   H:\MVP Celu noc i celi dan (Official Music Video).mp3
--a--   6335834   H:\MIRJAN~1.MP3   H:\Mirjana Mirkovic 2011 - Zasto me ne pogledas.mp3
--a--   7939959   H:\SEVEBR~1.MP3   H:\Seve Bred Bit.mp3
--a--   6029050   H:\BILJAN~1.MP3   H:\Biljana Secivanovic - 2011 - Ne Sizi [Promo].mp3
--a--   5778273   H:\NEMANJ~1.MP3   H:\Nemanja Stevanovic - Nemoj u mene da se kunes.mp3
--a--   7422527   H:\DUNJAI~2.MP3   H:\Dunja Ilic - U dahu.mp3
--a--   6527843   H:\SLOBOD~1.MP3   H:\SLOBODAN VASIC TESKO ME JE IMATI (2011).mp3
--a--   27648   H:\uputstvo.doc   H:\uputstvo.doc

----------------------------------------

========================================
Removed H:
========================================


New device connected at 23.8.2011 20:28:28

Scanning for connected USB mass storage...
----------------------------------------
I: {72179072-3f30-11df-893f-001167c5c534}
Added I:
========================================

Scanning USB mass storage for files...
----------------------------------------
No blocked files found on I:
----------------------------------------
No Autorun.inf files found on I:
No mountpoint found for 72179072-3f30-11df-893f-001167c5c534
----------------------------------------

No Desktop.ini files found on I:
----------------------------------------

No mimics found on drive I:
----------------------------------------

No .lnk/.pif/.com/.scr files found on drive I:
========================================

Processing script
----------------------------------------
72179072-3f30-11df-893f-001167c5c534
Drive letter for GUID: I:
SectionStart = 4
SectionEnd = 7
----------------------------------------
Unhide superhidden for I:\
----------------------------------------
----------------------------------------
Folder list for I:\:
----------------------------------------

--a--   5319925   I:\SAVAGE~1.MP3   I:\Savage Garden - To The Moon & Back.mp3
--a--   9613872   I:\HARISD~1.MP3   I:\Haris Dzinovic - Mustuluk.mp3
--a--   5773754   I:\05OSMA~1.MP3   I:\05 Osman Hadzic-Pustite me.mp3
d----   0   I:\MITARM~1   I:\MITAR MIRIC
d----   0   I:\FLESKA~1   I:\fleska 2
--a--   7444480   I:\NEDELJ~1.MP3   I:\Nedeljko Bajic Baja - Nedeljko Bajic Baja - Dukat u srcu 2010.mp3
--a--   3135785   I:\OSMANH~1.MP3   I:\Osman Hadzic - Ti mene ne volis.mp3
--a--   3991899   I:\BLACK-~1.MP3   I:\Black - Wonderful life.mp3
--a--   2922917   I:\ZAOMIJ~1.MP3   I:\ZAO MI JE ZAO ZAO.mp3
--a--   4477098   I:\AKOJED~1.MP3   I:\ako je do mene ivana.mp3
--a--   3368832   I:\ALENMU~1.MP3   I:\Alen Mukovic - 2009 - Pridji mi - domaci.de.mp3
--a--   4844116   I:\-OSMAN~1.MP3   I:\- Osman Hadzic & Sabrina - 2009 - Poljubi Me [Promo].mp3
--a--   3333642   I:\ACALUK~1.MP3   I:\Aca Lukas - Bele Ruze.mp3
--a--   3777515   I:\DARABU~2.MP3   I:\Dara Bubamara - 2010 - 05 - Izadji sam - domaci.de.mp3
--a--   4245504   I:\DRAGAN~1.MP3   I:\Dragana Mirkovic - Oprosti sto ti smetam.mp3
--a--   3579402   I:\SABANS~1.MP3   I:\Saban Saulic - 2009 - Korak do sna (TV Rip) - domaci.de.mp3
--a--   3073253   I:\IGORLU~1.MP3   I:\Igor Lugonjic - Konobaru vrati pare.mp3
d----   0   I:\GRACKI   I:\GRACKI
--a--   4618994   I:\EROS&T~1.MP3   I:\Eros & Tina Turner - Cose de la vitta.mp3
d----   0   I:\MUZIKA~1   I:\MUZIKA MP3
--a--   3276844   I:\SEXION~1.MP3   I:\sexion d'assaut - desole.mp3
--a--   3752064   I:\IRENEC~1.MP3   I:\Irene Cara - What A Feeling.Mp3
--a--   4353172   I:\KAOMA-~1.MP3   I:\Kaoma - Lambada.mp3
--a--   4224086   I:\MIABOR~1.MP3   I:\Mia Borisavljevic - Ja Bih Se S' Tobom Topila 2011.mp3
--a--   3226212   I:\INDIRA~1.MP3   I:\Indira Radic - 2009 - Zivim Da Zivim Ako Prezivim.mp3
--a--   3736769   I:\QUEEN-~1.MP3   I:\Queen - You Don't Fool Me.mp3
--a--   3572919   I:\ROXETT~1.MP3   I:\Roxette - It Must Have Been Love.mp3
--a--   5073984   I:\SAKOPO~1.MP3   I:\Sako Polumenta - 2009 - Godina nova - domaci.de.mp3
d----   0   I:\OSTALO~1   I:\OSTALO PESME
-r-h-   474   I:\WINAMP~1.XML   I:\winamp_cache_0001.xml

----------------------------------------

========================================
Scan finished!
========================================


Processing script
----------------------------------------
72179072-3f30-11df-893f-001167c5c534
Drive letter for GUID: I:
SectionStart = 4
SectionEnd = 7
----------------------------------------
Unhide superhidden for I:\
----------------------------------------
----------------------------------------
Folder list for I:\:
----------------------------------------

--a--   5319925   I:\SAVAGE~1.MP3   I:\Savage Garden - To The Moon & Back.mp3
--a--   9613872   I:\HARISD~1.MP3   I:\Haris Dzinovic - Mustuluk.mp3
--a--   5773754   I:\05OSMA~1.MP3   I:\05 Osman Hadzic-Pustite me.mp3
d----   0   I:\MITARM~1   I:\MITAR MIRIC
d----   0   I:\FLESKA~1   I:\fleska 2
--a--   7444480   I:\NEDELJ~1.MP3   I:\Nedeljko Bajic Baja - Nedeljko Bajic Baja - Dukat u srcu 2010.mp3
--a--   3135785   I:\OSMANH~1.MP3   I:\Osman Hadzic - Ti mene ne volis.mp3
--a--   3991899   I:\BLACK-~1.MP3   I:\Black - Wonderful life.mp3
--a--   2922917   I:\ZAOMIJ~1.MP3   I:\ZAO MI JE ZAO ZAO.mp3
--a--   4477098   I:\AKOJED~1.MP3   I:\ako je do mene ivana.mp3
--a--   3368832   I:\ALENMU~1.MP3   I:\Alen Mukovic - 2009 - Pridji mi - domaci.de.mp3
--a--   4844116   I:\-OSMAN~1.MP3   I:\- Osman Hadzic & Sabrina - 2009 - Poljubi Me [Promo].mp3
--a--   3333642   I:\ACALUK~1.MP3   I:\Aca Lukas - Bele Ruze.mp3
--a--   3777515   I:\DARABU~2.MP3   I:\Dara Bubamara - 2010 - 05 - Izadji sam - domaci.de.mp3
--a--   4245504   I:\DRAGAN~1.MP3   I:\Dragana Mirkovic - Oprosti sto ti smetam.mp3
--a--   3579402   I:\SABANS~1.MP3   I:\Saban Saulic - 2009 - Korak do sna (TV Rip) - domaci.de.mp3
--a--   3073253   I:\IGORLU~1.MP3   I:\Igor Lugonjic - Konobaru vrati pare.mp3
d----   0   I:\GRACKI   I:\GRACKI
--a--   4618994   I:\EROS&T~1.MP3   I:\Eros & Tina Turner - Cose de la vitta.mp3
d----   0   I:\MUZIKA~1   I:\MUZIKA MP3
--a--   3276844   I:\SEXION~1.MP3   I:\sexion d'assaut - desole.mp3
--a--   3752064   I:\IRENEC~1.MP3   I:\Irene Cara - What A Feeling.Mp3
--a--   4353172   I:\KAOMA-~1.MP3   I:\Kaoma - Lambada.mp3
--a--   4224086   I:\MIABOR~1.MP3   I:\Mia Borisavljevic - Ja Bih Se S' Tobom Topila 2011.mp3
--a--   3226212   I:\INDIRA~1.MP3   I:\Indira Radic - 2009 - Zivim Da Zivim Ako Prezivim.mp3
--a--   3736769   I:\QUEEN-~1.MP3   I:\Queen - You Don't Fool Me.mp3
--a--   3572919   I:\ROXETT~1.MP3   I:\Roxette - It Must Have Been Love.mp3
--a--   5073984   I:\SAKOPO~1.MP3   I:\Sako Polumenta - 2009 - Godina nova - domaci.de.mp3
d----   0   I:\OSTALO~1   I:\OSTALO PESME
-r-h-   474   I:\WINAMP~1.XML   I:\winamp_cache_0001.xml

----------------------------------------

========================================
Removed I:
========================================


New device connected at 23.8.2011 20:29:55

Scanning for connected USB mass storage...
----------------------------------------
H: {2a5a1a16-8689-11df-89d1-001167c5c534}
Added H:
========================================

Scanning USB mass storage for files...
----------------------------------------
No blocked files found on H:
----------------------------------------
No Autorun.inf files found on H:
No mountpoint found for 2a5a1a16-8689-11df-89d1-001167c5c534
----------------------------------------

----------------------------------------
Desktop.ini found at H:\CUJICE\ contains interesting CLSID string
----------------------------------------
[.ShellClassInfo]
CLSID={645FF040-5081-101B-9F08-00AA002F954E}
----------------------------------------
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\Otvori CCleaner...\command,@ = C:\Program Files\CCleaner\ccleaner.exe
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\Pokreni CCleaner\command,@ = C:\Program Files\CCleaner\ccleaner.exe /AUTO
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\Otvori CCleaner...\command,@ = C:\Program Files\CCleaner\ccleaner.exe
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\Pokreni CCleaner\command,@ = C:\Program Files\CCleaner\ccleaner.exe /AUTO
----------------------------------------
Desktop.ini found at H:\NOCHIMA\ contains interesting CLSID string
----------------------------------------
[.ShellClassInfo]
CLSID={645FF040-5081-101B-9F08-00AA002F954E}
----------------------------------------
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\Otvori CCleaner...\command,@ = C:\Program Files\CCleaner\ccleaner.exe
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\Pokreni CCleaner\command,@ = C:\Program Files\CCleaner\ccleaner.exe /AUTO
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\Otvori CCleaner...\command,@ = C:\Program Files\CCleaner\ccleaner.exe
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\Pokreni CCleaner\command,@ = C:\Program Files\CCleaner\ccleaner.exe /AUTO
----------------------------------------

No mimics found on drive H:
----------------------------------------

No .lnk/.pif/.com/.scr files found on drive H:
========================================

Processing script
----------------------------------------
2a5a1a16-8689-11df-89d1-001167c5c534
Drive letter for GUID: H:
SectionStart = 8
SectionEnd = 10
----------------------------------------
Unhide superhidden for H:\
----------------------------------------
----------------------------------------
Folder list for H:\:
----------------------------------------

d----   0   H:\NOVOOO   H:\NOVOOO
dra--   0   H:\CUJICE   H:\CUJICE
dra--   0   H:\NOCHIMA   H:\NOCHIMA
-ra--   3   H:\_111_.txt   H:\_111_.txt
d----   0   H:\SVASTA   H:\SVASTA
-r-h-   474   H:\WINAMP~1.XML   H:\winamp_cache_0001.xml
dra--   0   H:\mitra   H:\mitra

----------------------------------------

========================================
Scan finished!
========================================


Processing script
----------------------------------------
2a5a1a16-8689-11df-89d1-001167c5c534
Drive letter for GUID: H:
SectionStart = 8
SectionEnd = 10
----------------------------------------
Unhide superhidden for H:\
----------------------------------------
----------------------------------------
Folder list for H:\:
----------------------------------------

d----   0   H:\NOVOOO   H:\NOVOOO
dra--   0   H:\CUJICE   H:\CUJICE
dra--   0   H:\NOCHIMA   H:\NOCHIMA
-ra--   3   H:\_111_.txt   H:\_111_.txt
d----   0   H:\SVASTA   H:\SVASTA
-r-h-   474   H:\WINAMP~1.XML   H:\winamp_cache_0001.xml
dra--   0   H:\mitra   H:\mitra

----------------------------------------

========================================
Removed H:
========================================

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Dobro je, u buduce pazi i ne klikci na sumnjive linkove, takodje i bratu da kazes.
Zar ti nije sumnjivo da ti se prijatelj obraca na Engleskom jeziku?

Samo mi kazi da li je sada sve u redu, pa da ti dam jos jedno uputstvo i da zavrsavamo.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Napisano: 23 Avg 2011 22:43

Izgleda da je u redu. Maločas mi je izbacio neki problem sa MIcrosoft Wordom. Išla sam na send raport, više mi se to nije javljalo. Malo mi sporo radi internet,mada ne kao sinoć sporo, ono sinoć je bilo katastrvofa. Sporo otvara strane, prvo pise blank page i nema ništa, pa tek kasnije otvori.

Dopuna: 23 Avg 2011 22:50

Ja nemam profil ali sam ušla na bratov, i zaista juče stigla mu je poruka "Hi", mada ima običaj da tako piše društvu pa mi nije bilo sumnjivo. Ja sam odgovorila da nije on nego ja gledam stranicu, i stiglo mu je na engleskom jeziku nešto, nekoliko poruka na engleskom i neki link prikačen. Zaista mi je bilo čudno. Da li to da obrišem, ostalo mu je u porukama da ne izazove problem?

Hvala vam puno. Nisam spavala cele noći, komp mi je bio na izdisaju, da nije bilo vas, ništa.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Citat:Zaista mi je bilo čudno. Da li to da obrišem, ostalo mu je u porukama da ne izazove problem?

Obavezno obrisi, to je trojanac.



Potrebno je deinstalirati ComboFix:
klikni start (ili ), a zatim RUN.

Na Visti koristiti Start Search polje ukoliko Run nije dostupan.

U liniju za unos teksta ukucaj (iskopiraj) sledeće:

ComboFix /Uninstall

Primeti da postoji razmak između "ComboFix" i "/Uninstall".



a zatim klikni OK (ili pritisni Enter).

Sačekaj da se proces deinstalacije završi.


--------------------------------------------


Preuzmi TFC (Temp File Cleaner) i sacuvaj ga na Desktop.

Dvoklikom pokreni program i klikni na dugme Start da bi dozvolio programu da otpocne skeniranje.
Kada program zavrsi skeniranje,mozda ce zatraziti da restartujes racunar. Dozvoli mu.


- Preporucujem ti da instaliras Service Pack 3 za Windows XP tj. update-ujes svoj Operativni Sistem. Necu govoriti o njegovim prednostima u odnosu na Service Pack 2. Te informacije mozes naci na MS-ovom sajtu. Uglavnom, MS je 13.jula 2010 prekinuo podrsku za Service Pack 2 koji je instaliran na tvom racunaru.

Sta to znaci? Pogledaj link: http://windows.microsoft.com/en-US/windows/help/what-does-end-of-support-mean;

**** Ukoliko se odlucis na ovaj korak (instaliranje SP3), preporucujem ti da prethodno uradis backup svih bitnih podataka.



- Preporucujem da za zastitu USB memorijskih uredjaja koristis MCShield. Nema nikakve veze sa AntiVirus-om tj. nece ometati njegov rad a pokazao se kao jedan od najboljih vida zastite od malware-a koji se prenosi putem USB mem. uredjaja.

Skines, instaliras, ubodes USB mem. uredjaj, izvrsi se skeniranje nakon cega dobijes obavestenje da je uredjaj cist (ukoliko je stvarno tako); ili dobijes log u kome vidis informacije o malware-u koji je nadjen i obrisan.


Home Page MCShield-a: http://amf.mycity.rs/programs/mc/mcshield/

Vise o MCShield-u mozes saznati u ovoj temi: http://www.mycity.rs/Antispyware-programi/MCShield.html

• 1Ovo se svidja korisniku: ThePhilosopher
  
  Registruj se da bi pohvalio/la poruku!

Sve to sam odradila. Hvala najlepše. Najbolji ste. Ovde kod mene samo na jednom mestu mogu da odnesem računar a taj čovek sve probleme (misli) da rešava obaranjem sistema.

Veliki pozdrav.