Problem

3

Problem

offline
  • Pridružio: 26 Dec 2007
  • Poruke: 612
  • Gde živiš: Beograd

https://www.mycity.rs/must-login.png
Evo ga,moram ti takođe napomenuti da svaki put kada podignem sistem bilo gde da uđem,bilo to my computer,mozilla... samo otvaranje programa traje po 2-3 sek,ali samo prvi put,posle je sve kako bi trebalo,ne znam da li ovo šta znači.


Fix started @ 12:44:41, 07/01/2010

Checking loading points... Traces found!

Checking files... Win32/Rimecud detected!

Deleting C:\RECYCLER\S-1-5-21-6518263207-1503100652-957131355-7910\nissan.exe >>> Failed

Attempting to deactivate... Success!

Rechecking loading points... Traces found!

Checking files... OK.

Performing cleanup...

Global loading point removed.

Current user's loading point removed.

»»»»»» Finished!

»»»»»» Anti-nissan v1.0 by dr_Bora
==================================

offline
  • Pridružio: 04 Jan 2009
  • Poruke: 2168

Sad prvo pokreni USBNoRisk i sačekaj da završi inicijalno skeniranje (desetak sekundi), pa tek onda priključi usb uređaj i postavi mi log.

offline
  • Pridružio: 26 Dec 2007
  • Poruke: 612
  • Gde živiš: Beograd

Napisano: 07 Jan 2010 13:34

Prethodni post ,tako sam i odradio.

Dopuna: 07 Jan 2010 13:40

Ali evo opet
https://www.mycity.rs/must-login.png



USBNoRisk 2.5 (26 July 2009) by bobby

Started at 07/01/2010 13:36:18

Searching for connected USB Mass storage...
----------------------------------------
========================================

Searching for other storage...
----------------------------------------
C: {0d16991c-912c-11dd-a6dd-806d6172696f}
D: {0d16991d-912c-11dd-a6dd-806d6172696f}
========================================


Scanning fixed storage...
----------------------------------------

No blocked files found on C:
No Autorun.inf files found on C:
No mountpoint found for C:
No mountpoint found for 0d16991c-912c-11dd-a6dd-806d6172696f
No Desktop.ini files found on C:
----------------------------------------

No blocked files found on D:
No Autorun.inf files found on D:
No mountpoint found for D:
No mountpoint found for 0d16991d-912c-11dd-a6dd-806d6172696f
No Desktop.ini files found on D:
----------------------------------------

========================================
Initial scan finished!
========================================


New device connected at 07/01/2010 13:36:30

Scanning for connected USB mass storage...
----------------------------------------
G: {5bc868a4-aa83-11dd-bf80-0022156347f2}
Added G:
========================================

Scanning USB mass storage for files...
----------------------------------------
Blocked file found: G:\autorun.inf.blocked
----------------------------------------
Content of G:\autorun.inf.blocked
----------------------------------------
;M=õs???èt??té?ì?üFLíwú?d????L??ð???y/??sÉÖÖd?ðseAc???Â??è?dE-X?e?Ïí?àm????l?ú???Òb?éEeÁF?}ÃÇ
[autorun
;kÜE?ñ<ýI,ýµ%ì\?
;ø???Ø$?Þm$??r?ù?Ê??^?|æÏrW?dv?+??þÿá-Jw?ò?ÃõCò?M?wÍ?ås
open=SLATKO/torta.exe
;ñ?v?$Vt?úý
;??Z??N?xòF?<Z&?vYK?ð?x?aL??wT%?ô?wJ?>wröZ???mbñ?bL@???ÊEð?rÔ?Ú?s?QÈ`??j(?è??ì?ð?a?Fm???yst?
icon=%SystemRoot%\system32\SHELL32.dll,4
;QåRta??v?:ñts+/ÒÊ?ñ?µ
action=Open folder to view files using Windows Explorer
;?åÚ?r?Â?Äú?dM
shell\\open\\command=SLATKO/torta.exe
;?TQ?ØXòàmx?AÖà??wÿ?Â?}?C|fìÖ?ìùoLa?ÁOev?µ??Ý????ùýyv??Xlñ??Rx?è??ë??XIMB?W??
shell\\explore\\command=SLATKO/torta.exe
;ÀìmJdO?dm?ðñ????
useautoplay=1
;ø???Ø$?Þm$??r?=K.??<nà÷
----------------------------------------

Files referenced from G:\autorun.inf.blocked
----------------------------------------
None
----------------------------------------

----------------------------------------
autorun.inf found on G:
----------------------------------------
File G:\autorun.inf renamed successfully

Content of G:\autorun(1).inf.blocked
----------------------------------------
;M=õs???èt??té?ì?üFLíwú?d????L??ð???y/??sÉÖÖd?ðseAc???Â??è?dE-X?e?Ïí?àm????l?ú???Òb?éEeÁF?}ÃÇ
[autorun
;kÜE?ñ<ýI,ýµ%ì\?
;ø???Ø$?Þm$??r?ù?Ê??^?|æÏrW?dv?+??þÿá-Jw?ò?ÃõCò?M?wÍ?ås
open=SLATKO/torta.exe
;ñ?v?$Vt?úý
;??Z??N?xòF?<Z&?vYK?ð?x?aL??wT%?ô?wJ?>wröZ???mbñ?bL@???ÊEð?rÔ?Ú?s?QÈ`??j(?è??ì?ð?a?Fm???yst?
icon=%SystemRoot%\system32\SHELL32.dll,4
;QåRta??v?:ñts+/ÒÊ?ñ?µ
action=Open folder to view files using Windows Explorer
;?åÚ?r?Â?Äú?dM
shell\\open\\command=SLATKO/torta.exe
;?TQ?ØXòàmx?AÖà??wÿ?Â?}?C|fìÖ?ìùoLa?ÁOev?µ??Ý????ùýyv??Xlñ??Rx?è??ë??XIMB?W??
shell\\explore\\command=SLATKO/torta.exe
;ÀìmJdO?dm?ðñ????
useautoplay=1
;ø???Ø$?Þm$??r?=K.??<nà÷
----------------------------------------

Files referenced from G:\autorun(1).inf.blocked
----------------------------------------
None
----------------------------------------

Sanitized mountpoint for 5bc868a4-aa83-11dd-bf80-0022156347f2
----------------------------------------

----------------------------------------
Desktop.ini found at G:\SLATKO\ contains interesting CLSID string
----------------------------------------
[.ShellClassInfo]
CLSID={645FF040-5081-101B-9F08-00AA002F954E}
----------------------------------------
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\Otvori CCleaner...\command,@ = C:\Program Files\CCleaner\ccleaner.exe
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\Pokreni CCleaner\command,@ = C:\Program Files\CCleaner\ccleaner.exe /AUTO
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\TuneUp Undelete\Command,@ = "C:\Program Files\TuneUp Utilities 2009\Undelete.exe"
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\Otvori CCleaner...\command,@ = C:\Program Files\CCleaner\ccleaner.exe
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\Pokreni CCleaner\command,@ = C:\Program Files\CCleaner\ccleaner.exe /AUTO
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\TuneUp Undelete\Command,@ = "C:\Program Files\TuneUp Utilities 2009\Undelete.exe"
----------------------------------------

No mimics found on drive G:
========================================

offline
  • Pridružio: 04 Jan 2009
  • Poruke: 2168

- Pokrenuti USBNoRisk i sačekati da izvrši inicijalno skeniranje.

- Po završetku inicijalnog skeniranja priključiti USB memorijski uređaj.

- Kliknuti na karticu Script;

U beli okvir prozora iskopirati sledeći tekst:

{5bc868a4-aa83-11dd-bf80-0022156347f2}
delete_blocked:
f_delete:%DRIVE%SLATKO/torta.exe
folder_list:%DRIVE%


- Izvršiti komandu klikom na taster Run Script;



Po izvršenju komande USBNoRisk će se automatski vratiti na karticu Monitor;

- Uraditi desni klik unutar belog okvira prozora i odabrati opciju Save Log;

Otvoriće se prozor Notepad_a sa tekstom koji je potrebno iskopirati ovde u poruci.

offline
  • Pridružio: 26 Dec 2007
  • Poruke: 612
  • Gde živiš: Beograd

Napisano: 07 Jan 2010 20:23

https://www.mycity.rs/must-login.png
Izvoli

Dopuna: 07 Jan 2010 20:23

USBNoRisk 2.5 (26 July 2009) by bobby

Started at 07/01/2010 20:18:11

Searching for connected USB Mass storage...
----------------------------------------
========================================

Searching for other storage...
----------------------------------------
C: {0d16991c-912c-11dd-a6dd-806d6172696f}
D: {0d16991d-912c-11dd-a6dd-806d6172696f}
========================================


Scanning fixed storage...
----------------------------------------

No blocked files found on C:
No Autorun.inf files found on C:
No mountpoint found for C:
No mountpoint found for 0d16991c-912c-11dd-a6dd-806d6172696f
No Desktop.ini files found on C:
----------------------------------------

No blocked files found on D:
No Autorun.inf files found on D:
No mountpoint found for D:
No mountpoint found for 0d16991d-912c-11dd-a6dd-806d6172696f
No Desktop.ini files found on D:
----------------------------------------

========================================
Initial scan finished!
========================================


New device connected at 07/01/2010 20:18:32

Scanning for connected USB mass storage...
----------------------------------------
G: {5bc868a4-aa83-11dd-bf80-0022156347f2}
Added G:
========================================

Scanning USB mass storage for files...
----------------------------------------
Blocked file found: G:\autorun.inf.blocked
----------------------------------------

offline
  • Pridružio: 04 Jan 2009
  • Poruke: 2168

Moraćemo još jednom da ponovimo...



- Pokrenuti USBNoRisk i sačekati da izvrši inicijalno skeniranje.

- Po završetku inicijalnog skeniranja priključiti USB memorijski uređaj.

- Kliknuti na karticu Script;

U beli okvir prozora iskopirati sledeći tekst:

{5bc868a4-aa83-11dd-bf80-0022156347f2}
no_sh:
f_delete:%DRIVE%SLATKO\torta.exe
folder_list:%DRIVE%


- Izvršiti komandu klikom na taster Run Script;



Po izvršenju komande USBNoRisk će se automatski vratiti na karticu Monitor;

- Uraditi desni klik unutar belog okvira prozora i odabrati opciju Save Log;

Otvoriće se prozor Notepad_a sa tekstom koji je potrebno iskopirati ovde u poruci.

offline
  • Pridružio: 26 Dec 2007
  • Poruke: 612
  • Gde živiš: Beograd

USBNoRisk 2.5 (26 July 2009) by bobby

Started at 07/01/2010 20:45:22

Searching for connected USB Mass storage...
----------------------------------------
========================================

Searching for other storage...
----------------------------------------
C: {0d16991c-912c-11dd-a6dd-806d6172696f}
D: {0d16991d-912c-11dd-a6dd-806d6172696f}
========================================


Scanning fixed storage...
----------------------------------------

No blocked files found on C:
No Autorun.inf files found on C:
No mountpoint found for C:
No mountpoint found for 0d16991c-912c-11dd-a6dd-806d6172696f
No Desktop.ini files found on C:
----------------------------------------

No blocked files found on D:
No Autorun.inf files found on D:
No mountpoint found for D:
No mountpoint found for 0d16991d-912c-11dd-a6dd-806d6172696f
No Desktop.ini files found on D:
----------------------------------------

========================================
Initial scan finished!
========================================


New device connected at 07/01/2010 20:45:42

Scanning for connected USB mass storage...
----------------------------------------
G: {5bc868a4-aa83-11dd-bf80-0022156347f2}
Added G:

offline
  • Pridružio: 04 Jan 2009
  • Poruke: 2168

Iskopirao si mi pola loga.


Idi na C:\ particiju, tamo ćeš pronaći folder USBNoRisk;


Otvori taj folder USBNoRisk i pronađi tekstualni file USBNoRisk.txt.

C:\USBNoRisk\USBNoRisk.txt

Taj log mi okači u poruci.


Obrati pažnju, jer u tom folderu se nalazi više ovakvih file_ova, meni treba samo ovaj koji sam naveo...bez brojeva u njegovom nazivu.

offline
  • Pridružio: 26 Dec 2007
  • Poruke: 612
  • Gde živiš: Beograd

Da da moja greška izvini.
USBNoRisk 2.5 (26 July 2009) by bobby

Started at 07/01/2010 21:52:34

Searching for connected USB Mass storage...
----------------------------------------
========================================

Searching for other storage...
----------------------------------------
C: {0d16991c-912c-11dd-a6dd-806d6172696f}
D: {0d16991d-912c-11dd-a6dd-806d6172696f}
========================================


Scanning fixed storage...
----------------------------------------

No blocked files found on C:
No Autorun.inf files found on C:
No mountpoint found for C:
No mountpoint found for 0d16991c-912c-11dd-a6dd-806d6172696f
No Desktop.ini files found on C:
----------------------------------------

No blocked files found on D:
No Autorun.inf files found on D:
No mountpoint found for D:
No mountpoint found for 0d16991d-912c-11dd-a6dd-806d6172696f
No Desktop.ini files found on D:
----------------------------------------

========================================
Initial scan finished!
========================================


New device connected at 07/01/2010 21:52:48

Scanning for connected USB mass storage...
----------------------------------------
G: {5bc868a4-aa83-11dd-bf80-0022156347f2}
Added G:
========================================

Scanning USB mass storage for files...
----------------------------------------
No blocked files found on G:
----------------------------------------
No Autorun.inf files found on G:
No mountpoint found for 5bc868a4-aa83-11dd-bf80-0022156347f2
----------------------------------------

----------------------------------------
Desktop.ini found at G:\SLATKO\ contains interesting CLSID string
----------------------------------------
[.ShellClassInfo]
CLSID={645FF040-5081-101B-9F08-00AA002F954E}
----------------------------------------
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\Otvori CCleaner...\command,@ = C:\Program Files\CCleaner\ccleaner.exe
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\Pokreni CCleaner\command,@ = C:\Program Files\CCleaner\ccleaner.exe /AUTO
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\TuneUp Undelete\Command,@ = "C:\Program Files\TuneUp Utilities 2009\Undelete.exe"
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\Otvori CCleaner...\command,@ = C:\Program Files\CCleaner\ccleaner.exe
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\Pokreni CCleaner\command,@ = C:\Program Files\CCleaner\ccleaner.exe /AUTO
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\TuneUp Undelete\Command,@ = "C:\Program Files\TuneUp Utilities 2009\Undelete.exe"
----------------------------------------

No mimics found on drive G:
========================================


Processing script
----------------------------------------
5bc868a4-aa83-11dd-bf80-0022156347f2
Drive letter for GUID: G:
SectionStart = 0
SectionEnd = 4
----------------------------------------
Unhide superhidden for G:\
----------------------------------------
f_delete: G:\SLATKO\torta.exe > File does not exist!
----------------------------------------
Folder list for G:\:
----------------------------------------

dra--   0   G:\SLATKO   G:\SLATKO

----------------------------------------


Processing script
----------------------------------------
5bc868a4-aa83-11dd-bf80-0022156347f2
Drive letter for GUID: G:
SectionStart = 0
SectionEnd = 4
----------------------------------------
Unhide superhidden for G:\
----------------------------------------
f_delete: G:\SLATKO\torta.exe > File does not exist!
----------------------------------------
Folder list for G:\:
----------------------------------------

dra--   0   G:\SLATKO   G:\SLATKO

----------------------------------------

offline
  • Pridružio: 04 Jan 2009
  • Poruke: 2168

Sada možeš slobodno da otvoriš usb uređaj i ručno obrišeš folder SLATKO.

Javi mi kakvo je sada stanje i isprati sledeće uputstvo...



Potrebno je deinstalirati AVZ Antiviral Toolkit.
Pokreni AVZ (dvoklikom na ikonicu);

U meniju izaberi File>Standard Scripts;

U prozoru koji se otvori štikliraj opciju 6 i klikni na Execute Selected Scripts;

Klikni Yes;

Po završetku postupka dobićeš obaveštenje: Script Executed;

Izađi iz programa i obriši folder gde je program raspakovan.

Ko je trenutno na forumu
 

Ukupno su 827 korisnika na forumu :: 10 registrovanih, 3 sakrivenih i 814 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: Bobrock1, cikadeda, DPera, dragoljub11987, HrcAk47, ILGromovnik, Karla, Kenanjoz, Krvava Devetka, zlaya011