MyCity » Ambulanta -> Arhiva Ambulante » molim za pomoc

molim za pomoc

Napisano na dan: 31.1.2011

Strana:
1
2

molim za pomoc

Sledeća strana

Pagination

Odgovori

Strana:
1
2

sl.miki.2011 Poslao: 31 Jan 2011 14:46 Idi na vrh
offline sl.miki.2011 Novi MyCity građanin Pridružio: 31 Jan 2011 Poruke: 8	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: komp mi se cudno ponasa....cas mi antivirus program pokaze da postoji virus cas ne...kad proverim gde se nalazi virus ne mogu da pronadjem..mis mi se sam aktivira strelica mi skace po celom ekranu...Unapred hvala!!! DDS (Ver_10-12-12.02) - NTFSx86 Run by LANA at 14:16:48,12 on pon 31.01.2011 Internet Explorer: 8.0.6001.18702 Microsoft Windows XP Professional 5.1.2600.2.1250.381.1033.18.895.491 [GMT 1:00] AV: avast! Antivirus Enabled/Updated {7591DB91-41F0-48A3-B128-1A293FD8233D} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup svchost.exe svchost.exe C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Winamp\winampa.exe C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe C:\Program Files\Alwil Software\Avast5\avastUI.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\PROGRA~1\Magentic\bin\MgApp.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\SmartTrust\SmartTrust Personal\Csp\SmartCertmover.exe C:\Program Files\IncrediMail\bin\IMApp.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe svchost.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\Smartscaps.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Documents and Settings\LANA\My Documents\Downloads\dds.com ============== Pseudo HJT Report =============== uStart Page = mail.google.com/mail/?ui=2&shva=1#inbox uSearch Page = hxxp://www.google.com uSearch Bar = hxxp://www.google.com/ie uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13153&gct=&gc=1&q=%s mSearchAssistant = hxxp://www.google.com/ie uURLSearchHooks: DefaultSearchHook Class: {c94e154b-1459-4a47-966b-4b843befc7db} - c:\program files\asksearch\bin\DefaultSearch.dll uURLSearchHooks: N/A: {00a6faf6-072e-44cf-8957-5838f569a31d} - c:\program files\mywebsearch\bar\1.bin\MWSSRCAS.DLL BHO: MyWebSearch Search Assistant BHO: {00a6faf1-072e-44cf-8957-5838f569a31d} - c:\program files\mywebsearch\bar\1.bin\MWSSRCAS.DLL BHO: mwsBar BHO: {07b18ea1-a523-4961-b6bb-170de4475cca} - c:\program files\mywebsearch\bar\1.bin\MWSBAR.DLL BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll TB: My Web Search: {07b18ea9-a523-4961-b6bb-170de4475cca} - c:\program files\mywebsearch\bar\1.bin\MWSBAR.DLL uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" uRun: [IncrediMail] c:\program files\incredimail\bin\IncMail.exe /c uRun: [Magentic] c:\progra~1\magentic\bin\Magentic.exe /c uRun: [AROReminder] c:\program files\advanced registry optimizer\aro.exe -rem uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized uRun: [Nokia Home Server Manager] "c:\program files\nokia\nokia home media server\NHSM.exe" -autostart uRun: [MyWebSearch Email Plugin] c:\progra~1\mywebs~1\bar\1.bin\mwsoemon.exe mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [nwiz] nwiz.exe /install mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [RTHDCPL] RTHDCPL.EXE mRun: [SkyTel] SkyTel.EXE mRun: [Alcmtr] ALCMTR.EXE mRun: [WinampAgent] "c:\program files\winamp\winampa.exe" mRun: [hpbdfawep] c:\program files\hp\dfawep\bin\hpbdfawep.exe 1 mRun: [HP Software Update] "c:\program files\hewlett-packard\hp software update\HPWuSchd.exe" mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe" mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe mRun: [DeviceDiscovery] c:\program files\hewlett-packard\digital imaging\bin\hpotdd01.exe mRun: [zzz_ImInstaller_IncrediMail] "c:\documents and settings\lana\local settings\temp\iminstaller\incredimail\IncrediMail_Install.exe" -startup -product IncrediMail -skip_dialog info -skip_dialog language -report -cluster 573 -msc 74123 -ffmsc 654654 mRun: [Nokia FastStart] "c:\program files\nokia\nokia music\NokiaMusic.exe" /command:faststart mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k mRun: [My Web Search Bar Search Scope Monitor] "c:\progra~1\mywebs~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h mRun: [MyWebSearch Email Plugin] c:\progra~1\mywebs~1\bar\1.bin\mwsoemon.exe mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui dRun: [ctfmon.exe] c:\windows\system32\CTFMON.EXE StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\autoca~1.lnk - c:\program files\common files\autodesk shared\acstart16.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\certif~1.lnk - c:\program files\smarttrust\smarttrust personal\csp\SmartCertmover.exe IE: &Search - edits.mywebsearch.com/toolbaredits/menusear.....2011011805 IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204 DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {62789780-B744-11D0-986B-00609731A21D} - hxxp://mapa.urbel.com/beoinfo/ActiveX/mgaxctrl.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll ============= SERVICES / DRIVERS =============== R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-1-21 294608] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-1-21 17744] R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2011-1-21 40384] R3 EZUSB;EZUSB PC/SC Smart Card Reader;c:\windows\system32\drivers\ezusb.sys [2008-6-20 57356] S1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys --> c:\windows\system32\drivers\nod32drv.sys [?] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-10-9 133104] S2 MyWebSearchService;My Web Search Service;c:\progra~1\mywebs~1\bar\1.bin\mwssvc.exe [2011-1-18 28762] S2 SSPORT;SSPORT;\??\c:\windows\system32\drivers\ssport.sys --> c:\windows\system32\drivers\SSPORT.sys [?] =============== File Associations =============== .scr=AutoCADScriptFile =============== Created Last 30 ================ 2011-01-21 12:49:43 38848 ----a-w- c:\windows\avastSS.scr 2011-01-18 10:58:00 32768 ----a-w- c:\windows\system32\f3PSSavr.scr 2011-01-18 10:58:00 -------- d-----w- c:\program files\FunWebProducts 2011-01-18 10:57:43 -------- d-----w- c:\program files\MyWebSearch ==================== Find3M ==================== 2011-01-18 11:03:01 249856 ------w- c:\windows\Setup1.exe 2011-01-18 11:02:58 73216 ----a-w- c:\windows\ST6UNST.EXE 2010-11-22 11:33:02 4096 ----a-w- c:\windows\system32\Ry4CoInst.dll ============= FINISH: 14:17:47,25 =============== mycity.rs/must-login.png mycity.rs/must-login.png

Profil

1l padr1n0 Poslao: 31 Jan 2011 14:53 Idi na vrh
offline 1l padr1n0 Anti Malware Fighter Rank 2 Pridružio: 02 Feb 2008 Poruke: 14018 Gde živiš: Nish	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav sl.miki.2011! U toku resavanja slucaja, zamolio bih te da se pridrzavas sledeceg: Detaljno citati moja uputstva (ili uputstva kolega koji ce me zamenjivati) i raditi iskljucivo po njima; Ne traziti istovremeno pomoc na drugom mestu; Nemoj koristiti druge programe za uklanjanje malware-a, osim onih za koje budes dobio uputstvo; U toku intervencije ne koristiti USB memorijske uredjaje, dok to ne budem zatrazio; Ukoliko ne odgovorim u roku od 48h, osvezi temu novim post-om; Ukoliko se ne javis u roku od 5 dana, zatvoricemo slucaj. Za vise informacija o pravilima Ambulante MyCity foruma: LINK ------------------------------------------------------------------------------------- Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop: Bleeping Computer Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: deaktiviraj zaštitni softver (uputstvo); zatvori pokrenute programe; dvoklikom pokreni program ComboFix. U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste. prikazati DISCLAIMER OF WARRANTY ON SOFTWARE: klikni Yes kako bi proces bio nastavljen.ako Recovery Console nije instalirana, ponuditi instalaciju: obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku. goran9888 (AMF Tim)

Profil

sl.miki.2011 Poslao: 31 Jan 2011 15:45 Idi na vrh
offline sl.miki.2011 Novi MyCity građanin Pridružio: 31 Jan 2011 Poruke: 8	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 11-01-30.02 - LANA 31.01.2011 15:24:57.2.1 - x86 Microsoft Windows XP Professional 5.1.2600.2.1250.381.1033.18.895.383 [GMT 1:00] Running from: c:\documents and settings\LANA\My Documents\Downloads\ComboFix.exe AV: avast! Antivirus Disabled/Updated {7591DB91-41F0-48A3-B128-1A293FD8233D} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Autorun.inf c:\documents and settings\LANA\Application Data\PriceGong c:\documents and settings\LANA\Application Data\PriceGong\Data\1.xml c:\documents and settings\LANA\Application Data\PriceGong\Data\a.xml c:\documents and settings\LANA\Application Data\PriceGong\Data\b.xml c:\documents and settings\LANA\Application Data\PriceGong\Data\c.xml c:\documents and settings\LANA\Application Data\PriceGong\Data\d.xml c:\documents and settings\LANA\Application Data\PriceGong\Data\e.xml c:\documents and settings\LANA\Application Data\PriceGong\Data\f.xml c:\documents and settings\LANA\Application Data\PriceGong\Data\g.xml c:\documents and settings\LANA\Application Data\PriceGong\Data\h.xml c:\documents and settings\LANA\Application Data\PriceGong\Data\i.xml c:\documents and settings\LANA\Application Data\PriceGong\Data\J.xml c:\documents and settings\LANA\Application Data\PriceGong\Data\k.xml c:\documents and settings\LANA\Application Data\PriceGong\Data\l.xml c:\documents and settings\LANA\Application Data\PriceGong\Data\m.xml c:\documents and settings\LANA\Application Data\PriceGong\Data\mru.xml c:\documents and settings\LANA\Application Data\PriceGong\Data\n.xml c:\documents and settings\LANA\Application Data\PriceGong\Data\o.xml c:\documents and settings\LANA\Application Data\PriceGong\Data\p.xml c:\documents and settings\LANA\Application Data\PriceGong\Data\q.xml c:\documents and settings\LANA\Application Data\PriceGong\Data\r.xml c:\documents and settings\LANA\Application Data\PriceGong\Data\s.xml c:\documents and settings\LANA\Application Data\PriceGong\Data\t.xml c:\documents and settings\LANA\Application Data\PriceGong\Data\u.xml c:\documents and settings\LANA\Application Data\PriceGong\Data\v.xml c:\documents and settings\LANA\Application Data\PriceGong\Data\w.xml c:\documents and settings\LANA\Application Data\PriceGong\Data\x.xml c:\documents and settings\LANA\Application Data\PriceGong\Data\y.xml c:\documents and settings\LANA\Application Data\PriceGong\Data\z.xml c:\documents and settings\LANA\My Documents\Readiris.DUS C:\khq c:\progra~1\MYWEBS~1\bar\1.bin\mwsoemon.exe c:\program files\AskSearch\bin\DefaultSearch.dll c:\program files\FunWebProducts c:\program files\FunWebProducts\Shared\Cache\CursorManiaBtn.html c:\program files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html c:\program files\MyWebSearch c:\program files\MyWebSearch\bar\1.bin\CHROME.MANIFEST c:\program files\MyWebSearch\bar\1.bin\chrome\M3FFXTBR.JAR c:\program files\MyWebSearch\bar\1.bin\F3BKGERR.JPG c:\program files\MyWebSearch\bar\1.bin\F3CJPEG.DLL c:\program files\MyWebSearch\bar\1.bin\F3DTactl.dll c:\program files\MyWebSearch\bar\1.bin\F3HISTSW.DLL c:\program files\MyWebSearch\bar\1.bin\F3HKSTUB.DLL c:\program files\MyWebSearch\bar\1.bin\F3HTmlmu.dll c:\program files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL c:\program files\MyWebSearch\bar\1.bin\F3IMSTUB.DLL c:\program files\MyWebSearch\bar\1.bin\F3POPSWT.DLL c:\program files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR c:\program files\MyWebSearch\bar\1.bin\F3REGHK.DLL c:\program files\MyWebSearch\bar\1.bin\F3REPROX.DLL c:\program files\MyWebSearch\bar\1.bin\F3RESTUB.DLL c:\program files\MyWebSearch\bar\1.bin\F3SCHMON.EXE c:\program files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL c:\program files\MyWebSearch\bar\1.bin\F3SPACER.WMV c:\program files\MyWebSearch\bar\1.bin\F3WALLPP.DAT c:\program files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL c:\program files\MyWebSearch\bar\1.bin\FWPBUDDY.PNG c:\program files\MyWebSearch\bar\1.bin\INSTALL.RDF c:\program files\MyWebSearch\bar\1.bin\M3AUXSTB.DLL c:\program files\MyWebSearch\bar\1.bin\M3DLGHK.DLL c:\program files\MyWebSearch\bar\1.bin\M3HIGHIN.EXE c:\program files\MyWebSearch\bar\1.bin\M3HTml.dll c:\program files\MyWebSearch\bar\1.bin\M3IDLE.DLL c:\program files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE c:\program files\MyWebSearch\bar\1.bin\M3MEDINT.EXE c:\program files\MyWebSearch\bar\1.bin\M3MSG.DLL c:\program files\MyWebSearch\bar\1.bin\M3OUtlcn.dll c:\program files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL c:\program files\MyWebSearch\bar\1.bin\M3SKIN.DLL c:\program files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE c:\program files\MyWebSearch\bar\1.bin\M3SLSRCH.EXE c:\program files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE c:\program files\MyWebSearch\bar\1.bin\M3TPINST.DLL c:\program files\MyWebSearch\bar\1.bin\MWSBAR.DLL c:\program files\MyWebSearch\bar\1.bin\MWSMLBTN.DLL c:\program files\MyWebSearch\bar\1.bin\MWSOEMON.EXE c:\program files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL c:\program files\MyWebSearch\bar\1.bin\MWSOESTB.DLL c:\program files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL c:\program files\MyWebSearch\bar\1.bin\MWSSVC.EXE c:\program files\MyWebSearch\bar\1.bin\MWSUABTN.DLL c:\program files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL c:\program files\MyWebSearch\bar\Avatar\COMMON.F3S c:\program files\MyWebSearch\bar\Cache\00C5ACEB c:\program files\MyWebSearch\bar\Cache\00C5B4CB c:\program files\MyWebSearch\bar\Cache\00C5B642.bin c:\program files\MyWebSearch\bar\Cache\00C5B6DE.bmp c:\program files\MyWebSearch\bar\Cache\00C5B78A.bin c:\program files\MyWebSearch\bar\Cache\00C5B836.bin c:\program files\MyWebSearch\bar\Cache\files.ini c:\program files\MyWebSearch\bar\Game\CHECKERS.F3S c:\program files\MyWebSearch\bar\Game\CHESS.F3S c:\program files\MyWebSearch\bar\Game\REVERSI.F3S c:\program files\MyWebSearch\bar\History\search3 c:\program files\MyWebSearch\bar\icons\CM.ICO c:\program files\MyWebSearch\bar\icons\MFC.ICO c:\program files\MyWebSearch\bar\icons\PSS.ICO c:\program files\MyWebSearch\bar\icons\SMILEY.ICO c:\program files\MyWebSearch\bar\icons\WB.ICO c:\program files\MyWebSearch\bar\icons\ZWINKY.ICO c:\program files\MyWebSearch\bar\Message\COMMON.F3S c:\program files\MyWebSearch\bar\Notifier\COMMON.F3S c:\program files\MyWebSearch\bar\Notifier\DOG.F3S c:\program files\MyWebSearch\bar\Notifier\FISH.F3S c:\program files\MyWebSearch\bar\Notifier\KUNGFU.F3S c:\program files\MyWebSearch\bar\Notifier\LIFEGARD.F3S c:\program files\MyWebSearch\bar\Notifier\MAID.F3S c:\program files\MyWebSearch\bar\Notifier\MAILBOX.F3S c:\program files\MyWebSearch\bar\Notifier\OPERA.F3S c:\program files\MyWebSearch\bar\Notifier\ROBOT.F3S c:\program files\MyWebSearch\bar\Notifier\SEDUCT.F3S c:\program files\MyWebSearch\bar\Notifier\SURFER.F3S c:\program files\MyWebSearch\bar\Overlay\COMMON.F3S c:\program files\MyWebSearch\bar\Settings\prevcfg2.htm c:\program files\MyWebSearch\bar\Settings\s_pid.dat C:\setup.exe c:\windows\system32\autorun.i c:\windows\system32\autorun.in c:\windows\system32\f3PSSavr.scr c:\windows\system32\twunk_32.exe . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_MYWEBSEARCHSERVICE -------\Service_MyWebSearchService ((((((((((((((((((((((((( Files Created from 2010-12-28 to 2011-01-31 ))))))))))))))))))))))))))))))) . 2011-01-21 12:49 . 2011-01-13 08:41 294608 ----a-w- c:\windows\system32\drivers\aswSP.sys 2011-01-21 12:49 . 2011-01-13 08:37 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2011-01-21 12:49 . 2011-01-13 08:40 47440 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2011-01-21 12:49 . 2011-01-13 08:37 23632 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2011-01-21 12:49 . 2011-01-13 08:40 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2011-01-21 12:49 . 2011-01-13 08:39 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys 2011-01-21 12:49 . 2011-01-13 08:37 29392 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2011-01-21 12:49 . 2011-01-13 08:47 38848 ----a-w- c:\windows\avastSS.scr 2011-01-21 12:49 . 2011-01-13 08:47 188216 ----a-w- c:\windows\system32\aswBoot.exe . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-01-18 11:03 . 2010-11-22 10:53 249856 ------w- c:\windows\Setup1.exe 2011-01-18 11:02 . 2010-11-22 10:53 73216 ----a-w- c:\windows\ST6UNST.EXE 2010-11-22 11:33 . 2010-11-22 11:33 4096 ----a-w- c:\windows\system32\Ry4CoInst.dll 2010-11-22 11:33 . 2010-11-22 11:33 22016 ----a-w- c:\windows\system32\drivers\Rockey4.sys 2010-11-22 11:33 . 2010-11-22 11:33 12928 ----a-w- c:\windows\system32\drivers\Rockey4USB.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}] 2010-11-13 20:58 3913000 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-11-13 3913000] [HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-11-13 3913000] [HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-07-01 68856] "IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2008-11-09 243072] "Magentic"="c:\progra~1\Magentic\bin\Magentic.exe" [2008-08-04 488808] "AROReminder"="c:\program files\Advanced Registry Optimizer\aro.exe" [2008-08-22 2084480] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-04-06 26102056] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-30 7634944] "nwiz"="nwiz.exe" [2006-10-30 1622016] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-30 86016] "RTHDCPL"="RTHDCPL.EXE" [2007-07-05 16380416] "SkyTel"="SkyTel.EXE" [2007-06-15 1826816] "WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-04-01 36352] "hpbdfawep"="c:\program files\HP\Dfawep\bin\hpbdfawep.exe" [2007-04-25 954368] "HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" [2003-06-25 49152] "HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2003-10-23 233472] "HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe" [2003-07-28 188416] "DeviceDiscovery"="c:\program files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe" [2003-05-21 229437] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288] "avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2011-01-13 3396624] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360] c:\documents and settings\All Users\Start Menu\Programs\Startup\ AutoCAD Startup Accelerator.lnk - c:\program files\Common Files\Autodesk Shared\acstart16.exe [2004-2-25 10872] Certificate Mover.lnk - c:\program files\SmartTrust\SmartTrust Personal\Csp\SmartCertmover.exe [2008-6-20 126976] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\HP1006MC.EXE"= "c:\\Program Files\\Magentic\\bin\\Magentic.exe"= "c:\\Program Files\\Magentic\\bin\\MgApp.exe"= "c:\\Program Files\\Magentic\\bin\\MgImp.exe"= "c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"= "c:\\Program Files\\IncrediMail\\bin\\ImApp.exe"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Program Files\\ZWCAD 2010 Eng\\ZWCAD.EXE"= "c:\\Program Files\\ZWCAD 2010 Eng\\zwlm_ts.exe"= "c:\\Program Files\\ZWCAD 2010 Eng\\ZWErrorDialog.exe"= "c:\\Program Files\\ZWCAD 2010 Eng\\CrashReportManagement.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "1040:TCP"= 1040:TCP:Akamai NetSession Interface "5000:UDP"= 5000:UDP:Akamai NetSession Interface R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [21.1.2011 13:49 294608] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [21.1.2011 13:49 17744] R3 EZUSB;EZUSB PC/SC Smart Card Reader;c:\windows\system32\drivers\ezusb.sys [20.6.2008 8:04 57356] S1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys --> c:\windows\system32\drivers\nod32drv.sys [?] S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [9.10.2009 14:37 133104] S2 SSPORT;SSPORT;\??\c:\windows\system32\Drivers\SSPORT.sys --> c:\windows\system32\Drivers\SSPORT.sys [?] . Contents of the 'Scheduled Tasks' folder 2011-01-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-10-09 13:37] 2011-01-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-10-09 13:37] 2010-06-24 c:\windows\Tasks\Norton Security Scan for LANA.job - c:\program files\Norton Security Scan\Engine\2.7.3.34\Nss.exe [2010-03-19 11:50] . . ------- Supplementary Scan ------- . uStart Page = mail.google.com/mail/?ui=2&shva=1#inbox uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyOverride = .local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13153&gct=&gc=1&q=%s IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html . . ------- File Associations ------- . .scr=AutoCADScriptFile . - - - - ORPHANS REMOVED - - - - HKCU-Run-Nokia Home Server Manager - c:\program files\Nokia\Nokia Home Media Server\NHSM.exe HKLM-Run-Nokia FastStart - c:\program files\Nokia\Nokia Music\NokiaMusic.exe AddRemove-Wincmd - c:\wincmd\wcuninst.exe *********************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2011-01-31 15:40 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'explorer.exe'(2348-) c:\windows\system32\WININET.dll c:\windows\system32\ieframe.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\Alwil Software\Avast5\AvastSvc.exe c:\windows\System32\SCardSvr.exe c:\windows\system32\RUNDLL32.EXE c:\windows\RTHDCPL.EXE c:\windows\System32\spool\DRIVERS\W32X86\3\HP1006MC.EXE c:\program files\Bonjour\mDNSResponder.exe c:\progra~1\Magentic\bin\MgApp.exe c:\program files\IncrediMail\bin\IMApp.exe c:\windows\system32\nvsvc32.exe c:\windows\system32\Smartscaps.exe c:\windows\system32\wscntfy.exe c:\program files\Skype\Plugin Manager\skypePM.exe . ************************************************************************ . Completion time: 2011-01-31 15:44:46 - machine was rebooted ComboFix-quarantined-files.txt 2011-01-31 14:44 Pre-Run: 43.075.649.536 bytes free Post-Run: 43.643.633.664 bytes free - - End Of File - - 2A2B05E3E2CBCA1AB7EF60268A75EAA4

Profil

1l padr1n0 Poslao: 31 Jan 2011 17:14 Idi na vrh
offline 1l padr1n0 Anti Malware Fighter Rank 2 Pridružio: 02 Feb 2008 Poruke: 14018 Gde živiš: Nish	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! - Preuzmi USBNoRisk na Desktop i pokreni ga duplim klikom na ikonicu programa. - Sacekaj koji sekund dok program izvrsi inicijalno skeniranje. - Ubacuj sve USB memorijske uredjaje redom u USB slot i svaki zadrzi u slotu po 10 sekundi. - Ukoliko imas vise uredjaja za proveru, onda na parcetu papira zapisi kojim redom su ubacivani jer ce nam kasnije trebati taj podatak - Kada zavrsis sa svim uredjajima, klikni desno dugme misa na sred prozora programa i odaberi opciju Save scrambled log. To ce automatski otvoriti log u Notepadu. Iskopiraj nam taj log iz Notepada na forum. Objasnjenje: U USB memorijske uredjaje spadaju svi oni uredjaji koji po prikljucivanju na kompjuter dobijaju svoju oznaku particije. Tu spadaju USB flash drajvovi, eksterni hard-diskovi, memorijske kartice, MP3 i MP4 plejeri, neki mobilni telefoni, neki GPS (navigacioni) uredjaji itd. goran9888 (AMF Tim)

Profil

sl.miki.2011 Poslao: 01 Feb 2011 09:40 Idi na vrh
offline sl.miki.2011 Novi MyCity građanin Pridružio: 31 Jan 2011 Poruke: 8	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! USBNoRisk 2.7 (28 December 2010) by bobby Started at 1.2.2011 9:39:10 Searching for connected USB Mass storage... ---------------------------------------- ======================================== Searching for other storage... ---------------------------------------- C: {56eeeab9-3d52-11dd-917d-806d6172696f} ======================================== Scanning fixed storage... ---------------------------------------- No blocked files found on C: No autorun.inf files found on C: No mountpoint found for C: No mountpoint found for 56eeeab9-3d52-11dd-917d-806d6172696f No Desktop.ini files found on C: ---------------------------------------- autorun.inf found in Qoobox ---------------------------------------- Content of C:\QooBox\Quarantine\C\autorun.inf.vir ---------------------------------------- ;BQ6X3KS1SJ9H719P3A27G850BUA2K7 [autorun] open=wyCyDP.EXe ;4L86G05YZ91HA7R3S6D5O2FLH8G01PE7FD56QNR99ZJM75QMJ1FGMUM40Q4 ;PVTTDLGD9Z5Q1MW6566MBXJ20X3HLX3N0I54B65U1577JV16X52U1IN22V ;V3B8UD0S3Z5A68HFV4698O30AK19S21MHY27JK0EA002R4018A7E72A74IO4U3BE7XR7M4HUZ9CSE shell\open\command=wycyDp.exe shell\open\dEfaULt=1 ;45F27A231FC4BAE1D818015E0B40BDA78E830EEDB727D2C7BFC81571 ;UJ0WC35KUAGD954KD2A ;371482O ---------------------------------------- ======================================== Initial scan finished! ======================================== New device connected at 1.2.2011 9:39:37 Scanning for connected USB mass storage... ---------------------------------------- ======================================== New drive connected, but USBNoRisk can't find it ======================================== New device connected at 1.2.2011 9:39:37 Scanning for connected USB mass storage... ---------------------------------------- G: {36b21241-6db9-11dd-91a5-cc0296ceacd7} Added G: ======================================== Scanning USB mass storage for files... ---------------------------------------- No blocked files found on G: ---------------------------------------- No autorun.inf files found on G: No mountpoint found for 36b21241-6db9-11dd-91a5-cc0296ceacd7 ---------------------------------------- No Desktop.ini files found on G: ---------------------------------------- No mimics found on drive G: ---------------------------------------- .lnk/.pif/.com/.scr files found on drive G: ======================================== New device connected at 1.2.2011 9:39:39 Scanning for connected USB mass storage... ---------------------------------------- ======================================== Scanning USB mass storage for files... ---------------------------------------- No blocked files found on G: ---------------------------------------- No autorun.inf files found on G: No mountpoint found for 36b21241-6db9-11dd-91a5-cc0296ceacd7 ---------------------------------------- No Desktop.ini files found on G: ---------------------------------------- No mimics found on drive G: ---------------------------------------- New device connected at 1.2.2011 9:39:40 Scanning for connected removable storage... ---------------------------------------- ======================================== Scanning removable storage for files... ---------------------------------------- No blocked files found on G: ---------------------------------------- No autorun.inf files found on G: No mountpoint found for 36b21241-6db9-11dd-91a5-cc0296ceacd7 ---------------------------------------- No Desktop.ini files found on G: ---------------------------------------- No mimics found on drive G: ---------------------------------------- .lnk/.pif/.com/.scr files found on drive G: ======================================== .lnk/.pif/.com/.scr files found on drive G: ======================================== ======================================== Removed G: ======================================== New device connected at 1.2.2011 9:39:55 Scanning for connected USB mass storage... ---------------------------------------- H: {541ad7b2-acaa-11dd-9207-001d60ece3a3} Added H: ======================================== Scanning USB mass storage for files... ---------------------------------------- No blocked files found on H: ---------------------------------------- No autorun.inf files found on H: No mountpoint found for 541ad7b2-acaa-11dd-9207-001d60ece3a3 ---------------------------------------- No Desktop.ini files found on H: ---------------------------------------- No mimics found on drive H: ---------------------------------------- No .lnk/.pif/.com/.scr files found on drive H: ======================================== ======================================== Removed H: ======================================== New device connected at 1.2.2011 9:40:14 Scanning for connected USB mass storage... ---------------------------------------- E: {164219ae-48cf-11dd-9166-000fe2245485} Added E: ======================================== Scanning USB mass storage for files... ---------------------------------------- No blocked files found on E: ---------------------------------------- No autorun.inf files found on E: No mountpoint found for 164219ae-48cf-11dd-9166-000fe2245485 ---------------------------------------- ---------------------------------------- Desktop.ini found at E:\RECYCLER\ contains interesting CLSID string ---------------------------------------- [.ShellClassInfo] CLSID={645FF040-5081-101B-9F08-00AA002F954E} ---------------------------------------- HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll ---------------------------------------- No mimics found on drive E: ---------------------------------------- No .lnk/.pif/.com/.scr files found on drive E: ======================================== ======================================== Removed E: ========================================

Profil

1l padr1n0 Poslao: 01 Feb 2011 19:11 Idi na vrh
offline 1l padr1n0 Anti Malware Fighter Rank 2 Pridružio: 02 Feb 2008 Poruke: 14018 Gde živiš: Nish	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Nisi napisao kojim redosledom si prikljucivao USB memorijske uredjaje i koji uredjaji su u pitanju?

Profil

sl.miki.2011 Poslao: 02 Feb 2011 10:40 Idi na vrh
offline sl.miki.2011 Novi MyCity građanin Pridružio: 31 Jan 2011 Poruke: 8	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Tri USB flash-a

Profil

1l padr1n0 Poslao: 02 Feb 2011 15:46 Idi na vrh
offline 1l padr1n0 Anti Malware Fighter Rank 2 Pridružio: 02 Feb 2008 Poruke: 14018 Gde živiš: Nish	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Postupak ponoviti za svaki uredjaj ponaosob - Pokrenuti USBNoRisk i sačekati da izvrši inicijalno skeniranje. - Po završetku inicijalnog skeniranja priključiti USB memorijski uređaj. - Kliknuti na karticu Script; U beli okvir prozora iskopirati sledeći tekst: `{36b21241-6db9-11dd-91a5-cc0296ceacd7} folder_list:%DRIVE% no_sh: {164219ae-48cf-11dd-9166-000fe2245485} folder_delete:%DRIVE%RECYCLER folder_list:%DRIVE% no_sh:` - Izvršiti komandu klikom na taster Run Script; Po izvršenju komande USBNoRisk će se automatski vratiti na karticu Monitor; - Uraditi desni klik unutar belog okvira prozora i odabrati opciju Save Scrambled Log; Otvoriće se prozor Notepad_a sa tekstom koji je potrebno iskopirati ovde u poruci. Kakvo je stanje racunara sada? Ima li i dalje problema? goran9888 (AMF Tim)

Profil

sl.miki.2011 Poslao: 03 Feb 2011 10:30 Idi na vrh
offline sl.miki.2011 Novi MyCity građanin Pridružio: 31 Jan 2011 Poruke: 8	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 03 Feb 2011 10:29 USBNoRisk 2.7 (28 December 2010) by bobby Started at 3.2.2011 10:26:44 Searching for connected USB Mass storage... ---------------------------------------- ======================================== Searching for other storage... ---------------------------------------- C: {56eeeab9-3d52-11dd-917d-806d6172696f} ======================================== Scanning fixed storage... ---------------------------------------- No blocked files found on C: No autorun.inf files found on C: No mountpoint found for C: No mountpoint found for 56eeeab9-3d52-11dd-917d-806d6172696f No Desktop.ini files found on C: ---------------------------------------- autorun.inf found in Qoobox ---------------------------------------- Content of C:\QooBox\Quarantine\C\autorun.inf.vir ---------------------------------------- ;BQ6X3KS1SJ9H719P3A27G850BUA2K7 [autorun] open=wyCyDP.EXe ;4L86G05YZ91HA7R3S6D5O2FLH8G01PE7FD56QNR99ZJM75QMJ1FGMUM40Q4 ;PVTTDLGD9Z5Q1MW6566MBXJ20X3HLX3N0I54B65U1577JV16X52U1IN22V ;V3B8UD0S3Z5A68HFV4698O30AK19S21MHY27JK0EA002R4018A7E72A74IO4U3BE7XR7M4HUZ9CSE shell\open\command=wycyDp.exe shell\open\dEfaULt=1 ;45F27A231FC4BAE1D818015E0B40BDA78E830EEDB727D2C7BFC81571 ;UJ0WC35KUAGD954KD2A ;371482O ---------------------------------------- ======================================== Initial scan finished! ======================================== New device connected at 3.2.2011 10:26:57 Scanning for connected USB mass storage... ---------------------------------------- ======================================== New drive connected, but USBNoRisk can't find it ======================================== New device connected at 3.2.2011 10:26:57 Scanning for connected USB mass storage... ---------------------------------------- G: {36b21241-6db9-11dd-91a5-cc0296ceacd7} Added G: ======================================== Scanning USB mass storage for files... ---------------------------------------- No blocked files found on G: ---------------------------------------- No autorun.inf files found on G: No mountpoint found for 36b21241-6db9-11dd-91a5-cc0296ceacd7 ---------------------------------------- No Desktop.ini files found on G: ---------------------------------------- No mimics found on drive G: ---------------------------------------- .lnk/.pif/.com/.scr files found on drive G: ======================================== New device connected at 3.2.2011 10:27:00 Scanning for connected USB mass storage... ---------------------------------------- ======================================== Scanning USB mass storage for files... ---------------------------------------- No blocked files found on G: ---------------------------------------- No autorun.inf files found on G: No mountpoint found for 36b21241-6db9-11dd-91a5-cc0296ceacd7 ---------------------------------------- No Desktop.ini files found on G: ---------------------------------------- No mimics found on drive G: ---------------------------------------- .lnk/.pif/.com/.scr files found on drive G: ======================================== ======================================== Removed G: ======================================== New device connected at 3.2.2011 10:27:19 Scanning for connected USB mass storage... ---------------------------------------- E: {164219ae-48cf-11dd-9166-000fe2245485} Added E: ======================================== Scanning USB mass storage for files... ---------------------------------------- No blocked files found on E: ---------------------------------------- No autorun.inf files found on E: No mountpoint found for 164219ae-48cf-11dd-9166-000fe2245485 ---------------------------------------- ---------------------------------------- Desktop.ini found at E:\RECYCLER\ contains interesting CLSID string ---------------------------------------- [.ShellClassInfo] CLSID={645FF040-5081-101B-9F08-00AA002F954E} ---------------------------------------- HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll ---------------------------------------- No mimics found on drive E: ---------------------------------------- No .lnk/.pif/.com/.scr files found on drive E: ======================================== ======================================== Removed E: ======================================== Processing script ---------------------------------------- New device connected at 3.2.2011 10:28:43 Scanning for connected USB mass storage... ---------------------------------------- ======================================== New drive connected, but USBNoRisk can't find it ======================================== New device connected at 3.2.2011 10:28:43 Scanning for connected USB mass storage... ---------------------------------------- G: {36b21241-6db9-11dd-91a5-cc0296ceacd7} Added G: ======================================== Scanning USB mass storage for files... ---------------------------------------- No blocked files found on G: ---------------------------------------- No autorun.inf files found on G: No mountpoint found for 36b21241-6db9-11dd-91a5-cc0296ceacd7 ---------------------------------------- No Desktop.ini files found on G: ---------------------------------------- No mimics found on drive G: ---------------------------------------- .lnk/.pif/.com/.scr files found on drive G: ======================================== Processing script ---------------------------------------- 36b21241-6db9-11dd-91a5-cc0296ceacd7 Drive letter for GUID: G: SectionStart = 0 SectionEnd = 4 ---------------------------------------- Folder list for G:\: ---------------------------------------- d---- 0 G:\Sasa G:\Sasa -ra-- 336832 G:\aglerx.exe G:\aglerx.exe -ra-- 336832 G:\duecqm.exe G:\duecqm.exe -ra-- 1336632 G:\LaunchU3.exe G:\LaunchU3.exe d---- 0 G:\NEOPOLIS G:\NEOPOLIS -ra-- 813274 G:\bwapig.exe G:\bwapig.exe dra-- 0 G:\RECYCLER G:\RECYCLER -ra-- 813274 G:\zodvus.exe G:\zodvus.exe -ra-- 813274 G:\lhysoc.exe G:\lhysoc.exe -ra-- 813274 G:\spavke.exe G:\spavke.exe d---- 0 G:\PODIZV~1 G:\Podizvodjaci d---- 0 G:\Petar G:\Petar d---- 0 G:\Fun G:\Fun -ra-- 338806 G:\npcrld.exe G:\npcrld.exe d---- 0 G:\UGOVOR~1 G:\Ugovori o radu d---- 0 G:\ZAELEK~1 G:\Za elektrane d---- 0 G:\Miljan G:\Miljan -ra-- 813274 G:\nnlepd.exe G:\nnlepd.exe --a-- 25600 G:\GAMAMI~1.DOC G:\Gama mid dopis.doc d---- 0 G:\DOKUME~1 G:\Dokumenti razni d--h- 0 G:\System G:\System --a-- 37376 G:\SLNEKR~1.DOC G:\SL NEKRETNINE.doc ---h- 28672 G:\~WRL2730.tmp G:\~WRL2730.tmp -ra-- 813274 G:\dkdywh.exe G:\dkdywh.exe -ra-- 813274 G:\dymfzk.exe G:\dymfzk.exe --a-- 21504 G:\TRGOME~1.DOC G:\TRGOMEN dopis.doc -ra-- 813274 G:\ntykam.exe G:\ntykam.exe -ra-- 813274 G:\diktyd.exe G:\diktyd.exe --a-- 43520 G:\UGOVOR~1.DOC G:\Ugovor za nadzor.doc d---- 0 G:\JOVICA~1 G:\JOVICA - UGOVORI -ra-- 813274 G:\okycti.exe G:\okycti.exe --a-- 33792 G:\OBAVEZ~1.DOC G:\OBAVEZE NA GRADILIŠTU.doc d---- 0 G:\UGOVOR~1.10 G:\UGOVORI 24.05.10 --a-- 37376 G:\SASA-R~1.XLS G:\sasa-RAC-GRIL.xls -ra-- 813274 G:\feroxf.exe G:\feroxf.exe --a-- 75264 G:\UGOPOS~1.DOC G:\Ug o posl teh sar2.doc d---- 0 G:\ZAGRAĐE G:\Zagrađe d---- 0 G:\Felix G:\Felix d---- 0 G:\Muzika G:\Muzika -r-h- 474 G:\WINAMP~1.XML G:\winamp_cache_0001.xml d---- 0 G:\DOCUME~1 G:\Documents ---------------------------------------- Unhide superhidden for G:\ ---------------------------------------- ---------------------------------------- ======================================== Scan finished! ======================================== New device connected at 3.2.2011 10:28:45 Scanning for connected USB mass storage... ---------------------------------------- ======================================== Scanning USB mass storage for files... ---------------------------------------- No blocked files found on G: ---------------------------------------- No autorun.inf files found on G: No mountpoint found for 36b21241-6db9-11dd-91a5-cc0296ceacd7 ---------------------------------------- No Desktop.ini files found on G: ---------------------------------------- No mimics found on drive G: ---------------------------------------- .lnk/.pif/.com/.scr files found on drive G: ======================================== Processing script ---------------------------------------- 36b21241-6db9-11dd-91a5-cc0296ceacd7 Drive letter for GUID: G: SectionStart = 0 SectionEnd = 4 ---------------------------------------- Folder list for G:\: ---------------------------------------- d---- 0 G:\Sasa G:\Sasa -ra-- 336832 G:\aglerx.exe G:\aglerx.exe -ra-- 336832 G:\duecqm.exe G:\duecqm.exe -ra-- 1336632 G:\LaunchU3.exe G:\LaunchU3.exe d---- 0 G:\NEOPOLIS G:\NEOPOLIS -ra-- 813274 G:\bwapig.exe G:\bwapig.exe dra-- 0 G:\RECYCLER G:\RECYCLER -ra-- 813274 G:\zodvus.exe G:\zodvus.exe -ra-- 813274 G:\lhysoc.exe G:\lhysoc.exe -ra-- 813274 G:\spavke.exe G:\spavke.exe d---- 0 G:\PODIZV~1 G:\Podizvodjaci d---- 0 G:\Petar G:\Petar d---- 0 G:\Fun G:\Fun -ra-- 338806 G:\npcrld.exe G:\npcrld.exe d---- 0 G:\UGOVOR~1 G:\Ugovori o radu d---- 0 G:\ZAELEK~1 G:\Za elektrane d---- 0 G:\Miljan G:\Miljan -ra-- 813274 G:\nnlepd.exe G:\nnlepd.exe --a-- 25600 G:\GAMAMI~1.DOC G:\Gama mid dopis.doc d---- 0 G:\DOKUME~1 G:\Dokumenti razni d--h- 0 G:\System G:\System --a-- 37376 G:\SLNEKR~1.DOC G:\SL NEKRETNINE.doc ---h- 28672 G:\~WRL2730.tmp G:\~WRL2730.tmp -ra-- 813274 G:\dkdywh.exe G:\dkdywh.exe -ra-- 813274 G:\dymfzk.exe G:\dymfzk.exe --a-- 21504 G:\TRGOME~1.DOC G:\TRGOMEN dopis.doc -ra-- 813274 G:\ntykam.exe G:\ntykam.exe -ra-- 813274 G:\diktyd.exe G:\diktyd.exe --a-- 43520 G:\UGOVOR~1.DOC G:\Ugovor za nadzor.doc d---- 0 G:\JOVICA~1 G:\JOVICA - UGOVORI -ra-- 813274 G:\okycti.exe G:\okycti.exe --a-- 33792 G:\OBAVEZ~1.DOC G:\OBAVEZE NA GRADILIŠTU.doc d---- 0 G:\UGOVOR~1.10 G:\UGOVORI 24.05.10 --a-- 37376 G:\SASA-R~1.XLS G:\sasa-RAC-GRIL.xls -ra-- 813274 G:\feroxf.exe G:\feroxf.exe --a-- 75264 G:\UGOPOS~1.DOC G:\Ug o posl teh sar2.doc d---- 0 G:\ZAGRAĐE G:\Zagrađe d---- 0 G:\Felix G:\Felix d---- 0 G:\Muzika G:\Muzika -r-h- 474 G:\WINAMP~1.XML G:\winamp_cache_0001.xml d---- 0 G:\DOCUME~1 G:\Documents ---------------------------------------- Unhide superhidden for G:\ ---------------------------------------- ---------------------------------------- ======================================== Scan finished! ======================================== ======================================== Removed G: ======================================== New device connected at 3.2.2011 10:28:57 Scanning for connected USB mass storage... ---------------------------------------- E: {164219ae-48cf-11dd-9166-000fe2245485} Added E: ======================================== Scanning USB mass storage for files... ---------------------------------------- No blocked files found on E: ---------------------------------------- No autorun.inf files found on E: No mountpoint found for 164219ae-48cf-11dd-9166-000fe2245485 ---------------------------------------- ---------------------------------------- Desktop.ini found at E:\RECYCLER\ contains interesting CLSID string ---------------------------------------- [.ShellClassInfo] CLSID={645FF040-5081-101B-9F08-00AA002F954E} ---------------------------------------- HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll ---------------------------------------- No mimics found on drive E: ---------------------------------------- No .lnk/.pif/.com/.scr files found on drive E: ======================================== Processing script ---------------------------------------- 164219ae-48cf-11dd-9166-000fe2245485 Drive letter for GUID: E: SectionStart = 5 SectionEnd = 8 ---------------------------------------- Delete folder tree E:\RECYCLER: ---------------------------------------- Delete: E:\RECYCLER\Desktop.ini > Done! Delete: E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini > Done! Delete: E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013 > Error! Delete: E:\RECYCLER > Error! Delete: E:\RECYCLER > Error! ---------------------------------------- Folder list for E:\: ---------------------------------------- --a-- 26486824 E:\AVASTH~1.EXE E:\Avast Home 4.8.1229.exe --a-- 28 E:\1.txt E:\1.txt -ra-- 59392 E:\DATAĐŞ~1.EXE E:\Data лила.exe -rahs 813274 E:\wjigwx.exe E:\wjigwx.exe dr-hs 0 E:\RECYCLER E:\RECYCLER -rahs 813274 E:\hmpvqz.exe E:\hmpvqz.exe -rahs 813274 E:\rbdaln.exe E:\rbdaln.exe -rahs 813274 E:\wwxrha.exe E:\wwxrha.exe -rahs 446488 E:\hexwur.exe E:\hexwur.exe -rahs 813274 E:\cbccax.exe E:\cbccax.exe -rahs 813274 E:\imhrno.exe E:\imhrno.exe -rahs 813274 E:\zqowdm.exe E:\zqowdm.exe ---------------------------------------- Unhide superhidden for E:\ ---------------------------------------- -ra-- E:\wjigwx.exe > unhidden dra-- E:\RECYCLER > unhidden dra-- E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013 > unhidden -ra-- E:\hmpvqz.exe > unhidden -ra-- E:\rbdaln.exe > unhidden -ra-- E:\wwxrha.exe > unhidden -ra-- E:\hexwur.exe > unhidden -ra-- E:\cbccax.exe > unhidden -ra-- E:\imhrno.exe > unhidden -ra-- E:\zqowdm.exe > unhidden ---------------------------------------- ======================================== Scan finished! ======================================== ======================================== Removed E: ======================================== New device connected at 3.2.2011 10:29:11 Scanning for connected USB mass storage... ---------------------------------------- H: {541ad7b2-acaa-11dd-9207-001d60ece3a3} Added H: ======================================== Scanning USB mass storage for files... ---------------------------------------- No blocked files found on H: ---------------------------------------- No autorun.inf files found on H: No mountpoint found for 541ad7b2-acaa-11dd-9207-001d60ece3a3 ---------------------------------------- No Desktop.ini files found on H: ---------------------------------------- No mimics found on drive H: ---------------------------------------- No .lnk/.pif/.com/.scr files found on drive H: ======================================== Processing script ---------------------------------------- ======================================== Scan finished! ======================================== ======================================== Removed H: ======================================== New device connected at 3.2.2011 10:29:48 Scanning for connected USB mass storage... ---------------------------------------- E: {164219ae-48cf-11dd-9166-000fe2245485} Added E: ======================================== Scanning USB mass storage for files... ---------------------------------------- No blocked files found on E: ---------------------------------------- No autorun.inf files found on E: No mountpoint found for 164219ae-48cf-11dd-9166-000fe2245485 ---------------------------------------- No Desktop.ini files found on E: ---------------------------------------- No mimics found on drive E: ---------------------------------------- No .lnk/.pif/.com/.scr files found on drive E: ======================================== Processing script ---------------------------------------- 164219ae-48cf-11dd-9166-000fe2245485 Drive letter for GUID: E: SectionStart = 5 SectionEnd = 8 ---------------------------------------- Delete folder tree E:\RECYCLER: ---------------------------------------- Delete: E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013 > Error! Delete: E:\RECYCLER > Error! Delete: E:\RECYCLER > Error! ---------------------------------------- Folder list for E:\: ---------------------------------------- --a-- 26486824 E:\AVASTH~1.EXE E:\Avast Home 4.8.1229.exe --a-- 28 E:\1.txt E:\1.txt -ra-- 59392 E:\DATAĐŞ~1.EXE E:\Data лила.exe -ra-- 813274 E:\wjigwx.exe E:\wjigwx.exe dra-- 0 E:\RECYCLER E:\RECYCLER -ra-- 813274 E:\hmpvqz.exe E:\hmpvqz.exe -ra-- 813274 E:\rbdaln.exe E:\rbdaln.exe -ra-- 813274 E:\wwxrha.exe E:\wwxrha.exe -ra-- 446488 E:\hexwur.exe E:\hexwur.exe -ra-- 813274 E:\cbccax.exe E:\cbccax.exe -ra-- 813274 E:\imhrno.exe E:\imhrno.exe -ra-- 813274 E:\zqowdm.exe E:\zqowdm.exe ---------------------------------------- Unhide superhidden for E:\ ---------------------------------------- ---------------------------------------- ======================================== Scan finished! ======================================== ======================================== Removed E: ======================================== Dopuna: 03 Feb 2011 10:30 cini mi se da sada sve normalno funkcionise, samo jos mis tj kursor sam od sebe se pokrece

Profil

1l padr1n0 Poslao: 03 Feb 2011 17:43 Idi na vrh
offline 1l padr1n0 Anti Malware Fighter Rank 2 Pridružio: 02 Feb 2008 Poruke: 14018 Gde živiš: Nish	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ponoviti korak za svaki uredjaj ponaosob - Pokrenuti USBNoRisk i sačekati da izvrši inicijalno skeniranje. - Po završetku inicijalnog skeniranja priključiti USB memorijski uređaj. - Kliknuti na karticu Script; U beli okvir prozora iskopirati sledeći tekst: {36b21241-6db9-11dd-91a5-cc0296ceacd7} f_delete:%DRIVE%aglerx.exe f_delete:%DRIVE%duecqm.exe f_delete:%DRIVE%bwapig.exe f_delete:%DRIVE%zodvus.exe f_delete:%DRIVE%lhysoc.exe f_delete:%DRIVE%spavke.exe f_delete:%DRIVE%npcrld.exe f_delete:%DRIVE%nnlepd.exe f_delete:%DRIVE%~WRL2730.tmp f_delete:%DRIVE%dkdywh.exe f_delete:%DRIVE%dymfzk.exe f_delete:%DRIVE%ntykam.exe f_delete:%DRIVE%diktyd.exe f_delete:%DRIVE%okycti.exe f_delete:%DRIVE%feroxf.exe folder_delete:%DRIVE%RECYCLER folder_list:%DRIVE% {164219ae-48cf-11dd-9166-000fe2245485} f_delete:%DRIVE%RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini f_delete:%DRIVE%Data лила.exe f_delete:%DRIVE%wjigwx.exe f_delete:%DRIVE%hmpvqz.exe f_delete:%DRIVE%rbdaln.exe f_delete:%DRIVE%wwxrha.exe f_delete:%DRIVE%hexwur.exe f_delete:%DRIVE%cbccax.exe f_delete:%DRIVE%imhrno.exe f_delete:%DRIVE%zqowdm.exe folder_delete:%DRIVE%RECYCLER folder_list:%DRIVE% - Izvršiti komandu klikom na taster Run Script; Po izvršenju komande USBNoRisk će se automatski vratiti na karticu Monitor; - Uraditi desni klik unutar belog okvira prozora i odabrati opciju Save Scrambled Log; Otvoriće se prozor Notepad_a sa tekstom koji je potrebno iskopirati ovde u poruci. - Preporucujem ti da za zastitu USB memorijskih uredjaja koristis MCShield. Nema nikakve veze sa AntiVirus-om tj. nece ometati njegov rad a pokazao se kao jedan od najboljih vida zastite od malware-a koji se prenosi putem USB mem. uredjaja. Skines, instaliras, ubodes USB mem. uredjaj, izvrsi se skeniranje nakon cega dobijes obavestenje da je uredjaj cist (ukoliko je stvarno tako); ili dobijes log u kome vidis informacije o malware-u koji je nadjen i obrisan. Home Page MCShield-a: http://amf.mycity.rs/programs/mc/mcshield/ Vise o MCShield-u mozes saznati u ovoj temi: http://www.mycity.rs/Antispyware-programi/MCShield.html Ubodi svaki od USB memorijskih uredjaja i pusti da ih MCShield skenira. Nakon sto ubodes zadnji i zavrsi se skeniranje okaci mi izvestaj AllScans.txt. Start -> Run %UserProfile%\Application Data\MCShield\AllScans.txt -> Enter Posalji mi sadrzaj izvestaja koji ce ti se otvoriti u Notepad-u. Preuzmi instalaciju za program Malwarebytes Anti-Malware sa sledećeg linka: http://www.besttechie.net/tools/mbam-setup.exe Dvoklikom pokreni instalaciju - na samom kraju procesa, proveri da su obeležene opcije: Update Malwarebytes' Anti-Malware; Launch Malwarebytes Anti-Malware; a zatim klikni Finish. Nakon završenog ažuriranja program će se pokrenuti. Izaberi opciju Perform Quick Scan i klikni Scan. Po završetku procesa klikni OK, Show Results: u listi detektovanog malware-a, obeleži sve stavke i klikni Remove Selected. Po završetku procesa, logfile će se otvoriti u Notepad-u; iskopiraj ga u temu na forumu. Ukoliko program zatraži restart kako bi se završio proces čišćenja, obavezno ga dozvoliti. Napomena: ako dođe do restarta na kraju procesa čišćenja, logfile će biti dostupan na Logs kartici (obeleži ga i klikni Open). goran9888 (AMF Tim)

Profil

MyCity » Ambulanta -> Arhiva Ambulante » molim za pomoc

Ko je trenutno na forumu

Ukupno su 665 korisnika na forumu :: 35 registrovanih, 8 sakrivenih i 622 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: amstel2, anbeast, Ben Roj, BORUTUS, DonRumataEstorski, filiphr, GenZee, Georgius, gmlale, goxin, ILGromovnik, kinez88, Krvava Devetka, Kubovac, kuntalo, kybonacci, ljubacv, m0nstrum_, Marko Marković, mikki jons, Mixelotti, nebkv, paja69, Petarvu, sabros, slonic_tonic, Srle993, Tas011, tubular, vasa.93, vaso1, Vlad000, wolverined4, ZetaMan, zlaya011

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by