Kad kliknem da skida on mi samo izbaci sta pise u tom fajlu nece da skine fajl.Ja sam to kopir o i napravio .txt file jel moze tako.
Kad kliknem da skida on mi samo izbaci sta pise u tom fajlu nece da skine fajl.Ja sam to kopir o i napravio .txt file jel moze tako.
otvori notepad i kopiraj sadržaj
zatvori notepad i spremi kao CFScript na desktop i nastavi dalje
Opet radi isti scan kao i bez tog .txt fajla,ali se nakon restarta taj .txt fajl obriso sam.
to je u redu što se obrisao...log mi kopiraj da pogledam..pa idemo dalje ...
za usbstik napravi ovako
-skini ovaj program i spremi na desktop
-pokreni usbnorisk i sačekaj desetak sekundi
-ubaci usb stik u računalo, sačekaj desetak sekundi
-ako imaš više stikova, zapiši koji je prvi, drugi..itd
-nakon toga , desni klik mišem na sred prozora programa i odaberi opciju save log
-log kopiraj
evo ču ti reč što ja iman i štosan inskonbinira protiv tih gamadi i nepoznatih uleta na računalo mogu ti reči da san sasvim zadovoljan i u veljači če bit godinu dana od kako iman tu konbinaciju zaštita i nije mi ništa uspilo zarazit moj pc
anti vir avira u duetu s spyware terminator koji ima ugrađen klam anti vir i da nezafali threatFire koji je potpuno samostalan što se tiče nadzora i upgreda
a svakih 7 dana pročešljam s ovim programima koji traže neke druge stvari ali viruse ne
malwarebytes , spybot -searth&destroj ,ad -advware i kad sve pronjuškan onda kockice posložim s CClener
jednom u dva mjeseca auslogics disc defrag i to je to
ićemo jedan po jedan usbstik, da se ne zbunimo...kad se prvi očisti idemo na drugi itd
prvi stik je ok
drugi stik (log)
- pokreni USBNoRisk i sačekaj desetak sekundi
- ubaci usbstik u računalo
- klik na karticu Script;
-u prazno polje kopiraj ovo
{dd4aa817-0c5d-11e0-83c5-002354c9f562}
folder_list:%DRIVE%
no_sh:
-kik na Run Script
-nakon toga desni klik mišem unutar praznog polja i odaberi opciju Save Scrambled Log
-otvorit će se notepad sa tekstom kojeg ćeš kopirat
Moram sad u skolu veceras cu to uradit...
treći stik (log)
isto tako kao za drugi stik, samo što ćeš ovo kopirati u prazno polje
{0044ac5a-0c06-11e0-aedd-002354c9f562}
folder_list:%DRIVE%
no_sh:
Moram sad u skolu veceras cu to uradit...
u cjeloj eu škola završila a on če u školu
Moram sad u skolu veceras cu to uradit...
u cjeloj eu škola završila a on če u školu
Jesi čuo za popravni ?
Hahahahahha u bih nije skola zavrsena i odlican sam ucenik sto bi iso na popravni.
Evo za DRUGI STICK.
USBNoRisk 2.6 (08 September 2010) by bobby
Started at 12/27/2010 6:33:10 PM
Searching for connected USB Mass storage...
----------------------------------------
========================================
Searching for other storage...
----------------------------------------
C: {1ed1a779-0c50-11e0-8015-806e6f6e6963}
D: {1ed1a77a-0c50-11e0-8015-806e6f6e6963}
========================================
Scanning fixed storage...
----------------------------------------
No blocked files found on C:
No aut[b][/b]orun.inf files found on C:
No mountpoint found for C:
No mountpoint found for 1ed1a779-0c50-11e0-8015-806e6f6e6963
No Desktop.ini files found on C:
----------------------------------------
No blocked files found on D:
No aut[b][/b]orun.inf files found on D:
No mountpoint found for D:
No mountpoint found for 1ed1a77a-0c50-11e0-8015-806e6f6e6963
No Desktop.ini files found on D:
----------------------------------------
========================================
Initial scan finished!
========================================
[b]New device connected at[/b] 12/27/2010 6:33:14 PM
Scanning for connected USB mass storage...
----------------------------------------
G: {dd4aa817-0c5d-11e0-83c5-002354c9f562}
Added G:
========================================
Scanning USB mass storage for files...
----------------------------------------
No blocked files found on G:
----------------------------------------
No aut[b][/b]orun.inf files found on G:
Sanitized mountpoint for dd4aa817-0c5d-11e0-83c5-002354c9f562
----------------------------------------
----------------------------------------
Desktop.ini found at G:\storage\ contains interesting CLSID string
----------------------------------------
[.ShellClassInfo]
CLSID={645FF040-5081-101B-9F08-00AA002F954E}
----------------------------------------
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\shell32.dll,-22915
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\shell32.dll,-8964
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\imageres.dll,-55
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\imageres.dll,-55
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\imageres.dll,-54
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = %SystemRoot%\system32\shell32.dll
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\sh[b][/b]ell\empty,MUIVerb = @shell32.dll,-10564
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\sh[b][/b]ell\empty,Icon = shell32.dll,-254
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\sh[b][/b]ell\empty,Description = @shell32.dll,-31332
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\shell32.dll,-22915
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\shell32.dll,-8964
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\imageres.dll,-55
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\imageres.dll,-55
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\imageres.dll,-54
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = %SystemRoot%\system32\shell32.dll
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\sh[b][/b]ell\empty,MUIVerb = @shell32.dll,-10564
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\sh[b][/b]ell\empty,Icon = shell32.dll,-254
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\sh[b][/b]ell\empty,Description = @shell32.dll,-31332
----------------------------------------
No mimics found on drive G:
========================================
Processing script
----------------------------------------
dd4aa817-0c5d-11e0-83c5-002354c9f562
Drive letter for GUID: G:
SectionStart = 0
SectionEnd = 2
----------------------------------------
Folder list for G:\:
----------------------------------------
[code]
dra-- 0 G:\RECYCLER G:\RECYCLER
dra-- 0 G:\storage G:\storage
--a-- 53495 G:\FORUMB~1.JPG G:\Forum Background 222.jpg
dr--- 0 G:\Qbasic G:\Qbasic
d---- 0 G:\ZADACI~1 G:\Zadaci iz informatike Qbasic
d---- 0 G:\WINDOW~1.REL G:\Windows.7.activation.brander.Release-2
--a-- 382521 G:\HOWTOG~1.PDF G:\How to get 500 free facebook credits Part One.pdf
--a-- 70 G:\HOTFIL~1.TXT G:\Hotfile Premium.txt
[/code]
----------------------------------------
Unhide superhidden for G:\
----------------------------------------
----------------------------------------
TRECI STICK.
USBNoRisk 2.6 (08 September 2010) by bobby
Started at 12/27/2010 6:34:50 PM
Searching for connected USB Mass storage...
----------------------------------------
========================================
Searching for other storage...
----------------------------------------
C: {1ed1a779-0c50-11e0-8015-806e6f6e6963}
D: {1ed1a77a-0c50-11e0-8015-806e6f6e6963}
========================================
Scanning fixed storage...
----------------------------------------
No blocked files found on C:
No aut[b][/b]orun.inf files found on C:
No mountpoint found for C:
No mountpoint found for 1ed1a779-0c50-11e0-8015-806e6f6e6963
No Desktop.ini files found on C:
----------------------------------------
No blocked files found on D:
No aut[b][/b]orun.inf files found on D:
No mountpoint found for D:
No mountpoint found for 1ed1a77a-0c50-11e0-8015-806e6f6e6963
No Desktop.ini files found on D:
----------------------------------------
========================================
Initial scan finished!
========================================
[b]New device connected at[/b] 12/27/2010 6:34:58 PM
Scanning for connected USB mass storage...
----------------------------------------
G: {0044ac5a-0c06-11e0-aedd-002354c9f562}
Added G:
========================================
Scanning USB mass storage for files...
----------------------------------------
No blocked files found on G:
----------------------------------------
No aut[b][/b]orun.inf files found on G:
Sanitized mountpoint for 0044ac5a-0c06-11e0-aedd-002354c9f562
----------------------------------------
----------------------------------------
Desktop.ini found at G:\ipak\ contains interesting CLSID string
----------------------------------------
[.ShellClassInfo]
CLSID={645FF040-5081-101B-9F08-00AA002F954E}
----------------------------------------
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\shell32.dll,-22915
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\shell32.dll,-8964
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\imageres.dll,-55
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\imageres.dll,-55
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\imageres.dll,-54
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = %SystemRoot%\system32\shell32.dll
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\sh[b][/b]ell\empty,MUIVerb = @shell32.dll,-10564
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\sh[b][/b]ell\empty,Icon = shell32.dll,-254
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\sh[b][/b]ell\empty,Description = @shell32.dll,-31332
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\shell32.dll,-22915
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\shell32.dll,-8964
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\imageres.dll,-55
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\imageres.dll,-55
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\imageres.dll,-54
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = %SystemRoot%\system32\shell32.dll
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\sh[b][/b]ell\empty,MUIVerb = @shell32.dll,-10564
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\sh[b][/b]ell\empty,Icon = shell32.dll,-254
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\sh[b][/b]ell\empty,Description = @shell32.dll,-31332
----------------------------------------
No mimics found on drive G:
========================================
Processing script
----------------------------------------
0044ac5a-0c06-11e0-aedd-002354c9f562
Drive letter for GUID: G:
SectionStart = 0
SectionEnd = 2
----------------------------------------
Folder list for G:\:
----------------------------------------
[code]
d---- 0 G:\KONAMI G:\KONAMI
d---- 0 G:\KASPER~1 G:\Kaspersky Internet Security 2011
--a-- 100273008 G:\DIRECT~1.EXE G:\directx_Jun2010_redist.exe
--a-- 8390880 G:\FIREFO~1.EXE G:\Firefox Setup 3.6.12.exe
d---- 0 G:\KASPER~2 G:\Kaspersky Internet Security 2011 Working Key
dr-hs 0 G:\ipak G:\ipak
--a-- 986460 G:\Untitled.png G:\Untitled.png
d---- 0 G:\1STWIN~1 G:\1st Windows Programs
d---- 0 G:\OTHERP~1 G:\Other programs
d---- 0 G:\FIFA11~1 G:\FIFA 11
d---- 0 G:\GTASAN~1 G:\GTA San Andreas User Files
d---- 0 G:\BFBC2 G:\BFBC2
-ra-- 602 G:\PASSWO~1.RAR G:\Passwords.rar
[/code]
----------------------------------------
Unhide superhidden for G:\
----------------------------------------
dra-- G:\ipak > unhidden
--a-- G:\ipak\Desktop.ini > unhidden
--a-- G:\Other programs\Slike Slaven\Thumbs.db > unhidden
----------------------------------------
Sve sam ih pobriso.
u kojoj ste fazi vas dvojica?
intelovac kad si nakon čišćenja s mbam napravio quick scan jel ti prijavio kakvu infekciju ,koju nakon restarta i ponovnog skeniranja ne može očistiti?
Sve sam ih pobriso.
u kojoj ste fazi vas dvojica?
intelovac kad si nakon čišćenja s mbam napravio quick scan jel ti prijavio kakvu infekciju ,koju nakon restarta i ponovnog skeniranja ne može očistiti?
Mi smo u fazi da cekamo da total dodje.
Nisam skeniroo sam mbamom,nije mi se dalo.
Mi smo u fazi da cekamo da total dodje.
Nisam skeniroo sam mbamom,nije mi se dalo.
a dalo ti se deinstalirati aviru i pokretati combofix i skenirati stickove zbog trojanca starog 7 godina,malo čudno
mislim da si ipak trebao pokrenutui mbam
Mi smo u fazi da cekamo da total dodje.
Nisam skeniroo sam mbamom,nije mi se dalo.
a dalo ti se deinstalirati aviru i pokretati combofix i skenirati stickove zbog trojanca starog 7 godina,malo čudno
mislim da si ipak trebao pokrenutui mbam
Sad cu ,i kakav trojanac star 7 god.
Sad cu ,i kakav trojanac star 7 god.
pa taj worm je prvi put detektiran prije 7 godina
ma ne moraš ništa radit,malo vas trzam,pratim da vidim šta će bit
Log od quick mbam.
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 5397
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
27.12.2010 19:40:21
mbam-log-2010-12-27 (19-40-21).txt
Scan type: Quick scan
Objects scanned: 133156
Time elapsed: 1 minute(s), 43 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
sad si čist,ali mislim da se to moglo riješiti odma,bez tih vratolomija
drugi stik
skini ovaj program i spremi ga na desktop
ubaci drugi stik u računalo
otvori OTM i ovo kopiraj u prazno polje
:files
G:\RECYCLER
G:\storage
recycler /alldrives
:Commands
[purity]
[emptytemp]
[resethosts]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[Reboot]
klik na Moveit!
log koji dobiješ kopiraj na forum
3.stik
ovo kopiraj i sve ostalo kao i sa drugim stikom
:files
G:\KONAMI
G:\ipak
:Commands
[purity]
[emptytemp]
All processes killed
========== FILES ==========
G:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213 folder moved successfully.
G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013 folder moved successfully.
G:\RECYCLER folder moved successfully.
G:\storage folder moved successfully.
recycler not found in C:\
D:\RECYCLER\S-1-5-21-839522115-2146821571-1801674531-1003 folder moved successfully.
D:\RECYCLER\S-1-5-21-527237240-1637723038-1801674531-1003 folder moved successfully.
D:\RECYCLER\S-1-5-21-1123561945-706699826-682003330-1003 folder moved successfully.
D:\RECYCLER folder moved successfully.
recycler not found in G:\
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
->Temp folder emptied: 0 bytes
User: Slaven
->Temp folder emptied: 2904 bytes
->Temporary Internet Files folder emptied: 2005401 bytes
->FireFox cache emptied: 78044017 bytes
->Opera cache emptied: 8128264 bytes
->Flash cache emptied: 4058 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1216 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 84.00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTM by OldTimer - Version 3.1.17.2 log created on 12272010_195049
E sve mi je pomutilo sva slova su mutna nekak.
TRECI STICK....
All processes killed
========== FILES ==========
G:\KONAMI\Pro Evolution Soccer 2011\save folder moved successfully.
G:\KONAMI\Pro Evolution Soccer 2011 folder moved successfully.
G:\KONAMI folder moved successfully.
G:\ipak folder moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
->Temp folder emptied: 0 bytes
User: Slaven
->Temp folder emptied: 797 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 18945188 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 456 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 18.00 mb
OTM by OldTimer - Version 3.1.17.2 log created on 12272010_201023
start / u start polje kopiraj ovo comofix /uninstall
otvori OTM i klik na clean up
kako ti sad računalo radi ?
start / u start polje kopiraj ovo comofix /uninstall
otvori OTM i klik na clean up
kako ti sad računalo radi ?
gdje da kopiram to za combofix
klikni na start i u onaj prozorčić kopiraj
