|
Poslao: 27 Jan 2008 11:31
|
offline
- Pridružio: 18 Okt 2007
- Poruke: 70
- Gde živiš: Svilajnac
|
Jesam,isao sam na tu opciju, log mi se pojavio kad je poceo ciscenje...
Error: selected file does not appear to be a valid script.
Error code: 0
a poruke kad sam sam isao na opciju sa semaforom,prvo jedna pa druga...
|
|
|
|
|
|
|
Poslao: 27 Jan 2008 11:43
|
offline
- bobby
- Administrator
- Pridružio: 04 Sep 2003
- Poruke: 24135
- Gde živiš: Wien
|
Error: selected file does not appear to be a valid script.
Ova poruka ne moze da se pojavi ukoliko si skript uneo rucno, vec kada se skript ucitava iz fajla.
Molim te probaj ponovo, i drzi se strogo uputstva koje sam ti napisao.
|
|
|
|
|
|
|
Poslao: 27 Jan 2008 12:09
|
offline
- Pridružio: 18 Okt 2007
- Poruke: 70
- Gde živiš: Svilajnac
|
Nemogu da ih pronadjem...I rucno sam upisao podatke ali se isti log javlja...
|
|
|
|
|
|
|
Poslao: 27 Jan 2008 13:12
|
offline
- bobby
- Administrator
- Pridružio: 04 Sep 2003
- Poruke: 24135
- Gde živiš: Wien
|
Izvini, ali nikako ne kontam sta tu nije jasno.
Ne treba nista da pronadjes.
1. Startujes Avenger,
2. kiknes na opciju Input Script manually, pa onda kliknes na ikonicu lupe.
3. Pojavice se dijalog za unos skripta.
4. Tu uneses doslovce sve ono sto pise ovde (iskopiras odavde sa foruma, ili upises rucno):
Files to Delete:
C:\WINDOWS\bqxomdo.dll
C:\WINDOWS\privacy_danger\index.htm
5. Kliknes na Done, sto te vraca na prvi ekran.
6. Sada kliknes ikonicu semafora.
7. Avenger ce ti traziti restart, posto on brise pri sledecem startovanju Windowsa. Ukoliko ne zatrazi restart, onda ti sam restartuj komp.
Kada restartujes komp, nakon brisanja ce se pojaviti log koji ces ovde postaviti.
Ukoliko uradis sve ovako kao sto sam ti rekao, onda je nemoguce da prijavi onakvu poruku koju si gore napisao.
|
|
|
|
|
|
|
Poslao: 27 Jan 2008 13:58
|
offline
- Pridružio: 18 Okt 2007
- Poruke: 70
- Gde živiš: Svilajnac
|
Izvinjavam se ,bio si u pravu ,nisam uneo"Files to Delete:" evo loga:
Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\hnjsmxrf
*******************
Script file located at: \??\C:\Documents and Settings\clwmgfoi.txt
Script file opened successfully.
Script file read successfully
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
File C:\WINDOWS\bqxomdo.dll not found!
Deletion of file C:\WINDOWS\bqxomdo.dll failed!
Could not process line:
C:\WINDOWS\bqxomdo.dll
Status: 0xc0000034
Could not open file C:\WINDOWS\privacy_danger\index.htm for deletion
Deletion of file C:\WINDOWS\privacy_danger\index.htm failed!
Could not process line:
C:\WINDOWS\privacy_danger\index.htm
Status: 0xc000003a
Completed script processing.
*******************
Finished! Terminate.
|
|
|
|
|
|
|
Poslao: 27 Jan 2008 14:48
|
offline
- bobby
- Administrator
- Pridružio: 04 Sep 2003
- Poruke: 24135
- Gde živiš: Wien
|
Hmm... zilava neka zivuljka.
Mozes li da promenis pozadinu Desktopa?
Desni klik na prazan Desktop, pa Properties, pa tu potrazi da iskljucis Active Desktop (nisam sada na Windowsu, pa ne mogu da ti napisem gde se tacno iskljucuje).
|
|
|
|
|
|
|
Poslao: 27 Jan 2008 15:17
|
offline
- Piksi
- Elitni građanin
- Pridružio: 13 Nov 2003
- Poruke: 2435
|
@bobby
Shvatam da ce se ovo tretirati kao upadica,ali slobodno mozes text iz mog posta da uneses u svoj,a moj obrisi  ...
Active Desktop se na XP-u iskljucuje na sledeci nacin:
Desni klik na desktop -> Properties -> Desktop -> Customize Desktop -> Web -> i u delu Web Pages odstikliraj ono sto zelis da iskljucis...
|
|
|
|
|
|
|
Poslao: 27 Jan 2008 15:34
|
offline
- Pridružio: 18 Okt 2007
- Poruke: 70
- Gde živiš: Svilajnac
|
Uspeo sam!!!odstiklirao sam "my current home page"i sad je ok!!!
nadam se da je ovaj posao konacno gotov?
|
|
|
|
|
|
|
|
|
Poslao: 27 Jan 2008 17:15
|
offline
- Pridružio: 18 Okt 2007
- Poruke: 70
- Gde živiš: Svilajnac
|
SmitFraudFix v2.275
Scan done at 17:09:28,12, ned 27.01.2008
Run from C:\Documents and Settings\sladjan\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in safe mode
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Killing process
»»»»»»»»»»»»»»»»»»»»»»»» hosts
127.0.0.1 localhost
»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix
S!Ri's WS2Fix: LSP not Found.
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files
»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
IEDFix.exe by S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» DNS
HKLM\SYSTEM\CCS\Services\Tcpip\..\{CA5B3E18-C9F8-4C47-939F-9D2A753AE32E}: NameServer=192.168.6.254,192.168.4.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{CA5B3E18-C9F8-4C47-939F-9D2A753AE32E}: NameServer=192.168.6.254,192.168.4.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{CA5B3E18-C9F8-4C47-939F-9D2A753AE32E}: NameServer=192.168.6.254,192.168.4.1
»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning
Registry Cleaning done.
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» End
----------------------------------------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 17:16:31, on 27.1.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\notepad.exe
C:\Documents and Settings\sladjan\Desktop\xxxx.exe
R3 - URLSearchHook: SrchHook Class - {F4F10C1D-87C7-404A-B4B3-000000000000} - C:\PROGRA~1\DAP\SBSearch.dll
O2 - BHO: GigagetIEHelper - {111CAA23-6F4F-42AC-8555-B48C1D87BBAB} - C:\WINDOWS\system32\gigagetbho_v10.dll
O2 - BHO: (no name) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - (no file)
O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SXG Advisor - {61E61BA1-45ED-4835-B504-BBB9C96CB9CD} - C:\WINDOWS\dpvtporrfd.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {F156768E-81EF-470C-9057-481BA8380DBA} - (no file)
O2 - BHO: Ask Toolbar BHO - {F4D76F01-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Ask Toolbar - {F4D76F09-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
O3 - Toolbar: The elfwgps - {CF4C34FE-2275-45EC-8C7E-2594CC1811A5} - C:\WINDOWS\elfwgps.dll (file missing)
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - (no file)
O4 - HKLM\..\Run: [MBM 5] "C:\Program Files\Motherboard Monitor 5\MBM5.EXE"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [SpeedOptimizer] "C:\Program Files\SpeedOptimizer\SPO.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download All by Gigaget - C:\Program Files\Giganology\Gigaget\getallurl.htm
O8 - Extra context menu item: &Download by Gigaget - C:\Program Files\Giganology\Gigaget\geturl.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: &Search - ?p=ZNfox000
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: Prevedi sa Di recnikom - C:\Program Files\Di recnik\diie.htm
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Quick Login rs-mp3.com - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\Funnsystems YuMp3Com-User-Authorization\YuMp3ComLogin.exe (file missing)
O9 - Extra 'Tools' menuitem: &Quick Login rs-mp3.com - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\Funnsystems YuMp3Com-User-Authorization\YuMp3ComLogin.exe (file missing)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CA5B3E18-C9F8-4C47-939F-9D2A753AE32E}: NameServer = 192.168.6.254,192.168.4.1
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: LMIinit - C:\WINDOWS\SYSTEM32\LMIinit.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: bqxomdo - {CAA96999-62B1-4DA3-A8C2-3C73B6C595B8} - C:\WINDOWS\bqxomdo.dll (file missing)
O21 - SSODL: aswmklt - {FFF79A08-2593-463F-ADC9-A49D3CB3FBEE} - C:\WINDOWS\aswmklt.dll (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
|
|
|
|
|
|
