MyCity » Ambulanta -> Arhiva Ambulante » neizbrisiv csrss file na usb-u

neizbrisiv csrss file na usb-u

Napisano na dan: 4.11.2009

Strana:
1
2

neizbrisiv csrss file na usb-u

Pagination

Prethodna strana

Odgovori

Strana:
1
2

rasho75 Poslao: 05 Nov 2009 23:23 Idi na vrh
offline rasho75 Novi MyCity građanin Pridružio: 03 Nov 2009 Poruke: 8	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 05 Nov 2009 23:09 Sve sam po uputama napravio. Sad na usb-u nema csrss.exe file-a, ostao je samo onaj blokirani autorun. U task manageru je jos uvijek CSRSS.EXE file. Evo ga log a ja cu resetirat komp da vidim oce se sta promijenit. USBNoRisk 2.5 (26 July 2009) by bobby Started at 5.11.2009 22:59:46 Searching for connected USB Mass storage... ---------------------------------------- ======================================== Searching for other storage... ---------------------------------------- C: {ac2d61bd-a35f-11db-822e-806d6172696f} D: {ac2d61be-a35f-11db-822e-806d6172696f} ======================================== Scanning fixed storage... ---------------------------------------- No blocked files found on C: No Autorun.inf files found on C: No mountpoint found for C: No mountpoint found for ac2d61bd-a35f-11db-822e-806d6172696f ---------------------------------------- Desktop.ini found at C:\Recycled\ contains interesting CLSID string ---------------------------------------- [.ShellClassInfo] CLSID={645FF040-5081-101B-9F08-00AA002F954E} ---------------------------------------- HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\Otvori CCleaner...\command,@ = C:\Program Files\CCleaner\ccleaner.exe HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\Pokreni CCleaner\command,@ = C:\Program Files\CCleaner\ccleaner.exe /AUTO HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\Otvori CCleaner...\command,@ = C:\Program Files\CCleaner\ccleaner.exe HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\Pokreni CCleaner\command,@ = C:\Program Files\CCleaner\ccleaner.exe /AUTO ---------------------------------------- No blocked files found on D: No Autorun.inf files found on D: No mountpoint found for D: No mountpoint found for ac2d61be-a35f-11db-822e-806d6172696f ---------------------------------------- Desktop.ini found at D:\Recycled\ contains interesting CLSID string ---------------------------------------- [.ShellClassInfo] CLSID={645FF040-5081-101B-9F08-00AA002F954E} ---------------------------------------- HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32 HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\Otvori CCleaner...\command,@ = C:\Program Files\CCleaner\ccleaner.exe HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\Pokreni CCleaner\command,@ = C:\Program Files\CCleaner\ccleaner.exe /AUTO HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32 HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\Otvori CCleaner...\command,@ = C:\Program Files\CCleaner\ccleaner.exe HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\Pokreni CCleaner\command,@ = C:\Program Files\CCleaner\ccleaner.exe /AUTO ---------------------------------------- ======================================== Initial scan finished! ======================================== New device connected at 5.11.2009 23:00:09 Scanning for connected USB mass storage... ---------------------------------------- I: {2e0ed46e-4062-11dc-abfb-005056c00008} Added I: ======================================== Scanning USB mass storage for files... ---------------------------------------- Blocked file found: I:\autorun.inf.blocked ---------------------------------------- Content of I:\autorun.inf.blocked ---------------------------------------- [autorun] open=csrss.exe icon=%SystemRoot%\system32\SHELL32.dll,4 action=Open folder to view files shell\open=Open shell\open\command=csrss.exe shell\open\default=1 ---------------------------------------- Files referenced from I:\autorun.inf.blocked ---------------------------------------- I:\csrss.exe ---h- 1136164 ---------------------------------------- ---------------------------------------- No Autorun.inf files found on I: No mountpoint found for 2e0ed46e-4062-11dc-abfb-005056c00008 ---------------------------------------- No Desktop.ini files found on I: ---------------------------------------- No mimics found on drive I: ======================================== Processing script ---------------------------------------- 2e0ed46e-4062-11dc-abfb-005056c00008 Drive letter for GUID: I: SectionStart = 0 SectionEnd = 2 Dopuna: 05 Nov 2009 23:23 nakon restartanja stanje isto. sta dalje?

Profil

diarno Poslao: 06 Nov 2009 00:02 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ne razumem..kako je stanje isto...Jedan csrss.exe i treba da postoji..to je sistemski fajl... Obrisi rucno autorun.inf.blocked. csrss.exe je nestao sa usb-a jel tako?

Profil

rasho75 Poslao: 06 Nov 2009 07:47 Idi na vrh
offline rasho75 Novi MyCity građanin Pridružio: 03 Nov 2009 Poruke: 8	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 06 Nov 2009 7:32 ako jedan treba da postoji, onda je stvar rijesena :-))) (nisam na pocetku naglasio da sam tele za ove svari i da cu vjerojatno izvalit koju glupost, sto se na kraju i desilo) autorun.inf.blocked izbrisan rucno csrss.exe sa usb nestao usb otvaram dvoklikom bez problema ukratko sve je OK!! Hvala puno!! Dopuna: 06 Nov 2009 7:47 Jos jedno pitanje...(mozda je glupo ali ipak...) Sta da radim sa ovim pustim logovima i programima? Na C disku imam dosta novih foldea, da brisem ili ih ostavim?

Profil

diarno Poslao: 06 Nov 2009 10:26 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Combofix dolazi sa par fajlova i foldera a njega ces ukloniti prateci ovu jednostavnu proceduru Potrebno je deinstalirati ComboFix: klikni start (ili ), a zatim RUN. Na Visti koristiti Start Search polje ukoliko Run nije dostupan. U liniju za unos teksta ukucaj (iskopiraj) sledeće: ComboFix /Uninstall Primeti da postoji razmak između "ComboFix" i "/Uninstall". a zatim klikni OK (ili pritisni Enter). Sačekaj da se proces deinstalacije završi. Ostale programe i logove rucno izbrisi...Jer ako ponovo zakacis infekciju neophodni su svezi logovi Pozzz

Profil

rasho75 Poslao: 06 Nov 2009 11:19 Idi na vrh
offline rasho75 Novi MyCity građanin Pridružio: 03 Nov 2009 Poruke: 8	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! sve rijeseno!! :-))) najljepsa hvala na pomoci! Pozdrav

Profil

MyCity » Ambulanta -> Arhiva Ambulante » neizbrisiv csrss file na usb-u

Ko je trenutno na forumu

Ukupno su 1124 korisnika na forumu :: 39 registrovanih, 5 sakrivenih i 1080 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: Alibaba1981, Ben Roj, bigfoot, Bobrock1, bokisha253, brundo65, BSD, CHARLIE JA., cifra, DeerHunter, Denaya, DPera, gorval, goxin, hatman, ivicasimo, Joja, Koridor, Kubovac, kuntalo, MB120mm, mercedesamg, mikrimaus, nemkea71, novator, Panter, Povratak1912, sombrero, theNedjeljko, tubular, Tvrtko I, vaso1, vladas87, vrag81, vukovi, wolf431, YugoSlav, zuxbg, šumar bk2

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by