Kakva je ovo putanja C:\FOUND.011??
Jesi li kliknuo da se obrise u malwarebytes kad si skenirao u safe modu i onda restartovao komp?
Iskljuci system restore i isprazni Temp foldere.
Gde se nalaze Temp folderi ?
Kako da iskljucim system restore?
(znam da piranja deluju glupo , ali lakse mi je da mi napise neko ko zna nego da trazim )
Avast je nasao 20 i nesto komada , ali nije mogao sve da izbrise , i stalno prijavljuje kako je blokirao malware ili trojanca i stavio ih u virus chest, cini mi se da je njihova lokazija uglavnom u System volume information\restore....... i u System32
MBAM je sad nasao neke i nalaze su u Temp folderima i u System32
Kontam da su ovo ti folderi o kojima si pricao , sad cu da restartujem , i da ih ispraznim.
Log od MBAM:
Malwarebytes' Anti-Malware 1.44
Database version: 3828
Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180
6.3.2010 14:38:28
mbam-log-2010-03-06 (14-38-28).txt
Scan type: Full Scan (C:\|D:\|E:\|F:\|G:\|)
Objects scanned: 177092
Time elapsed: 26 minute(s), 35 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 13
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
C:\Documents and Settings\nidza\Local Settings\Temp\E_N4 (Worm.Autorun) -> Quarantined and deleted successfully.
Files Infected:
C:\WINDOWS\system32\C7142C\krnln.fnr (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\C7142C\HtmlView.fne (HackTool.Patcher) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\C7142C\internet.fne (HackTool.Patcher) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\C7142C\eAPI.fne (Worm.Autorun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\C7142C\dp1.fne (Worm.Autorun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\C7142C\cnvpe.fne (Worm.Autorun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\C7142C\RegEx.fnr (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\Documents and Settings\nidza\Local Settings\Temp\E_N4\krnln.fnr (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\nidza\Local Settings\Temp\E_N4\HtmlView.fne (HackTool.Patcher) -> Quarantined and deleted successfully.
C:\Documents and Settings\nidza\Local Settings\Temp\E_N4\internet.fne (HackTool.Patcher) -> Quarantined and deleted successfully.
C:\Documents and Settings\nidza\Local Settings\Temp\E_N4\eAPI.fne (Worm.Autorun) -> Quarantined and deleted successfully.
C:\Documents and Settings\nidza\Local Settings\Temp\E_N4\dp1.fne (Worm.Autorun) -> Quarantined and deleted successfully.
C:\Documents and Settings\nidza\Local Settings\Temp\E_N4\cnvpe.fne (Worm.Autorun) -> Quarantined and deleted successfully.