|
Poslao: 27 Sep 2010 15:59
|
offline
- Brok
- Moderator foruma
- Mihajlo Bogdanović
- Linux driver - fighter - warrior
- Pridružio: 04 Maj 2005
- Poruke: 3259
|
Kada sam dobio laptop ima sam jako malo RAM-a (192 MB) te AV program nije ni bio instaliran, kasnije sam nadogradio RAM do 1 GB te instalirao AV program AVG free varijantu.
Prilikom skeniranja sa Malwarebytes' Anti-Malware našao mi je jedan trojanac, dva registy ključa i dve fascikle inficirane.
Sam AVG je našao mislim jednu infekciju.
Koristim Windows XP SP2 i imam kablovski SBB Internet brzine 4 mib/s.
Ovo je drugo skeniranje sa AVG-om, (uklonio sam sve kolačiće i keš iz Opere):
https://www.mycity.rs/must-login.png
Sken iz Malwarebytes' Anti-Malware:
https://www.mycity.rs/must-login.png
DDS (Ver_10-03-17.01) - NTFSx86
Run by Broker at 15:42:00,52 on pon 27.09.2010
Internet Explorer: 6.0.2900.2180
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.959.491 [GMT 2:00]
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\o2flash.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclIrSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclBCBTSrv.exe
C:\PROGRA~1\COMMON~1\Nokia\MPLATF~1\NOKIAM~1.EXE
C:\Program Files\Opera\opera.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Broker\Desktop\dds.scr
============== Pseudo HJT Report ===============
uURLSearchHooks: {e312764e-7706-43f1-8dab-fcdd2b1e416d} - c:\program files\pdfforge toolbar\SearchSettings.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: pdfforge Toolbar: {b922d405-6d13-4a2b-ae89-08a030da4402} - c:\program files\pdfforge toolbar\ie\1.1.2\pdfforgeToolbarIE.dll
BHO: {e312764e-7706-43f1-8dab-fcdd2b1e416d} - c:\program files\pdfforge toolbar\SearchSettings.dll
TB: pdfforge Toolbar: {b922d405-6d13-4a2b-ae89-08a030da4402} - c:\program files\pdfforge toolbar\ie\1.1.2\pdfforgeToolbarIE.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
TCP: {ACFE72A0-125B-446F-85BF-011F28070985} = 89.216.34.1,89.216.1.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: avgrsstarter - avgrsstx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
============= SERVICES / DRIVERS ===============
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2010-9-22 216400]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2010-9-22 29584]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2010-9-22 243024]
R2 Application Updater;Application Updater;c:\program files\application updater\ApplicationUpdater.exe [2010-1-8 380928]
R2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-9-22 308136]
R3 ALiIRDA;ALi Infrared Device Driver;c:\windows\system32\drivers\aliirda.sys [2010-9-8 27648]
R3 CALIAUD;Conexant AMC 3D Environmental Audio;c:\windows\system32\drivers\caliaud.sys [2004-2-17 292352]
R3 CALIHALA;CALIHALA;c:\windows\system32\drivers\calihal.sys [2004-2-17 273536]
R3 DP83815;National Semiconductor Corp. DP83815/816 NDIS 5.0 Miniport Driver;c:\windows\system32\drivers\DP83815.sys [2004-7-15 18432]
R3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\drivers\gHidPnp.sys [2010-9-25 20480]
R3 gMouUsb;USB Mouse Device Drv;c:\windows\system32\drivers\gMouUsb.sys [2010-9-25 11520]
R3 viafilter;VIA USB Filter;c:\windows\system32\drivers\viausb1.sys [2010-9-25 9728]
S3 EverestDriver;Lavalys EVEREST Kernel Driver;e:\my portable program\everest ultimate engineer 5.50.2100\kerneld.wnt [2010-9-8 27760]
=============== Created Last 30 ================
==================== Find3M ====================
2010-09-25 00:15:29 822272 ----a-w- c:\windows\system32\drivers\BCMWL5.SYS
============= FINISH: 15:42:32,84 ===============
https://www.mycity.rs/must-login.png
https://www.mycity.rs/must-login.png
https://www.mycity.rs/must-login.png
|
|
|
|
|
|
|
Poslao: 27 Sep 2010 21:20
|
offline
- 1l padr1n0
- Anti Malware Fighter
Rank 2
- Pridružio: 02 Feb 2008
- Poruke: 14018
- Gde živiš: Nish
|
Pozdrav i dobro dosao u Ambulantu MyCity foruma.
- Preuzmi USBNoRisk na Desktop i pokreni ga duplim klikom na ikonicu programa.
- Sacekaj koji sekund dok program izvrsi inicijalno skeniranje.
- Ubacuj sve USB memorijske uredjaje redom u USB slot i svaki zadrzi u slotu po 10 sekundi.
- Ukoliko imas vise uredjaja za proveru, onda na parcetu papira zapisi kojim redom su ubacivani jer ce nam kasnije trebati taj podatak
- Kada zavrsis sa svim uredjajima, klikni desno dugme misa na sred prozora programa i odaberi opciju Save scrambled log. To ce automatski otvoriti log u Notepadu. Iskopiraj nam taj log iz Notepada na forum.
Objasnjenje: U USB memorijske uredjaje spadaju svi oni uredjaji koji po prikljucivanju na kompjuter dobijaju svoju oznaku particije. Tu spadaju USB flash drajvovi, eksterni hard-diskovi, memorijske kartice, MP3 i MP4 plejeri, neki mobilni telefoni, neki GPS (navigacioni) uredjaji itd.
goran9888 (AMF Tim)
|
|
|
|
|
|
|
Poslao: 28 Sep 2010 11:47
|
offline
- Brok
- Moderator foruma
- Mihajlo Bogdanović
- Linux driver - fighter - warrior
- Pridružio: 04 Maj 2005
- Poruke: 3259
|
Dobro Vas našao.
Koristim tri USB memorijska uređaja.
Ovim redom sam ih ubaciovao:
-USB stick od 4 GB
-USB stick od 2 GB
-blutut za povezivanje sa mobilnim (i povezao ga na 10 sek)
USBNoRisk 2.6 (08 September 2010) by bobby
Started at 28.9.2010 11:30:31
Searching for connected USB Mass storage...
----------------------------------------
========================================
Searching for other storage...
----------------------------------------
C: {8bd9d371-bb8b-11df-9738-806d6172696f}
E: {8bd9d372-bb8b-11df-9738-806d6172696f}
========================================
Scanning fixed storage...
----------------------------------------
No blocked files found on C:
No autorun.inf files found on C:
No mountpoint found for C:
No mountpoint found for 8bd9d371-bb8b-11df-9738-806d6172696f
No Desktop.ini files found on C:
----------------------------------------
No blocked files found on E:
No autorun.inf files found on E:
No mountpoint found for E:
No mountpoint found for 8bd9d372-bb8b-11df-9738-806d6172696f
No Desktop.ini files found on E:
----------------------------------------
========================================
Initial scan finished!
========================================
New device connected at 28.9.2010 11:30:48
Scanning for connected USB mass storage...
----------------------------------------
F: {fe620430-bb28-11df-b245-000d9d449c9e}
Added F:
========================================
Scanning USB mass storage for files...
----------------------------------------
No blocked files found on F:
----------------------------------------
No autorun.inf files found on F:
No mountpoint found for fe620430-bb28-11df-b245-000d9d449c9e
----------------------------------------
No Desktop.ini files found on F:
----------------------------------------
No mimics found on drive F:
========================================
========================================
Removed F:
========================================
New device connected at 28.9.2010 11:31:45
Scanning for connected USB mass storage...
----------------------------------------
F: {344d4440-cae3-11df-b2a3-000d9d449c9e}
Added F:
========================================
Scanning USB mass storage for files...
----------------------------------------
No blocked files found on F:
----------------------------------------
No autorun.inf files found on F:
No mountpoint found for 344d4440-cae3-11df-b2a3-000d9d449c9e
----------------------------------------
No Desktop.ini files found on F:
----------------------------------------
No mimics found on drive F:
========================================
========================================
Removed F:
========================================
New device connected at 28.9.2010 11:31:49
Scanning for connected USB mass storage...
----------------------------------------
F: {344d4440-cae3-11df-b2a3-000d9d449c9e}
Added F:
========================================
Scanning USB mass storage for files...
----------------------------------------
No blocked files found on F:
----------------------------------------
No autorun.inf files found on F:
No mountpoint found for 344d4440-cae3-11df-b2a3-000d9d449c9e
----------------------------------------
No Desktop.ini files found on F:
----------------------------------------
No mimics found on drive F:
========================================
========================================
Removed F:
========================================
New device connected at 28.9.2010 11:31:50
Scanning for connected USB mass storage...
----------------------------------------
F: {344d4440-cae3-11df-b2a3-000d9d449c9e}
Added F:
========================================
Scanning USB mass storage for files...
----------------------------------------
No blocked files found on F:
----------------------------------------
No autorun.inf files found on F:
No mountpoint found for 344d4440-cae3-11df-b2a3-000d9d449c9e
----------------------------------------
No Desktop.ini files found on F:
----------------------------------------
No mimics found on drive F:
========================================
========================================
Removed F:
========================================
========================================
========================================
========================================
========================================
|
|
|
|
|
|
|
Poslao: 28 Sep 2010 20:38
|
offline
- 1l padr1n0
- Anti Malware Fighter
Rank 2
- Pridružio: 02 Feb 2008
- Poruke: 14018
- Gde živiš: Nish
|
Prikljucuj jedan po jedan uredjaj i prati uputstvo za svaki ponaosob
------------------------------------------------------------------------------------
- Pokrenuti USBNoRisk i sačekati da izvrši inicijalno skeniranje.
- Po završetku inicijalnog skeniranja priključiti USB memorijski uređaj.
- Kliknuti na karticu Script;
U beli okvir prozora iskopirati sledeći tekst:
{fe620430-bb28-11df-b245-000d9d449c9e}
folder_list: %DRIVE%
no_sh:
{344d4440-cae3-11df-b2a3-000d9d449c9e}
folder_list: %DRIVE%
no_sh:
- Izvršiti komandu klikom na taster Run Script;
Po izvršenju komande USBNoRisk će se automatski vratiti na karticu Monitor;
- Uraditi desni klik unutar belog okvira prozora i odabrati opciju Save Log;
Otvoriće se prozor Notepad_a sa tekstom koji je potrebno iskopirati ovde u poruci.
goran9888 (AMF Tim)
|
|
|
|
|
|
|
Poslao: 29 Sep 2010 12:11
|
offline
- Brok
- Moderator foruma
- Mihajlo Bogdanović
- Linux driver - fighter - warrior
- Pridružio: 04 Maj 2005
- Poruke: 3259
|
Evo loga. Može da se desi da sam pokretao dva puta skriptu na dva USB uređaja, nadam se da time nisam ništa poremetio.
Red ubacivanja USB uređaja je isti kao ranije, znači:
-USB stick 4 GB
-USB stick 2 GB
-blutut za povezivanje sa mobilnim
USBNoRisk 2.6 (08 September 2010) by bobby
Started at 29.9.2010 11:53:27
Searching for connected USB Mass storage...
----------------------------------------
========================================
Searching for other storage...
----------------------------------------
C: {8bd9d371-bb8b-11df-9738-806d6172696f}
E: {8bd9d372-bb8b-11df-9738-806d6172696f}
========================================
Scanning fixed storage...
----------------------------------------
No blocked files found on C:
No Autorun.inf files found on C:
No mountpoint found for C:
No mountpoint found for 8bd9d371-bb8b-11df-9738-806d6172696f
No Desktop.ini files found on C:
----------------------------------------
No blocked files found on E:
No Autorun.inf files found on E:
No mountpoint found for E:
No mountpoint found for 8bd9d372-bb8b-11df-9738-806d6172696f
No Desktop.ini files found on E:
----------------------------------------
========================================
Initial scan finished!
========================================
New device connected at 29.9.2010 11:53:41
Scanning for connected USB mass storage...
----------------------------------------
F: {344d4440-cae3-11df-b2a3-000d9d449c9e}
Added F:
========================================
Scanning USB mass storage for files...
----------------------------------------
No blocked files found on F:
----------------------------------------
No Autorun.inf files found on F:
No mountpoint found for 344d4440-cae3-11df-b2a3-000d9d449c9e
----------------------------------------
No Desktop.ini files found on F:
----------------------------------------
No mimics found on drive F:
========================================
========================================
Removed F:
========================================
New device connected at 29.9.2010 11:54:03
Scanning for connected USB mass storage...
----------------------------------------
F: {fe620430-bb28-11df-b245-000d9d449c9e}
Added F:
========================================
Scanning USB mass storage for files...
----------------------------------------
No blocked files found on F:
----------------------------------------
No Autorun.inf files found on F:
No mountpoint found for fe620430-bb28-11df-b245-000d9d449c9e
----------------------------------------
No Desktop.ini files found on F:
----------------------------------------
No mimics found on drive F:
========================================
Processing script
----------------------------------------
fe620430-bb28-11df-b245-000d9d449c9e
Drive letter for GUID: F:
SectionStart = 0
SectionEnd = 3
----------------------------------------
Folder list for F:\:
----------------------------------------
-rahs 480818 F:\dsoend.exe F:\dsoend.exe
-r-hs 105493 F:\usdeiect.com F:\usdeiect.com
--a-- 37902 F:\wand.dat F:\wand.dat
d---- 0 F:\BEKAPD~1 F:\Bekap drajvera za Windowws - Drivers
d---- 0 F:\DOKUME~1 F:\Dokumentacija razno
d---- 0 F:\INSTAL~1 F:\Instal programi
d---- 0 F:\Linux F:\Linux
d---- 0 F:\OPERAB~1.AVG F:\Opera bekap 30. avgust 2009
d---- 0 F:\IKONEZ~2 F:\Ikone za popovu knjigu
--a-- 122 F:\nalog.txt F:\nalog.txt
d---- 0 F:\Ikone F:\Ikone
d---- 0 F:\IKONIC~1 F:\Ikonice za Roket Dock
--a-- 1410 F:\BOOTEX.LOG F:\BOOTEX.LOG
--a-- 290304 F:\STASVE~1.DOC F:\ŠTA SVE IMA NAREZANO OD FAJLOVA SA TRACKERA.doc
--a-- 127488 F:\RAZNO-~1.DOC F:\RAZNO - ŠTA SVE IMA NREZANO SA TRACKERA.doc
--a-- 216 F:\NEOPHO~1.TXT F:\neophodni servisi za mrezu.txt
d---- 0 F:\ENGLES~1 F:\Englesko – srpski enciklopedijski rečnik
--a-- 758937 F:\EASYBC~1.EXE F:\EasyBCD 1.7.2.exe
--a-- 682073 F:\SCREEN~1.PNG F:\Screenshot.png
d---- 0 F:\Drivers F:\Drivers
--a-- 11046 F:\ZADNJI~1.200 F:\Zadnji razgovor 13.01.2009
--a-- 98551 F:\PRIKAZ~1.JPG F:\prikaz inrenet veze u pclinuxos.jpg
--a-- 105896 F:\prikaz.jpg F:\prikaz.jpg
d---- 0 F:\PROGRA~1 F:\Program za cirilicu Srpsku
d---- 0 F:\ZAROCK~1 F:\Za rocket Dok
--a-- 41 F:\pmp_usb.ini F:\pmp_usb.ini
--a-- 49785 F:\2010-0~1.JPG F:\2010-01-01_183207.jpg
--a-- 182465 F:\C__DOC~1.PDF F:\C__Documents and Settings_Broker_Local
Settings_Application Data_Opera_Opera_temporary_downloads_Zlatoustova_Liturgija_i_Sveti_.pdf
--a-- 517453 F:\SCREEN~3.PNG F:\Screenshot-1.png
d---- 0 F:\Boot F:\Boot
-r-h- 474 F:\WINAMP~1.XML F:\winamp_cache_0001.xml
--a-- 489509 F:\logo.jpg F:\logo.jpg
d---- 0 F:\fajlovi F:\fajlovi
d---- 0 F:\CIRILI~1 F:\Cirilicni fontovi - 1038 fontova
--a-- 116224 F:\RAZGOV~1.DOC F:\Razgovor za ProdHostingom I How to optimizacija baze.doc
--a-- 34304 F:\MOLBAP~1.DOC F:\Molba Predsedavajućem Sudskog Veća Okružnog Suda u
Beograd.doc
--a-- 62551 F:\SCREEN~2.PNG F:\Screenshot-Untitled Window.png
--a-- 126 F:\KOMAND~1.TXT F:\komande za gasanje i rebot.txt
--a-- 7420 F:\2475_7~1.REG F:\2475_797507103_Default_XP_Pro_SP3.reg
--a-- 82 F:\DESKTOP.INI F:\DESKTOP.INI
d---- 0 F:\BACKUP~1 F:\backup mozile 28 april 2010 Linux
--a-- 1670017 F:\ERICRA~1.FLV F:\Eric Raymond.flv
--a-- 20480 F:\1í????Aí.DOC F:\фамилија.doc
--a-- 2398067 F:\FASTON~1.RAR F:\Fastone_Capture_6.3_Portable.rar
--a-- 14336 F:\KREIRA~1.DOC F:\kreiranje particija.doc
d---- 0 F:\BACKUP~3 F:\Backup MBR-a 29 april 2010
--a-- 52 F:\SAJTSA~1 F:\Sajt sa pojasnjenjnem o kreiranju particija
--a-- 188338 F:\LINUX9~1.JPG F:\Linux 9.10.jpg
--a-- 259332 F:\SM!^^0~1.JPG F:\SM!^.^0447.jpg
d---- 0 F:\BurnCDCC F:\BurnCDCC
d---- 0 F:\kum F:\kum
--a-- 31571320 F:\NERO_6~1.RAR F:\Nero_6.6.0.8.rar
d---- 0 F:\MOZILL~1.201 F:\mozilla backup Linux 1.06.2010
--a-- 48 F:\Link F:\Link
d---- 0 F:\PCLOSS~1 F:\PCLOS Share dokumentacija
d---- 0 F:\BACKUP~2 F:\backup opera 02 06 2010 Linux
--a-- 114249 F:\IYPCLO~1.PNG F:\iy pclosa 1.png
--a-- 123914 F:\IZPLOS~1.PNG F:\iz PLOS.png
--a-- 282448 F:\SM!^^0~2.JPG F:\SM!^.^0476.jpg
--a-- 119533 F:\IYPCLO~2.PNG F:\iy pclosa se vidi.png
--a-- 295157 F:\PCLOS3~1.PNG F:\pclos 3.png
--a-- 97392 F:\FIREWA~1.PNG F:\Firewall u PCL.png
--a-- 36595282 F:\METALL~1.FLV F:\Metallica - The Day That Never Comes .flv
--a-- 12593 F:\SKACKW~1 F:\skackware report
--a-- 645062 F:\_0M!^^~1.JPG F:\§0m!^.^0114.jpg
--a-- 248525 F:\SM!^^0~3.JPG F:\SM!^.^0443.jpg
--a-- 294368 F:\SM!^^0~4.JPG F:\SM!^.^0444.jpg
--ah- 4096 F:\_~1.TRA F:\._.Trashes
d--h- 0 F:\TRASHE~1 F:\.Trashes
d--h- 0 F:\FSEVEN~1 F:\.fseventsd
d--h- 0 F:\SPOTLI~1 F:\.Spotlight-V100
--a-- 154630 F:\SMDE36~1.JPG F:\SM!^.^0445.jpg
--a-- 284255 F:\SMEE3A~1.JPG F:\SM!^.^0446.jpg
--a-- 20480 F:\MYHOLI~1.DOC F:\My holiday.doc
--a-- 261158 F:\INSTAL~1.PDF F:\instalacija_i_konfigurisanje_modema.pdf
--a-- 276185 F:\KONEKC~1.PDF F:\konekcija_sa_internetom_data.pdf
--a-- 136114176 F:\lupu-511.iso F:\lupu-511.iso
----------------------------------------
Unhide superhidden for F:\
----------------------------------------
-ra-- F:\dsoend.exe > unhidden
-ra-- F:\usdeiect.com > unhidden
--a-- F:\Ikone za popovu knjigu\Thumbs.db > unhidden
--a-- F:\Boot\BCD.LOG1 > unhidden
--a-- F:\Boot\BCD.LOG2 > unhidden
--a-- F:\Boot\BCD_tureg_new.LOG1 > unhidden
--a-- F:\Boot\BCD_tureg_new.LOG2 > unhidden
--a-- F:\Boot\BOOTSTAT.DAT > unhidden
-ra-- F:\fajlovi\bootmgr > unhidden
-ra-- F:\fajlovi\boot.ini > unhidden
-ra-- F:\fajlovi\grldr > unhidden
-ra-- F:\fajlovi\ntldr > unhidden
-ra-- F:\fajlovi\MSDOS.SYS > unhidden
----------------------------------------
Processing script
----------------------------------------
fe620430-bb28-11df-b245-000d9d449c9e
Drive letter for GUID: F:
SectionStart = 0
SectionEnd = 3
----------------------------------------
Folder list for F:\:
----------------------------------------
-ra-- 480818 F:\dsoend.exe F:\dsoend.exe
-ra-- 105493 F:\usdeiect.com F:\usdeiect.com
--a-- 37902 F:\wand.dat F:\wand.dat
d---- 0 F:\BEKAPD~1 F:\Bekap drajvera za Windowws - Drivers
d---- 0 F:\DOKUME~1 F:\Dokumentacija razno
d---- 0 F:\INSTAL~1 F:\Instal programi
d---- 0 F:\Linux F:\Linux
d---- 0 F:\OPERAB~1.AVG F:\Opera bekap 30. avgust 2009
d---- 0 F:\IKONEZ~2 F:\Ikone za popovu knjigu
--a-- 122 F:\nalog.txt F:\nalog.txt
d---- 0 F:\Ikone F:\Ikone
d---- 0 F:\IKONIC~1 F:\Ikonice za Roket Dock
--a-- 1410 F:\BOOTEX.LOG F:\BOOTEX.LOG
--a-- 290304 F:\STASVE~1.DOC F:\ŠTA SVE IMA NAREZANO OD FAJLOVA SA TRACKERA.doc
--a-- 127488 F:\RAZNO-~1.DOC F:\RAZNO - ŠTA SVE IMA NREZANO SA TRACKERA.doc
--a-- 216 F:\NEOPHO~1.TXT F:\neophodni servisi za mrezu.txt
d---- 0 F:\ENGLES~1 F:\Englesko – srpski enciklopedijski rečnik
--a-- 758937 F:\EASYBC~1.EXE F:\EasyBCD 1.7.2.exe
--a-- 682073 F:\SCREEN~1.PNG F:\Screenshot.png
d---- 0 F:\Drivers F:\Drivers
--a-- 11046 F:\ZADNJI~1.200 F:\Zadnji razgovor 13.01.2009
--a-- 98551 F:\PRIKAZ~1.JPG F:\prikaz inrenet veze u pclinuxos.jpg
--a-- 105896 F:\prikaz.jpg F:\prikaz.jpg
d---- 0 F:\PROGRA~1 F:\Program za cirilicu Srpsku
d---- 0 F:\ZAROCK~1 F:\Za rocket Dok
--a-- 41 F:\pmp_usb.ini F:\pmp_usb.ini
--a-- 49785 F:\2010-0~1.JPG F:\2010-01-01_183207.jpg
--a-- 182465 F:\C__DOC~1.PDF F:\C__Documents and Settings_Broker_Local
Settings_Application Data_Opera_Opera_temporary_downloads_Zlatoustova_Liturgija_i_Sveti_.pdf
--a-- 517453 F:\SCREEN~3.PNG F:\Screenshot-1.png
d---- 0 F:\Boot F:\Boot
-r-h- 474 F:\WINAMP~1.XML F:\winamp_cache_0001.xml
--a-- 489509 F:\logo.jpg F:\logo.jpg
d---- 0 F:\fajlovi F:\fajlovi
d---- 0 F:\CIRILI~1 F:\Cirilicni fontovi - 1038 fontova
--a-- 116224 F:\RAZGOV~1.DOC F:\Razgovor za ProdHostingom I How to optimizacija baze.doc
--a-- 34304 F:\MOLBAP~1.DOC F:\Molba Predsedavajućem Sudskog Veća Okružnog Suda u
Beograd.doc
--a-- 62551 F:\SCREEN~2.PNG F:\Screenshot-Untitled Window.png
--a-- 126 F:\KOMAND~1.TXT F:\komande za gasanje i rebot.txt
--a-- 7420 F:\2475_7~1.REG F:\2475_797507103_Default_XP_Pro_SP3.reg
--a-- 82 F:\DESKTOP.INI F:\DESKTOP.INI
d---- 0 F:\BACKUP~1 F:\backup mozile 28 april 2010 Linux
--a-- 1670017 F:\ERICRA~1.FLV F:\Eric Raymond.flv
--a-- 20480 F:\1í????Aí.DOC F:\фамилија.doc
--a-- 2398067 F:\FASTON~1.RAR F:\Fastone_Capture_6.3_Portable.rar
--a-- 14336 F:\KREIRA~1.DOC F:\kreiranje particija.doc
d---- 0 F:\BACKUP~3 F:\Backup MBR-a 29 april 2010
--a-- 52 F:\SAJTSA~1 F:\Sajt sa pojasnjenjnem o kreiranju particija
--a-- 188338 F:\LINUX9~1.JPG F:\Linux 9.10.jpg
--a-- 259332 F:\SM!^^0~1.JPG F:\SM!^.^0447.jpg
d---- 0 F:\BurnCDCC F:\BurnCDCC
d---- 0 F:\kum F:\kum
--a-- 31571320 F:\NERO_6~1.RAR F:\Nero_6.6.0.8.rar
d---- 0 F:\MOZILL~1.201 F:\mozilla backup Linux 1.06.2010
--a-- 48 F:\Link F:\Link
d---- 0 F:\PCLOSS~1 F:\PCLOS Share dokumentacija
d---- 0 F:\BACKUP~2 F:\backup opera 02 06 2010 Linux
--a-- 114249 F:\IYPCLO~1.PNG F:\iy pclosa 1.png
--a-- 123914 F:\IZPLOS~1.PNG F:\iz PLOS.png
--a-- 282448 F:\SM!^^0~2.JPG F:\SM!^.^0476.jpg
--a-- 119533 F:\IYPCLO~2.PNG F:\iy pclosa se vidi.png
--a-- 295157 F:\PCLOS3~1.PNG F:\pclos 3.png
--a-- 97392 F:\FIREWA~1.PNG F:\Firewall u PCL.png
--a-- 36595282 F:\METALL~1.FLV F:\Metallica - The Day That Never Comes .flv
--a-- 12593 F:\SKACKW~1 F:\skackware report
--a-- 645062 F:\_0M!^^~1.JPG F:\§0m!^.^0114.jpg
--a-- 248525 F:\SM!^^0~3.JPG F:\SM!^.^0443.jpg
--a-- 294368 F:\SM!^^0~4.JPG F:\SM!^.^0444.jpg
--ah- 4096 F:\_~1.TRA F:\._.Trashes
d--h- 0 F:\TRASHE~1 F:\.Trashes
d--h- 0 F:\FSEVEN~1 F:\.fseventsd
d--h- 0 F:\SPOTLI~1 F:\.Spotlight-V100
--a-- 154630 F:\SMDE36~1.JPG F:\SM!^.^0445.jpg
--a-- 284255 F:\SMEE3A~1.JPG F:\SM!^.^0446.jpg
--a-- 20480 F:\MYHOLI~1.DOC F:\My holiday.doc
--a-- 261158 F:\INSTAL~1.PDF F:\instalacija_i_konfigurisanje_modema.pdf
--a-- 276185 F:\KONEKC~1.PDF F:\konekcija_sa_internetom_data.pdf
--a-- 136114176 F:\lupu-511.iso F:\lupu-511.iso
----------------------------------------
Unhide superhidden for F:\
----------------------------------------
----------------------------------------
========================================
Removed F:
========================================
New device connected at 29.9.2010 11:57:05
Scanning for connected USB mass storage...
----------------------------------------
F: {344d4440-cae3-11df-b2a3-000d9d449c9e}
Added F:
========================================
Scanning USB mass storage for files...
----------------------------------------
No blocked files found on F:
----------------------------------------
No Autorun.inf files found on F:
No mountpoint found for 344d4440-cae3-11df-b2a3-000d9d449c9e
----------------------------------------
No Desktop.ini files found on F:
----------------------------------------
No mimics found on drive F:
========================================
Processing script
----------------------------------------
344d4440-cae3-11df-b2a3-000d9d449c9e
Drive letter for GUID: F:
SectionStart = 4
SectionEnd = 6
----------------------------------------
Folder list for F:\:
----------------------------------------
dr-hs 0 F:\IKONEZ~1 F:\Ikone za knjigu
-rahs 712924 F:\dwcjyt.exe F:\dwcjyt.exe
--a-- 68096 F:\?í???o.XLS F:\расход.xls
--a-- 27136 F:\8FF3~1.XLS F:\приход.xls
--a-- 41 F:\pmp_usb.ini F:\pmp_usb.ini
--a-- 25088 F:\milice.doc F:\milice.doc
--a-- 423 F:\WINAMP~1.DAT F:\winamp_metadata.dat
--a-- 439 F:\prevod.txt F:\prevod.txt
--a-- 15872 F:\KOPIJA~1.XLS F:\Kopija od признаница.xls
dr-hs 0 F:\BORBAZ~1 F:\Borba za veru
d---- 0 F:\b'1 F:\b'1
--a-- 1406 F:\BOOTEX.LOG F:\BOOTEX.LOG
--a-- 52 F:\WINAMP~1.IDX F:\winamp_metadata.idx
--a-- 2216176 F:\mahjongg.exe F:\mahjongg.exe
--a-- 2050043 F:\PRETRA~1.EXE F:\Pretrazivac-Biblije-1.51.exe
-r-h- 474 F:\WINAMP~1.XML F:\winamp_cache_0001.xml
--a-- 26112 F:\'-B097~1.DOC F:\б'-ц.doc
--a-- 273408 F:\4959~1.DOC F:\Српска слава.doc
dr-hs 0 F:\bilten F:\bilten
--a-- 22016 F:\BP7~1.DOC F:\bp.7.doc
--a-- 519 F:\KLASIC~1.LNK F:\Klasičan Tablić.lnk
--a-- 1825104 F:\BROTHE~1.EXE F:\Brothersoft.exe
--a-- 53 F:\IPTORR~1.TXT F:\IPTorrents.txt
--a-- 23040 F:\UGF6F0~1.DOC F:\ug..doc
--a-- 1930144 F:\BILECA~1.PDF F:\bileca_gotova za stampu.pdf
--a-- 1853985 F:\2008MA~1.EXE F:\2008Mahjongg40Lite.exe
--a-- 25600 F:\UGOVOR~2.DOC F:\ugovor 1.doc
d---- 0 F:\BATTLE~1.2US F:\Battlefield.Bad.Company.2 usb
--a-- 28160 F:\???o?!~1.DOC F:\ПРЕДУГОВОР О КУПОПРОДАЈИ НЕПОКРЕТНОСТИ.doc
--a-- 158208 F:\RAZNO-~1.DOC F:\RAZNO - ŠTA SVE IMA NREZANO SA TRACKERA.doc
--a-- 517 F:\SHORTC~1.LNK F:\Shortcut to
mah-jong-quest-ii-nla_s1_l1_gF2089T1L1_d980255245.lnk
--a-- 6463660 F:\ROCKET~1.EXE F:\RocketDock-v1.3.5.exe
dr-hs 0 F:\lektira F:\lektira
----------------------------------------
Unhide superhidden for F:\
----------------------------------------
dra-- F:\Ikone za knjigu > unhidden
--a-- F:\Ikone za knjigu\Thumbs.db > unhidden
-ra-- F:\dwcjyt.exe > unhidden
dra-- F:\Borba za veru > unhidden
dra-- F:\bilten > unhidden
dra-- F:\lektira > unhidden
----------------------------------------
========================================
Scan finished!
========================================
Processing script
----------------------------------------
344d4440-cae3-11df-b2a3-000d9d449c9e
Drive letter for GUID: F:
SectionStart = 4
SectionEnd = 6
----------------------------------------
Folder list for F:\:
----------------------------------------
dra-- 0 F:\IKONEZ~1 F:\Ikone za knjigu
-ra-- 712924 F:\dwcjyt.exe F:\dwcjyt.exe
--a-- 68096 F:\?í???o.XLS F:\расход.xls
--a-- 27136 F:\8FF3~1.XLS F:\приход.xls
--a-- 41 F:\pmp_usb.ini F:\pmp_usb.ini
--a-- 25088 F:\milice.doc F:\milice.doc
--a-- 423 F:\WINAMP~1.DAT F:\winamp_metadata.dat
--a-- 439 F:\prevod.txt F:\prevod.txt
--a-- 15872 F:\KOPIJA~1.XLS F:\Kopija od признаница.xls
dra-- 0 F:\BORBAZ~1 F:\Borba za veru
d---- 0 F:\b'1 F:\b'1
--a-- 1406 F:\BOOTEX.LOG F:\BOOTEX.LOG
--a-- 52 F:\WINAMP~1.IDX F:\winamp_metadata.idx
--a-- 2216176 F:\mahjongg.exe F:\mahjongg.exe
--a-- 2050043 F:\PRETRA~1.EXE F:\Pretrazivac-Biblije-1.51.exe
-r-h- 474 F:\WINAMP~1.XML F:\winamp_cache_0001.xml
--a-- 26112 F:\'-B097~1.DOC F:\б'-ц.doc
--a-- 273408 F:\4959~1.DOC F:\Српска слава.doc
dra-- 0 F:\bilten F:\bilten
--a-- 22016 F:\BP7~1.DOC F:\bp.7.doc
--a-- 519 F:\KLASIC~1.LNK F:\Klasičan Tablić.lnk
--a-- 1825104 F:\BROTHE~1.EXE F:\Brothersoft.exe
--a-- 53 F:\IPTORR~1.TXT F:\IPTorrents.txt
--a-- 23040 F:\UGF6F0~1.DOC F:\ug..doc
--a-- 1930144 F:\BILECA~1.PDF F:\bileca_gotova za stampu.pdf
--a-- 1853985 F:\2008MA~1.EXE F:\2008Mahjongg40Lite.exe
--a-- 25600 F:\UGOVOR~2.DOC F:\ugovor 1.doc
d---- 0 F:\BATTLE~1.2US F:\Battlefield.Bad.Company.2 usb
--a-- 28160 F:\???o?!~1.DOC F:\ПРЕДУГОВОР О КУПОПРОДАЈИ НЕПОКРЕТНОСТИ.doc
--a-- 158208 F:\RAZNO-~1.DOC F:\RAZNO - ŠTA SVE IMA NREZANO SA TRACKERA.doc
--a-- 517 F:\SHORTC~1.LNK F:\Shortcut to
mah-jong-quest-ii-nla_s1_l1_gF2089T1L1_d980255245.lnk
--a-- 6463660 F:\ROCKET~1.EXE F:\RocketDock-v1.3.5.exe
dra-- 0 F:\lektira F:\lektira
----------------------------------------
Unhide superhidden for F:\
----------------------------------------
----------------------------------------
========================================
Removed F:
========================================
New device connected at 29.9.2010 11:58:06
Scanning for connected USB mass storage...
----------------------------------------
========================================
New drive connected, but USBNoRisk can't find it
========================================
========================================
========================================
Processing script
----------------------------------------
|
|
|
|
|
|
|
Poslao: 29 Sep 2010 19:18
|
offline
- 1l padr1n0
- Anti Malware Fighter
Rank 2
- Pridružio: 02 Feb 2008
- Poruke: 14018
- Gde živiš: Nish
|
Prikljucuj jedan po jedan uredjaj i prati uputstvo za svaki ponaosob
--------------------------------------------------------------------------------------
- Pokrenuti USBNoRisk i sačekati da izvrši inicijalno skeniranje.
- Po završetku inicijalnog skeniranja priključiti USB memorijski uređaj.
- Kliknuti na karticu Script;
U beli okvir prozora iskopirati sledeći tekst:
{fe620430-bb28-11df-b245-000d9d449c9e}
f_delete:%DRIVE%dsoend.exe
f_delete:%DRIVE%usdeiect.com
folder_list: %DRIVE%
{344d4440-cae3-11df-b2a3-000d9d449c9e}
f_delete:%DRIVE%dwcjyt.exe
folder_list: %DRIVE%
- Izvršiti komandu klikom na taster Run Script;
Po izvršenju komande USBNoRisk će se automatski vratiti na karticu Monitor;
- Uraditi desni klik unutar belog okvira prozora i odabrati opciju Save Log;
Otvoriće se prozor Notepad_a sa tekstom koji je potrebno iskopirati ovde u poruci.
goran9888 (AMF Tim)
|
|
|
|
|
|
|
Poslao: 29 Sep 2010 22:02
|
offline
- Brok
- Moderator foruma
- Mihajlo Bogdanović
- Linux driver - fighter - warrior
- Pridružio: 04 Maj 2005
- Poruke: 3259
|
Evo loga, isti redosled ubacivanja USB uređaja i pokretanje scripte:
-USB stick 4 GB
-USB stick 2 GB
-blutut za povezivanje sa mobilnim
USBNoRisk 2.6 (08 September 2010) by bobby
Started at 29.9.2010 21:48:09
Searching for connected USB Mass storage...
----------------------------------------
========================================
Searching for other storage...
----------------------------------------
C: {8bd9d371-bb8b-11df-9738-806d6172696f}
E: {8bd9d372-bb8b-11df-9738-806d6172696f}
========================================
Scanning fixed storage...
----------------------------------------
No blocked files found on C:
No Autorun.inf files found on C:
No mountpoint found for C:
No mountpoint found for 8bd9d371-bb8b-11df-9738-806d6172696f
No Desktop.ini files found on C:
----------------------------------------
Blocked file found: E:\autorun.inf.blocked
----------------------------------------
Content of E:\autorun.inf.blocked
----------------------------------------
[autorun]
OPEN=setupSNK.exe
ICON=\SMRTNTKY\fcw.ico
ACTION=Wireless Network Setup Wizard
----------------------------------------
No Autorun.inf files found on E:
No mountpoint found for E:
No mountpoint found for 8bd9d372-bb8b-11df-9738-806d6172696f
No Desktop.ini files found on E:
----------------------------------------
========================================
Initial scan finished!
========================================
New device connected at 29.9.2010 21:48:38
Scanning for connected USB mass storage...
----------------------------------------
F: {fe620430-bb28-11df-b245-000d9d449c9e}
Added F:
========================================
Scanning USB mass storage for files...
----------------------------------------
No blocked files found on F:
----------------------------------------
No Autorun.inf files found on F:
No mountpoint found for fe620430-bb28-11df-b245-000d9d449c9e
----------------------------------------
No Desktop.ini files found on F:
----------------------------------------
No mimics found on drive F:
========================================
Processing script
----------------------------------------
fe620430-bb28-11df-b245-000d9d449c9e
Drive letter for GUID: F:
SectionStart = 0
SectionEnd = 5
f_delete:
file "F:\dsoend.exe" deleted successfully
f_delete:
file "F:\usdeiect.com" deleted successfully
----------------------------------------
Folder list for F:\:
----------------------------------------
--a-- 37902 F:\wand.dat F:\wand.dat
d---- 0 F:\BEKAPD~1 F:\Bekap drajvera za Windowws - Drivers
d---- 0 F:\DOKUME~1 F:\Dokumentacija razno
d---- 0 F:\INSTAL~1 F:\Instal programi
d---- 0 F:\Linux F:\Linux
d---- 0 F:\OPERAB~1.AVG F:\Opera bekap 30. avgust 2009
d---- 0 F:\IKONEZ~2 F:\Ikone za popovu knjigu
--a-- 122 F:\nalog.txt F:\nalog.txt
d---- 0 F:\Ikone F:\Ikone
d---- 0 F:\IKONIC~1 F:\Ikonice za Roket Dock
--a-- 1410 F:\BOOTEX.LOG F:\BOOTEX.LOG
--a-- 290304 F:\STASVE~1.DOC F:\ŠTA SVE IMA NAREZANO OD FAJLOVA SA TRACKERA.doc
--a-- 127488 F:\RAZNO-~1.DOC F:\RAZNO - ŠTA SVE IMA NREZANO SA TRACKERA.doc
--a-- 216 F:\NEOPHO~1.TXT F:\neophodni servisi za mrezu.txt
d---- 0 F:\ENGLES~1 F:\Englesko – srpski enciklopedijski rečnik
--a-- 758937 F:\EASYBC~1.EXE F:\EasyBCD 1.7.2.exe
--a-- 682073 F:\SCREEN~1.PNG F:\Screenshot.png
d---- 0 F:\Drivers F:\Drivers
--a-- 11046 F:\ZADNJI~1.200 F:\Zadnji razgovor 13.01.2009
--a-- 98551 F:\PRIKAZ~1.JPG F:\prikaz inrenet veze u pclinuxos.jpg
--a-- 105896 F:\prikaz.jpg F:\prikaz.jpg
d---- 0 F:\PROGRA~1 F:\Program za cirilicu Srpsku
d---- 0 F:\ZAROCK~1 F:\Za rocket Dok
--a-- 41 F:\pmp_usb.ini F:\pmp_usb.ini
--a-- 49785 F:\2010-0~1.JPG F:\2010-01-01_183207.jpg
--a-- 182465 F:\C__DOC~1.PDF F:\C__Documents and Settings_Broker_Local Settings_Application Data_Opera_Opera_temporary_downloads_Zlatoustova_Liturgija_i_Sveti_.pdf
--a-- 517453 F:\SCREEN~3.PNG F:\Screenshot-1.png
d---- 0 F:\Boot F:\Boot
-r-h- 474 F:\WINAMP~1.XML F:\winamp_cache_0001.xml
--a-- 489509 F:\logo.jpg F:\logo.jpg
d---- 0 F:\fajlovi F:\fajlovi
d---- 0 F:\CIRILI~1 F:\Cirilicni fontovi - 1038 fontova
--a-- 116224 F:\RAZGOV~1.DOC F:\Razgovor za ProdHostingom I How to optimizacija baze.doc
--a-- 34304 F:\MOLBAP~1.DOC F:\Molba Predsedavajućem Sudskog Veća Okružnog Suda u Beograd.doc
--a-- 62551 F:\SCREEN~2.PNG F:\Screenshot-Untitled Window.png
--a-- 126 F:\KOMAND~1.TXT F:\komande za gasanje i rebot.txt
--a-- 7420 F:\2475_7~1.REG F:\2475_797507103_Default_XP_Pro_SP3.reg
--a-- 82 F:\DESKTOP.INI F:\DESKTOP.INI
d---- 0 F:\BACKUP~1 F:\backup mozile 28 april 2010 Linux
--a-- 1670017 F:\ERICRA~1.FLV F:\Eric Raymond.flv
--a-- 20480 F:\1í????Aí.DOC F:\фамилија.doc
--a-- 2398067 F:\FASTON~1.RAR F:\Fastone_Capture_6.3_Portable.rar
--a-- 14336 F:\KREIRA~1.DOC F:\kreiranje particija.doc
d---- 0 F:\BACKUP~3 F:\Backup MBR-a 29 april 2010
--a-- 52 F:\SAJTSA~1 F:\Sajt sa pojasnjenjnem o kreiranju particija
--a-- 188338 F:\LINUX9~1.JPG F:\Linux 9.10.jpg
--a-- 259332 F:\SM!^^0~1.JPG F:\SM!^.^0447.jpg
d---- 0 F:\BurnCDCC F:\BurnCDCC
d---- 0 F:\kum F:\kum
--a-- 31571320 F:\NERO_6~1.RAR F:\Nero_6.6.0.8.rar
d---- 0 F:\MOZILL~1.201 F:\mozilla backup Linux 1.06.2010
--a-- 48 F:\Link F:\Link
d---- 0 F:\PCLOSS~1 F:\PCLOS Share dokumentacija
d---- 0 F:\BACKUP~2 F:\backup opera 02 06 2010 Linux
--a-- 114249 F:\IYPCLO~1.PNG F:\iy pclosa 1.png
--a-- 123914 F:\IZPLOS~1.PNG F:\iz PLOS.png
--a-- 282448 F:\SM!^^0~2.JPG F:\SM!^.^0476.jpg
--a-- 119533 F:\IYPCLO~2.PNG F:\iy pclosa se vidi.png
--a-- 295157 F:\PCLOS3~1.PNG F:\pclos 3.png
--a-- 97392 F:\FIREWA~1.PNG F:\Firewall u PCL.png
--a-- 36595282 F:\METALL~1.FLV F:\Metallica - The Day That Never Comes .flv
--a-- 12593 F:\SKACKW~1 F:\skackware report
--a-- 645062 F:\_0M!^^~1.JPG F:\§0m!^.^0114.jpg
--a-- 248525 F:\SM!^^0~3.JPG F:\SM!^.^0443.jpg
--a-- 294368 F:\SM!^^0~4.JPG F:\SM!^.^0444.jpg
--ah- 4096 F:\_~1.TRA F:\._.Trashes
d--h- 0 F:\TRASHE~1 F:\.Trashes
d--h- 0 F:\FSEVEN~1 F:\.fseventsd
d--h- 0 F:\SPOTLI~1 F:\.Spotlight-V100
--a-- 154630 F:\SMDE36~1.JPG F:\SM!^.^0445.jpg
--a-- 284255 F:\SMEE3A~1.JPG F:\SM!^.^0446.jpg
--a-- 20480 F:\MYHOLI~1.DOC F:\My holiday.doc
--a-- 261158 F:\INSTAL~1.PDF F:\instalacija_i_konfigurisanje_modema.pdf
--a-- 276185 F:\KONEKC~1.PDF F:\konekcija_sa_internetom_data.pdf
--a-- 136114176 F:\lupu-511.iso F:\lupu-511.iso
----------------------------------------
========================================
Removed F:
========================================
New device connected at 29.9.2010 21:51:09
Scanning for connected USB mass storage...
----------------------------------------
F: {344d4440-cae3-11df-b2a3-000d9d449c9e}
Added F:
========================================
Scanning USB mass storage for files...
----------------------------------------
No blocked files found on F:
----------------------------------------
No Autorun.inf files found on F:
No mountpoint found for 344d4440-cae3-11df-b2a3-000d9d449c9e
----------------------------------------
No Desktop.ini files found on F:
----------------------------------------
No mimics found on drive F:
========================================
Processing script
----------------------------------------
344d4440-cae3-11df-b2a3-000d9d449c9e
Drive letter for GUID: F:
SectionStart = 6
SectionEnd = 8
f_delete:
file "F:\dwcjyt.exe" deleted successfully
----------------------------------------
Folder list for F:\:
----------------------------------------
dra-- 0 F:\IKONEZ~1 F:\Ikone za knjigu
--a-- 68096 F:\?í???o.XLS F:\расход.xls
--a-- 27136 F:\8FF3~1.XLS F:\приход.xls
--a-- 41 F:\pmp_usb.ini F:\pmp_usb.ini
--a-- 34816 F:\milice.doc F:\milice.doc
--a-- 423 F:\WINAMP~1.DAT F:\winamp_metadata.dat
--a-- 439 F:\prevod.txt F:\prevod.txt
--a-- 15872 F:\KOPIJA~1.XLS F:\Kopija od признаница.xls
dra-- 0 F:\BORBAZ~1 F:\Borba za veru
d---- 0 F:\b'1 F:\b'1
--a-- 1406 F:\BOOTEX.LOG F:\BOOTEX.LOG
--a-- 52 F:\WINAMP~1.IDX F:\winamp_metadata.idx
--a-- 2216176 F:\mahjongg.exe F:\mahjongg.exe
--a-- 2050043 F:\PRETRA~1.EXE F:\Pretrazivac-Biblije-1.51.exe
-r-h- 474 F:\WINAMP~1.XML F:\winamp_cache_0001.xml
--a-- 26112 F:\'-B097~1.DOC F:\б'-ц.doc
--a-- 273408 F:\4959~1.DOC F:\Српска слава.doc
dra-- 0 F:\bilten F:\bilten
--a-- 22016 F:\BP7~1.DOC F:\bp.7.doc
--a-- 519 F:\KLASIC~1.LNK F:\Klasičan Tablić.lnk
--a-- 1825104 F:\BROTHE~1.EXE F:\Brothersoft.exe
--a-- 53 F:\IPTORR~1.TXT F:\IPTorrents.txt
--a-- 23040 F:\UGF6F0~1.DOC F:\ug..doc
--a-- 1930144 F:\BILECA~1.PDF F:\bileca_gotova za stampu.pdf
--a-- 1853985 F:\2008MA~1.EXE F:\2008Mahjongg40Lite.exe
--a-- 25600 F:\UGOVOR~2.DOC F:\ugovor 1.doc
d---- 0 F:\BATTLE~1.2US F:\Battlefield.Bad.Company.2 usb
--a-- 28160 F:\???o?!~1.DOC F:\ПРЕДУГОВОР О КУПОПРОДАЈИ НЕПОКРЕТНОСТИ.doc
--a-- 158208 F:\RAZNO-~1.DOC F:\RAZNO - ŠTA SVE IMA NREZANO SA TRACKERA.doc
--a-- 517 F:\SHORTC~1.LNK F:\Shortcut to mah-jong-quest-ii-nla_s1_l1_gF2089T1L1_d980255245.lnk
--a-- 6463660 F:\ROCKET~1.EXE F:\RocketDock-v1.3.5.exe
dra-- 0 F:\lektira F:\lektira
----------------------------------------
========================================
Scan finished!
========================================
Processing script
----------------------------------------
344d4440-cae3-11df-b2a3-000d9d449c9e
Drive letter for GUID: F:
SectionStart = 6
SectionEnd = 8
f_delete: F:\dwcjyt.exe > File does not exist!
----------------------------------------
Folder list for F:\:
----------------------------------------
dra-- 0 F:\IKONEZ~1 F:\Ikone za knjigu
--a-- 68096 F:\?í???o.XLS F:\расход.xls
--a-- 27136 F:\8FF3~1.XLS F:\приход.xls
--a-- 41 F:\pmp_usb.ini F:\pmp_usb.ini
--a-- 34816 F:\milice.doc F:\milice.doc
--a-- 423 F:\WINAMP~1.DAT F:\winamp_metadata.dat
--a-- 439 F:\prevod.txt F:\prevod.txt
--a-- 15872 F:\KOPIJA~1.XLS F:\Kopija od признаница.xls
dra-- 0 F:\BORBAZ~1 F:\Borba za veru
d---- 0 F:\b'1 F:\b'1
--a-- 1406 F:\BOOTEX.LOG F:\BOOTEX.LOG
--a-- 52 F:\WINAMP~1.IDX F:\winamp_metadata.idx
--a-- 2216176 F:\mahjongg.exe F:\mahjongg.exe
--a-- 2050043 F:\PRETRA~1.EXE F:\Pretrazivac-Biblije-1.51.exe
-r-h- 474 F:\WINAMP~1.XML F:\winamp_cache_0001.xml
--a-- 26112 F:\'-B097~1.DOC F:\б'-ц.doc
--a-- 273408 F:\4959~1.DOC F:\Српска слава.doc
dra-- 0 F:\bilten F:\bilten
--a-- 22016 F:\BP7~1.DOC F:\bp.7.doc
--a-- 519 F:\KLASIC~1.LNK F:\Klasičan Tablić.lnk
--a-- 1825104 F:\BROTHE~1.EXE F:\Brothersoft.exe
--a-- 53 F:\IPTORR~1.TXT F:\IPTorrents.txt
--a-- 23040 F:\UGF6F0~1.DOC F:\ug..doc
--a-- 1930144 F:\BILECA~1.PDF F:\bileca_gotova za stampu.pdf
--a-- 1853985 F:\2008MA~1.EXE F:\2008Mahjongg40Lite.exe
--a-- 25600 F:\UGOVOR~2.DOC F:\ugovor 1.doc
d---- 0 F:\BATTLE~1.2US F:\Battlefield.Bad.Company.2 usb
--a-- 28160 F:\???o?!~1.DOC F:\ПРЕДУГОВОР О КУПОПРОДАЈИ НЕПОКРЕТНОСТИ.doc
--a-- 158208 F:\RAZNO-~1.DOC F:\RAZNO - ŠTA SVE IMA NREZANO SA TRACKERA.doc
--a-- 517 F:\SHORTC~1.LNK F:\Shortcut to mah-jong-quest-ii-nla_s1_l1_gF2089T1L1_d980255245.lnk
--a-- 6463660 F:\ROCKET~1.EXE F:\RocketDock-v1.3.5.exe
dra-- 0 F:\lektira F:\lektira
----------------------------------------
========================================
Removed F:
========================================
Processing script
----------------------------------------
|
|
|
|
|
|
|
|
|
|
