|
Poslao: 08 Apr 2009 15:33
|
offline
- Miljan1975
- Novi MyCity građanin
- Pridružio: 24 Feb 2009
- Poruke: 15
|
meni mis ide preko USB, i citac kartica takodje...da li trebam prvo da ih iskljucim kad startujem program ili da ostanu ukljuceni....?
|
|
|
|
|
|
|
Poslao: 08 Apr 2009 15:38
|
offline
- bobby
- Administrator
- Pridružio: 04 Sep 2003
- Poruke: 24135
- Gde živiš: Wien
|
Izvinjavam se na upadanju...
Samo USB memorije su nam bitne. Mis, tastature, stampaci i ostalo nije.
Citac kartica ne spada u memorije, ali zato kartice spadaju. Znaci, citac neka ostane, ali povadi kartice. Kartice onda ukljucuj u postupku skeniranja kako ti je diarno objasnio u prethodnoj poruci.
|
|
|
|
|
|
|
Poslao: 09 Apr 2009 09:05
|
offline
- Miljan1975
- Novi MyCity građanin
- Pridružio: 24 Feb 2009
- Poruke: 15
|
USBNoRisk 1.6 by bobby
Started at 9.4.2009 9:03:08
Scanning for connected USB Mass storage...
----------------------------------------
========================================
Scanning for other storage...
----------------------------------------
C: {2b39a05e-6627-11dd-afb6-806d6172696f}
E: {2b39a05f-6627-11dd-afb6-806d6172696f}
========================================
Scanning fixed storage for autorun.inf files...
----------------------------------------
Autorun.inf on C: - None
----------------------------------------
Sanitizing Shell Menu...
----------------------------------------
No key found for C:
No key found for 2b39a05e-6627-11dd-afb6-806d6172696f
========================================
Autorun.inf on E: - None
----------------------------------------
Sanitizing Shell Menu...
----------------------------------------
No key found for E:
No key found for 2b39a05f-6627-11dd-afb6-806d6172696f
========================================
autorun.inf found in Qoobox
----------------------------------------
Content of C:\QooBox\Quarantine\C\WINDOWS\system32\autorun.inf.vir
----------------------------------------
;tIIcJAZtzxFxpebjoBESdqSSgvzewinbPScnjvpWfvaOpaUSZd
;OTUoXqTnjLiKCCNEGbSvvyQnQEwvsHlCFqEsRiLrQRVzwyiTrVsTcZxcLxIoxgLpYqbtapUQsSoXC
;YnRivgxYnzrwEEqICjXYHxwlEMGVdWiiFzEQSCkqJzNUPKInOVU
;TLijilzvKqdEyNTzAfTMKnkJxXGZFpkPHhn
;fMQXNIKdDUeTCdXJOrosAKyPKrdegDvMDZIHjkzFyvQGcoVeWXSLkWDemrwz
[AutoRun]
;MfrFNgbhwsOasNFQagyDBkFGg
;GWnDOuKyUsjHUJsOquQhdoPadvivuxBq
;45F27A231FB7BAE1D91E01290B37BEA78EFB0F9AB727D2C7BFC81571
open=eumign.exe
;urDRfNnPkqYCkyuIdWERLUBjVnCOFpdLpkTWpfXBBlxmXeFYLH
;aPizZKOMpuOdQQJGRdSgYyxxEpmrhDEoRVKSQUIKjqBKwV
;TNwKVAFwVhykaDoCZAsaHUBvtkNEBOyIuKnBBUngyLoCivvnuIuuAZEGrHDOmRYQGNdVErQhdbmRTxEm
;VgUNCANcKWbHRYEngjEfLRZzNoZemnMIJZOfjFMapWHU
;hBLxaRWilLnQHTANkrrLiFhDfHjAnRsdLyBTvDzZVkNdsWsFExCzEaZwBSuDiEDbfAEYKlOCrAxo
;Icon=%system%\shell32.dll,7
UseAutoPlay=1
;hqTLzSZcEMjrGfMRRpJPvmimopXqXCtbwTyGmhgrGCkFvqvsLPsiwQgbHljdggkFKMjxc
action=Open Drive
;GFxbmFzcVbviCCTe
;WDlTGatsnfqujEOmyXXRHyODvOQwkpmKHmUuhItBSsZuMKMUonjtQgmckYLdkMuQwaTLa
;BdYwOMLjjfkneyyFWvhrXXJksgPguuzZiFgtOtbJCFEUHYkSMLVZGUwHfkiRYOILF
;JNgMfEdGaHtRILalAWnWgLxWIvqZrdpDgLuhRxYuPXqlWx
action= @eumign.exe
;BFrdZwawsALbafdxMjRrRtqr
;NzRfhbSZoyZFOjrIeIElRdMBX
;khPxRHSGRVjKurBsexgjZMpSoBqWglQJKwh
;UygTtaPI
;SabQJSXIldgYMAmxMIGUzLMihfDRkeTpviClarshEHaDopYHFuhOwyguvHUa
;eqrDciVUmWGjwWmyeZcdPYaIwkNaFzczCZprWjPsqBbEfDBNgvHEatQyIssfArEuRSvQZBYYe
;xCqsBOwzCXkKclaICAQUpwLfNkusngTHQcxiIXycGNumnfDc
;nPnCbZicVJPjyZDctuAKLTHXsdoG
shell\open\Command=eumign.exe
shell\open\Default=1
;KglnFHahPaiqBXJHRRvMAfPwRQckoPxYOPZLAroZSpuUSumwkslylpNMGoPVuAZaJTBMmhBBsodpguV
;pIFadRbvHrKSwUzazXCZpORsIRkTVLqjxasfXllzZVvazgXizPVAqwUSmg
shell\explore\Command=eumign.exe
;JXlYrMcCDfZfvtjfMmDJbbQZSylriBvaMHzJvZEusIPhYFvIhrbNNxXNBrzXsRZLmPAMjecqIC
----------------------------------------
New device connected at 9.4.2009 9:03:11
Scanning for connected USB mass storage...
----------------------------------------
G: {1d813d4b-6774-11dd-95b7-0015af4210e6}
Added G:
========================================
Scanning USB mass storage for files...
----------------------------------------
Blocked file found: G:\autorun.inf.blocked
----------------------------------------
Content of G:\autorun.inf.blocked
----------------------------------------
;xuKeqKcnGEnbKifCcwmTYXBwhIfKUKPabJSkLTICrjtbTmRMLkoOGeHONOjjCjoFsHknQKHUn
;CYzdHuGKtLKhidiwTHy
;DuWTGGMaqwhqwpEK
;Rkctrm
[AutoRun]
open=dystqn.exe
Icon=%system%\shell32.dll,7
;CNELMyUhJlGUWNimQStZhCIfHvKiOxcxWRVg
;45F27A231FB7BAE1D91D015E0840BDAA8FF90F9AB727D2C7BFC81571
;DcihTTUOOqfV
UseAutoPlay=1
;TUrhYQTKPnvQqDyd
;ouXlATjmhKQrteDBbgPsdQJZDvOFrRstQCFgGaFhmLMKwqlBYpEMwigCTHuncB
;tObRuXouBnrWcwGwVaMUVTIDSLyqNtyCYeJtaNDkBnyBOevdojJzdGSgFDTaCUS
action=Open Drive
action= @dystqn.exe
;BqbraUMmtfEpvZdJAArjRetAAozfoziOkXvBbDMRfDRJxCiLyhDqFOeDmjHXEBtAUDjM
;NwDhOtYirTHBEEDcSFQhbCdPrhvmJFTqKnNviZYAlTMtbrPcQpWpVgDDfXqi
shell\open\Command=dystqn.exe
;xzpNtgpgZDcmZWatZ
;oESSEzfitkOWyLAeGRYlaWQIrI
shell\open\Default=1
;vONusEFLeOTdLSPjLSfPDnZxdYaCy
;l
;INHTQjecdkAtoGFrSnBMBpRJOvzmNouvqzMQpmKWqlBquFxSPySgTTmesT
;kcnCBxbfBfJTubuAqbbLyLu
;xQkvJHeq
;opnHAtkEREmBIsiULLeqgnPqQGCGjiKzPfmennfdagsUNQaBMRlUIRtaTWhu
;oUaYxHBZOQUEGYRHBEecRZthldAfmsvnKYfoHvsZhuwmXbVmtdfmAjaAPxmg
shell\explore\Command=dystqn.exe
;WhWMBhcvRetWTPVNgGXMyyxPswiNhDf
----------------------------------------
Files referenced from G:\autorun.inf.blocked
----------------------------------------
None
----------------------------------------
----------------------------------------
Autorun.inf on G: - None
----------------------------------------
Sanitizing Shell Menu...
----------------------------------------
No key found for 1d813d4b-6774-11dd-95b7-0015af4210e6
========================================
----------------------------------------
Desktop.ini on G: - None
----------------------------------------
========================================
========================================
Removed G:
========================================
New device connected at 9.4.2009 9:03:34
Scanning for connected USB mass storage...
----------------------------------------
F: {a2830c70-7f0e-11dd-95cf-0015af4210e6}
Added F:
========================================
Scanning USB mass storage for files...
----------------------------------------
Blocked file found: F:\autorun.inf.blocked
----------------------------------------
Content of F:\autorun.inf.blocked
----------------------------------------
;xuKeqKcnGEnbKifCcwmTYXBwhIfKUKPabJSkLTICrjtbTmRMLkoOGeHONOjjCjoFsHknQKHUn
;CYzdHuGKtLKhidiwTHy
;DuWTGGMaqwhqwpEK
;Rkctrm
[AutoRun]
open=dystqn.exe
Icon=%system%\shell32.dll,7
;CNELMyUhJlGUWNimQStZhCIfHvKiOxcxWRVg
;45F27A231FB7BAE1D91D015E0840BDAA8FF90F9AB727D2C7BFC81571
;DcihTTUOOqfV
UseAutoPlay=1
;TUrhYQTKPnvQqDyd
;ouXlATjmhKQrteDBbgPsdQJZDvOFrRstQCFgGaFhmLMKwqlBYpEMwigCTHuncB
;tObRuXouBnrWcwGwVaMUVTIDSLyqNtyCYeJtaNDkBnyBOevdojJzdGSgFDTaCUS
action=Open Drive
action= @dystqn.exe
;BqbraUMmtfEpvZdJAArjRetAAozfoziOkXvBbDMRfDRJxCiLyhDqFOeDmjHXEBtAUDjM
;NwDhOtYirTHBEEDcSFQhbCdPrhvmJFTqKnNviZYAlTMtbrPcQpWpVgDDfXqi
shell\open\Command=dystqn.exe
;xzpNtgpgZDcmZWatZ
;oESSEzfitkOWyLAeGRYlaWQIrI
shell\open\Default=1
;vONusEFLeOTdLSPjLSfPDnZxdYaCy
;l
;INHTQjecdkAtoGFrSnBMBpRJOvzmNouvqzMQpmKWqlBquFxSPySgTTmesT
;kcnCBxbfBfJTubuAqbbLyLu
;xQkvJHeq
;opnHAtkEREmBIsiULLeqgnPqQGCGjiKzPfmennfdagsUNQaBMRlUIRtaTWhu
;oUaYxHBZOQUEGYRHBEecRZthldAfmsvnKYfoHvsZhuwmXbVmtdfmAjaAPxmg
shell\explore\Command=dystqn.exe
;WhWMBhcvRetWTPVNgGXMyyxPswiNhDf
----------------------------------------
Files referenced from F:\autorun.inf.blocked
----------------------------------------
F:\dystqn.exe -rahs 345510
----------------------------------------
----------------------------------------
Autorun.inf on F: - None
----------------------------------------
Sanitizing Shell Menu...
----------------------------------------
No key found for a2830c70-7f0e-11dd-95cf-0015af4210e6
========================================
----------------------------------------
Desktop.ini on F: - None
----------------------------------------
========================================
========================================
Removed F:
========================================
|
|
|
|
|
|
|
Poslao: 10 Apr 2009 19:12
|
offline
- diarno
- Anti Malware Fighter
Rank 2
- Pridružio: 15 Jun 2007
- Poruke: 5572
|
Pokreni ponovo UsbNoRisk
Klikni na tab Script... Iskopiraj tamo sledeci text
{a2830c70-7f0e-11dd-95cf-0015af4210e6}
delete: %DRIVE%dystqn.exe
delete_blocked:
{2b39a05f-6627-11dd-afb6-806d6172696f}
delete: %DRIVE%eumign.exe
Zatim prebaci se na karticu Monitor. Zatim ubaci poslednji usb koji si ubacivao prilikom prethodnog koriscenja ovog programa.
I na kraju kada se proces skeniranja i ciscenja zavrsi desni klik na prozor gde se nalazi log i odaberi save log...Otvorice se notepad sa textom>Taj text iskopiraj u sledecoj svojoj poruci.
|
|
|
|
|
|
|
Poslao: 13 Apr 2009 09:10
|
offline
- Miljan1975
- Novi MyCity građanin
- Pridružio: 24 Feb 2009
- Poruke: 15
|
USBNoRisk 1.6 by bobby
Started at 13.4.2009 9:07:49
Scanning for connected USB Mass storage...
----------------------------------------
========================================
Scanning for other storage...
----------------------------------------
C: {2b39a05e-6627-11dd-afb6-806d6172696f}
E: {2b39a05f-6627-11dd-afb6-806d6172696f}
========================================
Scanning fixed storage for autorun.inf files...
----------------------------------------
Autorun.inf on C: - None
----------------------------------------
Sanitizing Shell Menu...
----------------------------------------
No key found for C:
No key found for 2b39a05e-6627-11dd-afb6-806d6172696f
========================================
Autorun.inf on E: - None
----------------------------------------
Sanitizing Shell Menu...
----------------------------------------
No key found for E:
No key found for 2b39a05f-6627-11dd-afb6-806d6172696f
========================================
autorun.inf found in Qoobox
----------------------------------------
Content of C:\QooBox\Quarantine\C\WINDOWS\system32\autorun.inf.vir
----------------------------------------
;tIIcJAZtzxFxpebjoBESdqSSgvzewinbPScnjvpWfvaOpaUSZd
;OTUoXqTnjLiKCCNEGbSvvyQnQEwvsHlCFqEsRiLrQRVzwyiTrVsTcZxcLxIoxgLpYqbtapUQsSoXC
;YnRivgxYnzrwEEqICjXYHxwlEMGVdWiiFzEQSCkqJzNUPKInOVU
;TLijilzvKqdEyNTzAfTMKnkJxXGZFpkPHhn
;fMQXNIKdDUeTCdXJOrosAKyPKrdegDvMDZIHjkzFyvQGcoVeWXSLkWDemrwz
[AutoRun]
;MfrFNgbhwsOasNFQagyDBkFGg
;GWnDOuKyUsjHUJsOquQhdoPadvivuxBq
;45F27A231FB7BAE1D91E01290B37BEA78EFB0F9AB727D2C7BFC81571
open=eumign.exe
;urDRfNnPkqYCkyuIdWERLUBjVnCOFpdLpkTWpfXBBlxmXeFYLH
;aPizZKOMpuOdQQJGRdSgYyxxEpmrhDEoRVKSQUIKjqBKwV
;TNwKVAFwVhykaDoCZAsaHUBvtkNEBOyIuKnBBUngyLoCivvnuIuuAZEGrHDOmRYQGNdVErQhdbmRTxEm
;VgUNCANcKWbHRYEngjEfLRZzNoZemnMIJZOfjFMapWHU
;hBLxaRWilLnQHTANkrrLiFhDfHjAnRsdLyBTvDzZVkNdsWsFExCzEaZwBSuDiEDbfAEYKlOCrAxo
;Icon=%system%\shell32.dll,7
UseAutoPlay=1
;hqTLzSZcEMjrGfMRRpJPvmimopXqXCtbwTyGmhgrGCkFvqvsLPsiwQgbHljdggkFKMjxc
action=Open Drive
;GFxbmFzcVbviCCTe
;WDlTGatsnfqujEOmyXXRHyODvOQwkpmKHmUuhItBSsZuMKMUonjtQgmckYLdkMuQwaTLa
;BdYwOMLjjfkneyyFWvhrXXJksgPguuzZiFgtOtbJCFEUHYkSMLVZGUwHfkiRYOILF
;JNgMfEdGaHtRILalAWnWgLxWIvqZrdpDgLuhRxYuPXqlWx
action= @eumign.exe
;BFrdZwawsALbafdxMjRrRtqr
;NzRfhbSZoyZFOjrIeIElRdMBX
;khPxRHSGRVjKurBsexgjZMpSoBqWglQJKwh
;UygTtaPI
;SabQJSXIldgYMAmxMIGUzLMihfDRkeTpviClarshEHaDopYHFuhOwyguvHUa
;eqrDciVUmWGjwWmyeZcdPYaIwkNaFzczCZprWjPsqBbEfDBNgvHEatQyIssfArEuRSvQZBYYe
;xCqsBOwzCXkKclaICAQUpwLfNkusngTHQcxiIXycGNumnfDc
;nPnCbZicVJPjyZDctuAKLTHXsdoG
shell\open\Command=eumign.exe
shell\open\Default=1
;KglnFHahPaiqBXJHRRvMAfPwRQckoPxYOPZLAroZSpuUSumwkslylpNMGoPVuAZaJTBMmhBBsodpguV
;pIFadRbvHrKSwUzazXCZpORsIRkTVLqjxasfXllzZVvazgXizPVAqwUSmg
shell\explore\Command=eumign.exe
;JXlYrMcCDfZfvtjfMmDJbbQZSylriBvaMHzJvZEusIPhYFvIhrbNNxXNBrzXsRZLmPAMjecqIC
----------------------------------------
New device connected at 13.4.2009 9:08:36
Scanning for connected USB mass storage...
----------------------------------------
G: {1d813d4b-6774-11dd-95b7-0015af4210e6}
Added G:
========================================
Scanning USB mass storage for files...
----------------------------------------
Blocked file found: G:\autorun.inf.blocked
----------------------------------------
Content of G:\autorun.inf.blocked
----------------------------------------
;xuKeqKcnGEnbKifCcwmTYXBwhIfKUKPabJSkLTICrjtbTmRMLkoOGeHONOjjCjoFsHknQKHUn
;CYzdHuGKtLKhidiwTHy
;DuWTGGMaqwhqwpEK
;Rkctrm
[AutoRun]
open=dystqn.exe
Icon=%system%\shell32.dll,7
;CNELMyUhJlGUWNimQStZhCIfHvKiOxcxWRVg
;45F27A231FB7BAE1D91D015E0840BDAA8FF90F9AB727D2C7BFC81571
;DcihTTUOOqfV
UseAutoPlay=1
;TUrhYQTKPnvQqDyd
;ouXlATjmhKQrteDBbgPsdQJZDvOFrRstQCFgGaFhmLMKwqlBYpEMwigCTHuncB
;tObRuXouBnrWcwGwVaMUVTIDSLyqNtyCYeJtaNDkBnyBOevdojJzdGSgFDTaCUS
action=Open Drive
action= @dystqn.exe
;BqbraUMmtfEpvZdJAArjRetAAozfoziOkXvBbDMRfDRJxCiLyhDqFOeDmjHXEBtAUDjM
;NwDhOtYirTHBEEDcSFQhbCdPrhvmJFTqKnNviZYAlTMtbrPcQpWpVgDDfXqi
shell\open\Command=dystqn.exe
;xzpNtgpgZDcmZWatZ
;oESSEzfitkOWyLAeGRYlaWQIrI
shell\open\Default=1
;vONusEFLeOTdLSPjLSfPDnZxdYaCy
;l
;INHTQjecdkAtoGFrSnBMBpRJOvzmNouvqzMQpmKWqlBquFxSPySgTTmesT
;kcnCBxbfBfJTubuAqbbLyLu
;xQkvJHeq
;opnHAtkEREmBIsiULLeqgnPqQGCGjiKzPfmennfdagsUNQaBMRlUIRtaTWhu
;oUaYxHBZOQUEGYRHBEecRZthldAfmsvnKYfoHvsZhuwmXbVmtdfmAjaAPxmg
shell\explore\Command=dystqn.exe
;WhWMBhcvRetWTPVNgGXMyyxPswiNhDf
----------------------------------------
Files referenced from G:\autorun.inf.blocked
----------------------------------------
None
----------------------------------------
----------------------------------------
Autorun.inf on G: - None
----------------------------------------
Sanitizing Shell Menu...
----------------------------------------
No key found for 1d813d4b-6774-11dd-95b7-0015af4210e6
========================================
----------------------------------------
Desktop.ini on G: - None
----------------------------------------
========================================
Processing script
----------------------------------------
Drive letter for GUID: G:\
No script to process for G:\
----------------------------------------
========================================
|
|
|
|
|
|
|
Poslao: 14 Apr 2009 16:28
|
offline
- diarno
- Anti Malware Fighter
Rank 2
- Pridružio: 15 Jun 2007
- Poruke: 5572
|
Sorry ovo se malo oduzilo... elem ovde smo zavrsili
Idi Start> Run i kucaj tamo Combofix /u
To je to..PozZzz
|
|
|
|
|
|
|
|
