Poslao: 08 Jul 2010 13:10
|
offline
- karavela
- Novi MyCity građanin
- Pridružio: 12 Apr 2007
- Poruke: 24
|
USBNoRisk 2.5 (26 July 2009) by bobby
Started at 8.7.2010 13:08:34
Searching for connected USB Mass storage...
----------------------------------------
========================================
Searching for other storage...
----------------------------------------
C: {10edbcaa-da4d-11dc-9435-806d6172696f}
D: {10edbcab-da4d-11dc-9435-806d6172696f}
========================================
Scanning fixed storage...
----------------------------------------
No blocked files found on C:
No Autorun.inf files found on C:
No mountpoint found for C:
No mountpoint found for 10edbcaa-da4d-11dc-9435-806d6172696f
No Desktop.ini files found on C:
----------------------------------------
No blocked files found on D:
No Autorun.inf files found on D:
No mountpoint found for D:
No mountpoint found for 10edbcab-da4d-11dc-9435-806d6172696f
No Desktop.ini files found on D:
----------------------------------------
autorun.inf found in Qoobox
----------------------------------------
Content of C:\QooBox\Quarantine\C\autorun.inf.vir
----------------------------------------
[AutoRun]
open=x3xh.exe
shell\open\Command=x3xh.exe
----------------------------------------
Content of C:\QooBox\Quarantine\D\autorun.inf.vir
----------------------------------------
[AutoRun]
open=x3xh.exe
shell\open\Command=x3xh.exe
----------------------------------------
========================================
Initial scan finished!
========================================
New device connected at 8.7.2010 13:09:12
Scanning for connected USB mass storage...
----------------------------------------
G: {805333c4-1068-11dd-9cc4-00e04d5f1c8d}
Added G:
========================================
Scanning USB mass storage for files...
----------------------------------------
Blocked file found: G:\autorun.inf.blocked
----------------------------------------
Content of G:\autorun.inf.blocked
----------------------------------------
[AutoRun]
open=g6jk.exe
shell\open\Command=g6jk.exe
----------------------------------------
Files referenced from G:\autorun.inf.blocked
----------------------------------------
G:\g6jk.exe -r-hs 117248
----------------------------------------
----------------------------------------
No Autorun.inf files found on G:
No mountpoint found for 805333c4-1068-11dd-9cc4-00e04d5f1c8d
----------------------------------------
No Desktop.ini files found on G:
----------------------------------------
No mimics found on drive G:
========================================
Processing script
----------------------------------------
805333c4-1068-11dd-9cc4-00e04d5f1c8d
Drive letter for GUID: G:
SectionStart = 0
SectionEnd = 4
----------------------------------------
Unhide superhidden for G:\
----------------------------------------
-ra-- G:\p9rs.exe > unhidden
-ra-- G:\g6jk.exe > unhidden
--a-- G:\Clash Of The Titans 2010 TS IWANNADOWNLOAD.com\Thumbs.db > unhidden
----------------------------------------
Deleting blocked files:
----------------------------------------
Delete: G:\autorun.inf.blocked > Done!
f_delete:
file "G:\g6jk.exe" deleted successfully
----------------------------------------
Folder list for G:\:
----------------------------------------
-ra-- 112640 G:\p9rs.exe G:\p9rs.exe
d---- 0 G:\CLASHO~1.COM G:\Clash Of The Titans 2010 TS IWANNADOWNLOAD.com
--a-- 587264 G:\USMENA~1.DOC G:\Usmena književnost.doc
----------------------------------------
|
|
|
|
Poslao: 08 Jul 2010 22:55
|
offline
- Bogdan-Tc
- Anti Malware Fighter
Rank 1
- Pridružio: 04 Jan 2009
- Poruke: 2168
|
- Pokrenuti USBNoRisk i sačekati da izvrši inicijalno skeniranje.
- Po završetku inicijalnog skeniranja priključiti USB memorijski uređaj.
- Kliknuti na karticu Script;
U beli okvir prozora iskopirati sledeći tekst:
{805333c4-1068-11dd-9cc4-00e04d5f1c8d}
f_delete: D:\x3xh.exe
f_delete: %DRIVE%\p9rs.exe
- Izvršiti komandu klikom na taster Run Script;
Po izvršenju komande USBNoRisk će se automatski vratiti na karticu Monitor;
- Uraditi desni klik unutar belog okvira prozora i odabrati opciju Save Log;
Otvoriće se prozor Notepad_a sa tekstom koji je potrebno iskopirati ovde u poruci.
|
|
|
|
Poslao: 09 Jul 2010 08:08
|
offline
- karavela
- Novi MyCity građanin
- Pridružio: 12 Apr 2007
- Poruke: 24
|
USBNoRisk 2.5 (26 July 2009) by bobby
Started at 9.7.2010 08:08:08
Searching for connected USB Mass storage...
----------------------------------------
========================================
Searching for other storage...
----------------------------------------
C: {10edbcaa-da4d-11dc-9435-806d6172696f}
D: {10edbcab-da4d-11dc-9435-806d6172696f}
========================================
Scanning fixed storage...
----------------------------------------
No blocked files found on C:
No Autorun.inf files found on C:
No mountpoint found for C:
No mountpoint found for 10edbcaa-da4d-11dc-9435-806d6172696f
No Desktop.ini files found on C:
----------------------------------------
No blocked files found on D:
No Autorun.inf files found on D:
No mountpoint found for D:
No mountpoint found for 10edbcab-da4d-11dc-9435-806d6172696f
No Desktop.ini files found on D:
----------------------------------------
autorun.inf found in Qoobox
----------------------------------------
Content of C:\QooBox\Quarantine\C\autorun.inf.vir
----------------------------------------
[AutoRun]
open=x3xh.exe
shell\open\Command=x3xh.exe
----------------------------------------
Content of C:\QooBox\Quarantine\D\autorun.inf.vir
----------------------------------------
[AutoRun]
open=x3xh.exe
shell\open\Command=x3xh.exe
----------------------------------------
========================================
Initial scan finished!
========================================
New device connected at 9.7.2010 08:08:19
Scanning for connected USB mass storage...
----------------------------------------
G: {805333c4-1068-11dd-9cc4-00e04d5f1c8d}
Added G:
========================================
Scanning USB mass storage for files...
----------------------------------------
No blocked files found on G:
----------------------------------------
No Autorun.inf files found on G:
No mountpoint found for 805333c4-1068-11dd-9cc4-00e04d5f1c8d
----------------------------------------
No Desktop.ini files found on G:
----------------------------------------
No mimics found on drive G:
========================================
Processing script
----------------------------------------
805333c4-1068-11dd-9cc4-00e04d5f1c8d
Drive letter for GUID: G:
SectionStart = 0
SectionEnd = 2
f_delete:
file "D:\x3xh.exe" deleted successfully
f_delete:
file "G:\\p9rs.exe" deleted successfully
----------------------------------------
|
|
|
|
|
|
|
Poslao: 09 Jul 2010 09:56
|
offline
- karavela
- Novi MyCity građanin
- Pridružio: 12 Apr 2007
- Poruke: 24
|
Jeeeeeeeeeeeeeeeeeee, i jos malo jeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
Hvala i uzivaj bez "te" (ko razume, shvatice)
|
|
|
|