hijack log hitno!!!!

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

USBNoRisk 2.4 (1 June 2009) by bobby

Started at 7/21/2009 8:55:17 PM

Searching for connected USB Mass storage...
----------------------------------------
========================================

Searching for other storage...
----------------------------------------
C: {622bc09f-73b7-11de-ab5b-806d6172696f}
========================================


Scanning fixed storage...
----------------------------------------

No blocked files found on C:
No Autorun.inf files found on C:
No mountpoint found for C:
No mountpoint found for 622bc09f-73b7-11de-ab5b-806d6172696f
No Desktop.ini files found on C:
----------------------------------------

========================================
Initial scan finished!
========================================


New device connected at 7/21/2009 8:55:54 PM

Scanning for connected USB mass storage...
----------------------------------------
E: {699510ff-7437-11de-81c7-00c0a8bb9012}
Added E:
========================================

Scanning USB mass storage for files...
----------------------------------------
Blocked file found: E:\autorun.inf.blocked
----------------------------------------
Content of E:\autorun.inf.blocked
----------------------------------------
[autorun]
open=RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\windowsupdate.com
icon=%SystemRoot%\system32\SHELL32.dll,4
action=Open folder to view files
shell\open=Open
shell\open\command=RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\windowsupdate.com
shell\open\default=1
----------------------------------------

Files referenced from E:\autorun.inf.blocked
----------------------------------------
E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\windowsupdate.com -r-hs 19968
----------------------------------------

----------------------------------------
No Autorun.inf files found on E:
No mountpoint found for 699510ff-7437-11de-81c7-00c0a8bb9012
----------------------------------------

No Desktop.ini files found on E:
----------------------------------------

No mimics found on drive E:
========================================

Processing script
----------------------------------------
699510ff-7437-11de-81c7-00c0a8bb9012
Drive letter for GUID: E:
SectionStart = 0
SectionEnd = 2
----------------------------------------
Delete folder tree E:\RECYCLER:
----------------------------------------
File lock detected:
USBNoRisk cannot find what locked the file
Delete: E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\windowsupdate.com > Error!
Delete: E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini > Done!
Delete: E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013 > Error!
Delete: E:\RECYCLER > Error!
Delete: E:\RECYCLER > Error!
----------------------------------------
Deleting blocked files:
----------------------------------------
Delete: E:\autorun.inf.blocked > Done!
----------------------------------------

========================================
Scan finished!
========================================

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Iskljuci sav zastitni softver i uradi sledece

Pokreni ponovo USbNoRisk

Predji na karticu Script u USBNoRisku i tamo iskopiraj sledeci skript:


{699510ff-7437-11de-81c7-00c0a8bb9012}
folder_delete: %DRIVE%RECYCLER
f_delete: %DRIVE%RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\windowsupdate.com
delete_blocked:

Vrati se na karticu Monitor.
Nakon toga prikljuci na komp ipod i sacekaj da USBNoRisk automatski obavi skeniranje i ciscenje.

Kada to odradis, snimi ponovo log i iskopiraj mi ga ovde.