Napisano: 07 Jun 2010 13:45
Nema problema, ja sam takodje ovih dana bila u guzvi, postavicu log veceras ili sutra. Pozdrav
Dopuna: 09 Jun 2010 0:43
USBNoRisk 2.5 (26 July 2009) by bobby
Started at 9.6.2010 0:41:44
Searching for connected USB Mass storage...
----------------------------------------
========================================
Searching for other storage...
----------------------------------------
C: {d829255a-f96b-11dd-964a-806d6172696f}
D: {d829255b-f96b-11dd-964a-806d6172696f}
E: {d829255c-f96b-11dd-964a-806d6172696f}
========================================
Scanning fixed storage...
----------------------------------------
No blocked files found on C:
No Autorun.inf files found on C:
No mountpoint found for C:
No mountpoint found for d829255a-f96b-11dd-964a-806d6172696f
No Desktop.ini files found on C:
----------------------------------------
No blocked files found on D:
No Autorun.inf files found on D:
No mountpoint found for D:
No mountpoint found for d829255b-f96b-11dd-964a-806d6172696f
No Desktop.ini files found on D:
----------------------------------------
No blocked files found on E:
No Autorun.inf files found on E:
No mountpoint found for E:
No mountpoint found for d829255c-f96b-11dd-964a-806d6172696f
No Desktop.ini files found on E:
----------------------------------------
========================================
Initial scan finished!
========================================
New device connected at 9.6.2010 0:42:25
Scanning for connected USB mass storage...
----------------------------------------
G: {278178ef-a298-11de-b366-001644f459b5}
Added G:
========================================
Scanning USB mass storage for files...
----------------------------------------
No blocked files found on G:
----------------------------------------
No Autorun.inf files found on G:
No mountpoint found for 278178ef-a298-11de-b366-001644f459b5
----------------------------------------
No Desktop.ini files found on G:
----------------------------------------
Mimics found on drive G:
========================================
Processing script
----------------------------------------
278178ef-a298-11de-b366-001644f459b5
Drive letter for GUID: G:
SectionStart = 0
SectionEnd = 3
f_delete:
file "G:\1111a.exe" deleted successfully
----------------------------------------
Deleting mimics:
----------------------------------------
f_delete: C:\Win\lsass.exe > File does not exist!
----------------------------------------
Unhide superhidden for G:\
----------------------------------------
dra-- G:\1111a > unhidden
--a-- G:\1111a\New Folder\Thumbs.db > unhidden
--a-- G:\1111a\New Folder (2)\New Folder\Thumbs.db > unhidden
--a-- G:\1111a\New Folder (2)\New Folder (2)\Thumbs.db > unhidden
-ra-- G:\_111_.txt > unhidden
-ra-- G:\New Shortcut > unhidden
----------------------------------------
Dopuna: 09 Jun 2010 0:50
Samo da dodam da na e particiji jos uvek postoji par foldera sa ekstenzijom exe (1111.exe, informatika.exe...), ne znam da li je to od nekog znacaja ili ne, ali bolje da napisem...Ispod cu postaviti i sken sa drugog USB-a koji mi je danas vracen, koji je takodje prikljucivan u lap top dok je postojao virus...izvinite sto komplikujem, hvala puno!
Dopuna: 09 Jun 2010 0:54
USBNoRisk 2.5 (26 July 2009) by bobby
Started at 9.6.2010 0:51:41
Searching for connected USB Mass storage...
----------------------------------------
========================================
Searching for other storage...
----------------------------------------
C: {d829255a-f96b-11dd-964a-806d6172696f}
D: {d829255b-f96b-11dd-964a-806d6172696f}
E: {d829255c-f96b-11dd-964a-806d6172696f}
========================================
Scanning fixed storage...
----------------------------------------
No blocked files found on C:
No Autorun.inf files found on C:
No mountpoint found for C:
No mountpoint found for d829255a-f96b-11dd-964a-806d6172696f
No Desktop.ini files found on C:
----------------------------------------
No blocked files found on D:
No Autorun.inf files found on D:
No mountpoint found for D:
No mountpoint found for d829255b-f96b-11dd-964a-806d6172696f
No Desktop.ini files found on D:
----------------------------------------
No blocked files found on E:
No Autorun.inf files found on E:
No mountpoint found for E:
No mountpoint found for d829255c-f96b-11dd-964a-806d6172696f
No Desktop.ini files found on E:
----------------------------------------
========================================
Initial scan finished!
========================================
New device connected at 9.6.2010 0:51:57
Scanning for connected USB mass storage...
----------------------------------------
G: {71b51c88-fc17-11dd-b1fe-000df057a41e}
Added G:
========================================
Scanning USB mass storage for files...
----------------------------------------
Blocked file found: G:\autorun.inf.blocked
----------------------------------------
Content of G:\autorun.inf.blocked
----------------------------------------
?Ů???Ô?ň?Ňđ?'đě???ůĘ?Ę???ôŕé?ÂÖ?íveé??ÂĂFüŘÍ&[F|?ú?ÁÇë?OřĆJ??zYy?úĂ
[autorun
open=winsys/winavg.exe
;Ü?V
icon=%SystemRoot%\system32\SHELL32.dll,4
;??đ?
action=Open folder to view files using Windows Explorer
;t?C??éĆ
sHell\\\\open\\command=winsys/winavg.exe
;xí??V???
sHell\\explore\\\command=winsys/winavg.exe
;çë???t?Ü??
useautoplay=1
:GOTO END
----------------------------------------
Files referenced from G:\autorun.inf.blocked
----------------------------------------
None
----------------------------------------
----------------------------------------
No Autorun.inf files found on G:
No mountpoint found for 71b51c88-fc17-11dd-b1fe-000df057a41e
----------------------------------------
----------------------------------------
Desktop.ini found at G:\winsys\ contains interesting CLSID string
----------------------------------------
[.ShellClassInfo]
CLSID={645FF040-5081-101B-9F08-00AA002F954E}
----------------------------------------
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\TuneUp Undelete\Command,@ = "C:\Program Files\TuneUp Utilities 2009\Undelete.exe"
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\TuneUp Undelete\Command,@ = "C:\Program Files\TuneUp Utilities 2009\Undelete.exe"
----------------------------------------
Mimics found on drive G:
========================================
|