Provera loga

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Napisano: 01 Maj 2009 22:36

USBNoRisk 2.1 by bobby

Started at 5/1/2009 10:34:01 PM

Scanning for connected USB Mass storage...
----------------------------------------
========================================

Scanning for other storage...
----------------------------------------
C: {fa0d2711-d397-11db-9f4e-806d6172696f}
========================================


Scanning fixed storage for autorun.inf files...
----------------------------------------

No blocked files found on C:
No Autorun.inf files found on C:
No mountpoint found for C:
No mountpoint found for fa0d2711-d397-11db-9f4e-806d6172696f
----------------------------------------

========================================
Initial scan finished!
========================================


New device connected at 5/1/2009 10:34:07 PM

Scanning for connected USB mass storage...
----------------------------------------
F: {744c7e28-7d00-11dd-91ed-001636dd4cfc}
Added F:
========================================

Scanning USB mass storage for files...
----------------------------------------
No blocked files found on F:
----------------------------------------
No Autorun.inf files found on F:
No mountpoint found for 744c7e28-7d00-11dd-91ed-001636dd4cfc
----------------------------------------

No Desktop.ini files found on F:
----------------------------------------

No mimics found on drive F:
========================================

Dopuna: 01 Maj 2009 22:36

Jel sada flash cist?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Nešto nije odrađeno kako treba. Ponovi postupak.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

USBNoRisk 2.1 by bobby

Started at 5/1/2009 10:47:49 PM

Scanning for connected USB Mass storage...
----------------------------------------
========================================

Scanning for other storage...
----------------------------------------
C: {fa0d2711-d397-11db-9f4e-806d6172696f}
========================================


Scanning fixed storage for autorun.inf files...
----------------------------------------

No blocked files found on C:
No Autorun.inf files found on C:
No mountpoint found for C:
No mountpoint found for fa0d2711-d397-11db-9f4e-806d6172696f
----------------------------------------

========================================
Initial scan finished!
========================================


New device connected at 5/1/2009 10:48:05 PM

Scanning for connected USB mass storage...
----------------------------------------
F: {744c7e28-7d00-11dd-91ed-001636dd4cfc}
Added F:
========================================

Scanning USB mass storage for files...
----------------------------------------
No blocked files found on F:
----------------------------------------
No Autorun.inf files found on F:
No mountpoint found for 744c7e28-7d00-11dd-91ed-001636dd4cfc
----------------------------------------

No Desktop.ini files found on F:
----------------------------------------

No mimics found on drive F:
========================================

Processing script
----------------------------------------
744c7e28-7d00-11dd-91ed-001636dd4cfc
Drive letter for GUID: F:
SectionStart = 0
SectionEnd = 1
----------------------------------------
Folder list for F:\:
----------------------------------------
--a-- F:\daemon410-x86.exe
--a-- F:\dotnetfx3.exe
--a-- F:\Firefox Setup 3.0.3.exe
--a-- F:\FSViewerSetup32.exe
--a-- F:\Thunderbird Setup 2.0.0.0.exe
--a-- F:\agsetup.exe
--a-- F:\SkypeSetupFull.exe
--a-- F:\dotnetfx.exe
--a-- F:\klcodec470f.exe
--a-- F:\Audio_XP_080717.zip
--a-- F:\VGA_XP_080717.zip
--a-- F:\LAN_XP_080717.zip
--a-- F:\WLAN_XP_080717.zip
--a-- F:\Touchpad_XP_080806.rar
--a-- F:\Chipset_XP_080717.zip
--a-- F:\Bluetooth_XP_080717.zip
--a-- F:\Asus_ACPI_Driver.zip
d---- F:\Amy Winehouse
--ahs F:\Amy Winehouse\Thumbs.db
d---- F:\Amy Winehouse\Frank
--a-- F:\Amy Winehouse\Frank\01 Stronger Than Me.mp3
--a-- F:\Amy Winehouse\Frank\02 You Sent Me Flying.mp3
--a-- F:\Amy Winehouse\Frank\03 Cherry.mp3
--a-- F:\Amy Winehouse\Frank\04 Fuck Me Pumps.mp3
--a-- F:\Amy Winehouse\Frank\05 I Heard Love Is Blind.mp3
--a-- F:\Amy Winehouse\Frank\06 Moody's Mood for Love.mp3
--a-- F:\Amy Winehouse\Frank\07 (There Is) No Greater Love.mp3
--a-- F:\Amy Winehouse\Frank\08 In My Bed.mp3
--a-- F:\Amy Winehouse\Frank\09 Take the Box.mp3
--a-- F:\Amy Winehouse\Frank\10 October Song.mp3
--a-- F:\Amy Winehouse\Frank\11 What Is It About Men.mp3
--a-- F:\Amy Winehouse\Frank\12 Help Yourself.mp3
--a-- F:\Amy Winehouse\Frank\13 Amy Amy Amy.mp3
--a-- F:\Amy Winehouse\Frank\AlbumArt.jpg
--ah- F:\Amy Winehouse\Frank\AlbumArtSmall.jpg
--ah- F:\Amy Winehouse\Frank\AlbumArt_{5D725FD8-594E-41B2-A62F-D2F3E1CF903C}_Large.jpg
--ah- F:\Amy Winehouse\Frank\AlbumArt_{5D725FD8-594E-41B2-A62F-D2F3E1CF903C}_Small.jpg
--ah- F:\Amy Winehouse\Frank\Desktop.ini
--ah- F:\Amy Winehouse\Frank\Folder.jpg
--ahs F:\Amy Winehouse\Frank\Thumbs.db
d---- F:\Amy Winehouse\Back To Black
--a-- F:\Amy Winehouse\Back To Black\01 Amy Winehouse - Rehab.mp3
--a-- F:\Amy Winehouse\Back To Black\02 Amy Winehouse - You Know I'm No Good.mp3
--a-- F:\Amy Winehouse\Back To Black\03 Amy Winehouse - Me And Mr Jones.mp3
--a-- F:\Amy Winehouse\Back To Black\04 Amy Winehouse - Just Friends.mp3
--a-- F:\Amy Winehouse\Back To Black\05 Amy Winehouse - Back To Black.mp3
--a-- F:\Amy Winehouse\Back To Black\06 Amy Winehouse - Love Is A Losing Game.mp3
--a-- F:\Amy Winehouse\Back To Black\07 Amy Winehouse - Tears Dry On Their Own.mp3
--a-- F:\Amy Winehouse\Back To Black\08 Amy Winehouse - Wake Up Alone.mp3
--a-- F:\Amy Winehouse\Back To Black\09 Amy Winehouse - Some Unholy War.mp3
--a-- F:\Amy Winehouse\Back To Black\10 Amy Winehouse - He Can Only Hold Her.mp3
--a-- F:\Amy Winehouse\Back To Black\11 Amy Winehouse - Addicted.mp3
--ah- F:\Amy Winehouse\Back To Black\Desktop.ini
d---- F:\HAUS
--a-- F:\HAUS\01 Amy Winehouse - Rehab.mp3
--a-- F:\HAUS\02 Amy Winehouse - You Know I'm No Good.mp3
--a-- F:\HAUS\03 Amy Winehouse - Me And Mr Jones.mp3
--a-- F:\HAUS\04 Amy Winehouse - Just Friends.mp3
--a-- F:\HAUS\05 Amy Winehouse - Back To Black.mp3
--a-- F:\HAUS\06 Amy Winehouse - Love Is A Losing Game.mp3
--a-- F:\HAUS\07 Amy Winehouse - Tears Dry On Their Own.mp3
--a-- F:\HAUS\08 Amy Winehouse - Wake Up Alone.mp3
--a-- F:\HAUS\09 Amy Winehouse - Some Unholy War.mp3
--a-- F:\HAUS\10 Amy Winehouse - He Can Only Hold Her.mp3
--a-- F:\HAUS\101_eric_prydz_vs_floyd_-_proper_education.mp3
--a-- F:\HAUS\11 Amy Winehouse - Addicted.mp3
--a-- F:\HAUS\113 - pachanga (tigerstyle remix feat. danny ray) - - close to you.mp3
--a-- F:\HAUS\Avantgarde & Sylvester - Do You Wanna Get Down(Yabba Mix).mp3
--a-- F:\HAUS\Avantgarde - Don't Stop.mp3
--a-- F:\HAUS\Avantgarde - Get down (jerry ropero rmx).mp3
--a-- F:\HAUS\Basement Jaxx - Take me back to your house.mp3
--a-- F:\HAUS\Benassi Bros Feat Sandy - Illusion.mp3
--a-- F:\HAUS\Bennasi Bros - Hit My Heart.mp3
--a-- F:\HAUS\Benny Benassi - Satisfaction.mp3
--a-- F:\HAUS\BENNY BENASY - King Of My Castle (Armin Van Buuren Remix).mp3
--a-- F:\HAUS\Bob Sinclaire - Rock This Party.mp3
--a-- F:\HAUS\Chris Lake feat. Laura V - Changes (Vocal Club Mix).mp3
--a-- F:\HAUS\David Guetta - stay.mp3
--a-- F:\HAUS\DJ PANTELIS FEAT. PAPAILIAS - AFTO TO KALOKARI (FIESTA SUMMER MIX).mp3
--a-- F:\HAUS\Eric Prydz Vs Pink Floyd - Proper Education (2006 whitelabel mix).mp3
--a-- F:\HAUS\Eric Prydz Vs Pink Floyd - Proper Education.mp3
--a-- F:\HAUS\Freemasons - I feel like.mp3
--a-- F:\HAUS\Iio - Is it love (Chris Ortega remix).mp3
--a-- F:\HAUS\IIO - Rapture (tastes so sweet) (Deep Dish rmx).mp3
--a-- F:\HAUS\JERRY ROPERO & DENIS THE MEN - Coracao (denis And Jerrys.mp3
--a-- F:\HAUS\Jerry Ropero & Denis The Menace - Fuck You (La Grande mix).mp3
--a-- F:\HAUS\Jerry Ropero - Home alone.mp3
--a-- F:\HAUS\Mano Negra & Manu Chao - 09 Mala Vida.Mp3
--a-- F:\HAUS\Mano Negra & Manu Chao - 13 King Kong Five.Mp3
--a-- F:\HAUS\Mano Negra - Baby You're Mine.mp3
--a-- F:\HAUS\Mano Negra - El Jako.mp3
--a-- F:\HAUS\Mano Negra - El Sur.mp3
--a-- F:\HAUS\Mano Negra - Furious Fiesta.mp3
--a-- F:\HAUS\Mano Negra - Hamburger Fields.mp3
--a-- F:\HAUS\Mano Negra - Indios de Barcelona.mp3
--a-- F:\HAUS\Mano Negra - It's My Heart.mp3
--a-- F:\HAUS\Mano Negra - King Kong Five.mp3
--a-- F:\HAUS\Mano Negra - La Rancon du Succes.mp3
--a-- F:\HAUS\Mano Negra - La Ventura.mp3
--a-- F:\HAUS\Martin Solveig - Everybody (House Version).mp3
--a-- F:\HAUS\Morandi - Blue.mp3
--a-- F:\HAUS\Morandi - Falling asleep.mp3
--a-- F:\HAUS\Morandi - Feel me up.mp3
--a-- F:\HAUS\Morandi - Love me.mp3
--a-- F:\HAUS\Outwork ft. Mr Gee - Elektro (Electro Mix).mp3
--a-- F:\HAUS\Pakito - Moving on stereo (David Guetta rmx).mp3
--a-- F:\HAUS\Paris Avenue-In My Mind.mp3
--a-- F:\HAUS\Room 5 feat. Cheatham - Make Luv (Extended Mix).mp3
--a-- F:\HAUS\Rui Da Silva - Feel The Love (Vocal Club Edit).mp3
--a-- F:\HAUS\Rui Da Silva - Touch me.mp3
--a-- F:\HAUS\Shapeshifters - back to basics.mp3
--a-- F:\HAUS\Shapeshifters - Incredible (radio edit).mp3
--a-- F:\HAUS\Snatch - Get Down 2006 Original Mix.mp3
--a-- F:\HAUS\Syke 'N' Sugarstarr - Ticket 2 Ride (Radio Edit).mp3
--a-- F:\HAUS\Tall Paul - Rock Da House 2006 (Fedde Le Grand Remix).mp3
--a-- F:\HAUS\Timo Mass - First day.mp3
--a-- F:\HAUS\Tom Novy - Your Body (Andy Van Remix).mp3
--a-- F:\HAUS\Tom Novy And Lima - Take It (Club Dub Mix).mp3
--a-- F:\HAUS\Tom Novy-My House.mp3
--a-- F:\HAUS\Tune Brothers - Serenata (Eddie Thoneick Mix).mp3
--a-- F:\HAUS\Tune Brothers ft Anthony Locks - I like it (original mix).mp3
-r-hs F:\ej10fkdo.bat
--a-- F:\House MD - 4 - TB or Not TB.avi
--a-- F:\The_KMPlayer_1434.exe
--a-- F:\AdbeRdr811_en_US.exe
----------------------------------------

========================================
Scan finished!
========================================

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Ostao je još jedan file za obrisati.

Postupak kao i ranije. Skripta:


{744c7e28-7d00-11dd-91ed-001636dd4cfc}
f_delete: %DRIVE%ej10fkdo.bat



• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

USBNoRisk 2.1 by bobby

Started at 5/1/2009 10:58:50 PM

Scanning for connected USB Mass storage...
----------------------------------------
========================================

Scanning for other storage...
----------------------------------------
C: {fa0d2711-d397-11db-9f4e-806d6172696f}
========================================


Scanning fixed storage for autorun.inf files...
----------------------------------------

No blocked files found on C:
No Autorun.inf files found on C:
No mountpoint found for C:
No mountpoint found for fa0d2711-d397-11db-9f4e-806d6172696f
----------------------------------------

========================================
Initial scan finished!
========================================


New device connected at 5/1/2009 10:59:02 PM

Scanning for connected USB mass storage...
----------------------------------------
F: {744c7e28-7d00-11dd-91ed-001636dd4cfc}
Added F:
========================================

Scanning USB mass storage for files...
----------------------------------------
No blocked files found on F:
----------------------------------------
No Autorun.inf files found on F:
No mountpoint found for 744c7e28-7d00-11dd-91ed-001636dd4cfc
----------------------------------------

No Desktop.ini files found on F:
----------------------------------------

No mimics found on drive F:
========================================

Processing script
----------------------------------------
744c7e28-7d00-11dd-91ed-001636dd4cfc
Drive letter for GUID: F:
SectionStart = 0
SectionEnd = 1
f_delete: delete file error: F:\ej10fkdo.bat, The handle is invalid.
----------------------------------------

========================================
Scan finished!
========================================

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Preuzmi gmer.zip sa ovog linka i sačuvaj na Desktopu.
Raspakuj ga u neki folder.

Dupli klik na gmer.exe za početak: Izaberi Rootkit/Malware Tab na vrhu.
Klikni na Scan.
Kada je skeniranje završeno, klik na Copy dugme ispod - ovo će sačuvati rezultate skeniranja u Clipboard.
Iskoristi opciju Paste u Notepad-u da bi to prebacio u tekst. Snimi taj tekst iz Notepada kao file1.txt.
Ponovi ovo isto sa Autostart Tab-om. Snimi taj tekst iz Notepada kao file2.txt.

Iskoristi opciju Prikači fajl ispod polja za pisanje poruke na forumu, i prikači nam ovde ta dva fajla koja smo malopre snimili.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Dobija m BSOD kada radim rootkit/malware scan, blicne na kratko neki aj(pa nesto).sys. A autorun sken saljem. Da li bi trebalo da uradim sken u safe modu?
mycity.rs/must-login.png

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Probaćemo nešto drugo.

Pokreni program čiji link si dobila, priključi flash drive, nakon par sekundi pređi na Script tab i tamo iskopiraj sledeće:


{744c7e28-7d00-11dd-91ed-001636dd4cfc}
f_delete: %DRIVE%ej10fkdo.bat
fat_delete: %DRIVE%ej10fkdo.bat



Klikni Run Script. Nakon par sekundi možeš sačuvati log i postaviti ga ovde.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

USBNoRisk 2.1 by bobby

Started at 5/2/2009 11:03:21 AM

Scanning for connected USB Mass storage...
----------------------------------------
========================================

Scanning for other storage...
----------------------------------------
C: {fa0d2711-d397-11db-9f4e-806d6172696f}
========================================


Scanning fixed storage for autorun.inf files...
----------------------------------------

No blocked files found on C:
No Autorun.inf files found on C:
No mountpoint found for C:
No mountpoint found for fa0d2711-d397-11db-9f4e-806d6172696f
----------------------------------------

========================================
Initial scan finished!
========================================


New device connected at 5/2/2009 11:03:38 AM

Scanning for connected USB mass storage...
----------------------------------------
F: {744c7e28-7d00-11dd-91ed-001636dd4cfc}
Added F:
========================================

Scanning USB mass storage for files...
----------------------------------------
No blocked files found on F:
----------------------------------------
No Autorun.inf files found on F:
No mountpoint found for 744c7e28-7d00-11dd-91ed-001636dd4cfc
----------------------------------------

No Desktop.ini files found on F:
----------------------------------------

No mimics found on drive F:
========================================

Processing script
----------------------------------------
744c7e28-7d00-11dd-91ed-001636dd4cfc
Drive letter for GUID: F:
SectionStart = 0
SectionEnd = 2
f_delete:
file "F:\ej10fkdo.bat" deleted successfully
fat_delete: F:\ej10fkdo.bat > File does not exist!
----------------------------------------

========================================
Scan finished!
========================================

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Odlično...

Skini sledeći file na Desktop: https://www.mycity.rs/must-login.png

Dvoklikni na njega i kada se pojavi upit, klikni Yes.



Pokreni USBNoRisk i klikni taster Uninstall.

Zatvori program i obriši ga.

Takođe obriši i programe Gmer i HijackThis.


Deinstalacija ComboFix-a:
Klikni START a zatim RUN.

U liniju za unos teksta ukucaj (iskopiraj) sledeće:

Combofix /u



a zatim klikni OK.

Sačekaj da se proces deinstalacije završi.



I to je sve.