Poslao: 15 Nov 2011 20:36
|
offline
- AreoNN
- Počasni građanin
- Pridružio: 28 Maj 2009
- Poruke: 725
- Gde živiš: Beograd
|
Napisano: 15 Nov 2011 19:56
Kuku ljudi nosio sam neki flesh u skolu (vakcinisan je sa pandom) i kad dodjo kuci htedo nesto da pogledam sa njega i reko da da ga preskeniram sta znam kad imam sta da vidim 2 SALITYA pa me sad strah posto ja nisam otvarao usb samo sam ga skenirao,imam mnogo bitne podatke na kompjuteru pa nesmem da radem reinstall.A ja budala necu da instaliram MC SHIELD,sad cu postaviti logove za 15 min
Dopuna: 15 Nov 2011 20:36
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_23
Run by Neo at 19:51:13 on 2011-11-15
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.1024.201 [GMT 1:00]
.
AV: ESET Smart Security 4.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET Smart Security 4.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET licni zaštitni zid *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\Neo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Neo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Neo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Neo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Neo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\Neo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Neo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://www.google.com
uStart Page = hxxp://www.google.rs/
uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office14\GROOVEEX.DLL
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: {DD02A4EB-4AFD-4D60-99D8-E67F964CA813} - No File
TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice
mRun: [TNOD UP] "c:\program files\tnod user & password finder\TNODUP.exe" /i
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
TCP: DhcpNameServer = 89.216.1.40 89.216.1.50
TCP: Interfaces\{ED068AE7-3165-4C8F-9E74-603602E789A8} : DhcpNameServer = 89.216.1.40 89.216.1.50
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office14\GROOVEEX.DLL
Hosts: 173.212.255.178 embedded.garena.com
Hosts: 173.212.255.178 embedded.garenanow.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\neo\appdata\roaming\mozilla\firefox\profiles\z7wy2dkg.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=ConduitEngine&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - App Deck Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/home.php?ref=hp
FF - prefs.js: keyword.URL - chrome://browser-region/locale/region.properties
FF - component: c:\users\neo\appdata\roaming\mozilla\firefox\profiles\z7wy2dkg.default\extensions\engine@conduit.com\components\FFExternalAlert.dll
FF - component: c:\users\neo\appdata\roaming\mozilla\firefox\profiles\z7wy2dkg.default\extensions\engine@conduit.com\components\RadioWMPCore.dll
FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.71\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\neo\appdata\local\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\users\neo\appdata\roaming\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\users\neo\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll
.
============= SERVICES / DRIVERS ===============
.
R1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\program files\hwinfo32\HWiNFO32.SYS [2011-10-13 21624]
R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [2011-4-17 21992]
R2 eamonm;eamonm;c:\windows\system32\drivers\eamonm.sys [2010-12-21 137144]
R2 ekrn;ESET Service;c:\program files\eset\eset smart security\ekrn.exe [2011-5-27 810144]
R2 epfwwfp;epfwwfp;c:\windows\system32\drivers\epfwwfp.sys [2010-12-21 41336]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-10-4 366152]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-8-2 22216]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-11-5 230912]
R3 WFLR6654;WinFast TV2000 XP Expert (FM1216MK3);c:\windows\system32\drivers\wfeaglxt.sys [2009-10-21 433920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-11-24 136176]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 cpuz134;cpuz134;c:\program files\cpuid\pc wizard 2010\pcwiz_x32.sys [2011-2-1 20328]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2011-1-27 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-11-24 136176]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2011-6-12 31125880]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2011-8-2 15872]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-8-2 52224]
.
=============== Created Last 30 ================
.
2011-11-15 18:48:28 56200 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{109c0c6c-667e-427b-b797-3e7ef97679b2}\offreg.dll
2011-11-15 09:26:46 6668624 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{109c0c6c-667e-427b-b797-3e7ef97679b2}\mpengine.dll
2011-11-12 19:40:47 -------- d-----w- c:\users\neo\appdata\roaming\Qualys
2011-11-10 09:32:03 -------- d-----w- c:\program files\Hard Disk Sentinel
2011-11-09 09:02:52 1290608 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-11-09 09:02:50 708608 ----a-w- c:\program files\common files\system\wab32.dll
2011-11-09 09:02:48 2341888 ----a-w- c:\windows\system32\win32k.sys
2011-11-04 07:41:07 -------- d-----w- c:\windows\system32\appmgmt
2011-11-04 07:33:23 -------- d-----w- c:\program files\Red Alert 2 Yuri's Revenge
2011-10-29 12:34:21 -------- d-----w- C:\Virtual
2011-10-28 10:19:25 -------- d-----w- c:\users\neo\appdata\roaming\Sports Interactive
2011-10-28 09:20:07 -------- d-----w- c:\program files\Mortal Kombat Armageddon PC
2011-10-20 17:32:45 -------- d-----w- c:\users\neo\.system32
2011-10-20 10:32:17 -------- d-----w- c:\program files\DotAlicious Gaming Client
.
==================== Find3M ====================
.
2011-10-10 19:09:38 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2011-09-22 18:15:36 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-08 21:48:39 8704 ----a-w- c:\windows\system32\SpOrder.dll
2011-09-08 21:48:36 73728 ----a-w- c:\windows\system32\VistaInfo32.dll
2011-09-04 10:10:45 1682 --sha-w- c:\windows\system32\KGyGaAvL.sys
2011-09-01 02:35:59 1798144 ----a-w- c:\windows\system32\jscript9.dll
2011-09-01 02:28:15 1126912 ----a-w- c:\windows\system32\wininet.dll
2011-09-01 02:22:54 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-08-31 15:00:50 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-27 04:26:27 571904 ----a-w- c:\windows\system32\oleaut32.dll
2011-08-27 04:26:27 233472 ----a-w- c:\windows\system32\oleacc.dll
.
============= FINISH: 19:53:09.18 ===============
https://www.mycity.rs/must-login.png
https://www.mycity.rs/must-login.png
https://www.mycity.rs/must-login.png
https://www.mycity.rs/must-login.png
|
|
|
|
Poslao: 15 Nov 2011 21:03
|
offline
- NIx Car
- Legendarni građanin
- Més que un club
- Glavni vokal @ Harpun
- Pridružio: 27 Feb 2009
- Poruke: 3898
- Gde živiš: Novi Sad,Klisa
|
Pozdrav AreoNN
- Preuzmi USBNoRisk na Desktop i pokreni ga duplim klikom na ikonicu programa.
- Sacekaj koji sekund dok program izvrsi inicijalno skeniranje.
- Ubacuj sve USB memorijske uredjaje redom u USB slot i svaki zadrzi u slotu po 10 sekundi.
- Ukoliko imas vise uredjaja za proveru, onda na parcetu papira zapisi kojim redom su ubacivani jer ce nam kasnije trebati taj podatak
- Kada zavrsis sa svim uredjajima, klikni desno dugme misa na sred prozora programa i odaberi opciju Save scrambled log. To ce automatski otvoriti log u Notepadu. Iskopiraj nam taj log iz Notepada na forum.
Objasnjenje: U USB memorijske uredjaje spadaju svi oni uredjaji koji po prikljucivanju na kompjuter dobijaju svoju oznaku particije. Tu spadaju USB flash drajvovi, eksterni hard-diskovi, memorijske kartice, MP3 i MP4 plejeri, neki mobilni telefoni, neki GPS (navigacioni) uredjaji itd.
NIx Car (AMF Tim)
|
|
|
|
Poslao: 16 Nov 2011 20:04
|
offline
- AreoNN
- Počasni građanin
- Pridružio: 28 Maj 2009
- Poruke: 725
- Gde živiš: Beograd
|
Napisano: 15 Nov 2011 21:21
Da li je neophodno bas sve,jer na jednom usb-u imam vrlo vrlo vazne podatke pa me strah da se ne izgube (flesh je prazan 100% nema virusa)
Dopuna: 15 Nov 2011 21:22
mislim flesh je skoro prazan imam samo neke dokumenta kad kazem prazan mislim na fajlove programe ...
Dopuna: 15 Nov 2011 21:50
USBNoRisk 2.7 (28 December 2010) by bobby
Started at 15/11/2011 21:47:23
Searching for connected USB Mass storage...
----------------------------------------
========================================
Searching for other storage...
----------------------------------------
C: {9cd27831-f65b-11df-81e0-806e6f6e6963}
D: {9cd27832-f65b-11df-81e0-806e6f6e6963}
========================================
Scanning fixed storage...
----------------------------------------
No blocked files found on C:
No autorun.inf files found on C:
No mountpoint found for C:
No mountpoint found for 9cd27831-f65b-11df-81e0-806e6f6e6963
No Desktop.ini files found on C:
----------------------------------------
No blocked files found on D:
No autorun.inf files found on D:
No mountpoint found for D:
Sanitized mountpoint for 9cd27832-f65b-11df-81e0-806e6f6e6963
No Desktop.ini files found on D:
----------------------------------------
========================================
Initial scan finished!
========================================
New device connected at 15/11/2011 21:48:05
Scanning for connected USB mass storage...
----------------------------------------
G: {7af63d43-f6a3-11df-80fe-001d7d36777d}
Added G:
========================================
Scanning USB mass storage for files...
----------------------------------------
No blocked files found on G:
----------------------------------------
autorun.inf found on G:
----------------------------------------
File G:\autorun.inf renamed successfully
Content of G:\autorun.inf.blocked
----------------------------------------
----------------------------------------
Files referenced from G:\autorun.inf.blocked
----------------------------------------
None
----------------------------------------
Sanitized mountpoint for 7af63d43-f6a3-11df-80fe-001d7d36777d
----------------------------------------
No Desktop.ini files found on G:
----------------------------------------
No mimics found on drive G:
----------------------------------------
.lnk/.pif/.com/.scr files found on drive G:
========================================
========================================
Removed G:
========================================
Dopuna: 15 Nov 2011 21:55
Mogu da ti dam ss kad skeniram usb sa ess 4
Dopuna: 15 Nov 2011 22:13
USBNoRisk 2.7 (28 December 2010) by bobby
Started at 15/11/2011 22:09:34
Searching for connected USB Mass storage...
----------------------------------------
========================================
Searching for other storage...
----------------------------------------
C: {9cd27831-f65b-11df-81e0-806e6f6e6963}
D: {9cd27832-f65b-11df-81e0-806e6f6e6963}
========================================
Scanning fixed storage...
----------------------------------------
No blocked files found on C:
No autorun.inf files found on C:
No mountpoint found for C:
No mountpoint found for 9cd27831-f65b-11df-81e0-806e6f6e6963
No Desktop.ini files found on C:
----------------------------------------
No blocked files found on D:
No autorun.inf files found on D:
No mountpoint found for D:
No mountpoint found for 9cd27832-f65b-11df-81e0-806e6f6e6963
No Desktop.ini files found on D:
----------------------------------------
========================================
Initial scan finished!
========================================
New device connected at 15/11/2011 22:10:07
Scanning for connected USB mass storage...
----------------------------------------
========================================
New drive connected, but USBNoRisk can't find it
========================================
========================================
========================================
New device connected at 15/11/2011 22:10:25
Scanning for connected USB mass storage...
----------------------------------------
========================================
New drive connected, but USBNoRisk can't find it
========================================
========================================
========================================
New device connected at 15/11/2011 22:10:42
Scanning for connected USB mass storage...
----------------------------------------
========================================
New drive connected, but USBNoRisk can't find it
========================================
========================================
========================================
New device connected at 15/11/2011 22:10:53
Scanning for connected USB mass storage...
----------------------------------------
G: {e3925100-f42f-11e0-ac50-001d7d36777d}
Added G:
========================================
Scanning USB mass storage for files...
----------------------------------------
Dopuna: 15 Nov 2011 23:25
Evo novog ISPRAVNOG LOGA:USBNoRisk 2.7 (28 December 2010) by bobby
Started at 15/11/2011 23:22:06
Searching for connected USB Mass storage...
----------------------------------------
========================================
Searching for other storage...
----------------------------------------
C: {9cd27831-f65b-11df-81e0-806e6f6e6963}
D: {9cd27832-f65b-11df-81e0-806e6f6e6963}
========================================
Scanning fixed storage...
----------------------------------------
No blocked files found on C:
No autorun.inf files found on C:
No mountpoint found for C:
No mountpoint found for 9cd27831-f65b-11df-81e0-806e6f6e6963
No Desktop.ini files found on C:
----------------------------------------
No blocked files found on D:
No autorun.inf files found on D:
No mountpoint found for D:
No mountpoint found for 9cd27832-f65b-11df-81e0-806e6f6e6963
No Desktop.ini files found on D:
----------------------------------------
========================================
Initial scan finished!
========================================
New device connected at 15/11/2011 23:22:23
Scanning for connected USB mass storage...
----------------------------------------
G: {7af63d43-f6a3-11df-80fe-001d7d36777d}
Added G:
========================================
Scanning USB mass storage for files...
----------------------------------------
Blocked file found: G:\autorun.inf.blocked
----------------------------------------
Content of G:\autorun.inf.blocked
----------------------------------------
----------------------------------------
Files referenced from G:\autorun.inf.blocked
----------------------------------------
None
----------------------------------------
----------------------------------------
No autorun.inf files found on G:
Sanitized mountpoint for 7af63d43-f6a3-11df-80fe-001d7d36777d
----------------------------------------
No Desktop.ini files found on G:
----------------------------------------
No mimics found on drive G:
----------------------------------------
.lnk/.pif/.com/.scr files found on drive G:
========================================
========================================
Removed G:
========================================
New device connected at 15/11/2011 23:22:44
Scanning for connected USB mass storage...
----------------------------------------
H: {c5033dda-f65c-11df-a201-001d7d36777d}
Added H:
========================================
Scanning USB mass storage for files...
----------------------------------------
No blocked files found on H:
----------------------------------------
No autorun.inf files found on H:
Sanitized mountpoint for c5033dda-f65c-11df-a201-001d7d36777d
----------------------------------------
No Desktop.ini files found on H:
----------------------------------------
No mimics found on drive H:
----------------------------------------
No .lnk/.pif/.com/.scr files found on drive H:
========================================
========================================
Removed H:
========================================
New device connected at 15/11/2011 23:23:11
Scanning for connected USB mass storage...
----------------------------------------
G: {b7d204e4-e03d-11e0-9d12-806e6f6e6963}
Added G:
========================================
Scanning USB mass storage for files...
----------------------------------------
No blocked files found on G:
----------------------------------------
No autorun.inf files found on G:
Sanitized mountpoint for b7d204e4-e03d-11e0-9d12-806e6f6e6963
----------------------------------------
No Desktop.ini files found on G:
----------------------------------------
No mimics found on drive G:
----------------------------------------
No .lnk/.pif/.com/.scr files found on drive G:
========================================
========================================
Removed G:
========================================
New device connected at 15/11/2011 23:23:33
Scanning for connected USB mass storage...
----------------------------------------
G: {e3925100-f42f-11e0-ac50-001d7d36777d}
Added G:
========================================
Scanning USB mass storage for files...
----------------------------------------
Blocked file found: G:\autorun.inf.blocked
----------------------------------------
Content of G:\autorun.inf.blocked
----------------------------------------
[autorun]
open=ActivateWarranty(JF).exe
Action="Transcend Service"
Icon=ActivateWarranty(JF).exe
----------------------------------------
Files referenced from G:\autorun.inf.blocked
----------------------------------------
None
----------------------------------------
----------------------------------------
No autorun.inf files found on G:
Sanitized mountpoint for e3925100-f42f-11e0-ac50-001d7d36777d
----------------------------------------
No Desktop.ini files found on G:
----------------------------------------
No mimics found on drive G:
----------------------------------------
No .lnk/.pif/.com/.scr files found on drive G:
========================================
========================================
Removed G:
========================================
Dopuna: 16 Nov 2011 8:01
Evo i log mc shield-a: 16/11/2011 08:00:47 > Scanning drive G: (ANONYMOUS ~1 GB, FAT flash drive )...
>>> G:\kapef.exe - Malware > Deleted. (11.11.16. 08.00 kapef.exe.127682; MD5: X)
>>> G:\kapef.scr - Malware > Deleted. (11.11.16. 08.00 kapef.scr.578910; MD5: X)
>>> G:\Documents.lnk - Suspicious > Renamed. (MD5: bf94d796d6ac902449cbb2f7a2ac77e6)
>>> G:\New Folder.lnk - Suspicious > Renamed. (MD5: 274deb44aff52b638010723954366334)
>>> G:\Passwords.lnk - Suspicious > Renamed. (MD5: 0f01a6f46510906a5312fb9359bcdf17)
>>> G:\Pictures.lnk - Suspicious > Renamed. (MD5: d411af8e7e035a097d63892a547f8d45)
>>> G:\Music.lnk - Suspicious > Renamed. (MD5: 81e6050dcdf0a76da97107cef0ecebba)
>>> G:\Video.lnk - Suspicious > Renamed. (MD5: c6a558092f7e7a887302110aa9890ae6)
=> Malicious files : 2/2 deleted.
=> Suspicious files : 6/6 renamed.
Dopuna: 16 Nov 2011 8:04
Dopuna: 16 Nov 2011 20:04
Moze li neko da mi odgovri zato sto ne znam da li su zarazeni fajlovi a imam nekog posla?
|
|
|
|
|
Poslao: 16 Nov 2011 22:13
|
offline
- AreoNN
- Počasni građanin
- Pridružio: 28 Maj 2009
- Poruke: 725
- Gde živiš: Beograd
|
Napisano: 16 Nov 2011 22:11
USBNoRisk 2.7 (28 December 2010) by bobby
Started at 16/11/2011 22:09:16
Searching for connected USB Mass storage...
----------------------------------------
========================================
Searching for other storage...
----------------------------------------
C: {9cd27831-f65b-11df-81e0-806e6f6e6963}
D: {9cd27832-f65b-11df-81e0-806e6f6e6963}
========================================
Scanning fixed storage...
----------------------------------------
No blocked files found on C:
No autorun.inf files found on C:
No mountpoint found for C:
No mountpoint found for 9cd27831-f65b-11df-81e0-806e6f6e6963
No Desktop.ini files found on C:
----------------------------------------
No blocked files found on D:
No autorun.inf files found on D:
No mountpoint found for D:
No mountpoint found for 9cd27832-f65b-11df-81e0-806e6f6e6963
No Desktop.ini files found on D:
----------------------------------------
========================================
Initial scan finished!
========================================
New device connected at 16/11/2011 22:09:28
Scanning for connected USB mass storage...
----------------------------------------
G: {7af63d43-f6a3-11df-80fe-001d7d36777d}
Added G:
========================================
Scanning USB mass storage for files...
----------------------------------------
Blocked file found: G:\autorun.inf.blocked
----------------------------------------
Content of G:\autorun.inf.blocked
----------------------------------------
----------------------------------------
Files referenced from G:\autorun.inf.blocked
----------------------------------------
None
----------------------------------------
----------------------------------------
No autorun.inf files found on G:
Sanitized mountpoint for 7af63d43-f6a3-11df-80fe-001d7d36777d
----------------------------------------
No Desktop.ini files found on G:
----------------------------------------
No mimics found on drive G:
----------------------------------------
No .lnk/.pif/.com/.scr files found on drive G:
========================================
Processing script
----------------------------------------
7af63d43-f6a3-11df-80fe-001d7d36777d
Drive letter for GUID: G:
SectionStart = 0
SectionEnd = 3
----------------------------------------
Deleting blocked files:
----------------------------------------
Delete: G:\autorun.inf.blocked > Done!
----------------------------------------
Folder list for G:\:
----------------------------------------
--a-- 533868 G:\MALIRE~1.PDF G:\Mali recnik zastite.pdf
----- 287 G:\NEWFOL~1.VIR G:\New Folder.lnk.vir
----- 287 G:\MUSICL~1.VIR G:\Music.lnk.vir
----- 287 G:\VIDEOL~1.VIR G:\Video.lnk.vir
----- 287 G:\DOCUME~1.VIR G:\Documents.lnk.vir
----- 287 G:\PASSWO~1.VIR G:\Passwords.lnk.vir
----- 287 G:\PICTUR~1.VIR G:\Pictures.lnk.vir
----------------------------------------
Unhide superhidden for G:\
----------------------------------------
----------------------------------------
Dopuna: 16 Nov 2011 22:13
Izvni sto sam dosadan moze samo jos jedno pitanje?Da li da postavim sveze dds i gmer logove?Da li na kompjuteru imam infekciju sality?Da li je ESS 4 sve odradio kako treba i zastitio moj sistem od sality-a?
|
|
|
|
|
Poslao: 17 Nov 2011 07:50
|
offline
- AreoNN
- Počasni građanin
- Pridružio: 28 Maj 2009
- Poruke: 725
- Gde živiš: Beograd
|
Puno ti hvala gore,nesto me uvek ineresovalo.Da li kr@ckovani av i onaj legalan (mislim na komercijalne av) pruzaju isti zastitu.I koja je razlika medju njima.Pozz i puno ti hvala!
|
|
|
|
Poslao: 17 Nov 2011 19:05
|
offline
- 1l padr1n0
- Anti Malware Fighter
Rank 2
- Pridružio: 02 Feb 2008
- Poruke: 14018
- Gde živiš: Nish
|
AreoNN ::Da li kr@ckovani av i onaj legalan (mislim na komercijalne av) pruzaju isti zastitu.I koja je razlika medju njima.Pozz i puno ti hvala!
Moguce je da pruzaju istu zastitu - zavisno sta taj krek/patch radi. U svakom slucaju, od originalnog software se razlikuju u tome sto to uopste nije originalan software. Ti, ne smes ni na koji nacin menjati kod programa, a to krek/patch upravo radi. O pirateriji na ovom forumu ne diskutujemo - s'toga ti predlazem da poslusas moj predlog iz prethodne poruke.
Pozdrav,
goran9888 (AMF Tim)
|
|
|
|