Win32

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

USBNoRisk 1.5 by bobby

Started at 3/13/2009 2:23:05 AM

Scanning for connected USB Mass storage...
----------------------------------------
========================================

Scanning for other storage...
----------------------------------------
D: {584a4ea7-098b-11de-8f63-806d6172696f}
E: {584a4ea8-098b-11de-8f63-806d6172696f}
C: {584a4eaa-098b-11de-8f63-806d6172696f}
========================================


Scanning fixed storage for autorun.inf files...
----------------------------------------
Autorun.inf on C: - None
----------------------------------------

Sanitizing Shell Menu...
----------------------------------------
No key found for C:
No key found for 584a4eaa-098b-11de-8f63-806d6172696f
========================================

Autorun.inf on D: - None
----------------------------------------

Sanitizing Shell Menu...
----------------------------------------
No key found for D:
No key found for 584a4ea7-098b-11de-8f63-806d6172696f
========================================

Autorun.inf on E: - None
----------------------------------------

Sanitizing Shell Menu...
----------------------------------------
No key found for E:
No key found for 584a4ea8-098b-11de-8f63-806d6172696f
========================================

autorun.inf found in Qoobox
----------------------------------------
Content of C:\QooBox\Quarantine\C\autorun.inf.vir
----------------------------------------
[autorun]
open=gg.exe 0o
shell\open=´ò¿ª(&O)
shell\open\Command=gg.exe 0o
shell\explore=×ÊÔ´¹ÜÀíÆ÷(&X)
shell\explore\Command=gg.exe 0e
----------------------------------------
Content of C:\QooBox\Quarantine\D\autorun.inf.vir
----------------------------------------
[autorun]
open=gg.exe 0o
shell\open=´ò¿ª(&O)
shell\open\Command=gg.exe 0o
shell\explore=×ÊÔ´¹ÜÀíÆ÷(&X)
shell\explore\Command=gg.exe 0e
----------------------------------------
Content of C:\QooBox\Quarantine\E\autorun.inf.vir
----------------------------------------
[autorun]
open=gg.exe 0o
shell\open=´ò¿ª(&O)
shell\open\Command=gg.exe 0o
shell\explore=×ÊÔ´¹ÜÀíÆ÷(&X)
shell\explore\Command=gg.exe 0e
----------------------------------------

Processing script
----------------------------------------
Drive letter for GUID: D:\
584a4ea7-098b-11de-8f63-806d6172696f
SectionStart = 12
SectionEnd = 14
f_delete: D:\gg.exe > File does not exist!
----------------------------------------

Drive letter for GUID: E:\
584a4ea8-098b-11de-8f63-806d6172696f
SectionStart = 15
SectionEnd = 17
f_delete: E:\gg.exe > File does not exist!
----------------------------------------

Drive letter for GUID: C:\
584a4eaa-098b-11de-8f63-806d6172696f
SectionStart = 18
SectionEnd = 19
f_delete: C:\gg.exe > File does not exist!
----------------------------------------

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Ovako, na racunaru vise nema znakova malware-a, takodje ocistili smo i USB stick. Kakvo je sada stanje ? Ukoliko je sve u redu, odradi sledece:

Deinstalacija ComboFix-a i čišćenje SR-a:

Klikni START a zatim RUN
U liniju za unos teksta ukucaj Combofix /u i klikni OK





Sačekaj da se proces deinstalacije završi
Gornja procedura će:
Obrisati sledeće:
ComboFix i njegove file-ove i foldere
VundoFix Backups folder, ako postoji
C:\Deckard folder, ako postoji
C:\OtMoveIt folder, ako postoji
Resetovati podešavanja sata na kompjuteru
Sakriti ekstenzije file-ova, ako je potrebno
Sakriti sistemske/skrivene file-ove/foldere, ako je potrebno
Resetovati System Restore

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Sve je u redu, kompjuter radi bez ikakvih problema! Uninstalirao sam combofix. Jel to znaci da smo zavrsili?
Hteo sam da te pitam da li mogu da ponovim sve ovo i sa lap-topom, posto i on pokazuje iste simptome?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Da sa ovim racunarom smo zavrsili, ako zelis mozes da postavis log i sa lap topa, ali otvori drugu temu.