MyCity » Ambulanta -> Arhiva Ambulante » hijack log hitno!!!!

hijack log hitno!!!!

Napisano na dan: 18.7.2009
3

hijack log hitno!!!!
Pagination Prethodna strana

Idi na vrh

Poslao: 21 Jul 2009 20:59
Idi na vrh
offline
  • Pridružio: 24 Okt 2007
  • Poruke: 122

USBNoRisk 2.4 (1 June 2009) by bobby

Started at 7/21/2009 8:55:17 PM

Searching for connected USB Mass storage...
----------------------------------------
========================================

Searching for other storage...
----------------------------------------
C: {622bc09f-73b7-11de-ab5b-806d6172696f}
========================================


Scanning fixed storage...
----------------------------------------

No blocked files found on C:
No Autorun.inf files found on C:
No mountpoint found for C:
No mountpoint found for 622bc09f-73b7-11de-ab5b-806d6172696f
No Desktop.ini files found on C:
----------------------------------------

========================================
Initial scan finished!
========================================


New device connected at 7/21/2009 8:55:54 PM

Scanning for connected USB mass storage...
----------------------------------------
E: {699510ff-7437-11de-81c7-00c0a8bb9012}
Added E:
========================================

Scanning USB mass storage for files...
----------------------------------------
Blocked file found: E:\autorun.inf.blocked
----------------------------------------
Content of E:\autorun.inf.blocked
----------------------------------------
[autorun]
open=RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\windowsupdate.com
icon=%SystemRoot%\system32\SHELL32.dll,4
action=Open folder to view files
shell\open=Open
shell\open\command=RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\windowsupdate.com
shell\open\default=1
----------------------------------------

Files referenced from E:\autorun.inf.blocked
----------------------------------------
E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\windowsupdate.com -r-hs 19968
----------------------------------------

----------------------------------------
No Autorun.inf files found on E:
No mountpoint found for 699510ff-7437-11de-81c7-00c0a8bb9012
----------------------------------------

No Desktop.ini files found on E:
----------------------------------------

No mimics found on drive E:
========================================

Processing script
----------------------------------------
699510ff-7437-11de-81c7-00c0a8bb9012
Drive letter for GUID: E:
SectionStart = 0
SectionEnd = 2
----------------------------------------
Delete folder tree E:\RECYCLER:
----------------------------------------
File lock detected:
USBNoRisk cannot find what locked the file
Delete: E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\windowsupdate.com > Error!
Delete: E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini > Done!
Delete: E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013 > Error!
Delete: E:\RECYCLER > Error!
Delete: E:\RECYCLER > Error!
----------------------------------------
Deleting blocked files:
----------------------------------------
Delete: E:\autorun.inf.blocked > Done!
----------------------------------------

========================================
Scan finished!
========================================



Poslao: 24 Jul 2009 17:00
Idi na vrh
offline
  • diarno  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 15 Jun 2007
  • Poruke: 5572

Iskljuci sav zastitni softver i uradi sledece

Pokreni ponovo USbNoRisk

Predji na karticu Script u USBNoRisku i tamo iskopiraj sledeci skript:


{699510ff-7437-11de-81c7-00c0a8bb9012}
folder_delete: %DRIVE%RECYCLER
f_delete: %DRIVE%RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\windowsupdate.com
delete_blocked:

Vrati se na karticu Monitor.
Nakon toga prikljuci na komp ipod i sacekaj da USBNoRisk automatski obavi skeniranje i ciscenje.

Kada to odradis, snimi ponovo log i iskopiraj mi ga ovde.



MyCity » Ambulanta -> Arhiva Ambulante » hijack log hitno!!!!

Ko je trenutno na forumu
 

Ukupno su 1814 korisnika na forumu :: 275 registrovanih, 21 sakrivenih i 1518 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 15694 - dana 01 Feb 2026 12:23

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 8u47, _stipa_, airsuba, akaherz994, AleksSE, aleph_one, ALEXV, alke12, Alojzije, alternator, amaterSRB, Anunakiii, Apok, aramis s, ArchaBasha, Arhiv, Aristotle2002, ArmFPGA, asdfjklc, Aster Blistok, atmel, Avalon015, avijacija, babaroga, BAKI89, Batko.VD.65, Beanara, berste23, Bickoooo, Bo96, Bobrock1, Bodin86, bojank, bojanM84, bojcistv, boracbl1389, bounty hunters, Bozjidar87, branko7, BrcakRS, Bubili, bukefal, Butcher, BZ, CCCP, cebam, cemix, cenejac111, Centauro, Chainsaw, CHARLIE JA., Cicumile, cifra, comi991, crazydkure, Crazzer, cuvarkuca, cvrle312, d.arsenal321, dane007, darkdruid72, Darko8, Darth Malak, deimos25, Dejan_vw, dejandr, dekifcrs, dekiz, delboy, Denaya, DENIRO, deri3891, dexteroza, Dimitrije Paunovic, Dioniss, djboj, djonsule, djordjemiklusev, Djuza, dnr, DonRumataEstorski, doom83, dradex, dragoljub11987, Drugsparrow, Dukelander, dulleo, dusanobr, dusko barajevo, Dzoni2412, Dzuki, Džekson, eagle.rs, Electron, EXIT78, Fructo, Fulcrum, gobrad, Gogi_avio, Grochow, GUARIN, hatman, HogarStrashni, Igritelj, Istman, istokzapad, ivica976, ivicasimo, Ivoo, Jaxupa, Jaz, joca83, JOntra, Josip77, K a s p e r, Kajzer Soze, kaput21, Kazablankasrb, kibihrchak, Knovakov, Kolex21, Komentator, Kupresko polje, lacko, Lazur_01, Lester Freamon, Litostroton, livada123, Lj_ubo, LostInSpaceandTime, Lotus, Lucije Kvint, ludiagresivan, Luke Pathfinder, madza, Makarid, maksi007, Makssd85, MarijaC84, marko.markovic, MarkoJ-Nis, markolopin, marsi, Mastrum Ridkali, menges, Metanoja, mgolub, Mi lao shu, Might is Right, Miki 84, Miki281, MIKI63, miki69, milikonst, MiroslavD, mishkooo, Mita038, mnn2, Moldovan, moldway, Mrav Obrad, Naj-Turs, Natuzzi, nebidrag, neko iz mase, nelezele, nevjerna beba, niksa517, Njubara, nnovakis, Nomica, nsharambasa, nuke92, obsc, Orc, Paklenica, pavle_pzs, pbg12345, peradetlić, Permaldar, Petjan, Petrusci, Phalanx, Pikac-47, Piklik, pinci01, pisac12, PlayerOne, Prečanin30, promajauglavi, Qvazimodo, radovanstojkov023, raketaš, rambod, Ran, raptorsi, raster12, Ray1973, reader, rebro1974, renvoi, repac, rikirubio, RiV, Roksi, Romibrat, royst33, ruma, Salence74, samocitam, saputnik plavetnila, Sass Drake, savaskytec, Seeker, Semberija, Sevatar, Shinobi, simazr, Singidunumac, sistem22, Sky diver 29, slowhand, snikolic, Sone1983, Sonic, sova72, srbijaiznadsvega, Srle993, srđan, stagezin, Steeeefan, stegonosa, SympathyForTheDevil, Tastatura ratnik, The_new_Statesman, travisrise, troki1971, trutcina, TRZH92, TTN, tubular, tuf, ulogovan, US_Rank_0, username_25, v0idmp3, vazduh, veljkovicdani, vespa nikola, Vlada76, vladd, vladoo, VNVK, vojnik švejk, Volkhov-M, VOŽD, vrlenija, vukan0799, vuksa72, Welky, wize, xAlex2, YugoSlav, Zdenko, Zeka_Peka, zemljanin, Zerajic, Zimbabwe, zokizemun, Zukov, šumar bk2, Đurđevdan, 787, 1107, 800077