|
Poslao: 23 Avg 2008 16:00
|
offline
- Pridružio: 25 Nov 2007
- Poruke: 296
|
Malwarebytes' Anti-Malware 1.25
Database version: 1062
Windows 5.1.2600 Service Pack 2
15:42:32 2008-08-23
mbam-log-08-23-2008 (15-42-32).txt
Scan type: Quick Scan
Objects scanned: 40856
Time elapsed: 2 minute(s), 36 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
Evo rezultata vidim nije mi nista naslo od virusa al izbrisao sam Avast prije instaliranja ovog programa imal to kakve veze a Avast mi je ih pronasao dok je bio ,jer nisam znao smijemli instalirat ovaj program pored avasta
Dopuna: 23 Avg 2008 15:59
Evo i OTScanIt
Dopuna: 23 Avg 2008 16:00
https://www.mycity.rs/must-login.png
|
|
|
|
|
|
|
Poslao: 23 Avg 2008 16:58
|
offline
- dr_Bora
- Anti Malware Fighter
Rank 2
- Pridružio: 24 Jul 2007
- Poruke: 12280
- Gde živiš: Höganäs, SE
|
Preuzmi The Avenger na Desktop.
Raspakuj arhivu u neki folder
Dvoklikom pokreni avenger.exe
Iskopiraj tekst koji se nalazi unutar Kod polja u (beli) prozor programa:
Drivers to delete:
sysrest.sys
Files to delete:
C:\WINDOWS\system32\sysrest.sys
C:\WINDOWS\system32\sysrest32.exe
c:\documents and settings\nedzad\local settings\temp\72372.exe
c:\documents and settings\nedzad\local settings\temp\wjeeoeqj.dll
Klikni Execute, a zatim Yes u sledeća dva prozora koji će se otvoriti
Kompjuter će se restartovati (u određenim slučajevima: dva puta) i započeti će proces čišćenja/skeniranja
Kada proces bude završen, logfile C:\avenger.txt će se otvoriti u Notepad-u
Iskopiraj sadržaj dobijenog loga u temu na forumu.
|
|
|
|
|
|
|
Poslao: 23 Avg 2008 17:34
|
offline
- Pridružio: 25 Nov 2007
- Poruke: 296
|
Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com
Platform: Windows XP
*******************
Script file opened successfully.
Script file read successfully.
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
Rootkit scan active.
No rootkits found!
Error: registry key "\Registry\Machine\System\CurrentControlSet\Services\sysrest.sys" not found!
Deletion of driver "sysrest.sys" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist
Error: file "C:\WINDOWS\system32\sysrest.sys" not found!
Deletion of file "C:\WINDOWS\system32\sysrest.sys" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist
Error: file "C:\WINDOWS\system32\sysrest32.exe" not found!
Deletion of file "C:\WINDOWS\system32\sysrest32.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist
Error: file "c:\documents and settings\nedzad\local settings\temp\72372.exe" not found!
Deletion of file "c:\documents and settings\nedzad\local settings\temp\72372.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist
Error: file "c:\documents and settings\nedzad\local settings\temp\wjeeoeqj.dll" not found!
Deletion of file "c:\documents and settings\nedzad\local settings\temp\wjeeoeqj.dll" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist
Completed script processing.
*******************
Finished! Terminate.
Dopuna: 23 Avg 2008 17:34
Slucajno sam pronasao ove fajlove u lokaciji :C:\QooBox\Quarantine\C\WINDOWS\system32 a fajlovi : lphcl2dj0eebe.exe.vir i sysrest32.exe.vir mozda su ovo bili virusi jer se sjecam da ih je avast pronalazio s ovim imenom a ,sad kad sam ga instalirao i skenirao ova dva fajla nije nista u njima pronasao .Da li mi vi mozete reci kako odjednom nestase i i sta cu uraditi sa ova dva fajla ?
|
|
|
|
|
|
|
Poslao: 23 Avg 2008 17:43
|
offline
- bobby
- Administrator
- Pridružio: 04 Sep 2003
- Poruke: 24135
- Gde živiš: Wien
|
Ne diraj nista u tom folderu, tu je backup svega sto ti dr_Bora kaze ovde da uradis (za slucaj da nesto krene naopako). Reci ce ti dr_Bora na kraju sta s tim fajlovima treba uraditi.
|
|
|
|
|
|
|
Poslao: 23 Avg 2008 18:11
|
offline
- Pridružio: 25 Nov 2007
- Poruke: 296
|
Ok.Samo sam pitao , a ta dva fajla je prije avast pronalazio kao viruse pa zato pitam.
|
|
|
|
|
|
|
Poslao: 23 Avg 2008 19:08
|
offline
- dr_Bora
- Anti Malware Fighter
Rank 2
- Pridružio: 24 Jul 2007
- Poruke: 12280
- Gde živiš: Höganäs, SE
|
Pa, file-ovi su očigledno obrisani.
Jesi li instalirao antivirus ponovo? Postoji li sada neki problem?
|
|
|
|
|
|
|
Poslao: 23 Avg 2008 19:51
|
offline
- Pridružio: 25 Nov 2007
- Poruke: 296
|
Jesam instalirao avast i sad ih ne pronalazi , i sta cu s ovim fajlovim u C:\QooBox\Quarantine\C\WINDOWS\system32 a fajlovi su :lphcl2dj0eebe.exe.vir i sysrest32.exe.vir. Hvala ti brate na strpljenju i pomoci neznam kako da ti zahvalim
|
|
|
|
|
|
|
|
|
Poslao: 23 Avg 2008 20:44
|
offline
- Pridružio: 25 Nov 2007
- Poruke: 296
|
Izgleda da mi je dosao novi virus Smitfraud jer mi na pozadini desktopa pise da mi je comp zarazen spyware-vima.
Dopuna: 23 Avg 2008 20:36
a prije toga mi je doslo da instaliram antivirus windows xp
Dopuna: 23 Avg 2008 20:44
a na Avastu opis virusa kaze Win32 :Trojan-gen
|
|
|
|
|
|
|
Poslao: 23 Avg 2008 21:01
|
offline
- dr_Bora
- Anti Malware Fighter
Rank 2
- Pridružio: 24 Jul 2007
- Poruke: 12280
- Gde živiš: Höganäs, SE
|
Zanimljivo...
Izvrši skeniranje programom MalwareBytes Anti-Malware i ukloni sve što bude pronađeno (detaljno uputstvo je dato ranije u temi).
Postavi ovde logfile odrađenog skeniranja i nakon svega i svež HijackThis logfile.
|
|
|
|
|
|
