MyCity » Ambulanta -> Arhiva Ambulante » Recycler virus

Recycler virus

Napisano na dan: 22.11.2010
4

Recycler virus
Pagination Prethodna strana

Idi na vrh

Poslao: 26 Nov 2010 00:40
Idi na vrh
offline
  • Pridružio: 22 Nov 2010
  • Poruke: 31

Napisano: 26 Nov 2010 0:30

Sada se pojavio novi problem kada sam pokusao pristupiti d particiji on mi je otvorio i odmah se zamrznuo i ne moze se nicemo pristupiti, otvorit bilo koji folder jedino se moze iskljuciti preko task manager-a (ovo mi se nikada nije desilo u zivotu)

Logfile of The Avenger Version 2.0, (c) by Swandog46
[Link mogu videti samo ulogovani korisnici]

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!


Error: folder "c:\recycler\s-1-5-21-1482476501-1644491937-682003330-1013" not found!
Deletion of folder "c:\recycler\s-1-5-21-1482476501-1644491937-682003330-1013" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: registry key "HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed

components\{28ABC5C0-4FCB-11CF-AAX5-81CX1C635612}" not found!
Deletion of registry key "HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed

components\{28ABC5C0-4FCB-11CF-AAX5-81CX1C635612}" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Completed script processing.

*******************

Finished! Terminate.


[Link mogu videti samo ulogovani korisnici]

Dopuna: 26 Nov 2010 0:33

neverovatno, sada kada sam prikljucio usb stick MCShield nije pronasao nista i odmah sam pokusao otvoriti d particiju i uspeo sam ..... kao da imam nekog pokvarenog duha koji me malo ......

Dopuna: 26 Nov 2010 0:40

taman sam se ponadao da je ok sa d particijom, opet je krenulo zamrzavanje. sada cu malo da poludim....



Poslao: 26 Nov 2010 00:43
Idi na vrh
offline
  • Pridružio: 02 Feb 2008
  • Poruke: 14018
  • Gde živiš: Nish

Nije pronasao nista, jer je u prethodnom skeniranju obrisao malware.


Restartuj racunar.

----------------------------------
Idemo jos jednu malu proveru racunara pre nego ga proglasimo cistim.


Arrow


Preuzmi instalaciju za program Malwarebytes Anti-Malware sa sledećeg linka:
[Link mogu videti samo ulogovani korisnici]

Dvoklikom pokreni instalaciju - na samom kraju procesa, proveri da su obeležene opcije:
Update Malwarebytes' Anti-Malware;
Launch Malwarebytes Anti-Malware;
a zatim klikni Finish.

Nakon završenog ažuriranja program će se pokrenuti.

Izaberi opciju Perform Quick Scan i klikni Scan.

Po završetku procesa klikni OK, Show Results: u listi detektovanog malware-a, obeleži sve stavke i klikni Remove Selected.

Po završetku procesa, logfile će se otvoriti u Notepad-u; iskopiraj ga u temu na forumu.
Ukoliko program zatraži restart kako bi se završio proces čišćenja, obavezno ga dozvoliti.

Napomena: ako dođe do restarta na kraju procesa čišćenja, logfile će biti dostupan na Logs kartici (obeleži ga i klikni Open).



Arrow

Imas li sada nekih problema sa racunarom i USB memorijskim uredjajem?





goran9888 (AMF Tim)



Poslao: 26 Nov 2010 00:58
Idi na vrh
offline
  • Pridružio: 22 Nov 2010
  • Poruke: 31

U ovom trenutku opet mogu pristupiti d particiji i fajlovima.


Malwarebytes' Anti-Malware 1.46
[Link mogu videti samo ulogovani korisnici]

Database version: 5190

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

11/26/2010 12:55:46 AM
mbam-log-2010-11-26 (00-55-46).txt

Scan type: Quick scan
Objects scanned: 135809
Time elapsed: 4 minute(s), 58 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
C:\WINDOWS\system32\antiwpa.dll (Trojan.I.Stole.Windows) -> Delete on reboot.

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{28abc5c0-4fcb-11cf-aax5-81cx1c635612} (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\antiwpa.dll (Trojan.I.Stole.Windows) -> Delete on reboot.

Poslao: 26 Nov 2010 01:11
Idi na vrh
offline
  • Pridružio: 02 Feb 2008
  • Poruke: 14018
  • Gde živiš: Nish

Ok.

I taj racunar je cist sto se malware-a tice.

Tu D particiju defregmentuj i uradi Check Disk.

Arrow Korak 1

Resetuj System Restore.
Uputstvo imas par post-ova iznad, ako si zaboravio.


----------------------------------

Arrow

Ukoliko imas problema sa racunarom, predlazem ti da otvoris novu temu u Windows potforumu: [Link mogu videti samo ulogovani korisnici]


Arrow

Sledeci put, obavezno odmah nakon instalacije Windows-a, instaliraj AV da ne bi doslo do ovakvih problema kao sada.




Hvala sto verujes AMF Timu Ziveli



Pozdrav,
goran9888 (AMF Tim)

Poslao: 26 Nov 2010 01:13
Idi na vrh
offline
  • Pridružio: 22 Nov 2010
  • Poruke: 31

Hvala Gorane na ovoj maratonskoj podrsci!

Pozdrav

MyCity » Ambulanta -> Arhiva Ambulante » Recycler virus

Ko je trenutno na forumu
 

Ukupno su 1858 korisnika na forumu :: 182 registrovanih, 15 sakrivenih i 1661 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 15694 - dana 01 Feb 2026 12:23

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 357magnum, 9k38, acov34, Aleksandar1991, Aleksandar_038, amaterSRB, asdfjklc, Aster Blistok, awathorn, babaroga, Banovo Brdo, bavar357, BB, blatruc82, bobomicek, Bobrock1, bojan581, Bojcca, Bombona, Bosnjo, bounty hunters, BSD, Bubimir, ccoogg123, CikaKURE, Colt D, crazydkure, crnirocko, Daba75, Darko8, dekan.m, delboy, Demi87, Df410, djboj, djoli, Djota1, Doc, dok80, draganca, draganl, Duh16, dukajov, dzoni19, Džekson, Ercomero, esx66, Filip1, gale48, GH69, Gheljda, ginjica, Grochow, hellenic, Hemi, ivan1973, ivan_8282, ivanhoe31, IvanM1984, Ivica1102, j-22orao, Jakonjveliki, jodzula, JosipRi, Još malo pa deda, Kajzer Soze, kibihrchak, Kolex21, kolle.the.kid, Koser, kozhedub, Kubovac, Kuroje, ladro, Lester Freamon, liki83, ljuba.b, LjubisaR, Ljusa, LostInSpaceandTime, madun123, Magistar78, magyar, maiden6657, Makarid, MarijaC84, Marky, marsovac 2, MarsRed, medaTT, Medojed, mercedesamg, Mig 29, Mika_NS, miki kv, Milan A. Nikolic, milan47, milijarder, Milometer, Milovan Dinic, MiroslavD, Mirsen, Miska13, mist-mist, moldway, MunzeKonze, mux, Naturelo, nebidrag, nelezele, Nemanja.M, neutrino, nick79, niki-mini_maki, nikonema, NislijaBre, obsc, oldusername, Orijen, paladin71, Pancevac, pceklic, Pero Petković, Petar888, Petjan, Phaeton, pietro, Pilence, Pilipenda, proka89, rachmoff, Radio operater, rajkoplje, raso76, Razdroid, razumihin, Redred, renvoi, RJ, rodoljub, s putnik, Sale0501, Samo gledam, samo_citam, samo_srpski, samocitam, sevenino, Shadows1, Sharpshooter, sistem22, siwoti, ssekir75, sspp, stegonosa, synergia, taomaster, TBoy, Timočka Divizija, TRZH92, TTN, v0idmp3, vathra, VBoss, vensla, Vlada1389, Vlada78, VOŽD, Vrač, Wehicle, wizzardone, Yekaterinburg, Z0ub1r, zbazin, Zdenko, zil10, Zimbabwe, zivojin32, Zrcalo, zrno, Zukov, zxstole, 787