Trans-Lucky Posted December 24, 2007 Report Share Posted December 24, 2007 Doneo mi buraz neku USB i na njemu virus.Naime poklekao sam najnoobijoj gresci...Nisam skenirao fajl...Sta se desilo: Uz dva klipa koja mi je iskopirao iskopirao je i neki exe fajl koji kad je startovao otvorio je my documents...I dobio od mene po glavi.Nasao sam neki inetinfo.exe u task manageru i kad god ukucam u google.com komp mi se rebutuje.Takodje mi je disableovao opciju Folder Options tako da ne mogu da ukljucim da vidim skivene foldere (ima je u toolbaru ali ne radi,tj ne reaguje na klik).Takodje mi u all programs>start up ubaci batch fajl empty.exe. Uspeo sam u safe modu da obrisem inetinfo.exe i neki vdriver.exe (ne znam cemu sluzi ali je otisao xD).Zanima me sledece: 1. Da li je neko imao susreta sa ovim virusom i kako ga se otarasio 2. Posto sad skidam NOD32,rekose mi da ce ocistiti,da li ce mi vratiti opciju Folder Option posto mi se ne reinstalira win ni malo u ovom trenutku... [:(!] Hvala... Ohoho updejt Disablovan mi je i ovaj regedit...Znaci poludeo sam...Sad mi se rebutovao pc u sred downloada...-_- Nasao sam i link ka tome... http://www.bullguard.com/forum/11/My-folde...my-r_37013.html Quote Svenevideći Link to comment Share on other sites More sharing options...
cali Posted December 24, 2007 Report Share Posted December 24, 2007 nemash aktivnu zashtitu? Quote Link to comment Share on other sites More sharing options...
Trans-Lucky Posted December 24, 2007 Author Report Share Posted December 24, 2007 Imao sam AVG koji je nasao nista... Ni inetinfo ni vdriver nista nisu pomogli... Quote Svenevideći Link to comment Share on other sites More sharing options...
voodoo_ Posted December 24, 2007 Report Share Posted December 24, 2007 Na jedan CD Hiren's boot CD, na drugi najnoviji F-Prot za DOS sa najnovijim definicijama, i udri. Digneš sa Hirena uz NTFS podršku, pa promeniš disk, pa skeniraš. Quote Link to comment Share on other sites More sharing options...
f4ts0 Posted December 24, 2007 Report Share Posted December 24, 2007 msconfig->startup. Disejblujes ga i obrises iz registija pa iz windows\system32 nije potrebna AV intervencija. Mali savet...iskljuci autoplay, dosta pomaze, inace cim se utakne usb ode mas u propas Quote You may have gone to Cambridge, but I'm an honorary graduate of Starfleet Academy Link to comment Share on other sites More sharing options...
Trans-Lucky Posted December 25, 2007 Author Report Share Posted December 25, 2007 12/24/2007 3:40:10 PM Real-time file system protection file C:\Documents and Settings\Satan\Local Settings\Application Data\winlogon.exe Win32/Brontok.AQ worm cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\Documents and Settings\Satan\Local Settings\Application Data\winlogon.exe. 12/24/2007 3:37:13 PM Real-time file system protection file C:\Documents and Settings\Satan\Local Settings\Application Data\inetinfo.exe Win32/Brontok.AQ worm cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\Documents and Settings\Satan\Local Settings\Application Data\inetinfo.exe. 12/24/2007 3:35:03 PM Real-time file system protection file C:\Documents and Settings\Satan\Local Settings\Application Data\inetinfo.exe Win32/Brontok.AQ worm cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\Documents and Settings\Satan\Local Settings\Application Data\inetinfo.exe. 12/24/2007 3:28:58 PM Startup scanner file C:\Documents and Settings\Satan\Local Settings\Application Data\lsass.exe Win32/Brontok.AQ worm cleaned by deleting - quarantined EVIL\Satan 12/24/2007 3:28:58 PM Startup scanner file C:\Documents and Settings\Satan\Local Settings\Application Data\services.exe Win32/Brontok.AQ worm cleaned by deleting - quarantined EVIL\Satan 12/24/2007 3:28:57 PM Startup scanner file C:\Documents and Settings\Satan\Local Settings\Application Data\winlogon.exe Win32/Brontok.AQ worm cleaned by deleting - quarantined EVIL\Satan 12/24/2007 3:28:53 PM Startup scanner file C:\WINDOWS\eksplorasi.exe Win32/Brontok.AQ worm cleaned by deleting - quarantined EVIL\Satan 12/24/2007 3:28:52 PM Startup scanner file C:\Documents and Settings\Satan\Local Settings\Application Data\smss.exe Win32/Brontok.AQ worm cleaned by deleting - quarantined EVIL\Satan 12/24/2007 3:28:51 PM Startup scanner file C:\WINDOWS\SHELLNEW\sempalong.exe Win32/Brontok.AQ worm cleaned by deleting - quarantined EVIL\Satan 12/24/2007 3:28:50 PM Startup scanner file C:\WINDOWS\system32\vdriver.exe Win32/TrojanDownloader.Banload.CEW trojan cleaned by deleting - quarantined EVIL\Satan To je to..NOD32 ga ubio. Quote Svenevideći Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.