|
Imam problem sa virusomTrojan.PWS.PdPinch.F koji se zakacio za fajl csrssw.exe. Detektovao ga je BitDefender Pro v8 (redovno azuriran svakih nekoliko sati posto sam na internetu 24 sata neprekidno), uz poruku da je virus blokiran.
Medjutim, to se desavalo i ranije i svaki puta je antivirusni program javljao da je fajl ociscen.
Interesuje me sledece:
1. Moze li taj virus biti maskiran na HDD a da ga AV program ne moze detektovati u realnom vremenu, pa se aktivira nakon neke komande ili startovanja programa koji koriste csrssw.exe
2. Postoje li programi koji mogu definitivno da uklone ovaj virus a da ne ostete csrssw.exe (Kaspersky AVP brise ceo fajl a ne cisti ga od virusa), a koliko vidim ovaj program se koristi kao rutina za kreiranje grafike pri pretrazivanju interneta
3. Nakon brisanja BitDefenderom pro v8, log je sledeci:
/-----------------------------------------------------------------
//
// Product: BitDefender Client Professional Plus v8
// Version: (no ver)
//
// Created on: 13/08/2005 12:22:24
//
//-----------------------------------------------------------------
Statistics
Scan path : C:\WINDOWS\csrss.exe
Folders : 0
Files : 5
Archives : 0
Packed files : 0
Identified viruses : 1
Infected files : 1
Warnings : 0
Suspect files : 0
Disinfected files : 0
Deleted files : 1
Copied files : 0
Moved files : 0
Renamed files : 0
I/O errors : 0
Scan time : 00:00:01
Scan speed (files/sec) : 5
Virus definitions : 199431
Scan plugins : 13
Archive plugins : 39
Unpack plugins : 4
Mail plugins : 6
System plugins : 1
Scan options
Detection
[X] Scan boot sectors
[X] Scan archives
[X] Scan packed files
[X] Scan email
File mask
[ ] Programs
[X] All files
[ ] User defined extensions:
[ ] Exclude extensions: ;
Action
Infected objects
[ ] Ignore
[ ] Disinfect
[ ] Delete
[ ] Copy to quarantine
[ ] Move to quarantine
[ ] Rename
[X] Prompt user
Second action
[X] Ignore
[ ] Delete
[ ] Copy to quarantine
[ ] Move to quarantine
[ ] Rename
[ ] Prompt user
Scan options
[X] Enable warnings
[X] Enable heuristics
[X] Show all files in log
[X] Report file: vscan.log
[ ] Append to existing report
Summary:
C:\WINDOWS\csrss.exe Infected Trojan.PWS.PdPinch.F
C:\WINDOWS\csrss.exe Deleted
Scanned files
C:\=>Master Boot Record 80 OK
C:\=>Partition Boot 1 (primary) (active) OK
C:\=>Master Boot Record 81 OK
C:\=>Partition Boot 1 (primary) OK
C:\WINDOWS\csrss.exe Infected Trojan.PWS.PdPinch.F
C:\WINDOWS\csrss.exe Deleted
I u ovom slucaju scsss.exe je obrisan
Probao sam Kaspersky, Nod32, AWAST i jos mnoge programe.
Problem je sto ni jedan ne izbrise virus
IMA LI NEKO BILO KAKVO EFIKASNO RESENJE?
Dopuna: 14 Avg 2005 12:36
Nikola
|
