MyCity » Zaštita od zlonamernih programa -> Zaštitni programi » AVG izlecio trojanca i sta sad da uradim?

AVG izlecio trojanca i sta sad da uradim?

Napisano na dan: 9.8.2007

AVG izlecio trojanca i sta sad da uradim?
Sledeća strana Pagination

Idi na vrh

Poslao: 09 Avg 2007 11:47
Idi na vrh
offline
  • Zora
  • Pridružio: 22 Okt 2004
  • Poruke: 1435
  • Gde živiš: ni na nebu ni na zemlji

Avg otkrio i uspesno izlecio trojanca (Generic6.JET),
koji mi se zavukao u programski faj,tamo gde cuvam instalacione mape, za ponovo instaliranje nekog programa.
stavio ga u Vault (carantenu)

negde sam citala da treba iskljuciti pa opet ukljuciti 'Sistem Restore' i izbrisati Vault, sadrzaj u karanteni.
molim recite redoslijed.
da li
izbrisati karanten
iskljuciti sistem restore
iskljuciti kompjutor
ukjluciti komp
ukljuciti sistem restore..

ili Kako uraditi ispravno?
hvala!



Registruj se da bi učestvovao u diskusiji. Registrovanim korisnicima se NE prikazuju reklame unutar poruka.
Poslao: 09 Avg 2007 11:54
Idi na vrh
offline
  • Rogi  Male
  • Mod u pemziji
  • Najbolji košarkaš koji
  • je ikada igrao ovu igru
  • Pridružio: 31 Avg 2005
  • Poruke: 11687

Prvo isključiš Sistem Restore, pa restartuješ komp, izbrisati karantin,pa restartuješ komp, pa uključiš sistem restore, pa restartuješ komp!

Dopuna: 09 Avg 2007 11:54

I za svaki slučaj postavi log u ambulanti, čisto da budeš sigurna!



Poslao: 10 Avg 2007 00:00
Idi na vrh
offline
  • Zora
  • Pridružio: 22 Okt 2004
  • Poruke: 1435
  • Gde živiš: ni na nebu ni na zemlji

Hvala Rogi,
a sto znaci postaviti log u ambulanti i kako se to radi..?
nisam videla nista slicno kad sam otvorila ambulantu..

Poslao: 10 Avg 2007 00:05
Idi na vrh
offline
  • Rogi  Male
  • Mod u pemziji
  • Najbolji košarkaš koji
  • je ikada igrao ovu igru
  • Pridružio: 31 Avg 2005
  • Poruke: 11687

http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html

Poslao: 10 Avg 2007 01:08
Idi na vrh
offline
  • Zora
  • Pridružio: 22 Okt 2004
  • Poruke: 1435
  • Gde živiš: ni na nebu ni na zemlji

hvala za link to moram prouciti..visa nauka za mene..Wink

ali jao napravila sam gresku kod izvodenja brisanja karantene prema jasnim uputama..
i sta je sad posledica..?

nisam iskljucila Sistem restore kako spada (zaboravila aply)
i lepo obrisala karantenu
i kad sam ponovo htela ukljuciti sistem retore videla sam da nije ni bio iskljucen.

sta to konkretno znaci sada sobzirom na 'cistocu'i virus na mom kompjutoru.?

Dopuna: 10 Avg 2007 1:08

Logfile of HijackThis v1.99.1
Scan saved at 01:03:58, on 2007-08-10
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\sstray.exe
C:\Program Files\dvd43\dvd43_tray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Personal\bin\Personal.exe
C:\Program Files\Webshots\webshots.scr
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\zora\Desktop\Ambulanta\Tr3.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O3 - Toolbar: Webshots Toolbar - {C17590D2-ECB4-4b15-8820-F58798DCC118} - C:\Program Files\Webshots\WSToolbar4IE.dll
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [dvd43] C:\Program Files\dvd43\dvd43_tray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Personal.lnk = C:\Program Files\Personal\bin\Personal.exe
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Webshots Photo Search - res://C:\Program Files\Webshots\WSToolbar4IE.dll/MENUSEARCH.HTM
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.handelsbanken.se
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{F2898519-5040-42F9-9F4B-E4806A2FAA21}: NameServer = 195.67.199.15 195.67.199.16
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

uklonila sam virus iz karantene (ime trojanca je u prvom postu ..ne vidim sada)
nisam to uradila sa iskljucenim sistem restore.
da li je jos negde ostao?
hvala

Poslao: 10 Avg 2007 10:22
Idi na vrh
offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Sve je u redu...

Inače, za uključenje/isključenje SR-a i brisanje file-ova iz karantina, nisu potrebna sva ta restartovanja.

Poslao: 10 Avg 2007 13:23
Idi na vrh
offline
  • Zora
  • Pridružio: 22 Okt 2004
  • Poruke: 1435
  • Gde živiš: ni na nebu ni na zemlji

hvala doktore:)

MyCity » Zaštita od zlonamernih programa -> Zaštitni programi » AVG izlecio trojanca i sta sad da uradim?

Ko je trenutno na forumu
 

Ukupno su 1128 korisnika na forumu :: 48 registrovanih, 3 sakrivenih i 1077 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: ajo baba, aleksandarbl, Alibaba1981, babaroga, Bobrock1, bokisha253, borya90, brundo65, Dr.Strangelove, goxin, HogarStrashni, Joja, kinez88, kljift, krkalon, Kubovac, Litostroton, LUDI, Marko Marković, mercedesamg, Mercury, mgolub, MiGac, Miki01, mikrimaus, milenko crazy north, Milometer, MiroslavD, MrNo, nenad81, nuke92, pein, Petarvu, raptorsi, rovac, sabros, sap, saputnik plavetnila, Sir Budimir, tomigun, trutcina, Tvrtko I, vathra, Vatreni Zmaj, VJ, vobo, vukovi, YugoSlav