|
(riješeno) Kako ukloniti TROJAN HORSE DROPPER.GENERIC.AFNC
Pozdrav!
Imam AVG antivirus, malo znanja oko ovih stvari i molio bih vas za pomoć!! ...AVG ga ocita i "izbrise" ,ali naravno on se opet pojavi nakon sljedeceg skeniranja. u nesto vecem ili manjem broju ali na istom mjestu! Uvjek bude na: C:/ Documents settings/Netvork service/Local settings/Temporary internet files/Content.IE5/E6YCG7SP/dqbzv(1).png ...ili .gif .jpg... pokusao sam rucno doci do njega i ukloniti ga, ali se opet vratio , a pokusao sam i sa hijackthis! nemam pojma sto da radim? :wtf2: |
prvo deinstaliraj avg..i ostale zaštitne programe ako imaš.
isključi sistem restore skini combofix na desktop http://www.bleepingcomputer.com/comb...o-use-combofix pokreni ga i pusti da odradi,da se pc restarta,da kombo završi..ništa ne diraj poslje toga postaj hijak log ovdje |
hvala!
|
A da jednostavno preko IE-a obrišeš sve temporary internet fileove?
|
avg i njegov ponekad ludi heuristic scan znaju davati takve rezultate. Vjerovatno ce se smiriti nakon iduceg updatea definicija
|
ma ve 10 dana skeniram i isto, premda sam svaki dan updetam...
-sada sam mlo citao o ovom combofixu!!!! -MVANB mi je rekao da moram iskljuciti sistem restore i izbrisati antivirus (treba li i antispyver??) - A ako sa njim radim u safe modu jel onda trebam izbrisati i iskljuciti navedeno? |
Citiraj:
tako trebaš razmišljat...a ne programe volit:) |
ehehehhehe PREJEBENO!!!!
Na sreću poslusao sam te i ovo cudo od programa izbrisalo mi je sve viruse!! izbrisao sam avg i one viruse iz karantene je izbrisao, njih cca 80,uglavnom trojanaca:D ALI mi se govno smrzlo kada je u samom pocetku rada izbacio poruku warning:this machine does not have the recoveryconsole installed!!!! nisam smio prekinuti.... a na kraju je izbacio samo listu onoga sto je uradio i nista vise, nikakav next ili da je bar 1 ikona ili start ostao na desktopu!!!! nocna mora!! sreca da sam uspio pokrenuti task menager i rstartati ga! a sada radi k'o nov! Hvala MVANB di cuo i necuo!!! |
obriši combofix:
start-run-utipkaj Combofix /u i ok http://i189.photobucket.com/albums/z...CF_Cleanup.png skini hijackthis http://download.hijackthis.eu/HJTInstall.exe ,skenaj i postaj log ovdje |
Logfile of HijackThis v1.99.1
Scan saved at 23:01:13, on 2.2.2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\Explorer.EXE C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\WINDOWS\system32\S3tray2.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\System32\svchost.exe C:\Documents and Settings\Ivan\Desktop\hijach\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL O4 - HKLM\..\Run: [S3TRAY2] S3tray2.exe O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\printray.exe O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe to je valjda to! |
| Sva vremena su GMT +2. Sada je 13:22. |
Powered by vBulletin®
Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.
© 1999-2024 PC Ekspert - Sva prava pridržana ISSN 1334-2940
Ad Management by RedTyger