MyCity » Ambulanta -> Arhiva Ambulante » Trojan js Agent

Trojan js Agent

Napisano na dan: 12.5.2008

Trojan js Agent

Sledeća strana

Pagination

Odgovori

eross Poslao: 12 Maj 2008 23:16 Idi na vrh
offline eross Građanin Pridružio: 23 Nov 2007 Poruke: 77	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Juce skenirao nista nije nadjeno,ni avast! ni Defender.OS je - Vista. Malopre skeniram samo Defenderom i nadje mi ovo: Prebacim u karantinu,kasnije kliknem na remove i to je to. Sad,zanima me je li ista ostalo jos zarazeno.Danas skinuo samo 2 video cutter-a koje sam instalirao na dr.racunalo,a sa ovog laptopa obrisao i album od regine sa rapida. Ovo je Log Defendera: Category: Trojan Description: This program is used to bypass security policies. Advice: Remove this software immediately. Resources: file: C:\Users\Korisnik\AppData\Roaming\Opera\Opera\profile\cache4\opr0F9CO.js->(GZip) file: C:\Users\Korisnik\AppData\Roaming\Opera\Opera\profile\cache4\opr0F9C4.js->(GZip) file: C:\Users\Korisnik\AppData\Roaming\Opera\Opera\profile\cache4\opr0F9AA.js->(GZip) containerfile: C:\Users\Korisnik\AppData\Roaming\Opera\Opera\profile\cache4\opr0F9CO.js containerfile: C:\Users\Korisnik\AppData\Roaming\Opera\Opera\profile\cache4\opr0F9C4.js containerfile: C:\Users\Korisnik\AppData\Roaming\Opera\Opera\profile\cache4\opr0F9AA.js View more information about this item online A evo i sadasnji log HijackThis-a: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:54:13, on 12.5.2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Apoint2K\Apoint.exe C:\Windows\System32\ThpSrv.exe C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE C:\Program Files\SiteAdvisor\6253\SiteAdv.exe C:\Program Files\Apoint2K\ApMsgFwd.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici] R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [TOSDCR] %ProgramFiles%\TOSHIBA\PasswordUtility\TOSDCR.exe O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [ThpSrv] C:\Windows\system32\thpsrv /logon O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe" O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6253\SiteAdv.exe O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [TOSCDSPD] TOSCDSPD.EXE O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user') O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll O13 - Gopher Prefix: O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6253\SAService.exe O23 - Service: TOSHIBA HDD Protection (Thpsrv) - TOSHIBA Corporation - C:\Windows\system32\ThpSrv.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- End of file - 7887 bytes

Profil

dr_Bora Poslao: 13 Maj 2008 16:22 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav... Postavljeni logfile je čist.

Profil

eross Poslao: 13 Maj 2008 22:23 Idi na vrh
offline eross Građanin Pridružio: 23 Nov 2007 Poruke: 77	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Odlicno.Imam jos 2 pitanja. Zasto je do toga doslo,koji je uzrok,da ne ponovim istu gresku(mada i ne znam koja je)? I sta znace ova dva loga,a nisu bili kad sam jednom stavljao ovdje log HT-a,koji je isto bio cist. O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) To je sve, zahvaljujem @ bora.

Profil

dr_Bora Poslao: 13 Maj 2008 22:50 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! eross ::Zasto je do toga doslo,koji je uzrok,da ne ponovim istu gresku(mada i ne znam koja je)? Detektovani file se nalazi u Opera-inom cache-u (privremenim internet file-ovima) - znači, deo neke stranice koju si nekada otvorio (tako da tu ne možeš Bog zna šta da uradiš). eross ::O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe Servis instaliran uz drivere za Agere modem: "This service routes the modem's call progress out of your computers audio system." eross ::O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) Neaktivna, zaostala linija od nekog Symantec-ovog proizvoda. Ne škodi bilo čemu i ne mora se uklanjati. Ako želiš da je ukloniš, uradi sledeće: - Start > Run: ukucaj cmd - U prozoru koji se otvori ukucaj: sc delete CLTNetCnService (potvrdi sa Enter).

Profil

eross Poslao: 15 Maj 2008 03:24 Idi na vrh
offline eross Građanin Pridružio: 23 Nov 2007 Poruke: 77	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Necu nista dirati ako ne skodi. Zahvaljujem!

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Trojan js Agent

Ko je trenutno na forumu

Ukupno su 2760 korisnika na forumu :: 83 registrovanih, 8 sakrivenih i 2669 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 5623 - dana 13 Dec 2025 19:56

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: AC-DC, advokat84, Air_Force_82, ajo baba, amaterSRB, ArmFPGA, Arsenije, Automaticar, Boris BM, Botovac, Clouseau, crazydkure, Crazzer, cuvarkuca, cyprus, darionis, DavidA, deLacy, djboj, Djota1, Dovla 1980, Draganeli, draganl, dukajov, dulleo, Electron, FOX, GveX, iceburn, ikan, Imperator_Aleksandr_lll, istina, jalos, kaisarevic1, Kajzer Soze, karjatid, Kobrim, kolle.the.kid, Koča, Kruger, kunktator, KUZMAR, Ljusa, luka35, M74AB3, MarijaC84, mikrimaus, milanovic, minke, Mis uz pusku, mishkooo, Mićko, moldway, Nemanja.M, nesa1962, ozzy, Parker, pceklic, pein, raf87, RAleksandar, Singidunumac, Sonic, sspp, stegonosa, stokssone, TBoy, tomo2, Uros Cuore Sportivo, vathra, vazduh, vensla, Vlada78, vladaa012, Volkhov-M, VonDrobac, Yekaterinburg, yip314, zbazin, Zjmc, zokilivac, zombicar153, zorska

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by