MyCity » Ambulanta -> Arhiva Ambulante » 20 Trojanaca

20 Trojanaca

Napisano na dan: 28.2.2008

Strana:
1
2

20 Trojanaca

Sledeća strana

Pagination

Odgovori

Strana:
1
2

skunk Poslao: 28 Feb 2008 23:23 Idi na vrh
offline skunk Građanin Pridružio: 31 Okt 2007 Poruke: 115 Gde živiš: Black Hole	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Eh,ovako, prvo svima veliki pozdrav! Naime cemu se radi: neki dan sam odlucio da dosadasnji NOD32 prestanem koristiti i da predjem na Kaspersky,jer je NOD32 propustao previse stvari i nisam bio zadovoljan s njim nikako! Uklonio sam NOD,instalirao i podesio Kaspersky i preskenirao cijeli sistem! Rezultat: 20 Trojanaca i to odavno navodno uklonjenih Nortonom i NOD-om! Kaspersky ih je uspio izbrisati,bar je tako pokazao,a neki su se nakon toga uvukli u Sistem Volume pa sam morao iskljuciti Sistem restore da bi nakon zadnjeg skeniranja Kaspersky pokazao uredan izvjestaj! Ako moze provjera i daljnja uputstva sta bi bilo dobro da uradim? + Par tipova za Kaspersky,posto ga prvi put koristim? Evo HT i hvala unaprijed na odgovoru! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:22:38, on 28.2.2008 Platform: Windows XP SP2 (WinNT X.xx.xxxx) MSIE: Internet Explorer v7.00 (7.00.6000.16608-) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\Apps\Softex\OmniPass\Omniserv.exe C:\Program Files\Packard Bell\SrvCDEject.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe C:\WINDOWS\system32\dllhost.exe C:\Apps\Softex\OmniPass\OPXPApp.exe C:\Program Files\NetLimiter 2 Monitor\NLClient.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Realtek\Card Reader Software\DriveIcon\DriveIcon.exe C:\WINDOWS\mHotkey.exe C:\Apps\Softex\OmniPass\scureapp.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\QuickTime\QTTask.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe C:\WINDOWS\system32\LVComsX.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\Windows Live\installer\WLSetupSvc.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Opera\Opera.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici] R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\pchealth\helpctr\System\panels\blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\pchealth\helpctr\System\panels\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [DriveIcons] "C:\Program Files\Realtek\Card Reader Software\DriveIcon\DriveIcon.exe" O4 - HKLM\..\Run: [NECHotkey] mHotkey.exe O4 - HKLM\..\Run: [OmniPass] C:\Apps\Softex\OmniPass\scureapp.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [DetectorApp] C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - Startup: zlclient.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe O8 - Extra context menu item: E&xport to Microsoft Excel - [Link mogu videti samo ulogovani korisnici]\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\beuk.htm O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - [Link mogu videti samo ulogovani korisnici] O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - [Link mogu videti samo ulogovani korisnici] O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - [Link mogu videti samo ulogovani korisnici] O16 - DPF: {E36C5562-C4E0-4220-BCB2-1C671E3A5916} (Seagate SeaTools English Online) - [Link mogu videti samo ulogovani korisnici] O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Apps\Softex\OmniPass\Omniserv.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: SrvCDEject - Unknown owner - C:\Program Files\Packard Bell\SrvCDEject.exe O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe -- End of file - 8330 bytes

Profil

helen1 Poslao: 29 Feb 2008 13:40 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zdravo, Nisi preimenovao HijackThis.exe u neko drugo ime. Tipa skunk.exe Uradi to pa postavi novi log.

Profil

skunk Poslao: 01 Mar 2008 17:24 Idi na vrh
offline skunk Građanin Pridružio: 31 Okt 2007 Poruke: 115 Gde živiš: Black Hole	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ??? Nije mi jasno? To je nesto novo ovde ili??? Preimenovati HT.exe?

Profil

helen1 Poslao: 01 Mar 2008 17:29 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Znaci ovako,sacuvao si Hijack This na C:\Program Files\Trend Micro\HijackThis\HijackThis.exe Potrebno je da HijackThis.exe preimenujes u neko drugo ime. Na primer skunk.exe Znaci bice: C:\Program Files\Trend Micro\nesto\skunk.exe

Profil

skunk Poslao: 02 Mar 2008 00:51 Idi na vrh
offline skunk Građanin Pridružio: 31 Okt 2007 Poruke: 115 Gde živiš: Black Hole	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! OK evo uradio sam to! Nego mi se ucinilo kao nesto novo,nije bilo do sada na Ambulanti,ili sam previdio?! Evo HT: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 0:48:32, on 2.3.2008 Platform: Windows XP SP2 (WinNT X.XX.XXXX) MSIE: Internet Explorer v7.00 (7.00.6000.16608-) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\Apps\Softex\OmniPass\Omniserv.exe C:\Program Files\Packard Bell\SrvCDEject.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe C:\Apps\Softex\OmniPass\OPXPApp.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\NetLimiter 2 Monitor\NLClient.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Realtek\Card Reader Software\DriveIcon\DriveIcon.exe C:\WINDOWS\mHotkey.exe C:\Apps\Softex\OmniPass\scureapp.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\QuickTime\QTTask.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\system32\LVComsX.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\Opera\Opera.exe C:\Program Files\Trend Micro\HijackThis\skunk.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici] R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\pchealth\helpctr\System\panels\blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\pchealth\helpctr\System\panels\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [DriveIcons] "C:\Program Files\Realtek\Card Reader Software\DriveIcon\DriveIcon.exe" O4 - HKLM\..\Run: [NECHotkey] mHotkey.exe O4 - HKLM\..\Run: [OmniPass] C:\Apps\Softex\OmniPass\scureapp.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [DetectorApp] C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - Startup: zlclient.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe O8 - Extra context menu item: E&xport to Microsoft Excel - [Link mogu videti samo ulogovani korisnici]\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\beuk.htm O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - [Link mogu videti samo ulogovani korisnici] O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - [Link mogu videti samo ulogovani korisnici] O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - [Link mogu videti samo ulogovani korisnici] O16 - DPF: {E36C5562-C4E0-4220-BCB2-1C671E3A5916} (Seagate SeaTools English Online) - [Link mogu videti samo ulogovani korisnici] O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Apps\Softex\OmniPass\Omniserv.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: SrvCDEject - Unknown owner - C:\Program Files\Packard Bell\SrvCDEject.exe O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe -- End of file - 8267 bytes

Profil

helen1 Poslao: 02 Mar 2008 01:02 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Da li postoje neki konkretni problemi?

Profil

skunk Poslao: 02 Mar 2008 01:22 Idi na vrh
offline skunk Građanin Pridružio: 31 Okt 2007 Poruke: 115 Gde živiš: Black Hole	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pa vidi,prvo mi je cudno sto je NOD32 konstantno pokazivao mashinu kao cistu,a Kaspersky je pronasao tih 20 Trojanaca,starih i po nekoliko mjeseci-to mi nikako ne ulazi u glavu,ali nije nemoguce! Drugo skeptican sam jer je Kaspersky pokazao da ih je izbrisao,a to je isto pokazivao prije i NOD32,a nisu bili izbrisani ocigledno,zato sam postavio HT da provjerim ima li igdje jos zaostataka od tih 20 Trojanaca i je li sve uredno sto se toga tice? Jos nesto sto sam primjetio nakon instalacije Kasperskog, konstantna aktivnost na internetu iako nista ne radim na net-u:upload oko 40KB a download isto oko 40KB? Ono sto primjecujem takodjer - a sto nije bilo do sada, jeste greska u Event Vieweru koja se pojavljuje prilikom svakog podizanja sistema - konstantno: Event Type: Warning Event Source: EventSystem Event Category: (52) Event ID: 4356 Date: 2.3.2008 Time: 0:07:49 User: N/A Description: The COM+ Event System failed to create an instance of the subscriber partition:{41E90F3E-56C1-4633-81C3-6E8BAC8BDD70}!new:{58FC39EB-9DBD-4EA7-B7B4-9404CC6ACFAB}. CoGetObject returned HRESULT 8000401A. --------------------------------------------------------------------------------- Kako ti se cini ovo i kako ti se cini ovaj HT log? Sta dalje? Hvala Helen1

Profil

helen1 Poslao: 02 Mar 2008 17:58 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Reci mi koju tacno verziju Kaspersky Antivirusa koristis? I jel mozes da postavis Kaspersky log gde se vide ti trojanci?

Profil

skunk Poslao: 02 Mar 2008 18:54 Idi na vrh
offline skunk Građanin Pridružio: 31 Okt 2007 Poruke: 115 Gde živiš: Black Hole	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Koristim Kaspersky.Anti-Virus.v7.0.1.325! Jos jedna stvar konstantno se u pozadini cuje aktivnost a nigdje je ne nalazim ni na Tasku ni na Portovima,niti igdje,a konstanto nesto komp radi i e prestaje! Evo vecina od tih virusa koje je pronasao i navodno obrisao: detected: virus Packed.Win32.PolyCrypt.d File: C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\11E715C4.exe//CryptFF//PE_Patch.UPC detected: virus Packed.Win32.PolyCrypt.d File: C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\229C655E.exe//CryptFF//PE_Patch.UPC detected: virus Packed.Win32.PolyCrypt.d File: C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\286F48F7.exe//CryptFF//PE_Patch.UPC detected: Trojan program Trojan-Downloader.WMA.Wimad.d File: C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\29953F25.wma//CryptFF detected: Trojan program Trojan-Downloader.WMA.Wimad.d File: C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\299C131E.wma//CryptFF detected: Trojan program Trojan-Downloader.WMA.Wimad.d File: C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2A117A9D.wma//CryptFF detected: Trojan program Trojan-Downloader.JS.IstBar.j File: C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3EEA29B8.js//CryptFF detected: Trojan program Trojan-Downloader.WMA.Wimad.d File: C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\403121B4.wma//CryptFF detected: Trojan program Trojan-Downloader.WMA.Wimad.d File: C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4DE8709D.wma//CryptFF detected: virus Packed.Win32.PolyCrypt.d File: C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\58325468.exe//CryptFF//PE_Patch.UPC detected: Trojan program Trojan-Downloader.Java.OpenStream.w File: C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\61BE328D.zip//CryptFF/javainstaller/InstallerApplet.class detected: Trojan program Trojan-Downloader.WMA.Wimad.d File: C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\65AD6304.wma//CryptFF detected: virus Packed.Win32.PolyCrypt.d File: C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7AA72958.exe//CryptFF//PE_Patch.UPC detected: virus Packed.Win32.PolyCrypt.d File: C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7D732BFA.exe//CryptFF//PE_Patch.UPC detected: Trojan program Trojan.Win32.Inject.mf File: C:\WINDOWS\catchme.exe//PE_Patch.UPX//# detected: Trojan program Trojan.Win32.Inject.ba File: D:\PROGRAMI\netpumper-1.50-setup-NP_0306.exe//data0079

Profil

helen1 Poslao: 03 Mar 2008 10:46 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Obrisi karantin Norton antivirusa.Putanja ti je u logu: C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine

Profil

MyCity » Ambulanta -> Arhiva Ambulante » 20 Trojanaca

Ko je trenutno na forumu

Ukupno su 1440 korisnika na forumu :: 70 registrovanih, 5 sakrivenih i 1365 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 357magnum, Aleksa 3215, Arsenije, Asteker, Avalon015, bigvlada, Bivan, boromir, bufanje, bukefal, BWG, chitach, Cian, Clouseau, cojapop, darkdruid72, delrey, Dimitrije Paunovic, Dimitrise93, Djota1, djuradj, doktor097, Dovla 1980, Electron, ElvisP, goranvas, HrcAk47, kaskadija, kihot, Korle, ladro, Litostroton, LostInSpaceandTime, Marko1238, mb1213, mercedesamg, Miki01, milutin134, mm1811, nazgul75, Nik_sasa, Nikolaa11, panzermilan45, panzerwaffe, Prašinar, Primus17, PrincipL, probisic, radoznao, Ran, repac, ruma, Semprini, Sevetar, shaja1, Silvertooth, Stanlio, Stija zmija, takini, tmanda323, Tvrtko I, vathra, Vlada1389, vukovi, zlaya011, Zmaj001, zmajbre, Zorge, Zrcalo, zvomar

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by